From 11defedf9a4b23c004cbbb0ceace62dfa01c3af9 Mon Sep 17 00:00:00 2001 From: Blaine Gardner Date: Wed, 5 Nov 2025 17:12:14 -0700 Subject: [PATCH] add remaining proto definitions Add the remaining gRPC proto definitions. Proto definitions are still subject to change after this as needed while finishing COSI v1alpha2 implementation and as desired for cleanup. Signed-off-by: Blaine Gardner --- proto/cosi.pb.go | 1133 ++++++++++++++--- proto/cosi.pb.json.go | 108 +- proto/cosi.proto | 191 ++- proto/cosi_grpc.pb.go | 2 + proto/spec.md | 226 +++- .../proto/cosi.pb.go | 1133 ++++++++++++++--- .../proto/cosi.pb.json.go | 108 +- .../proto/cosi.proto | 191 ++- .../proto/cosi_grpc.pb.go | 2 + .../proto/spec.md | 226 +++- 10 files changed, 2904 insertions(+), 416 deletions(-) diff --git a/proto/cosi.pb.go b/proto/cosi.pb.go index b44c39a5..177abc85 100644 --- a/proto/cosi.pb.go +++ b/proto/cosi.pb.go @@ -127,7 +127,115 @@ func (x S3AddressingStyle_Style) Number() protoreflect.EnumNumber { // Deprecated: Use S3AddressingStyle_Style.Descriptor instead. func (S3AddressingStyle_Style) EnumDescriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{6, 0} + return file_cosi_proto_rawDescGZIP(), []int{7, 0} +} + +type AuthenticationType_Type int32 + +const ( + AuthenticationType_UNKNOWN AuthenticationType_Type = 0 + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + AuthenticationType_KEY AuthenticationType_Type = 1 + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + AuthenticationType_SERVICE_ACCOUNT AuthenticationType_Type = 2 +) + +// Enum value maps for AuthenticationType_Type. +var ( + AuthenticationType_Type_name = map[int32]string{ + 0: "UNKNOWN", + 1: "KEY", + 2: "SERVICE_ACCOUNT", + } + AuthenticationType_Type_value = map[string]int32{ + "UNKNOWN": 0, + "KEY": 1, + "SERVICE_ACCOUNT": 2, + } +) + +func (x AuthenticationType_Type) Enum() *AuthenticationType_Type { + p := new(AuthenticationType_Type) + *p = x + return p +} + +func (x AuthenticationType_Type) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (AuthenticationType_Type) Descriptor() protoreflect.EnumDescriptor { + return file_cosi_proto_enumTypes[2].Descriptor() +} + +func (AuthenticationType_Type) Type() protoreflect.EnumType { + return &file_cosi_proto_enumTypes[2] +} + +func (x AuthenticationType_Type) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use AuthenticationType_Type.Descriptor instead. +func (AuthenticationType_Type) EnumDescriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{12, 0} +} + +type AccessMode_Mode int32 + +const ( + AccessMode_UNKNOWN AccessMode_Mode = 0 + // Read/Write access mode. + AccessMode_READ_WRITE AccessMode_Mode = 1 + // Read-only access mode. + AccessMode_READ_ONLY AccessMode_Mode = 2 + // Write-only access mode. + AccessMode_WRITE_ONLY AccessMode_Mode = 3 +) + +// Enum value maps for AccessMode_Mode. +var ( + AccessMode_Mode_name = map[int32]string{ + 0: "UNKNOWN", + 1: "READ_WRITE", + 2: "READ_ONLY", + 3: "WRITE_ONLY", + } + AccessMode_Mode_value = map[string]int32{ + "UNKNOWN": 0, + "READ_WRITE": 1, + "READ_ONLY": 2, + "WRITE_ONLY": 3, + } +) + +func (x AccessMode_Mode) Enum() *AccessMode_Mode { + p := new(AccessMode_Mode) + *p = x + return p +} + +func (x AccessMode_Mode) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (AccessMode_Mode) Descriptor() protoreflect.EnumDescriptor { + return file_cosi_proto_enumTypes[3].Descriptor() +} + +func (AccessMode_Mode) Type() protoreflect.EnumType { + return &file_cosi_proto_enumTypes[3] +} + +func (x AccessMode_Mode) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use AccessMode_Mode.Descriptor instead. +func (AccessMode_Mode) EnumDescriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{13, 0} } type DriverGetInfoRequest struct { @@ -337,6 +445,71 @@ func (x *ObjectProtocolAndBucketInfo) GetGcs() *GcsBucketInfo { return nil } +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +type CredentialInfo struct { + state protoimpl.MessageState `protogen:"open.v1"` + // Credential info for S3 protocol access. + S3 *S3CredentialInfo `protobuf:"bytes,1,opt,name=s3,proto3" json:"s3,omitempty"` + // Credential info for Azure (Blob) protocol access. + Azure *AzureCredentialInfo `protobuf:"bytes,2,opt,name=azure,proto3" json:"azure,omitempty"` + // Credential info for Google Cloud Storage protocol access. + Gcs *GcsCredentialInfo `protobuf:"bytes,3,opt,name=gcs,proto3" json:"gcs,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CredentialInfo) Reset() { + *x = CredentialInfo{} + mi := &file_cosi_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CredentialInfo) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CredentialInfo) ProtoMessage() {} + +func (x *CredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CredentialInfo.ProtoReflect.Descriptor instead. +func (*CredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{4} +} + +func (x *CredentialInfo) GetS3() *S3CredentialInfo { + if x != nil { + return x.S3 + } + return nil +} + +func (x *CredentialInfo) GetAzure() *AzureCredentialInfo { + if x != nil { + return x.Azure + } + return nil +} + +func (x *CredentialInfo) GetGcs() *GcsCredentialInfo { + if x != nil { + return x.Gcs + } + return nil +} + type S3BucketInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // S3 bucket ID needed for client access. @@ -355,7 +528,7 @@ type S3BucketInfo struct { func (x *S3BucketInfo) Reset() { *x = S3BucketInfo{} - mi := &file_cosi_proto_msgTypes[4] + mi := &file_cosi_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -367,7 +540,7 @@ func (x *S3BucketInfo) String() string { func (*S3BucketInfo) ProtoMessage() {} func (x *S3BucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[4] + mi := &file_cosi_proto_msgTypes[5] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -380,7 +553,7 @@ func (x *S3BucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use S3BucketInfo.ProtoReflect.Descriptor instead. func (*S3BucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{4} + return file_cosi_proto_rawDescGZIP(), []int{5} } func (x *S3BucketInfo) GetBucketId() string { @@ -411,7 +584,7 @@ func (x *S3BucketInfo) GetAddressingStyle() *S3AddressingStyle { return nil } -type S3AccessInfo struct { +type S3CredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // S3 access key ID. AccessKeyId string `protobuf:"bytes,1,opt,name=access_key_id,json=accessKeyId,proto3" json:"access_key_id,omitempty"` @@ -421,21 +594,21 @@ type S3AccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *S3AccessInfo) Reset() { - *x = S3AccessInfo{} - mi := &file_cosi_proto_msgTypes[5] +func (x *S3CredentialInfo) Reset() { + *x = S3CredentialInfo{} + mi := &file_cosi_proto_msgTypes[6] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *S3AccessInfo) String() string { +func (x *S3CredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*S3AccessInfo) ProtoMessage() {} +func (*S3CredentialInfo) ProtoMessage() {} -func (x *S3AccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[5] +func (x *S3CredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[6] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -446,19 +619,19 @@ func (x *S3AccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use S3AccessInfo.ProtoReflect.Descriptor instead. -func (*S3AccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{5} +// Deprecated: Use S3CredentialInfo.ProtoReflect.Descriptor instead. +func (*S3CredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{6} } -func (x *S3AccessInfo) GetAccessKeyId() string { +func (x *S3CredentialInfo) GetAccessKeyId() string { if x != nil { return x.AccessKeyId } return "" } -func (x *S3AccessInfo) GetAccessSecretKey() string { +func (x *S3CredentialInfo) GetAccessSecretKey() string { if x != nil { return x.AccessSecretKey } @@ -476,7 +649,7 @@ type S3AddressingStyle struct { func (x *S3AddressingStyle) Reset() { *x = S3AddressingStyle{} - mi := &file_cosi_proto_msgTypes[6] + mi := &file_cosi_proto_msgTypes[7] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -488,7 +661,7 @@ func (x *S3AddressingStyle) String() string { func (*S3AddressingStyle) ProtoMessage() {} func (x *S3AddressingStyle) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[6] + mi := &file_cosi_proto_msgTypes[7] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -501,7 +674,7 @@ func (x *S3AddressingStyle) ProtoReflect() protoreflect.Message { // Deprecated: Use S3AddressingStyle.ProtoReflect.Descriptor instead. func (*S3AddressingStyle) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{6} + return file_cosi_proto_rawDescGZIP(), []int{7} } func (x *S3AddressingStyle) GetStyle() S3AddressingStyle_Style { @@ -521,7 +694,7 @@ type AzureBucketInfo struct { func (x *AzureBucketInfo) Reset() { *x = AzureBucketInfo{} - mi := &file_cosi_proto_msgTypes[7] + mi := &file_cosi_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -533,7 +706,7 @@ func (x *AzureBucketInfo) String() string { func (*AzureBucketInfo) ProtoMessage() {} func (x *AzureBucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[7] + mi := &file_cosi_proto_msgTypes[8] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -546,7 +719,7 @@ func (x *AzureBucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use AzureBucketInfo.ProtoReflect.Descriptor instead. func (*AzureBucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{7} + return file_cosi_proto_rawDescGZIP(), []int{8} } func (x *AzureBucketInfo) GetStorageAccount() string { @@ -556,7 +729,7 @@ func (x *AzureBucketInfo) GetStorageAccount() string { return "" } -type AzureAccessInfo struct { +type AzureCredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. @@ -569,21 +742,21 @@ type AzureAccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *AzureAccessInfo) Reset() { - *x = AzureAccessInfo{} - mi := &file_cosi_proto_msgTypes[8] +func (x *AzureCredentialInfo) Reset() { + *x = AzureCredentialInfo{} + mi := &file_cosi_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *AzureAccessInfo) String() string { +func (x *AzureCredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*AzureAccessInfo) ProtoMessage() {} +func (*AzureCredentialInfo) ProtoMessage() {} -func (x *AzureAccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[8] +func (x *AzureCredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -594,19 +767,19 @@ func (x *AzureAccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use AzureAccessInfo.ProtoReflect.Descriptor instead. -func (*AzureAccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{8} +// Deprecated: Use AzureCredentialInfo.ProtoReflect.Descriptor instead. +func (*AzureCredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{9} } -func (x *AzureAccessInfo) GetAccessToken() string { +func (x *AzureCredentialInfo) GetAccessToken() string { if x != nil { return x.AccessToken } return "" } -func (x *AzureAccessInfo) GetExpiryTimestamp() string { +func (x *AzureCredentialInfo) GetExpiryTimestamp() string { if x != nil { return x.ExpiryTimestamp } @@ -625,7 +798,7 @@ type GcsBucketInfo struct { func (x *GcsBucketInfo) Reset() { *x = GcsBucketInfo{} - mi := &file_cosi_proto_msgTypes[9] + mi := &file_cosi_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -637,7 +810,7 @@ func (x *GcsBucketInfo) String() string { func (*GcsBucketInfo) ProtoMessage() {} func (x *GcsBucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[9] + mi := &file_cosi_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -650,7 +823,7 @@ func (x *GcsBucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use GcsBucketInfo.ProtoReflect.Descriptor instead. func (*GcsBucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{9} + return file_cosi_proto_rawDescGZIP(), []int{10} } func (x *GcsBucketInfo) GetProjectId() string { @@ -667,7 +840,7 @@ func (x *GcsBucketInfo) GetBucketName() string { return "" } -type GcsAccessInfo struct { +type GcsCredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // HMAC access ID. AccessId string `protobuf:"bytes,1,opt,name=access_id,json=accessId,proto3" json:"access_id,omitempty"` @@ -681,21 +854,21 @@ type GcsAccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *GcsAccessInfo) Reset() { - *x = GcsAccessInfo{} - mi := &file_cosi_proto_msgTypes[10] +func (x *GcsCredentialInfo) Reset() { + *x = GcsCredentialInfo{} + mi := &file_cosi_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *GcsAccessInfo) String() string { +func (x *GcsCredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*GcsAccessInfo) ProtoMessage() {} +func (*GcsCredentialInfo) ProtoMessage() {} -func (x *GcsAccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[10] +func (x *GcsCredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[11] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -706,39 +879,119 @@ func (x *GcsAccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use GcsAccessInfo.ProtoReflect.Descriptor instead. -func (*GcsAccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{10} +// Deprecated: Use GcsCredentialInfo.ProtoReflect.Descriptor instead. +func (*GcsCredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{11} } -func (x *GcsAccessInfo) GetAccessId() string { +func (x *GcsCredentialInfo) GetAccessId() string { if x != nil { return x.AccessId } return "" } -func (x *GcsAccessInfo) GetAccessSecret() string { +func (x *GcsCredentialInfo) GetAccessSecret() string { if x != nil { return x.AccessSecret } return "" } -func (x *GcsAccessInfo) GetPrivateKeyName() string { +func (x *GcsCredentialInfo) GetPrivateKeyName() string { if x != nil { return x.PrivateKeyName } return "" } -func (x *GcsAccessInfo) GetServiceAccount() string { +func (x *GcsCredentialInfo) GetServiceAccount() string { if x != nil { return x.ServiceAccount } return "" } +type AuthenticationType struct { + state protoimpl.MessageState `protogen:"open.v1"` + Type AuthenticationType_Type `protobuf:"varint,1,opt,name=type,proto3,enum=sigs.k8s.io.cosi.v1alpha2.AuthenticationType_Type" json:"type,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *AuthenticationType) Reset() { + *x = AuthenticationType{} + mi := &file_cosi_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuthenticationType) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthenticationType) ProtoMessage() {} + +func (x *AuthenticationType) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthenticationType.ProtoReflect.Descriptor instead. +func (*AuthenticationType) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{12} +} + +func (x *AuthenticationType) GetType() AuthenticationType_Type { + if x != nil { + return x.Type + } + return AuthenticationType_UNKNOWN +} + +type AccessMode struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *AccessMode) Reset() { + *x = AccessMode{} + mi := &file_cosi_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AccessMode) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AccessMode) ProtoMessage() {} + +func (x *AccessMode) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AccessMode.ProtoReflect.Descriptor instead. +func (*AccessMode) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{13} +} + type DriverCreateBucketRequest struct { state protoimpl.MessageState `protogen:"open.v1"` // REQUIRED. The suggested name for the backend bucket. @@ -772,7 +1025,7 @@ type DriverCreateBucketRequest struct { func (x *DriverCreateBucketRequest) Reset() { *x = DriverCreateBucketRequest{} - mi := &file_cosi_proto_msgTypes[11] + mi := &file_cosi_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -784,7 +1037,7 @@ func (x *DriverCreateBucketRequest) String() string { func (*DriverCreateBucketRequest) ProtoMessage() {} func (x *DriverCreateBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[11] + mi := &file_cosi_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -797,7 +1050,7 @@ func (x *DriverCreateBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverCreateBucketRequest.ProtoReflect.Descriptor instead. func (*DriverCreateBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{11} + return file_cosi_proto_rawDescGZIP(), []int{14} } func (x *DriverCreateBucketRequest) GetName() string { @@ -851,7 +1104,7 @@ type DriverCreateBucketResponse struct { func (x *DriverCreateBucketResponse) Reset() { *x = DriverCreateBucketResponse{} - mi := &file_cosi_proto_msgTypes[12] + mi := &file_cosi_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -863,7 +1116,7 @@ func (x *DriverCreateBucketResponse) String() string { func (*DriverCreateBucketResponse) ProtoMessage() {} func (x *DriverCreateBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[12] + mi := &file_cosi_proto_msgTypes[15] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -876,7 +1129,7 @@ func (x *DriverCreateBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverCreateBucketResponse.ProtoReflect.Descriptor instead. func (*DriverCreateBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{12} + return file_cosi_proto_rawDescGZIP(), []int{15} } func (x *DriverCreateBucketResponse) GetBucketId() string { @@ -894,14 +1147,26 @@ func (x *DriverCreateBucketResponse) GetProtocols() *ObjectProtocolAndBucketInfo } type DriverGetExistingBucketRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + ExistingBucketId string `protobuf:"bytes,1,opt,name=existing_bucket_id,json=existingBucketId,proto3" json:"existing_bucket_id,omitempty"` + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + Protocols []*ObjectProtocol `protobuf:"bytes,2,rep,name=protocols,proto3" json:"protocols,omitempty"` + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + Parameters map[string]string `protobuf:"bytes,4,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGetExistingBucketRequest) Reset() { *x = DriverGetExistingBucketRequest{} - mi := &file_cosi_proto_msgTypes[13] + mi := &file_cosi_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -913,7 +1178,7 @@ func (x *DriverGetExistingBucketRequest) String() string { func (*DriverGetExistingBucketRequest) ProtoMessage() {} func (x *DriverGetExistingBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[13] + mi := &file_cosi_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -926,30 +1191,73 @@ func (x *DriverGetExistingBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGetExistingBucketRequest.ProtoReflect.Descriptor instead. func (*DriverGetExistingBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{13} + return file_cosi_proto_rawDescGZIP(), []int{16} } -type DriverGetExistingBucketResponse struct { - state protoimpl.MessageState `protogen:"open.v1"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache +func (x *DriverGetExistingBucketRequest) GetExistingBucketId() string { + if x != nil { + return x.ExistingBucketId + } + return "" } -func (x *DriverGetExistingBucketResponse) Reset() { - *x = DriverGetExistingBucketResponse{} - mi := &file_cosi_proto_msgTypes[14] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) +func (x *DriverGetExistingBucketRequest) GetProtocols() []*ObjectProtocol { + if x != nil { + return x.Protocols + } + return nil } -func (x *DriverGetExistingBucketResponse) String() string { - return protoimpl.X.MessageStringOf(x) +func (x *DriverGetExistingBucketRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil } -func (*DriverGetExistingBucketResponse) ProtoMessage() {} - +type DriverGetExistingBucketResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + Protocols *ObjectProtocolAndBucketInfo `protobuf:"bytes,2,opt,name=protocols,proto3" json:"protocols,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGetExistingBucketResponse) Reset() { + *x = DriverGetExistingBucketResponse{} + mi := &file_cosi_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGetExistingBucketResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGetExistingBucketResponse) ProtoMessage() {} + func (x *DriverGetExistingBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[14] + mi := &file_cosi_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -962,18 +1270,36 @@ func (x *DriverGetExistingBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGetExistingBucketResponse.ProtoReflect.Descriptor instead. func (*DriverGetExistingBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{14} + return file_cosi_proto_rawDescGZIP(), []int{17} +} + +func (x *DriverGetExistingBucketResponse) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGetExistingBucketResponse) GetProtocols() *ObjectProtocolAndBucketInfo { + if x != nil { + return x.Protocols + } + return nil } type DriverDeleteBucketRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + Parameters map[string]string `protobuf:"bytes,4,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverDeleteBucketRequest) Reset() { *x = DriverDeleteBucketRequest{} - mi := &file_cosi_proto_msgTypes[15] + mi := &file_cosi_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -985,7 +1311,7 @@ func (x *DriverDeleteBucketRequest) String() string { func (*DriverDeleteBucketRequest) ProtoMessage() {} func (x *DriverDeleteBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[15] + mi := &file_cosi_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -998,7 +1324,21 @@ func (x *DriverDeleteBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverDeleteBucketRequest.ProtoReflect.Descriptor instead. func (*DriverDeleteBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{15} + return file_cosi_proto_rawDescGZIP(), []int{18} +} + +func (x *DriverDeleteBucketRequest) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverDeleteBucketRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil } type DriverDeleteBucketResponse struct { @@ -1009,7 +1349,7 @@ type DriverDeleteBucketResponse struct { func (x *DriverDeleteBucketResponse) Reset() { *x = DriverDeleteBucketResponse{} - mi := &file_cosi_proto_msgTypes[16] + mi := &file_cosi_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1021,7 +1361,7 @@ func (x *DriverDeleteBucketResponse) String() string { func (*DriverDeleteBucketResponse) ProtoMessage() {} func (x *DriverDeleteBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[16] + mi := &file_cosi_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1034,18 +1374,49 @@ func (x *DriverDeleteBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverDeleteBucketResponse.ProtoReflect.Descriptor instead. func (*DriverDeleteBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{16} + return file_cosi_proto_rawDescGZIP(), []int{19} } type DriverGrantBucketAccessRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1. Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2. Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + AccountName string `protobuf:"bytes,1,opt,name=account_name,json=accountName,proto3" json:"account_name,omitempty"` + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + Protocol *ObjectProtocol `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType *AuthenticationType `protobuf:"bytes,3,opt,name=authentication_type,json=authenticationType,proto3" json:"authentication_type,omitempty"` + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + ServiceAccountName string `protobuf:"bytes,4,opt,name=service_account_name,json=serviceAccountName,proto3" json:"service_account_name,omitempty"` + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + Parameters map[string]string `protobuf:"bytes,5,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` + // REQUIRED. Access to at least one bucket MUST be requested. + Buckets []*DriverGrantBucketAccessRequest_AccessedBucket `protobuf:"bytes,6,rep,name=buckets,proto3" json:"buckets,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGrantBucketAccessRequest) Reset() { *x = DriverGrantBucketAccessRequest{} - mi := &file_cosi_proto_msgTypes[17] + mi := &file_cosi_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1057,7 +1428,7 @@ func (x *DriverGrantBucketAccessRequest) String() string { func (*DriverGrantBucketAccessRequest) ProtoMessage() {} func (x *DriverGrantBucketAccessRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[17] + mi := &file_cosi_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1070,18 +1441,69 @@ func (x *DriverGrantBucketAccessRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGrantBucketAccessRequest.ProtoReflect.Descriptor instead. func (*DriverGrantBucketAccessRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{17} + return file_cosi_proto_rawDescGZIP(), []int{20} +} + +func (x *DriverGrantBucketAccessRequest) GetAccountName() string { + if x != nil { + return x.AccountName + } + return "" +} + +func (x *DriverGrantBucketAccessRequest) GetProtocol() *ObjectProtocol { + if x != nil { + return x.Protocol + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetAuthenticationType() *AuthenticationType { + if x != nil { + return x.AuthenticationType + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetServiceAccountName() string { + if x != nil { + return x.ServiceAccountName + } + return "" +} + +func (x *DriverGrantBucketAccessRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetBuckets() []*DriverGrantBucketAccessRequest_AccessedBucket { + if x != nil { + return x.Buckets + } + return nil } type DriverGrantBucketAccessResponse struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + Buckets []*DriverGrantBucketAccessResponse_BucketInfo `protobuf:"bytes,2,rep,name=buckets,proto3" json:"buckets,omitempty"` + // REQUIRED. + Credentials *CredentialInfo `protobuf:"bytes,3,opt,name=credentials,proto3" json:"credentials,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGrantBucketAccessResponse) Reset() { *x = DriverGrantBucketAccessResponse{} - mi := &file_cosi_proto_msgTypes[18] + mi := &file_cosi_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1093,7 +1515,7 @@ func (x *DriverGrantBucketAccessResponse) String() string { func (*DriverGrantBucketAccessResponse) ProtoMessage() {} func (x *DriverGrantBucketAccessResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[18] + mi := &file_cosi_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1106,18 +1528,53 @@ func (x *DriverGrantBucketAccessResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGrantBucketAccessResponse.ProtoReflect.Descriptor instead. func (*DriverGrantBucketAccessResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{18} + return file_cosi_proto_rawDescGZIP(), []int{21} +} + +func (x *DriverGrantBucketAccessResponse) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *DriverGrantBucketAccessResponse) GetBuckets() []*DriverGrantBucketAccessResponse_BucketInfo { + if x != nil { + return x.Buckets + } + return nil +} + +func (x *DriverGrantBucketAccessResponse) GetCredentials() *CredentialInfo { + if x != nil { + return x.Credentials + } + return nil } type DriverRevokeBucketAccessRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend access account + AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + // REQUIRED. The object storage protocol associated with the provisioned access. + Protocol *ObjectProtocol `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType *AuthenticationType `protobuf:"bytes,3,opt,name=authentication_type,json=authenticationType,proto3" json:"authentication_type,omitempty"` + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + ServiceAccountName string `protobuf:"bytes,4,opt,name=service_account_name,json=serviceAccountName,proto3" json:"service_account_name,omitempty"` + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + Parameters map[string]string `protobuf:"bytes,5,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` + // REQUIRED. Buckets associated with the provisioned access. + Buckets []*DriverRevokeBucketAccessRequest_AccessedBucket `protobuf:"bytes,6,rep,name=buckets,proto3" json:"buckets,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverRevokeBucketAccessRequest) Reset() { *x = DriverRevokeBucketAccessRequest{} - mi := &file_cosi_proto_msgTypes[19] + mi := &file_cosi_proto_msgTypes[22] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1129,7 +1586,7 @@ func (x *DriverRevokeBucketAccessRequest) String() string { func (*DriverRevokeBucketAccessRequest) ProtoMessage() {} func (x *DriverRevokeBucketAccessRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[19] + mi := &file_cosi_proto_msgTypes[22] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1142,7 +1599,49 @@ func (x *DriverRevokeBucketAccessRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverRevokeBucketAccessRequest.ProtoReflect.Descriptor instead. func (*DriverRevokeBucketAccessRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{19} + return file_cosi_proto_rawDescGZIP(), []int{22} +} + +func (x *DriverRevokeBucketAccessRequest) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *DriverRevokeBucketAccessRequest) GetProtocol() *ObjectProtocol { + if x != nil { + return x.Protocol + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetAuthenticationType() *AuthenticationType { + if x != nil { + return x.AuthenticationType + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetServiceAccountName() string { + if x != nil { + return x.ServiceAccountName + } + return "" +} + +func (x *DriverRevokeBucketAccessRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetBuckets() []*DriverRevokeBucketAccessRequest_AccessedBucket { + if x != nil { + return x.Buckets + } + return nil } type DriverRevokeBucketAccessResponse struct { @@ -1153,7 +1652,7 @@ type DriverRevokeBucketAccessResponse struct { func (x *DriverRevokeBucketAccessResponse) Reset() { *x = DriverRevokeBucketAccessResponse{} - mi := &file_cosi_proto_msgTypes[20] + mi := &file_cosi_proto_msgTypes[23] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1165,7 +1664,7 @@ func (x *DriverRevokeBucketAccessResponse) String() string { func (*DriverRevokeBucketAccessResponse) ProtoMessage() {} func (x *DriverRevokeBucketAccessResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[20] + mi := &file_cosi_proto_msgTypes[23] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1178,7 +1677,167 @@ func (x *DriverRevokeBucketAccessResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverRevokeBucketAccessResponse.ProtoReflect.Descriptor instead. func (*DriverRevokeBucketAccessResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{20} + return file_cosi_proto_rawDescGZIP(), []int{23} +} + +type DriverGrantBucketAccessRequest_AccessedBucket struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode *AccessMode `protobuf:"bytes,2,opt,name=access_mode,json=accessMode,proto3" json:"access_mode,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) Reset() { + *x = DriverGrantBucketAccessRequest_AccessedBucket{} + mi := &file_cosi_proto_msgTypes[28] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGrantBucketAccessRequest_AccessedBucket) ProtoMessage() {} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[28] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverGrantBucketAccessRequest_AccessedBucket.ProtoReflect.Descriptor instead. +func (*DriverGrantBucketAccessRequest_AccessedBucket) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{20, 1} +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) GetAccessMode() *AccessMode { + if x != nil { + return x.AccessMode + } + return nil +} + +type DriverGrantBucketAccessResponse_BucketInfo struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + BucketInfo *ObjectProtocolAndBucketInfo `protobuf:"bytes,2,opt,name=bucket_info,json=bucketInfo,proto3" json:"bucket_info,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) Reset() { + *x = DriverGrantBucketAccessResponse_BucketInfo{} + mi := &file_cosi_proto_msgTypes[29] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGrantBucketAccessResponse_BucketInfo) ProtoMessage() {} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[29] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverGrantBucketAccessResponse_BucketInfo.ProtoReflect.Descriptor instead. +func (*DriverGrantBucketAccessResponse_BucketInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{21, 0} +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) GetBucketInfo() *ObjectProtocolAndBucketInfo { + if x != nil { + return x.BucketInfo + } + return nil +} + +type DriverRevokeBucketAccessRequest_AccessedBucket struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) Reset() { + *x = DriverRevokeBucketAccessRequest_AccessedBucket{} + mi := &file_cosi_proto_msgTypes[31] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverRevokeBucketAccessRequest_AccessedBucket) ProtoMessage() {} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[31] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverRevokeBucketAccessRequest_AccessedBucket.ProtoReflect.Descriptor instead. +func (*DriverRevokeBucketAccessRequest_AccessedBucket) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{22, 1} +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" } var file_cosi_proto_extTypes = []protoimpl.ExtensionInfo{ @@ -1325,13 +1984,17 @@ const file_cosi_proto_rawDesc = "" + "\x1bObjectProtocolAndBucketInfo\x127\n" + "\x02s3\x18\x01 \x01(\v2'.sigs.k8s.io.cosi.v1alpha2.S3BucketInfoR\x02s3\x12@\n" + "\x05azure\x18\x02 \x01(\v2*.sigs.k8s.io.cosi.v1alpha2.AzureBucketInfoR\x05azure\x12:\n" + - "\x03gcs\x18\x03 \x01(\v2(.sigs.k8s.io.cosi.v1alpha2.GcsBucketInfoR\x03gcs\"\xb8\x01\n" + + "\x03gcs\x18\x03 \x01(\v2(.sigs.k8s.io.cosi.v1alpha2.GcsBucketInfoR\x03gcs\"\xd3\x01\n" + + "\x0eCredentialInfo\x12;\n" + + "\x02s3\x18\x01 \x01(\v2+.sigs.k8s.io.cosi.v1alpha2.S3CredentialInfoR\x02s3\x12D\n" + + "\x05azure\x18\x02 \x01(\v2..sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfoR\x05azure\x12>\n" + + "\x03gcs\x18\x03 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfoR\x03gcs\"\xb8\x01\n" + "\fS3BucketInfo\x12\x1b\n" + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12\x1a\n" + "\bendpoint\x18\x02 \x01(\tR\bendpoint\x12\x16\n" + "\x06region\x18\x03 \x01(\tR\x06region\x12W\n" + - "\x10addressing_style\x18\x04 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.S3AddressingStyleR\x0faddressingStyle\"^\n" + - "\fS3AccessInfo\x12\"\n" + + "\x10addressing_style\x18\x04 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.S3AddressingStyleR\x0faddressingStyle\"b\n" + + "\x10S3CredentialInfo\x12\"\n" + "\raccess_key_id\x18\x01 \x01(\tR\vaccessKeyId\x12*\n" + "\x11access_secret_key\x18\x02 \x01(\tR\x0faccessSecretKey\"\x8a\x01\n" + "\x11S3AddressingStyle\x12H\n" + @@ -1341,20 +2004,35 @@ const file_cosi_proto_rawDesc = "" + "\x04PATH\x10\x01\x12\v\n" + "\aVIRTUAL\x10\x02\":\n" + "\x0fAzureBucketInfo\x12'\n" + - "\x0fstorage_account\x18\x01 \x01(\tR\x0estorageAccount\"_\n" + - "\x0fAzureAccessInfo\x12!\n" + + "\x0fstorage_account\x18\x01 \x01(\tR\x0estorageAccount\"c\n" + + "\x13AzureCredentialInfo\x12!\n" + "\faccess_token\x18\x01 \x01(\tR\vaccessToken\x12)\n" + "\x10expiry_timestamp\x18\x02 \x01(\tR\x0fexpiryTimestamp\"O\n" + "\rGcsBucketInfo\x12\x1d\n" + "\n" + "project_id\x18\x01 \x01(\tR\tprojectId\x12\x1f\n" + "\vbucket_name\x18\x02 \x01(\tR\n" + - "bucketName\"\xa4\x01\n" + - "\rGcsAccessInfo\x12\x1b\n" + + "bucketName\"\xa8\x01\n" + + "\x11GcsCredentialInfo\x12\x1b\n" + "\taccess_id\x18\x01 \x01(\tR\baccessId\x12#\n" + "\raccess_secret\x18\x02 \x01(\tR\faccessSecret\x12(\n" + "\x10private_key_name\x18\x03 \x01(\tR\x0eprivateKeyName\x12'\n" + - "\x0fservice_account\x18\x04 \x01(\tR\x0eserviceAccount\"\x9d\x02\n" + + "\x0fservice_account\x18\x04 \x01(\tR\x0eserviceAccount\"\x8f\x01\n" + + "\x12AuthenticationType\x12F\n" + + "\x04type\x18\x01 \x01(\x0e22.sigs.k8s.io.cosi.v1alpha2.AuthenticationType.TypeR\x04type\"1\n" + + "\x04Type\x12\v\n" + + "\aUNKNOWN\x10\x00\x12\a\n" + + "\x03KEY\x10\x01\x12\x13\n" + + "\x0fSERVICE_ACCOUNT\x10\x02\"P\n" + + "\n" + + "AccessMode\"B\n" + + "\x04Mode\x12\v\n" + + "\aUNKNOWN\x10\x00\x12\x0e\n" + + "\n" + + "READ_WRITE\x10\x01\x12\r\n" + + "\tREAD_ONLY\x10\x02\x12\x0e\n" + + "\n" + + "WRITE_ONLY\x10\x03\"\x9d\x02\n" + "\x19DriverCreateBucketRequest\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12G\n" + "\tprotocols\x18\x02 \x03(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\tprotocols\x12d\n" + @@ -1366,14 +2044,69 @@ const file_cosi_proto_rawDesc = "" + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x8f\x01\n" + "\x1aDriverCreateBucketResponse\x12\x1b\n" + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12T\n" + - "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\" \n" + - "\x1eDriverGetExistingBucketRequest\"!\n" + - "\x1fDriverGetExistingBucketResponse\"\x1b\n" + - "\x19DriverDeleteBucketRequest\"\x1c\n" + - "\x1aDriverDeleteBucketResponse\" \n" + - "\x1eDriverGrantBucketAccessRequest\"!\n" + - "\x1fDriverGrantBucketAccessResponse\"!\n" + - "\x1fDriverRevokeBucketAccessRequest\"\"\n" + + "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\"\xc1\x02\n" + + "\x1eDriverGetExistingBucketRequest\x12,\n" + + "\x12existing_bucket_id\x18\x01 \x01(\tR\x10existingBucketId\x12G\n" + + "\tprotocols\x18\x02 \x03(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\tprotocols\x12i\n" + + "\n" + + "parameters\x18\x04 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntryR\n" + + "parameters\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x94\x01\n" + + "\x1fDriverGetExistingBucketResponse\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12T\n" + + "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\"\xdd\x01\n" + + "\x19DriverDeleteBucketRequest\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12d\n" + + "\n" + + "parameters\x18\x04 \x03(\v2D.sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntryR\n" + + "parameters\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x1c\n" + + "\x1aDriverDeleteBucketResponse\"\xa1\x05\n" + + "\x1eDriverGrantBucketAccessRequest\x12!\n" + + "\faccount_name\x18\x01 \x01(\tR\vaccountName\x12E\n" + + "\bprotocol\x18\x02 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\bprotocol\x12^\n" + + "\x13authentication_type\x18\x03 \x01(\v2-.sigs.k8s.io.cosi.v1alpha2.AuthenticationTypeR\x12authenticationType\x120\n" + + "\x14service_account_name\x18\x04 \x01(\tR\x12serviceAccountName\x12i\n" + + "\n" + + "parameters\x18\x05 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntryR\n" + + "parameters\x12b\n" + + "\abuckets\x18\x06 \x03(\v2H.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucketR\abuckets\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\x1au\n" + + "\x0eAccessedBucket\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12F\n" + + "\vaccess_mode\x18\x02 \x01(\v2%.sigs.k8s.io.cosi.v1alpha2.AccessModeR\n" + + "accessMode\"\xf3\x02\n" + + "\x1fDriverGrantBucketAccessResponse\x12\x1d\n" + + "\n" + + "account_id\x18\x01 \x01(\tR\taccountId\x12_\n" + + "\abuckets\x18\x02 \x03(\v2E.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfoR\abuckets\x12K\n" + + "\vcredentials\x18\x03 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.CredentialInfoR\vcredentials\x1a\x82\x01\n" + + "\n" + + "BucketInfo\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12W\n" + + "\vbucket_info\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\n" + + "bucketInfo\"\xd8\x04\n" + + "\x1fDriverRevokeBucketAccessRequest\x12\x1d\n" + + "\n" + + "account_id\x18\x01 \x01(\tR\taccountId\x12E\n" + + "\bprotocol\x18\x02 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\bprotocol\x12^\n" + + "\x13authentication_type\x18\x03 \x01(\v2-.sigs.k8s.io.cosi.v1alpha2.AuthenticationTypeR\x12authenticationType\x120\n" + + "\x14service_account_name\x18\x04 \x01(\tR\x12serviceAccountName\x12j\n" + + "\n" + + "parameters\x18\x05 \x03(\v2J.sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntryR\n" + + "parameters\x12c\n" + + "\abuckets\x18\x06 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucketR\abuckets\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\x1a-\n" + + "\x0eAccessedBucket\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\"\"\n" + " DriverRevokeBucketAccessResponse2\x80\x01\n" + "\bIdentity\x12t\n" + "\rDriverGetInfo\x12/.sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest\x1a0.sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse\"\x002\xd7\x05\n" + @@ -1406,75 +2139,107 @@ func file_cosi_proto_rawDescGZIP() []byte { return file_cosi_proto_rawDescData } -var file_cosi_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_cosi_proto_msgTypes = make([]protoimpl.MessageInfo, 22) +var file_cosi_proto_enumTypes = make([]protoimpl.EnumInfo, 4) +var file_cosi_proto_msgTypes = make([]protoimpl.MessageInfo, 32) var file_cosi_proto_goTypes = []any{ - (ObjectProtocol_Type)(0), // 0: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type - (S3AddressingStyle_Style)(0), // 1: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style - (*DriverGetInfoRequest)(nil), // 2: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest - (*DriverGetInfoResponse)(nil), // 3: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse - (*ObjectProtocol)(nil), // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol - (*ObjectProtocolAndBucketInfo)(nil), // 5: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo - (*S3BucketInfo)(nil), // 6: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo - (*S3AccessInfo)(nil), // 7: sigs.k8s.io.cosi.v1alpha2.S3AccessInfo - (*S3AddressingStyle)(nil), // 8: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle - (*AzureBucketInfo)(nil), // 9: sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo - (*AzureAccessInfo)(nil), // 10: sigs.k8s.io.cosi.v1alpha2.AzureAccessInfo - (*GcsBucketInfo)(nil), // 11: sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo - (*GcsAccessInfo)(nil), // 12: sigs.k8s.io.cosi.v1alpha2.GcsAccessInfo - (*DriverCreateBucketRequest)(nil), // 13: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest - (*DriverCreateBucketResponse)(nil), // 14: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse - (*DriverGetExistingBucketRequest)(nil), // 15: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest - (*DriverGetExistingBucketResponse)(nil), // 16: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse - (*DriverDeleteBucketRequest)(nil), // 17: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest - (*DriverDeleteBucketResponse)(nil), // 18: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse - (*DriverGrantBucketAccessRequest)(nil), // 19: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest - (*DriverGrantBucketAccessResponse)(nil), // 20: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse - (*DriverRevokeBucketAccessRequest)(nil), // 21: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest - (*DriverRevokeBucketAccessResponse)(nil), // 22: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse - nil, // 23: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry - (*descriptorpb.EnumOptions)(nil), // 24: google.protobuf.EnumOptions - (*descriptorpb.EnumValueOptions)(nil), // 25: google.protobuf.EnumValueOptions - (*descriptorpb.FieldOptions)(nil), // 26: google.protobuf.FieldOptions - (*descriptorpb.MessageOptions)(nil), // 27: google.protobuf.MessageOptions - (*descriptorpb.MethodOptions)(nil), // 28: google.protobuf.MethodOptions - (*descriptorpb.ServiceOptions)(nil), // 29: google.protobuf.ServiceOptions + (ObjectProtocol_Type)(0), // 0: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type + (S3AddressingStyle_Style)(0), // 1: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style + (AuthenticationType_Type)(0), // 2: sigs.k8s.io.cosi.v1alpha2.AuthenticationType.Type + (AccessMode_Mode)(0), // 3: sigs.k8s.io.cosi.v1alpha2.AccessMode.Mode + (*DriverGetInfoRequest)(nil), // 4: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest + (*DriverGetInfoResponse)(nil), // 5: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse + (*ObjectProtocol)(nil), // 6: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + (*ObjectProtocolAndBucketInfo)(nil), // 7: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + (*CredentialInfo)(nil), // 8: sigs.k8s.io.cosi.v1alpha2.CredentialInfo + (*S3BucketInfo)(nil), // 9: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo + (*S3CredentialInfo)(nil), // 10: sigs.k8s.io.cosi.v1alpha2.S3CredentialInfo + (*S3AddressingStyle)(nil), // 11: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle + (*AzureBucketInfo)(nil), // 12: sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo + (*AzureCredentialInfo)(nil), // 13: sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfo + (*GcsBucketInfo)(nil), // 14: sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo + (*GcsCredentialInfo)(nil), // 15: sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfo + (*AuthenticationType)(nil), // 16: sigs.k8s.io.cosi.v1alpha2.AuthenticationType + (*AccessMode)(nil), // 17: sigs.k8s.io.cosi.v1alpha2.AccessMode + (*DriverCreateBucketRequest)(nil), // 18: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest + (*DriverCreateBucketResponse)(nil), // 19: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse + (*DriverGetExistingBucketRequest)(nil), // 20: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest + (*DriverGetExistingBucketResponse)(nil), // 21: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse + (*DriverDeleteBucketRequest)(nil), // 22: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest + (*DriverDeleteBucketResponse)(nil), // 23: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse + (*DriverGrantBucketAccessRequest)(nil), // 24: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest + (*DriverGrantBucketAccessResponse)(nil), // 25: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse + (*DriverRevokeBucketAccessRequest)(nil), // 26: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest + (*DriverRevokeBucketAccessResponse)(nil), // 27: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse + nil, // 28: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry + nil, // 29: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntry + nil, // 30: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntry + nil, // 31: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntry + (*DriverGrantBucketAccessRequest_AccessedBucket)(nil), // 32: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket + (*DriverGrantBucketAccessResponse_BucketInfo)(nil), // 33: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo + nil, // 34: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntry + (*DriverRevokeBucketAccessRequest_AccessedBucket)(nil), // 35: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucket + (*descriptorpb.EnumOptions)(nil), // 36: google.protobuf.EnumOptions + (*descriptorpb.EnumValueOptions)(nil), // 37: google.protobuf.EnumValueOptions + (*descriptorpb.FieldOptions)(nil), // 38: google.protobuf.FieldOptions + (*descriptorpb.MessageOptions)(nil), // 39: google.protobuf.MessageOptions + (*descriptorpb.MethodOptions)(nil), // 40: google.protobuf.MethodOptions + (*descriptorpb.ServiceOptions)(nil), // 41: google.protobuf.ServiceOptions } var file_cosi_proto_depIdxs = []int32{ - 4, // 0: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse.supported_protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 6, // 0: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse.supported_protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol 0, // 1: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.type:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type - 6, // 2: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3BucketInfo - 9, // 3: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo - 11, // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo - 8, // 5: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo.addressing_style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle - 1, // 6: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style - 4, // 7: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol - 23, // 8: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry - 5, // 9: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo - 24, // 10: sigs.k8s.io.cosi.v1alpha2.alpha_enum:extendee -> google.protobuf.EnumOptions - 25, // 11: sigs.k8s.io.cosi.v1alpha2.alpha_enum_value:extendee -> google.protobuf.EnumValueOptions - 26, // 12: sigs.k8s.io.cosi.v1alpha2.cosi_secret:extendee -> google.protobuf.FieldOptions - 26, // 13: sigs.k8s.io.cosi.v1alpha2.alpha_field:extendee -> google.protobuf.FieldOptions - 27, // 14: sigs.k8s.io.cosi.v1alpha2.alpha_message:extendee -> google.protobuf.MessageOptions - 28, // 15: sigs.k8s.io.cosi.v1alpha2.alpha_method:extendee -> google.protobuf.MethodOptions - 29, // 16: sigs.k8s.io.cosi.v1alpha2.alpha_service:extendee -> google.protobuf.ServiceOptions - 2, // 17: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest - 13, // 18: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest - 15, // 19: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest - 17, // 20: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest - 19, // 21: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest - 21, // 22: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest - 3, // 23: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse - 14, // 24: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse - 16, // 25: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse - 18, // 26: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse - 20, // 27: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse - 22, // 28: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse - 23, // [23:29] is the sub-list for method output_type - 17, // [17:23] is the sub-list for method input_type - 17, // [17:17] is the sub-list for extension type_name - 10, // [10:17] is the sub-list for extension extendee - 0, // [0:10] is the sub-list for field type_name + 9, // 2: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3BucketInfo + 12, // 3: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo + 14, // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo + 10, // 5: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3CredentialInfo + 13, // 6: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfo + 15, // 7: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfo + 11, // 8: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo.addressing_style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle + 1, // 9: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style + 2, // 10: sigs.k8s.io.cosi.v1alpha2.AuthenticationType.type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType.Type + 6, // 11: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 28, // 12: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry + 7, // 13: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 6, // 14: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 29, // 15: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntry + 7, // 16: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 30, // 17: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntry + 6, // 18: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.protocol:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 16, // 19: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.authentication_type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType + 31, // 20: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntry + 32, // 21: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket + 33, // 22: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo + 8, // 23: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.credentials:type_name -> sigs.k8s.io.cosi.v1alpha2.CredentialInfo + 6, // 24: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.protocol:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 16, // 25: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.authentication_type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType + 34, // 26: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntry + 35, // 27: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucket + 17, // 28: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket.access_mode:type_name -> sigs.k8s.io.cosi.v1alpha2.AccessMode + 7, // 29: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo.bucket_info:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 36, // 30: sigs.k8s.io.cosi.v1alpha2.alpha_enum:extendee -> google.protobuf.EnumOptions + 37, // 31: sigs.k8s.io.cosi.v1alpha2.alpha_enum_value:extendee -> google.protobuf.EnumValueOptions + 38, // 32: sigs.k8s.io.cosi.v1alpha2.cosi_secret:extendee -> google.protobuf.FieldOptions + 38, // 33: sigs.k8s.io.cosi.v1alpha2.alpha_field:extendee -> google.protobuf.FieldOptions + 39, // 34: sigs.k8s.io.cosi.v1alpha2.alpha_message:extendee -> google.protobuf.MessageOptions + 40, // 35: sigs.k8s.io.cosi.v1alpha2.alpha_method:extendee -> google.protobuf.MethodOptions + 41, // 36: sigs.k8s.io.cosi.v1alpha2.alpha_service:extendee -> google.protobuf.ServiceOptions + 4, // 37: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest + 18, // 38: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest + 20, // 39: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest + 22, // 40: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest + 24, // 41: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest + 26, // 42: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest + 5, // 43: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse + 19, // 44: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse + 21, // 45: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse + 23, // 46: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse + 25, // 47: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse + 27, // 48: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse + 43, // [43:49] is the sub-list for method output_type + 37, // [37:43] is the sub-list for method input_type + 37, // [37:37] is the sub-list for extension type_name + 30, // [30:37] is the sub-list for extension extendee + 0, // [0:30] is the sub-list for field type_name } func init() { file_cosi_proto_init() } @@ -1487,8 +2252,8 @@ func file_cosi_proto_init() { File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_cosi_proto_rawDesc), len(file_cosi_proto_rawDesc)), - NumEnums: 2, - NumMessages: 22, + NumEnums: 4, + NumMessages: 32, NumExtensions: 7, NumServices: 2, }, diff --git a/proto/cosi.pb.json.go b/proto/cosi.pb.json.go index aa60d894..28e3f5e9 100644 --- a/proto/cosi.pb.json.go +++ b/proto/cosi.pb.json.go @@ -71,6 +71,22 @@ func (msg *ObjectProtocolAndBucketInfo) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *CredentialInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *CredentialInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *S3BucketInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -88,7 +104,7 @@ func (msg *S3BucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *S3AccessInfo) MarshalJSON() ([]byte, error) { +func (msg *S3CredentialInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -97,7 +113,7 @@ func (msg *S3AccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *S3AccessInfo) UnmarshalJSON(b []byte) error { +func (msg *S3CredentialInfo) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -136,7 +152,7 @@ func (msg *AzureBucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *AzureAccessInfo) MarshalJSON() ([]byte, error) { +func (msg *AzureCredentialInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -145,7 +161,7 @@ func (msg *AzureAccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *AzureAccessInfo) UnmarshalJSON(b []byte) error { +func (msg *AzureCredentialInfo) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -168,7 +184,39 @@ func (msg *GcsBucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *GcsAccessInfo) MarshalJSON() ([]byte, error) { +func (msg *GcsCredentialInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *GcsCredentialInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + +// MarshalJSON implements json.Marshaler +func (msg *AuthenticationType) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *AuthenticationType) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + +// MarshalJSON implements json.Marshaler +func (msg *AccessMode) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -177,7 +225,7 @@ func (msg *GcsAccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *GcsAccessInfo) UnmarshalJSON(b []byte) error { +func (msg *AccessMode) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -295,6 +343,22 @@ func (msg *DriverGrantBucketAccessRequest) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverGrantBucketAccessRequest_AccessedBucket) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverGrantBucketAccessRequest_AccessedBucket) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverGrantBucketAccessResponse) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -311,6 +375,22 @@ func (msg *DriverGrantBucketAccessResponse) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverGrantBucketAccessResponse_BucketInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverGrantBucketAccessResponse_BucketInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverRevokeBucketAccessRequest) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -327,6 +407,22 @@ func (msg *DriverRevokeBucketAccessRequest) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverRevokeBucketAccessRequest_AccessedBucket) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverRevokeBucketAccessRequest_AccessedBucket) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverRevokeBucketAccessResponse) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ diff --git a/proto/cosi.proto b/proto/cosi.proto index 1839beb2..78179070 100644 --- a/proto/cosi.proto +++ b/proto/cosi.proto @@ -84,6 +84,7 @@ service Provisioner { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. rpc DriverGrantBucketAccess (DriverGrantBucketAccessRequest) returns (DriverGrantBucketAccessResponse); // Revokes access to given bucket(s) from a principal. @@ -143,6 +144,19 @@ message ObjectProtocolAndBucketInfo { GcsBucketInfo gcs = 3; } +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +message CredentialInfo { + // Credential info for S3 protocol access. + S3CredentialInfo s3 = 1; + + // Credential info for Azure (Blob) protocol access. + AzureCredentialInfo azure = 2; + + // Credential info for Google Cloud Storage protocol access. + GcsCredentialInfo gcs = 3; +} + message S3BucketInfo { // S3 bucket ID needed for client access. string bucket_id = 1; @@ -159,7 +173,7 @@ message S3BucketInfo { S3AddressingStyle addressing_style = 4; } -message S3AccessInfo { +message S3CredentialInfo { // S3 access key ID. string access_key_id = 1; @@ -187,7 +201,7 @@ message AzureBucketInfo { string storage_account = 1; } -message AzureAccessInfo { +message AzureCredentialInfo { // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. // https://learn.microsoft.com/en-us/azure/storage/common/media/storage-sas-overview/sas-storage-uri.svg @@ -206,7 +220,7 @@ message GcsBucketInfo { string bucket_name = 2; } -message GcsAccessInfo { +message GcsCredentialInfo { // HMAC access ID. string access_id = 1; @@ -220,6 +234,36 @@ message GcsAccessInfo { string service_account = 4; } +message AuthenticationType { + enum Type { + UNKNOWN = 0; + + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + KEY = 1; + + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + SERVICE_ACCOUNT = 2; + } + Type type = 1; +} + +message AccessMode { + enum Mode { + UNKNOWN = 0; + + // Read/Write access mode. + READ_WRITE = 1; + + // Read-only access mode. + READ_ONLY = 2; + + // Write-only access mode. + WRITE_ONLY = 3; + } +} + message DriverCreateBucketRequest { // REQUIRED. The suggested name for the backend bucket. // It serves two purposes: @@ -276,15 +320,54 @@ message DriverCreateBucketResponse { } message DriverGetExistingBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string existing_bucket_id = 1; + + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + repeated ObjectProtocol protocols = 2; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 4; } message DriverGetExistingBucketResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string bucket_id = 1; + + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + ObjectProtocolAndBucketInfo protocols = 2; } message DriverDeleteBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + string bucket_id = 1; + + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + map parameters = 4; } message DriverDeleteBucketResponse { @@ -292,15 +375,105 @@ message DriverDeleteBucketResponse { } message DriverGrantBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1) Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2) Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + string account_name = 1; + + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode access_mode = 2; + } + + // REQUIRED. Access to at least one bucket MUST be requested. + repeated AccessedBucket buckets = 6; } message DriverGrantBucketAccessResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string account_id = 1; + + message BucketInfo { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + ObjectProtocolAndBucketInfo bucket_info = 2; + } + + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + repeated BucketInfo buckets = 2; + + // REQUIRED. + CredentialInfo credentials = 3; } message DriverRevokeBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account + string account_id = 1; + + // REQUIRED. The object storage protocol associated with the provisioned access. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + } + + // REQUIRED. Buckets associated with the provisioned access. + repeated AccessedBucket buckets = 6; } message DriverRevokeBucketAccessResponse { diff --git a/proto/cosi_grpc.pb.go b/proto/cosi_grpc.pb.go index 5fc7dee1..84eda951 100644 --- a/proto/cosi_grpc.pb.go +++ b/proto/cosi_grpc.pb.go @@ -146,6 +146,7 @@ type ProvisionerClient interface { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. DriverGrantBucketAccess(ctx context.Context, in *DriverGrantBucketAccessRequest, opts ...grpc.CallOption) (*DriverGrantBucketAccessResponse, error) // Revokes access to given bucket(s) from a principal. // @@ -233,6 +234,7 @@ type ProvisionerServer interface { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. DriverGrantBucketAccess(context.Context, *DriverGrantBucketAccessRequest) (*DriverGrantBucketAccessResponse, error) // Revokes access to given bucket(s) from a principal. // diff --git a/proto/spec.md b/proto/spec.md index 843eac96..6e6b62ac 100644 --- a/proto/spec.md +++ b/proto/spec.md @@ -131,6 +131,7 @@ service Provisioner { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. rpc DriverGrantBucketAccess (DriverGrantBucketAccessRequest) returns (DriverGrantBucketAccessResponse); // Revokes access to given bucket(s) from a principal. @@ -283,6 +284,19 @@ message ObjectProtocolAndBucketInfo { // Protocol support and bucket info for Google Cloud Storage protocol access. GcsBucketInfo gcs = 3; } + +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +message CredentialInfo { + // Credential info for S3 protocol access. + S3CredentialInfo s3 = 1; + + // Credential info for Azure (Blob) protocol access. + AzureCredentialInfo azure = 2; + + // Credential info for Google Cloud Storage protocol access. + GcsCredentialInfo gcs = 3; +} ``` ##### S3 Protocol Definitions @@ -304,7 +318,7 @@ message S3BucketInfo { S3AddressingStyle addressing_style = 4; } -message S3AccessInfo { +message S3CredentialInfo { // S3 access key ID. string access_key_id = 1; @@ -336,7 +350,7 @@ message AzureBucketInfo { string storage_account = 1; } -message AzureAccessInfo { +message AzureCredentialInfo { // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. // https://learn.microsoft.com/en-us/azure/storage/common/media/storage-sas-overview/sas-storage-uri.svg @@ -359,7 +373,7 @@ message GcsBucketInfo { string bucket_name = 2; } -message GcsAccessInfo { +message GcsCredentialInfo { // HMAC access ID. string access_id = 1; @@ -374,6 +388,40 @@ message GcsAccessInfo { } ``` +#### Shared Definitions + +```protobuf +message AuthenticationType { + enum Type { + UNKNOWN = 0; + + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + KEY = 1; + + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + SERVICE_ACCOUNT = 2; + } + Type type = 1; +} + +message AccessMode { + enum Mode { + UNKNOWN = 0; + + // Read/Write access mode. + READ_WRITE = 1; + + // Read-only access mode. + READ_ONLY = 2; + + // Write-only access mode. + WRITE_ONLY = 3; + } +} +``` + #### DriverCreateBucket A Plugin MUST implement this RPC call. @@ -444,21 +492,75 @@ message DriverCreateBucketResponse { #### DriverGetExistingBucket +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If a bucket corresponding to the specified name already exists +and is compatible with the given parameters, the Plugin MUST reply OK. + +Important return codes: +* `AlreadyExists` (not retryable) when the bucket already exists but is incompatible with the request. +* `NotFound` (retryable) when the bucket does not exist. +* `InvalidArgument` (not retryable) if any parameters are invalid for the backend. + ```protobuf message DriverGetExistingBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string existing_bucket_id = 1; + + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + repeated ObjectProtocol protocols = 2; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 4; } message DriverGetExistingBucketResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string bucket_id = 1; + + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + ObjectProtocolAndBucketInfo protocols = 2; } ``` #### DriverDeleteBucket +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If a bucket corresponding to the specified name does not exist, +the Plugin MUST reply OK. + ```protobuf message DriverDeleteBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + string bucket_id = 1; + + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + map parameters = 4; } message DriverDeleteBucketResponse { @@ -468,21 +570,127 @@ message DriverDeleteBucketResponse { #### DriverGrantBucketAccess +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If an access corresponding to the specified name already exists +and is compatible with the given parameters, the Plugin MUST reply OK. + +Important driver return codes: +* `AlreadyExists` (not retryable) when the bucket already exists but is incompatible with the request. +* `InvalidArgument` (not retryable) if `AuthenticationType` is not supported. +* `InvalidArgument` (not retryable) if any parameters are invalid for the backend. +* `OutOfRange` (not retryable) if (and only if) the driver does not support creating a single shared access credential for multiple buckets. + ```protobuf message DriverGrantBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1) Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2) Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + string account_name = 1; + + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode access_mode = 2; + } + + // REQUIRED. Access to at least one bucket MUST be requested. + repeated AccessedBucket buckets = 6; } message DriverGrantBucketAccessResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string account_id = 1; + + message BucketInfo { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + ObjectProtocolAndBucketInfo bucket_info = 2; + } + + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + repeated BucketInfo buckets = 2; + + // REQUIRED. + CredentialInfo credentials = 3; } ``` #### DriverRevokeBucketAccess +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If an access corresponding to the specified name already doesn't +exist, the Plugin MUST reply OK. + ```protobuf message DriverRevokeBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account + string account_id = 1; + + // REQUIRED. The object storage protocol associated with the provisioned access. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + } + + // REQUIRED. Buckets associated with the provisioned access. + repeated AccessedBucket buckets = 6; } message DriverRevokeBucketAccessResponse { diff --git a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.go b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.go index b44c39a5..177abc85 100644 --- a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.go +++ b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.go @@ -127,7 +127,115 @@ func (x S3AddressingStyle_Style) Number() protoreflect.EnumNumber { // Deprecated: Use S3AddressingStyle_Style.Descriptor instead. func (S3AddressingStyle_Style) EnumDescriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{6, 0} + return file_cosi_proto_rawDescGZIP(), []int{7, 0} +} + +type AuthenticationType_Type int32 + +const ( + AuthenticationType_UNKNOWN AuthenticationType_Type = 0 + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + AuthenticationType_KEY AuthenticationType_Type = 1 + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + AuthenticationType_SERVICE_ACCOUNT AuthenticationType_Type = 2 +) + +// Enum value maps for AuthenticationType_Type. +var ( + AuthenticationType_Type_name = map[int32]string{ + 0: "UNKNOWN", + 1: "KEY", + 2: "SERVICE_ACCOUNT", + } + AuthenticationType_Type_value = map[string]int32{ + "UNKNOWN": 0, + "KEY": 1, + "SERVICE_ACCOUNT": 2, + } +) + +func (x AuthenticationType_Type) Enum() *AuthenticationType_Type { + p := new(AuthenticationType_Type) + *p = x + return p +} + +func (x AuthenticationType_Type) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (AuthenticationType_Type) Descriptor() protoreflect.EnumDescriptor { + return file_cosi_proto_enumTypes[2].Descriptor() +} + +func (AuthenticationType_Type) Type() protoreflect.EnumType { + return &file_cosi_proto_enumTypes[2] +} + +func (x AuthenticationType_Type) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use AuthenticationType_Type.Descriptor instead. +func (AuthenticationType_Type) EnumDescriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{12, 0} +} + +type AccessMode_Mode int32 + +const ( + AccessMode_UNKNOWN AccessMode_Mode = 0 + // Read/Write access mode. + AccessMode_READ_WRITE AccessMode_Mode = 1 + // Read-only access mode. + AccessMode_READ_ONLY AccessMode_Mode = 2 + // Write-only access mode. + AccessMode_WRITE_ONLY AccessMode_Mode = 3 +) + +// Enum value maps for AccessMode_Mode. +var ( + AccessMode_Mode_name = map[int32]string{ + 0: "UNKNOWN", + 1: "READ_WRITE", + 2: "READ_ONLY", + 3: "WRITE_ONLY", + } + AccessMode_Mode_value = map[string]int32{ + "UNKNOWN": 0, + "READ_WRITE": 1, + "READ_ONLY": 2, + "WRITE_ONLY": 3, + } +) + +func (x AccessMode_Mode) Enum() *AccessMode_Mode { + p := new(AccessMode_Mode) + *p = x + return p +} + +func (x AccessMode_Mode) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (AccessMode_Mode) Descriptor() protoreflect.EnumDescriptor { + return file_cosi_proto_enumTypes[3].Descriptor() +} + +func (AccessMode_Mode) Type() protoreflect.EnumType { + return &file_cosi_proto_enumTypes[3] +} + +func (x AccessMode_Mode) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use AccessMode_Mode.Descriptor instead. +func (AccessMode_Mode) EnumDescriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{13, 0} } type DriverGetInfoRequest struct { @@ -337,6 +445,71 @@ func (x *ObjectProtocolAndBucketInfo) GetGcs() *GcsBucketInfo { return nil } +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +type CredentialInfo struct { + state protoimpl.MessageState `protogen:"open.v1"` + // Credential info for S3 protocol access. + S3 *S3CredentialInfo `protobuf:"bytes,1,opt,name=s3,proto3" json:"s3,omitempty"` + // Credential info for Azure (Blob) protocol access. + Azure *AzureCredentialInfo `protobuf:"bytes,2,opt,name=azure,proto3" json:"azure,omitempty"` + // Credential info for Google Cloud Storage protocol access. + Gcs *GcsCredentialInfo `protobuf:"bytes,3,opt,name=gcs,proto3" json:"gcs,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CredentialInfo) Reset() { + *x = CredentialInfo{} + mi := &file_cosi_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CredentialInfo) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CredentialInfo) ProtoMessage() {} + +func (x *CredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CredentialInfo.ProtoReflect.Descriptor instead. +func (*CredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{4} +} + +func (x *CredentialInfo) GetS3() *S3CredentialInfo { + if x != nil { + return x.S3 + } + return nil +} + +func (x *CredentialInfo) GetAzure() *AzureCredentialInfo { + if x != nil { + return x.Azure + } + return nil +} + +func (x *CredentialInfo) GetGcs() *GcsCredentialInfo { + if x != nil { + return x.Gcs + } + return nil +} + type S3BucketInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // S3 bucket ID needed for client access. @@ -355,7 +528,7 @@ type S3BucketInfo struct { func (x *S3BucketInfo) Reset() { *x = S3BucketInfo{} - mi := &file_cosi_proto_msgTypes[4] + mi := &file_cosi_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -367,7 +540,7 @@ func (x *S3BucketInfo) String() string { func (*S3BucketInfo) ProtoMessage() {} func (x *S3BucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[4] + mi := &file_cosi_proto_msgTypes[5] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -380,7 +553,7 @@ func (x *S3BucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use S3BucketInfo.ProtoReflect.Descriptor instead. func (*S3BucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{4} + return file_cosi_proto_rawDescGZIP(), []int{5} } func (x *S3BucketInfo) GetBucketId() string { @@ -411,7 +584,7 @@ func (x *S3BucketInfo) GetAddressingStyle() *S3AddressingStyle { return nil } -type S3AccessInfo struct { +type S3CredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // S3 access key ID. AccessKeyId string `protobuf:"bytes,1,opt,name=access_key_id,json=accessKeyId,proto3" json:"access_key_id,omitempty"` @@ -421,21 +594,21 @@ type S3AccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *S3AccessInfo) Reset() { - *x = S3AccessInfo{} - mi := &file_cosi_proto_msgTypes[5] +func (x *S3CredentialInfo) Reset() { + *x = S3CredentialInfo{} + mi := &file_cosi_proto_msgTypes[6] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *S3AccessInfo) String() string { +func (x *S3CredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*S3AccessInfo) ProtoMessage() {} +func (*S3CredentialInfo) ProtoMessage() {} -func (x *S3AccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[5] +func (x *S3CredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[6] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -446,19 +619,19 @@ func (x *S3AccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use S3AccessInfo.ProtoReflect.Descriptor instead. -func (*S3AccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{5} +// Deprecated: Use S3CredentialInfo.ProtoReflect.Descriptor instead. +func (*S3CredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{6} } -func (x *S3AccessInfo) GetAccessKeyId() string { +func (x *S3CredentialInfo) GetAccessKeyId() string { if x != nil { return x.AccessKeyId } return "" } -func (x *S3AccessInfo) GetAccessSecretKey() string { +func (x *S3CredentialInfo) GetAccessSecretKey() string { if x != nil { return x.AccessSecretKey } @@ -476,7 +649,7 @@ type S3AddressingStyle struct { func (x *S3AddressingStyle) Reset() { *x = S3AddressingStyle{} - mi := &file_cosi_proto_msgTypes[6] + mi := &file_cosi_proto_msgTypes[7] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -488,7 +661,7 @@ func (x *S3AddressingStyle) String() string { func (*S3AddressingStyle) ProtoMessage() {} func (x *S3AddressingStyle) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[6] + mi := &file_cosi_proto_msgTypes[7] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -501,7 +674,7 @@ func (x *S3AddressingStyle) ProtoReflect() protoreflect.Message { // Deprecated: Use S3AddressingStyle.ProtoReflect.Descriptor instead. func (*S3AddressingStyle) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{6} + return file_cosi_proto_rawDescGZIP(), []int{7} } func (x *S3AddressingStyle) GetStyle() S3AddressingStyle_Style { @@ -521,7 +694,7 @@ type AzureBucketInfo struct { func (x *AzureBucketInfo) Reset() { *x = AzureBucketInfo{} - mi := &file_cosi_proto_msgTypes[7] + mi := &file_cosi_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -533,7 +706,7 @@ func (x *AzureBucketInfo) String() string { func (*AzureBucketInfo) ProtoMessage() {} func (x *AzureBucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[7] + mi := &file_cosi_proto_msgTypes[8] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -546,7 +719,7 @@ func (x *AzureBucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use AzureBucketInfo.ProtoReflect.Descriptor instead. func (*AzureBucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{7} + return file_cosi_proto_rawDescGZIP(), []int{8} } func (x *AzureBucketInfo) GetStorageAccount() string { @@ -556,7 +729,7 @@ func (x *AzureBucketInfo) GetStorageAccount() string { return "" } -type AzureAccessInfo struct { +type AzureCredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. @@ -569,21 +742,21 @@ type AzureAccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *AzureAccessInfo) Reset() { - *x = AzureAccessInfo{} - mi := &file_cosi_proto_msgTypes[8] +func (x *AzureCredentialInfo) Reset() { + *x = AzureCredentialInfo{} + mi := &file_cosi_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *AzureAccessInfo) String() string { +func (x *AzureCredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*AzureAccessInfo) ProtoMessage() {} +func (*AzureCredentialInfo) ProtoMessage() {} -func (x *AzureAccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[8] +func (x *AzureCredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -594,19 +767,19 @@ func (x *AzureAccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use AzureAccessInfo.ProtoReflect.Descriptor instead. -func (*AzureAccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{8} +// Deprecated: Use AzureCredentialInfo.ProtoReflect.Descriptor instead. +func (*AzureCredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{9} } -func (x *AzureAccessInfo) GetAccessToken() string { +func (x *AzureCredentialInfo) GetAccessToken() string { if x != nil { return x.AccessToken } return "" } -func (x *AzureAccessInfo) GetExpiryTimestamp() string { +func (x *AzureCredentialInfo) GetExpiryTimestamp() string { if x != nil { return x.ExpiryTimestamp } @@ -625,7 +798,7 @@ type GcsBucketInfo struct { func (x *GcsBucketInfo) Reset() { *x = GcsBucketInfo{} - mi := &file_cosi_proto_msgTypes[9] + mi := &file_cosi_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -637,7 +810,7 @@ func (x *GcsBucketInfo) String() string { func (*GcsBucketInfo) ProtoMessage() {} func (x *GcsBucketInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[9] + mi := &file_cosi_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -650,7 +823,7 @@ func (x *GcsBucketInfo) ProtoReflect() protoreflect.Message { // Deprecated: Use GcsBucketInfo.ProtoReflect.Descriptor instead. func (*GcsBucketInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{9} + return file_cosi_proto_rawDescGZIP(), []int{10} } func (x *GcsBucketInfo) GetProjectId() string { @@ -667,7 +840,7 @@ func (x *GcsBucketInfo) GetBucketName() string { return "" } -type GcsAccessInfo struct { +type GcsCredentialInfo struct { state protoimpl.MessageState `protogen:"open.v1"` // HMAC access ID. AccessId string `protobuf:"bytes,1,opt,name=access_id,json=accessId,proto3" json:"access_id,omitempty"` @@ -681,21 +854,21 @@ type GcsAccessInfo struct { sizeCache protoimpl.SizeCache } -func (x *GcsAccessInfo) Reset() { - *x = GcsAccessInfo{} - mi := &file_cosi_proto_msgTypes[10] +func (x *GcsCredentialInfo) Reset() { + *x = GcsCredentialInfo{} + mi := &file_cosi_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *GcsAccessInfo) String() string { +func (x *GcsCredentialInfo) String() string { return protoimpl.X.MessageStringOf(x) } -func (*GcsAccessInfo) ProtoMessage() {} +func (*GcsCredentialInfo) ProtoMessage() {} -func (x *GcsAccessInfo) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[10] +func (x *GcsCredentialInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[11] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -706,39 +879,119 @@ func (x *GcsAccessInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use GcsAccessInfo.ProtoReflect.Descriptor instead. -func (*GcsAccessInfo) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{10} +// Deprecated: Use GcsCredentialInfo.ProtoReflect.Descriptor instead. +func (*GcsCredentialInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{11} } -func (x *GcsAccessInfo) GetAccessId() string { +func (x *GcsCredentialInfo) GetAccessId() string { if x != nil { return x.AccessId } return "" } -func (x *GcsAccessInfo) GetAccessSecret() string { +func (x *GcsCredentialInfo) GetAccessSecret() string { if x != nil { return x.AccessSecret } return "" } -func (x *GcsAccessInfo) GetPrivateKeyName() string { +func (x *GcsCredentialInfo) GetPrivateKeyName() string { if x != nil { return x.PrivateKeyName } return "" } -func (x *GcsAccessInfo) GetServiceAccount() string { +func (x *GcsCredentialInfo) GetServiceAccount() string { if x != nil { return x.ServiceAccount } return "" } +type AuthenticationType struct { + state protoimpl.MessageState `protogen:"open.v1"` + Type AuthenticationType_Type `protobuf:"varint,1,opt,name=type,proto3,enum=sigs.k8s.io.cosi.v1alpha2.AuthenticationType_Type" json:"type,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *AuthenticationType) Reset() { + *x = AuthenticationType{} + mi := &file_cosi_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuthenticationType) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthenticationType) ProtoMessage() {} + +func (x *AuthenticationType) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthenticationType.ProtoReflect.Descriptor instead. +func (*AuthenticationType) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{12} +} + +func (x *AuthenticationType) GetType() AuthenticationType_Type { + if x != nil { + return x.Type + } + return AuthenticationType_UNKNOWN +} + +type AccessMode struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *AccessMode) Reset() { + *x = AccessMode{} + mi := &file_cosi_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AccessMode) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AccessMode) ProtoMessage() {} + +func (x *AccessMode) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AccessMode.ProtoReflect.Descriptor instead. +func (*AccessMode) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{13} +} + type DriverCreateBucketRequest struct { state protoimpl.MessageState `protogen:"open.v1"` // REQUIRED. The suggested name for the backend bucket. @@ -772,7 +1025,7 @@ type DriverCreateBucketRequest struct { func (x *DriverCreateBucketRequest) Reset() { *x = DriverCreateBucketRequest{} - mi := &file_cosi_proto_msgTypes[11] + mi := &file_cosi_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -784,7 +1037,7 @@ func (x *DriverCreateBucketRequest) String() string { func (*DriverCreateBucketRequest) ProtoMessage() {} func (x *DriverCreateBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[11] + mi := &file_cosi_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -797,7 +1050,7 @@ func (x *DriverCreateBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverCreateBucketRequest.ProtoReflect.Descriptor instead. func (*DriverCreateBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{11} + return file_cosi_proto_rawDescGZIP(), []int{14} } func (x *DriverCreateBucketRequest) GetName() string { @@ -851,7 +1104,7 @@ type DriverCreateBucketResponse struct { func (x *DriverCreateBucketResponse) Reset() { *x = DriverCreateBucketResponse{} - mi := &file_cosi_proto_msgTypes[12] + mi := &file_cosi_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -863,7 +1116,7 @@ func (x *DriverCreateBucketResponse) String() string { func (*DriverCreateBucketResponse) ProtoMessage() {} func (x *DriverCreateBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[12] + mi := &file_cosi_proto_msgTypes[15] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -876,7 +1129,7 @@ func (x *DriverCreateBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverCreateBucketResponse.ProtoReflect.Descriptor instead. func (*DriverCreateBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{12} + return file_cosi_proto_rawDescGZIP(), []int{15} } func (x *DriverCreateBucketResponse) GetBucketId() string { @@ -894,14 +1147,26 @@ func (x *DriverCreateBucketResponse) GetProtocols() *ObjectProtocolAndBucketInfo } type DriverGetExistingBucketRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + ExistingBucketId string `protobuf:"bytes,1,opt,name=existing_bucket_id,json=existingBucketId,proto3" json:"existing_bucket_id,omitempty"` + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + Protocols []*ObjectProtocol `protobuf:"bytes,2,rep,name=protocols,proto3" json:"protocols,omitempty"` + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + Parameters map[string]string `protobuf:"bytes,4,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGetExistingBucketRequest) Reset() { *x = DriverGetExistingBucketRequest{} - mi := &file_cosi_proto_msgTypes[13] + mi := &file_cosi_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -913,7 +1178,7 @@ func (x *DriverGetExistingBucketRequest) String() string { func (*DriverGetExistingBucketRequest) ProtoMessage() {} func (x *DriverGetExistingBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[13] + mi := &file_cosi_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -926,30 +1191,73 @@ func (x *DriverGetExistingBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGetExistingBucketRequest.ProtoReflect.Descriptor instead. func (*DriverGetExistingBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{13} + return file_cosi_proto_rawDescGZIP(), []int{16} } -type DriverGetExistingBucketResponse struct { - state protoimpl.MessageState `protogen:"open.v1"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache +func (x *DriverGetExistingBucketRequest) GetExistingBucketId() string { + if x != nil { + return x.ExistingBucketId + } + return "" } -func (x *DriverGetExistingBucketResponse) Reset() { - *x = DriverGetExistingBucketResponse{} - mi := &file_cosi_proto_msgTypes[14] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) +func (x *DriverGetExistingBucketRequest) GetProtocols() []*ObjectProtocol { + if x != nil { + return x.Protocols + } + return nil } -func (x *DriverGetExistingBucketResponse) String() string { - return protoimpl.X.MessageStringOf(x) +func (x *DriverGetExistingBucketRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil } -func (*DriverGetExistingBucketResponse) ProtoMessage() {} - +type DriverGetExistingBucketResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + Protocols *ObjectProtocolAndBucketInfo `protobuf:"bytes,2,opt,name=protocols,proto3" json:"protocols,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGetExistingBucketResponse) Reset() { + *x = DriverGetExistingBucketResponse{} + mi := &file_cosi_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGetExistingBucketResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGetExistingBucketResponse) ProtoMessage() {} + func (x *DriverGetExistingBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[14] + mi := &file_cosi_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -962,18 +1270,36 @@ func (x *DriverGetExistingBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGetExistingBucketResponse.ProtoReflect.Descriptor instead. func (*DriverGetExistingBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{14} + return file_cosi_proto_rawDescGZIP(), []int{17} +} + +func (x *DriverGetExistingBucketResponse) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGetExistingBucketResponse) GetProtocols() *ObjectProtocolAndBucketInfo { + if x != nil { + return x.Protocols + } + return nil } type DriverDeleteBucketRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + Parameters map[string]string `protobuf:"bytes,4,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverDeleteBucketRequest) Reset() { *x = DriverDeleteBucketRequest{} - mi := &file_cosi_proto_msgTypes[15] + mi := &file_cosi_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -985,7 +1311,7 @@ func (x *DriverDeleteBucketRequest) String() string { func (*DriverDeleteBucketRequest) ProtoMessage() {} func (x *DriverDeleteBucketRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[15] + mi := &file_cosi_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -998,7 +1324,21 @@ func (x *DriverDeleteBucketRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverDeleteBucketRequest.ProtoReflect.Descriptor instead. func (*DriverDeleteBucketRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{15} + return file_cosi_proto_rawDescGZIP(), []int{18} +} + +func (x *DriverDeleteBucketRequest) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverDeleteBucketRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil } type DriverDeleteBucketResponse struct { @@ -1009,7 +1349,7 @@ type DriverDeleteBucketResponse struct { func (x *DriverDeleteBucketResponse) Reset() { *x = DriverDeleteBucketResponse{} - mi := &file_cosi_proto_msgTypes[16] + mi := &file_cosi_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1021,7 +1361,7 @@ func (x *DriverDeleteBucketResponse) String() string { func (*DriverDeleteBucketResponse) ProtoMessage() {} func (x *DriverDeleteBucketResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[16] + mi := &file_cosi_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1034,18 +1374,49 @@ func (x *DriverDeleteBucketResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverDeleteBucketResponse.ProtoReflect.Descriptor instead. func (*DriverDeleteBucketResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{16} + return file_cosi_proto_rawDescGZIP(), []int{19} } type DriverGrantBucketAccessRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1. Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2. Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + AccountName string `protobuf:"bytes,1,opt,name=account_name,json=accountName,proto3" json:"account_name,omitempty"` + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + Protocol *ObjectProtocol `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType *AuthenticationType `protobuf:"bytes,3,opt,name=authentication_type,json=authenticationType,proto3" json:"authentication_type,omitempty"` + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + ServiceAccountName string `protobuf:"bytes,4,opt,name=service_account_name,json=serviceAccountName,proto3" json:"service_account_name,omitempty"` + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + Parameters map[string]string `protobuf:"bytes,5,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` + // REQUIRED. Access to at least one bucket MUST be requested. + Buckets []*DriverGrantBucketAccessRequest_AccessedBucket `protobuf:"bytes,6,rep,name=buckets,proto3" json:"buckets,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGrantBucketAccessRequest) Reset() { *x = DriverGrantBucketAccessRequest{} - mi := &file_cosi_proto_msgTypes[17] + mi := &file_cosi_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1057,7 +1428,7 @@ func (x *DriverGrantBucketAccessRequest) String() string { func (*DriverGrantBucketAccessRequest) ProtoMessage() {} func (x *DriverGrantBucketAccessRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[17] + mi := &file_cosi_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1070,18 +1441,69 @@ func (x *DriverGrantBucketAccessRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGrantBucketAccessRequest.ProtoReflect.Descriptor instead. func (*DriverGrantBucketAccessRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{17} + return file_cosi_proto_rawDescGZIP(), []int{20} +} + +func (x *DriverGrantBucketAccessRequest) GetAccountName() string { + if x != nil { + return x.AccountName + } + return "" +} + +func (x *DriverGrantBucketAccessRequest) GetProtocol() *ObjectProtocol { + if x != nil { + return x.Protocol + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetAuthenticationType() *AuthenticationType { + if x != nil { + return x.AuthenticationType + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetServiceAccountName() string { + if x != nil { + return x.ServiceAccountName + } + return "" +} + +func (x *DriverGrantBucketAccessRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil +} + +func (x *DriverGrantBucketAccessRequest) GetBuckets() []*DriverGrantBucketAccessRequest_AccessedBucket { + if x != nil { + return x.Buckets + } + return nil } type DriverGrantBucketAccessResponse struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + Buckets []*DriverGrantBucketAccessResponse_BucketInfo `protobuf:"bytes,2,rep,name=buckets,proto3" json:"buckets,omitempty"` + // REQUIRED. + Credentials *CredentialInfo `protobuf:"bytes,3,opt,name=credentials,proto3" json:"credentials,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverGrantBucketAccessResponse) Reset() { *x = DriverGrantBucketAccessResponse{} - mi := &file_cosi_proto_msgTypes[18] + mi := &file_cosi_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1093,7 +1515,7 @@ func (x *DriverGrantBucketAccessResponse) String() string { func (*DriverGrantBucketAccessResponse) ProtoMessage() {} func (x *DriverGrantBucketAccessResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[18] + mi := &file_cosi_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1106,18 +1528,53 @@ func (x *DriverGrantBucketAccessResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverGrantBucketAccessResponse.ProtoReflect.Descriptor instead. func (*DriverGrantBucketAccessResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{18} + return file_cosi_proto_rawDescGZIP(), []int{21} +} + +func (x *DriverGrantBucketAccessResponse) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *DriverGrantBucketAccessResponse) GetBuckets() []*DriverGrantBucketAccessResponse_BucketInfo { + if x != nil { + return x.Buckets + } + return nil +} + +func (x *DriverGrantBucketAccessResponse) GetCredentials() *CredentialInfo { + if x != nil { + return x.Credentials + } + return nil } type DriverRevokeBucketAccessRequest struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend access account + AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + // REQUIRED. The object storage protocol associated with the provisioned access. + Protocol *ObjectProtocol `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType *AuthenticationType `protobuf:"bytes,3,opt,name=authentication_type,json=authenticationType,proto3" json:"authentication_type,omitempty"` + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + ServiceAccountName string `protobuf:"bytes,4,opt,name=service_account_name,json=serviceAccountName,proto3" json:"service_account_name,omitempty"` + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + Parameters map[string]string `protobuf:"bytes,5,rep,name=parameters,proto3" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` + // REQUIRED. Buckets associated with the provisioned access. + Buckets []*DriverRevokeBucketAccessRequest_AccessedBucket `protobuf:"bytes,6,rep,name=buckets,proto3" json:"buckets,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *DriverRevokeBucketAccessRequest) Reset() { *x = DriverRevokeBucketAccessRequest{} - mi := &file_cosi_proto_msgTypes[19] + mi := &file_cosi_proto_msgTypes[22] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1129,7 +1586,7 @@ func (x *DriverRevokeBucketAccessRequest) String() string { func (*DriverRevokeBucketAccessRequest) ProtoMessage() {} func (x *DriverRevokeBucketAccessRequest) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[19] + mi := &file_cosi_proto_msgTypes[22] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1142,7 +1599,49 @@ func (x *DriverRevokeBucketAccessRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverRevokeBucketAccessRequest.ProtoReflect.Descriptor instead. func (*DriverRevokeBucketAccessRequest) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{19} + return file_cosi_proto_rawDescGZIP(), []int{22} +} + +func (x *DriverRevokeBucketAccessRequest) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *DriverRevokeBucketAccessRequest) GetProtocol() *ObjectProtocol { + if x != nil { + return x.Protocol + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetAuthenticationType() *AuthenticationType { + if x != nil { + return x.AuthenticationType + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetServiceAccountName() string { + if x != nil { + return x.ServiceAccountName + } + return "" +} + +func (x *DriverRevokeBucketAccessRequest) GetParameters() map[string]string { + if x != nil { + return x.Parameters + } + return nil +} + +func (x *DriverRevokeBucketAccessRequest) GetBuckets() []*DriverRevokeBucketAccessRequest_AccessedBucket { + if x != nil { + return x.Buckets + } + return nil } type DriverRevokeBucketAccessResponse struct { @@ -1153,7 +1652,7 @@ type DriverRevokeBucketAccessResponse struct { func (x *DriverRevokeBucketAccessResponse) Reset() { *x = DriverRevokeBucketAccessResponse{} - mi := &file_cosi_proto_msgTypes[20] + mi := &file_cosi_proto_msgTypes[23] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1165,7 +1664,7 @@ func (x *DriverRevokeBucketAccessResponse) String() string { func (*DriverRevokeBucketAccessResponse) ProtoMessage() {} func (x *DriverRevokeBucketAccessResponse) ProtoReflect() protoreflect.Message { - mi := &file_cosi_proto_msgTypes[20] + mi := &file_cosi_proto_msgTypes[23] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1178,7 +1677,167 @@ func (x *DriverRevokeBucketAccessResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DriverRevokeBucketAccessResponse.ProtoReflect.Descriptor instead. func (*DriverRevokeBucketAccessResponse) Descriptor() ([]byte, []int) { - return file_cosi_proto_rawDescGZIP(), []int{20} + return file_cosi_proto_rawDescGZIP(), []int{23} +} + +type DriverGrantBucketAccessRequest_AccessedBucket struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode *AccessMode `protobuf:"bytes,2,opt,name=access_mode,json=accessMode,proto3" json:"access_mode,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) Reset() { + *x = DriverGrantBucketAccessRequest_AccessedBucket{} + mi := &file_cosi_proto_msgTypes[28] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGrantBucketAccessRequest_AccessedBucket) ProtoMessage() {} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[28] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverGrantBucketAccessRequest_AccessedBucket.ProtoReflect.Descriptor instead. +func (*DriverGrantBucketAccessRequest_AccessedBucket) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{20, 1} +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGrantBucketAccessRequest_AccessedBucket) GetAccessMode() *AccessMode { + if x != nil { + return x.AccessMode + } + return nil +} + +type DriverGrantBucketAccessResponse_BucketInfo struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + BucketInfo *ObjectProtocolAndBucketInfo `protobuf:"bytes,2,opt,name=bucket_info,json=bucketInfo,proto3" json:"bucket_info,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) Reset() { + *x = DriverGrantBucketAccessResponse_BucketInfo{} + mi := &file_cosi_proto_msgTypes[29] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverGrantBucketAccessResponse_BucketInfo) ProtoMessage() {} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[29] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverGrantBucketAccessResponse_BucketInfo.ProtoReflect.Descriptor instead. +func (*DriverGrantBucketAccessResponse_BucketInfo) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{21, 0} +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" +} + +func (x *DriverGrantBucketAccessResponse_BucketInfo) GetBucketInfo() *ObjectProtocolAndBucketInfo { + if x != nil { + return x.BucketInfo + } + return nil +} + +type DriverRevokeBucketAccessRequest_AccessedBucket struct { + state protoimpl.MessageState `protogen:"open.v1"` + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + BucketId string `protobuf:"bytes,1,opt,name=bucket_id,json=bucketId,proto3" json:"bucket_id,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) Reset() { + *x = DriverRevokeBucketAccessRequest_AccessedBucket{} + mi := &file_cosi_proto_msgTypes[31] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DriverRevokeBucketAccessRequest_AccessedBucket) ProtoMessage() {} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) ProtoReflect() protoreflect.Message { + mi := &file_cosi_proto_msgTypes[31] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DriverRevokeBucketAccessRequest_AccessedBucket.ProtoReflect.Descriptor instead. +func (*DriverRevokeBucketAccessRequest_AccessedBucket) Descriptor() ([]byte, []int) { + return file_cosi_proto_rawDescGZIP(), []int{22, 1} +} + +func (x *DriverRevokeBucketAccessRequest_AccessedBucket) GetBucketId() string { + if x != nil { + return x.BucketId + } + return "" } var file_cosi_proto_extTypes = []protoimpl.ExtensionInfo{ @@ -1325,13 +1984,17 @@ const file_cosi_proto_rawDesc = "" + "\x1bObjectProtocolAndBucketInfo\x127\n" + "\x02s3\x18\x01 \x01(\v2'.sigs.k8s.io.cosi.v1alpha2.S3BucketInfoR\x02s3\x12@\n" + "\x05azure\x18\x02 \x01(\v2*.sigs.k8s.io.cosi.v1alpha2.AzureBucketInfoR\x05azure\x12:\n" + - "\x03gcs\x18\x03 \x01(\v2(.sigs.k8s.io.cosi.v1alpha2.GcsBucketInfoR\x03gcs\"\xb8\x01\n" + + "\x03gcs\x18\x03 \x01(\v2(.sigs.k8s.io.cosi.v1alpha2.GcsBucketInfoR\x03gcs\"\xd3\x01\n" + + "\x0eCredentialInfo\x12;\n" + + "\x02s3\x18\x01 \x01(\v2+.sigs.k8s.io.cosi.v1alpha2.S3CredentialInfoR\x02s3\x12D\n" + + "\x05azure\x18\x02 \x01(\v2..sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfoR\x05azure\x12>\n" + + "\x03gcs\x18\x03 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfoR\x03gcs\"\xb8\x01\n" + "\fS3BucketInfo\x12\x1b\n" + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12\x1a\n" + "\bendpoint\x18\x02 \x01(\tR\bendpoint\x12\x16\n" + "\x06region\x18\x03 \x01(\tR\x06region\x12W\n" + - "\x10addressing_style\x18\x04 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.S3AddressingStyleR\x0faddressingStyle\"^\n" + - "\fS3AccessInfo\x12\"\n" + + "\x10addressing_style\x18\x04 \x01(\v2,.sigs.k8s.io.cosi.v1alpha2.S3AddressingStyleR\x0faddressingStyle\"b\n" + + "\x10S3CredentialInfo\x12\"\n" + "\raccess_key_id\x18\x01 \x01(\tR\vaccessKeyId\x12*\n" + "\x11access_secret_key\x18\x02 \x01(\tR\x0faccessSecretKey\"\x8a\x01\n" + "\x11S3AddressingStyle\x12H\n" + @@ -1341,20 +2004,35 @@ const file_cosi_proto_rawDesc = "" + "\x04PATH\x10\x01\x12\v\n" + "\aVIRTUAL\x10\x02\":\n" + "\x0fAzureBucketInfo\x12'\n" + - "\x0fstorage_account\x18\x01 \x01(\tR\x0estorageAccount\"_\n" + - "\x0fAzureAccessInfo\x12!\n" + + "\x0fstorage_account\x18\x01 \x01(\tR\x0estorageAccount\"c\n" + + "\x13AzureCredentialInfo\x12!\n" + "\faccess_token\x18\x01 \x01(\tR\vaccessToken\x12)\n" + "\x10expiry_timestamp\x18\x02 \x01(\tR\x0fexpiryTimestamp\"O\n" + "\rGcsBucketInfo\x12\x1d\n" + "\n" + "project_id\x18\x01 \x01(\tR\tprojectId\x12\x1f\n" + "\vbucket_name\x18\x02 \x01(\tR\n" + - "bucketName\"\xa4\x01\n" + - "\rGcsAccessInfo\x12\x1b\n" + + "bucketName\"\xa8\x01\n" + + "\x11GcsCredentialInfo\x12\x1b\n" + "\taccess_id\x18\x01 \x01(\tR\baccessId\x12#\n" + "\raccess_secret\x18\x02 \x01(\tR\faccessSecret\x12(\n" + "\x10private_key_name\x18\x03 \x01(\tR\x0eprivateKeyName\x12'\n" + - "\x0fservice_account\x18\x04 \x01(\tR\x0eserviceAccount\"\x9d\x02\n" + + "\x0fservice_account\x18\x04 \x01(\tR\x0eserviceAccount\"\x8f\x01\n" + + "\x12AuthenticationType\x12F\n" + + "\x04type\x18\x01 \x01(\x0e22.sigs.k8s.io.cosi.v1alpha2.AuthenticationType.TypeR\x04type\"1\n" + + "\x04Type\x12\v\n" + + "\aUNKNOWN\x10\x00\x12\a\n" + + "\x03KEY\x10\x01\x12\x13\n" + + "\x0fSERVICE_ACCOUNT\x10\x02\"P\n" + + "\n" + + "AccessMode\"B\n" + + "\x04Mode\x12\v\n" + + "\aUNKNOWN\x10\x00\x12\x0e\n" + + "\n" + + "READ_WRITE\x10\x01\x12\r\n" + + "\tREAD_ONLY\x10\x02\x12\x0e\n" + + "\n" + + "WRITE_ONLY\x10\x03\"\x9d\x02\n" + "\x19DriverCreateBucketRequest\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12G\n" + "\tprotocols\x18\x02 \x03(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\tprotocols\x12d\n" + @@ -1366,14 +2044,69 @@ const file_cosi_proto_rawDesc = "" + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x8f\x01\n" + "\x1aDriverCreateBucketResponse\x12\x1b\n" + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12T\n" + - "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\" \n" + - "\x1eDriverGetExistingBucketRequest\"!\n" + - "\x1fDriverGetExistingBucketResponse\"\x1b\n" + - "\x19DriverDeleteBucketRequest\"\x1c\n" + - "\x1aDriverDeleteBucketResponse\" \n" + - "\x1eDriverGrantBucketAccessRequest\"!\n" + - "\x1fDriverGrantBucketAccessResponse\"!\n" + - "\x1fDriverRevokeBucketAccessRequest\"\"\n" + + "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\"\xc1\x02\n" + + "\x1eDriverGetExistingBucketRequest\x12,\n" + + "\x12existing_bucket_id\x18\x01 \x01(\tR\x10existingBucketId\x12G\n" + + "\tprotocols\x18\x02 \x03(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\tprotocols\x12i\n" + + "\n" + + "parameters\x18\x04 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntryR\n" + + "parameters\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x94\x01\n" + + "\x1fDriverGetExistingBucketResponse\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12T\n" + + "\tprotocols\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\tprotocols\"\xdd\x01\n" + + "\x19DriverDeleteBucketRequest\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12d\n" + + "\n" + + "parameters\x18\x04 \x03(\v2D.sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntryR\n" + + "parameters\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x1c\n" + + "\x1aDriverDeleteBucketResponse\"\xa1\x05\n" + + "\x1eDriverGrantBucketAccessRequest\x12!\n" + + "\faccount_name\x18\x01 \x01(\tR\vaccountName\x12E\n" + + "\bprotocol\x18\x02 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\bprotocol\x12^\n" + + "\x13authentication_type\x18\x03 \x01(\v2-.sigs.k8s.io.cosi.v1alpha2.AuthenticationTypeR\x12authenticationType\x120\n" + + "\x14service_account_name\x18\x04 \x01(\tR\x12serviceAccountName\x12i\n" + + "\n" + + "parameters\x18\x05 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntryR\n" + + "parameters\x12b\n" + + "\abuckets\x18\x06 \x03(\v2H.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucketR\abuckets\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\x1au\n" + + "\x0eAccessedBucket\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12F\n" + + "\vaccess_mode\x18\x02 \x01(\v2%.sigs.k8s.io.cosi.v1alpha2.AccessModeR\n" + + "accessMode\"\xf3\x02\n" + + "\x1fDriverGrantBucketAccessResponse\x12\x1d\n" + + "\n" + + "account_id\x18\x01 \x01(\tR\taccountId\x12_\n" + + "\abuckets\x18\x02 \x03(\v2E.sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfoR\abuckets\x12K\n" + + "\vcredentials\x18\x03 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.CredentialInfoR\vcredentials\x1a\x82\x01\n" + + "\n" + + "BucketInfo\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\x12W\n" + + "\vbucket_info\x18\x02 \x01(\v26.sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfoR\n" + + "bucketInfo\"\xd8\x04\n" + + "\x1fDriverRevokeBucketAccessRequest\x12\x1d\n" + + "\n" + + "account_id\x18\x01 \x01(\tR\taccountId\x12E\n" + + "\bprotocol\x18\x02 \x01(\v2).sigs.k8s.io.cosi.v1alpha2.ObjectProtocolR\bprotocol\x12^\n" + + "\x13authentication_type\x18\x03 \x01(\v2-.sigs.k8s.io.cosi.v1alpha2.AuthenticationTypeR\x12authenticationType\x120\n" + + "\x14service_account_name\x18\x04 \x01(\tR\x12serviceAccountName\x12j\n" + + "\n" + + "parameters\x18\x05 \x03(\v2J.sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntryR\n" + + "parameters\x12c\n" + + "\abuckets\x18\x06 \x03(\v2I.sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucketR\abuckets\x1a=\n" + + "\x0fParametersEntry\x12\x10\n" + + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\x1a-\n" + + "\x0eAccessedBucket\x12\x1b\n" + + "\tbucket_id\x18\x01 \x01(\tR\bbucketId\"\"\n" + " DriverRevokeBucketAccessResponse2\x80\x01\n" + "\bIdentity\x12t\n" + "\rDriverGetInfo\x12/.sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest\x1a0.sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse\"\x002\xd7\x05\n" + @@ -1406,75 +2139,107 @@ func file_cosi_proto_rawDescGZIP() []byte { return file_cosi_proto_rawDescData } -var file_cosi_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_cosi_proto_msgTypes = make([]protoimpl.MessageInfo, 22) +var file_cosi_proto_enumTypes = make([]protoimpl.EnumInfo, 4) +var file_cosi_proto_msgTypes = make([]protoimpl.MessageInfo, 32) var file_cosi_proto_goTypes = []any{ - (ObjectProtocol_Type)(0), // 0: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type - (S3AddressingStyle_Style)(0), // 1: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style - (*DriverGetInfoRequest)(nil), // 2: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest - (*DriverGetInfoResponse)(nil), // 3: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse - (*ObjectProtocol)(nil), // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol - (*ObjectProtocolAndBucketInfo)(nil), // 5: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo - (*S3BucketInfo)(nil), // 6: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo - (*S3AccessInfo)(nil), // 7: sigs.k8s.io.cosi.v1alpha2.S3AccessInfo - (*S3AddressingStyle)(nil), // 8: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle - (*AzureBucketInfo)(nil), // 9: sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo - (*AzureAccessInfo)(nil), // 10: sigs.k8s.io.cosi.v1alpha2.AzureAccessInfo - (*GcsBucketInfo)(nil), // 11: sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo - (*GcsAccessInfo)(nil), // 12: sigs.k8s.io.cosi.v1alpha2.GcsAccessInfo - (*DriverCreateBucketRequest)(nil), // 13: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest - (*DriverCreateBucketResponse)(nil), // 14: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse - (*DriverGetExistingBucketRequest)(nil), // 15: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest - (*DriverGetExistingBucketResponse)(nil), // 16: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse - (*DriverDeleteBucketRequest)(nil), // 17: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest - (*DriverDeleteBucketResponse)(nil), // 18: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse - (*DriverGrantBucketAccessRequest)(nil), // 19: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest - (*DriverGrantBucketAccessResponse)(nil), // 20: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse - (*DriverRevokeBucketAccessRequest)(nil), // 21: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest - (*DriverRevokeBucketAccessResponse)(nil), // 22: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse - nil, // 23: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry - (*descriptorpb.EnumOptions)(nil), // 24: google.protobuf.EnumOptions - (*descriptorpb.EnumValueOptions)(nil), // 25: google.protobuf.EnumValueOptions - (*descriptorpb.FieldOptions)(nil), // 26: google.protobuf.FieldOptions - (*descriptorpb.MessageOptions)(nil), // 27: google.protobuf.MessageOptions - (*descriptorpb.MethodOptions)(nil), // 28: google.protobuf.MethodOptions - (*descriptorpb.ServiceOptions)(nil), // 29: google.protobuf.ServiceOptions + (ObjectProtocol_Type)(0), // 0: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type + (S3AddressingStyle_Style)(0), // 1: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style + (AuthenticationType_Type)(0), // 2: sigs.k8s.io.cosi.v1alpha2.AuthenticationType.Type + (AccessMode_Mode)(0), // 3: sigs.k8s.io.cosi.v1alpha2.AccessMode.Mode + (*DriverGetInfoRequest)(nil), // 4: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest + (*DriverGetInfoResponse)(nil), // 5: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse + (*ObjectProtocol)(nil), // 6: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + (*ObjectProtocolAndBucketInfo)(nil), // 7: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + (*CredentialInfo)(nil), // 8: sigs.k8s.io.cosi.v1alpha2.CredentialInfo + (*S3BucketInfo)(nil), // 9: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo + (*S3CredentialInfo)(nil), // 10: sigs.k8s.io.cosi.v1alpha2.S3CredentialInfo + (*S3AddressingStyle)(nil), // 11: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle + (*AzureBucketInfo)(nil), // 12: sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo + (*AzureCredentialInfo)(nil), // 13: sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfo + (*GcsBucketInfo)(nil), // 14: sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo + (*GcsCredentialInfo)(nil), // 15: sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfo + (*AuthenticationType)(nil), // 16: sigs.k8s.io.cosi.v1alpha2.AuthenticationType + (*AccessMode)(nil), // 17: sigs.k8s.io.cosi.v1alpha2.AccessMode + (*DriverCreateBucketRequest)(nil), // 18: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest + (*DriverCreateBucketResponse)(nil), // 19: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse + (*DriverGetExistingBucketRequest)(nil), // 20: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest + (*DriverGetExistingBucketResponse)(nil), // 21: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse + (*DriverDeleteBucketRequest)(nil), // 22: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest + (*DriverDeleteBucketResponse)(nil), // 23: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse + (*DriverGrantBucketAccessRequest)(nil), // 24: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest + (*DriverGrantBucketAccessResponse)(nil), // 25: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse + (*DriverRevokeBucketAccessRequest)(nil), // 26: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest + (*DriverRevokeBucketAccessResponse)(nil), // 27: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse + nil, // 28: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry + nil, // 29: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntry + nil, // 30: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntry + nil, // 31: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntry + (*DriverGrantBucketAccessRequest_AccessedBucket)(nil), // 32: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket + (*DriverGrantBucketAccessResponse_BucketInfo)(nil), // 33: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo + nil, // 34: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntry + (*DriverRevokeBucketAccessRequest_AccessedBucket)(nil), // 35: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucket + (*descriptorpb.EnumOptions)(nil), // 36: google.protobuf.EnumOptions + (*descriptorpb.EnumValueOptions)(nil), // 37: google.protobuf.EnumValueOptions + (*descriptorpb.FieldOptions)(nil), // 38: google.protobuf.FieldOptions + (*descriptorpb.MessageOptions)(nil), // 39: google.protobuf.MessageOptions + (*descriptorpb.MethodOptions)(nil), // 40: google.protobuf.MethodOptions + (*descriptorpb.ServiceOptions)(nil), // 41: google.protobuf.ServiceOptions } var file_cosi_proto_depIdxs = []int32{ - 4, // 0: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse.supported_protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 6, // 0: sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse.supported_protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol 0, // 1: sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.type:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol.Type - 6, // 2: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3BucketInfo - 9, // 3: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo - 11, // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo - 8, // 5: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo.addressing_style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle - 1, // 6: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style - 4, // 7: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol - 23, // 8: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry - 5, // 9: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo - 24, // 10: sigs.k8s.io.cosi.v1alpha2.alpha_enum:extendee -> google.protobuf.EnumOptions - 25, // 11: sigs.k8s.io.cosi.v1alpha2.alpha_enum_value:extendee -> google.protobuf.EnumValueOptions - 26, // 12: sigs.k8s.io.cosi.v1alpha2.cosi_secret:extendee -> google.protobuf.FieldOptions - 26, // 13: sigs.k8s.io.cosi.v1alpha2.alpha_field:extendee -> google.protobuf.FieldOptions - 27, // 14: sigs.k8s.io.cosi.v1alpha2.alpha_message:extendee -> google.protobuf.MessageOptions - 28, // 15: sigs.k8s.io.cosi.v1alpha2.alpha_method:extendee -> google.protobuf.MethodOptions - 29, // 16: sigs.k8s.io.cosi.v1alpha2.alpha_service:extendee -> google.protobuf.ServiceOptions - 2, // 17: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest - 13, // 18: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest - 15, // 19: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest - 17, // 20: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest - 19, // 21: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest - 21, // 22: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest - 3, // 23: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse - 14, // 24: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse - 16, // 25: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse - 18, // 26: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse - 20, // 27: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse - 22, // 28: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse - 23, // [23:29] is the sub-list for method output_type - 17, // [17:23] is the sub-list for method input_type - 17, // [17:17] is the sub-list for extension type_name - 10, // [10:17] is the sub-list for extension extendee - 0, // [0:10] is the sub-list for field type_name + 9, // 2: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3BucketInfo + 12, // 3: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureBucketInfo + 14, // 4: sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsBucketInfo + 10, // 5: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.s3:type_name -> sigs.k8s.io.cosi.v1alpha2.S3CredentialInfo + 13, // 6: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.azure:type_name -> sigs.k8s.io.cosi.v1alpha2.AzureCredentialInfo + 15, // 7: sigs.k8s.io.cosi.v1alpha2.CredentialInfo.gcs:type_name -> sigs.k8s.io.cosi.v1alpha2.GcsCredentialInfo + 11, // 8: sigs.k8s.io.cosi.v1alpha2.S3BucketInfo.addressing_style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle + 1, // 9: sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.style:type_name -> sigs.k8s.io.cosi.v1alpha2.S3AddressingStyle.Style + 2, // 10: sigs.k8s.io.cosi.v1alpha2.AuthenticationType.type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType.Type + 6, // 11: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 28, // 12: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest.ParametersEntry + 7, // 13: sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 6, // 14: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 29, // 15: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest.ParametersEntry + 7, // 16: sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse.protocols:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 30, // 17: sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest.ParametersEntry + 6, // 18: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.protocol:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 16, // 19: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.authentication_type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType + 31, // 20: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.ParametersEntry + 32, // 21: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket + 33, // 22: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo + 8, // 23: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.credentials:type_name -> sigs.k8s.io.cosi.v1alpha2.CredentialInfo + 6, // 24: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.protocol:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocol + 16, // 25: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.authentication_type:type_name -> sigs.k8s.io.cosi.v1alpha2.AuthenticationType + 34, // 26: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.parameters:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.ParametersEntry + 35, // 27: sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.buckets:type_name -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest.AccessedBucket + 17, // 28: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest.AccessedBucket.access_mode:type_name -> sigs.k8s.io.cosi.v1alpha2.AccessMode + 7, // 29: sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse.BucketInfo.bucket_info:type_name -> sigs.k8s.io.cosi.v1alpha2.ObjectProtocolAndBucketInfo + 36, // 30: sigs.k8s.io.cosi.v1alpha2.alpha_enum:extendee -> google.protobuf.EnumOptions + 37, // 31: sigs.k8s.io.cosi.v1alpha2.alpha_enum_value:extendee -> google.protobuf.EnumValueOptions + 38, // 32: sigs.k8s.io.cosi.v1alpha2.cosi_secret:extendee -> google.protobuf.FieldOptions + 38, // 33: sigs.k8s.io.cosi.v1alpha2.alpha_field:extendee -> google.protobuf.FieldOptions + 39, // 34: sigs.k8s.io.cosi.v1alpha2.alpha_message:extendee -> google.protobuf.MessageOptions + 40, // 35: sigs.k8s.io.cosi.v1alpha2.alpha_method:extendee -> google.protobuf.MethodOptions + 41, // 36: sigs.k8s.io.cosi.v1alpha2.alpha_service:extendee -> google.protobuf.ServiceOptions + 4, // 37: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoRequest + 18, // 38: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketRequest + 20, // 39: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketRequest + 22, // 40: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketRequest + 24, // 41: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessRequest + 26, // 42: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:input_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessRequest + 5, // 43: sigs.k8s.io.cosi.v1alpha2.Identity.DriverGetInfo:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetInfoResponse + 19, // 44: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverCreateBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverCreateBucketResponse + 21, // 45: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGetExistingBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGetExistingBucketResponse + 23, // 46: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverDeleteBucket:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverDeleteBucketResponse + 25, // 47: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverGrantBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverGrantBucketAccessResponse + 27, // 48: sigs.k8s.io.cosi.v1alpha2.Provisioner.DriverRevokeBucketAccess:output_type -> sigs.k8s.io.cosi.v1alpha2.DriverRevokeBucketAccessResponse + 43, // [43:49] is the sub-list for method output_type + 37, // [37:43] is the sub-list for method input_type + 37, // [37:37] is the sub-list for extension type_name + 30, // [30:37] is the sub-list for extension extendee + 0, // [0:30] is the sub-list for field type_name } func init() { file_cosi_proto_init() } @@ -1487,8 +2252,8 @@ func file_cosi_proto_init() { File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_cosi_proto_rawDesc), len(file_cosi_proto_rawDesc)), - NumEnums: 2, - NumMessages: 22, + NumEnums: 4, + NumMessages: 32, NumExtensions: 7, NumServices: 2, }, diff --git a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.json.go b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.json.go index aa60d894..28e3f5e9 100644 --- a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.json.go +++ b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.pb.json.go @@ -71,6 +71,22 @@ func (msg *ObjectProtocolAndBucketInfo) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *CredentialInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *CredentialInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *S3BucketInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -88,7 +104,7 @@ func (msg *S3BucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *S3AccessInfo) MarshalJSON() ([]byte, error) { +func (msg *S3CredentialInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -97,7 +113,7 @@ func (msg *S3AccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *S3AccessInfo) UnmarshalJSON(b []byte) error { +func (msg *S3CredentialInfo) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -136,7 +152,7 @@ func (msg *AzureBucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *AzureAccessInfo) MarshalJSON() ([]byte, error) { +func (msg *AzureCredentialInfo) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -145,7 +161,7 @@ func (msg *AzureAccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *AzureAccessInfo) UnmarshalJSON(b []byte) error { +func (msg *AzureCredentialInfo) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -168,7 +184,39 @@ func (msg *GcsBucketInfo) UnmarshalJSON(b []byte) error { } // MarshalJSON implements json.Marshaler -func (msg *GcsAccessInfo) MarshalJSON() ([]byte, error) { +func (msg *GcsCredentialInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *GcsCredentialInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + +// MarshalJSON implements json.Marshaler +func (msg *AuthenticationType) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *AuthenticationType) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + +// MarshalJSON implements json.Marshaler +func (msg *AccessMode) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ UseEnumNumbers: false, EmitUnpopulated: true, @@ -177,7 +225,7 @@ func (msg *GcsAccessInfo) MarshalJSON() ([]byte, error) { } // UnmarshalJSON implements json.Unmarshaler -func (msg *GcsAccessInfo) UnmarshalJSON(b []byte) error { +func (msg *AccessMode) UnmarshalJSON(b []byte) error { return protojson.UnmarshalOptions{ DiscardUnknown: false, }.Unmarshal(b, msg) @@ -295,6 +343,22 @@ func (msg *DriverGrantBucketAccessRequest) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverGrantBucketAccessRequest_AccessedBucket) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverGrantBucketAccessRequest_AccessedBucket) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverGrantBucketAccessResponse) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -311,6 +375,22 @@ func (msg *DriverGrantBucketAccessResponse) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverGrantBucketAccessResponse_BucketInfo) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverGrantBucketAccessResponse_BucketInfo) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverRevokeBucketAccessRequest) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ @@ -327,6 +407,22 @@ func (msg *DriverRevokeBucketAccessRequest) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *DriverRevokeBucketAccessRequest_AccessedBucket) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: true, + UseProtoNames: false, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *DriverRevokeBucketAccessRequest_AccessedBucket) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *DriverRevokeBucketAccessResponse) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ diff --git a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.proto b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.proto index 1839beb2..78179070 100644 --- a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.proto +++ b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi.proto @@ -84,6 +84,7 @@ service Provisioner { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. rpc DriverGrantBucketAccess (DriverGrantBucketAccessRequest) returns (DriverGrantBucketAccessResponse); // Revokes access to given bucket(s) from a principal. @@ -143,6 +144,19 @@ message ObjectProtocolAndBucketInfo { GcsBucketInfo gcs = 3; } +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +message CredentialInfo { + // Credential info for S3 protocol access. + S3CredentialInfo s3 = 1; + + // Credential info for Azure (Blob) protocol access. + AzureCredentialInfo azure = 2; + + // Credential info for Google Cloud Storage protocol access. + GcsCredentialInfo gcs = 3; +} + message S3BucketInfo { // S3 bucket ID needed for client access. string bucket_id = 1; @@ -159,7 +173,7 @@ message S3BucketInfo { S3AddressingStyle addressing_style = 4; } -message S3AccessInfo { +message S3CredentialInfo { // S3 access key ID. string access_key_id = 1; @@ -187,7 +201,7 @@ message AzureBucketInfo { string storage_account = 1; } -message AzureAccessInfo { +message AzureCredentialInfo { // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. // https://learn.microsoft.com/en-us/azure/storage/common/media/storage-sas-overview/sas-storage-uri.svg @@ -206,7 +220,7 @@ message GcsBucketInfo { string bucket_name = 2; } -message GcsAccessInfo { +message GcsCredentialInfo { // HMAC access ID. string access_id = 1; @@ -220,6 +234,36 @@ message GcsAccessInfo { string service_account = 4; } +message AuthenticationType { + enum Type { + UNKNOWN = 0; + + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + KEY = 1; + + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + SERVICE_ACCOUNT = 2; + } + Type type = 1; +} + +message AccessMode { + enum Mode { + UNKNOWN = 0; + + // Read/Write access mode. + READ_WRITE = 1; + + // Read-only access mode. + READ_ONLY = 2; + + // Write-only access mode. + WRITE_ONLY = 3; + } +} + message DriverCreateBucketRequest { // REQUIRED. The suggested name for the backend bucket. // It serves two purposes: @@ -276,15 +320,54 @@ message DriverCreateBucketResponse { } message DriverGetExistingBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string existing_bucket_id = 1; + + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + repeated ObjectProtocol protocols = 2; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 4; } message DriverGetExistingBucketResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string bucket_id = 1; + + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + ObjectProtocolAndBucketInfo protocols = 2; } message DriverDeleteBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + string bucket_id = 1; + + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + map parameters = 4; } message DriverDeleteBucketResponse { @@ -292,15 +375,105 @@ message DriverDeleteBucketResponse { } message DriverGrantBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1) Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2) Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + string account_name = 1; + + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode access_mode = 2; + } + + // REQUIRED. Access to at least one bucket MUST be requested. + repeated AccessedBucket buckets = 6; } message DriverGrantBucketAccessResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string account_id = 1; + + message BucketInfo { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + ObjectProtocolAndBucketInfo bucket_info = 2; + } + + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + repeated BucketInfo buckets = 2; + + // REQUIRED. + CredentialInfo credentials = 3; } message DriverRevokeBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account + string account_id = 1; + + // REQUIRED. The object storage protocol associated with the provisioned access. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + } + + // REQUIRED. Buckets associated with the provisioned access. + repeated AccessedBucket buckets = 6; } message DriverRevokeBucketAccessResponse { diff --git a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi_grpc.pb.go b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi_grpc.pb.go index 5fc7dee1..84eda951 100644 --- a/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi_grpc.pb.go +++ b/vendor/sigs.k8s.io/container-object-storage-interface/proto/cosi_grpc.pb.go @@ -146,6 +146,7 @@ type ProvisionerClient interface { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. DriverGrantBucketAccess(ctx context.Context, in *DriverGrantBucketAccessRequest, opts ...grpc.CallOption) (*DriverGrantBucketAccessResponse, error) // Revokes access to given bucket(s) from a principal. // @@ -233,6 +234,7 @@ type ProvisionerServer interface { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. DriverGrantBucketAccess(context.Context, *DriverGrantBucketAccessRequest) (*DriverGrantBucketAccessResponse, error) // Revokes access to given bucket(s) from a principal. // diff --git a/vendor/sigs.k8s.io/container-object-storage-interface/proto/spec.md b/vendor/sigs.k8s.io/container-object-storage-interface/proto/spec.md index 843eac96..6e6b62ac 100644 --- a/vendor/sigs.k8s.io/container-object-storage-interface/proto/spec.md +++ b/vendor/sigs.k8s.io/container-object-storage-interface/proto/spec.md @@ -131,6 +131,7 @@ service Provisioner { // Important return codes: // - MUST return OK if a principal with matching identity and parameters already exists. // - MUST return ALREADY_EXISTS if a principal with matching identity exists but with incompatible parameters. + // - MUST return OUT_OF_RANGE - if (and only if) the driver/backend does not support multi-bucket access. rpc DriverGrantBucketAccess (DriverGrantBucketAccessRequest) returns (DriverGrantBucketAccessResponse); // Revokes access to given bucket(s) from a principal. @@ -283,6 +284,19 @@ message ObjectProtocolAndBucketInfo { // Protocol support and bucket info for Google Cloud Storage protocol access. GcsBucketInfo gcs = 3; } + +// Credential info for the backend access corresponding to each protocol. +// If a protocol is not supported, the message MUST be empty/nil. +message CredentialInfo { + // Credential info for S3 protocol access. + S3CredentialInfo s3 = 1; + + // Credential info for Azure (Blob) protocol access. + AzureCredentialInfo azure = 2; + + // Credential info for Google Cloud Storage protocol access. + GcsCredentialInfo gcs = 3; +} ``` ##### S3 Protocol Definitions @@ -304,7 +318,7 @@ message S3BucketInfo { S3AddressingStyle addressing_style = 4; } -message S3AccessInfo { +message S3CredentialInfo { // S3 access key ID. string access_key_id = 1; @@ -336,7 +350,7 @@ message AzureBucketInfo { string storage_account = 1; } -message AzureAccessInfo { +message AzureCredentialInfo { // Azure access token. // Note that the Azure spec includes the resource URI as well as token in its definition. // https://learn.microsoft.com/en-us/azure/storage/common/media/storage-sas-overview/sas-storage-uri.svg @@ -359,7 +373,7 @@ message GcsBucketInfo { string bucket_name = 2; } -message GcsAccessInfo { +message GcsCredentialInfo { // HMAC access ID. string access_id = 1; @@ -374,6 +388,40 @@ message GcsAccessInfo { } ``` +#### Shared Definitions + +```protobuf +message AuthenticationType { + enum Type { + UNKNOWN = 0; + + // The Provisioner should generate a protocol-appropriate access key that clients can use to + // authenticate to the backend object store. + KEY = 1; + + // The Provisioner should configure the system such that Pods using the given ServiceAccount + // authenticate to the backend object store automatically. + SERVICE_ACCOUNT = 2; + } + Type type = 1; +} + +message AccessMode { + enum Mode { + UNKNOWN = 0; + + // Read/Write access mode. + READ_WRITE = 1; + + // Read-only access mode. + READ_ONLY = 2; + + // Write-only access mode. + WRITE_ONLY = 3; + } +} +``` + #### DriverCreateBucket A Plugin MUST implement this RPC call. @@ -444,21 +492,75 @@ message DriverCreateBucketResponse { #### DriverGetExistingBucket +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If a bucket corresponding to the specified name already exists +and is compatible with the given parameters, the Plugin MUST reply OK. + +Important return codes: +* `AlreadyExists` (not retryable) when the bucket already exists but is incompatible with the request. +* `NotFound` (retryable) when the bucket does not exist. +* `InvalidArgument` (not retryable) if any parameters are invalid for the backend. + ```protobuf message DriverGetExistingBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string existing_bucket_id = 1; + + // OPTIONAL. A list of all object storage protocols the provisioned bucket MUST support. + // If none are given, the provisioner MAY provision with a set of default protocol(s) or return + // `InvalidArgument` with a message indicating that it requires this input. + // If any protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + repeated ObjectProtocol protocols = 2; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 4; } message DriverGetExistingBucketResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the bucket, so the + // Provisioner MUST be able to correlate `bucket_id` to the backend bucket. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string bucket_id = 1; + + // REQUIRED: At least one protocol bucket info result MUST be non-nil. + // + // The primary purpose of this response is to indicate which protocols are supported for + // subsequent DriverGrantBucketAccess requests referencing this provisioned bucket. A non-nil + // bucket info corresponding to a protocol indicates support. + // + // The Provisioner MUST indicate support for the protocols in the request. It MAY indicate + // support for more protocols than the request. It SHOULD indicate support for all supported + // protocols. It MUST NOT indicate support (return a non-nil result) for unsupported protocols. + // + // The secondary purpose of this response is to report non-credential information about the + // bucket. COSI does not expose this information to end-users until a subsequent + // DriverGrantBucketAccess is provisioned referencing this bucket. Instead, the info is exposed + // to administrators so that they might more easily debug errors in their configuration of COSI. + // It is thus RECOMMENDED to return all relevant bucket info for all supported protocols. + // However, the Provisioner MAY omit any or all bucket info fields as desired. + ObjectProtocolAndBucketInfo protocols = 2; } ``` #### DriverDeleteBucket +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If a bucket corresponding to the specified name does not exist, +the Plugin MUST reply OK. + ```protobuf message DriverDeleteBucketRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the existing backend bucket known to the Provisioner. + string bucket_id = 1; + + // OPTIONAL. Plugin specific parameters associated with the provisioned bucket. + map parameters = 4; } message DriverDeleteBucketResponse { @@ -468,21 +570,127 @@ message DriverDeleteBucketResponse { #### DriverGrantBucketAccess +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If an access corresponding to the specified name already exists +and is compatible with the given parameters, the Plugin MUST reply OK. + +Important driver return codes: +* `AlreadyExists` (not retryable) when the bucket already exists but is incompatible with the request. +* `InvalidArgument` (not retryable) if `AuthenticationType` is not supported. +* `InvalidArgument` (not retryable) if any parameters are invalid for the backend. +* `OutOfRange` (not retryable) if (and only if) the driver does not support creating a single shared access credential for multiple buckets. + ```protobuf message DriverGrantBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The suggested name for the backend bucket access. + // It serves two purposes: + // 1) Suggested name - COSI WILL suggest a name that includes a UID component that is + // statistically likely to be globally unique. + // 2) Idempotency - This name is generated by COSI to achieve idempotency. The Plugin SHOULD + // ensure that multiple DriverGrantBucketAccess calls for the same name do not result in more + // than one Bucket being provisioned corresponding to the name. + // The COSI Sidecar WILL call DriverGrantBucketAccess, with the same name, periodically to + // ensure the bucket exists. + // Using or appending random identifiers can lead to multiple unused buckets being created in + // the storage backend in the event of timing-related Driver/Sidecar failures or restarts. + // COSI WILL use DNS subdomain format (https://datatracker.ietf.org/doc/html/rfc1123). + // It WILL contain contain no more than 253 characters, contain only lowercase alphanumeric + // characters, '-' or '.', start with an alphanumeric character, and end with an alphanumeric + // character. + string account_name = 1; + + // REQUIRED. The object storage protocol the provisioned access MUST support. + // If the protocol cannot be supported, the Provisioner MUST return `InvalidArgument`. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type that the Provisioner MUST provision for this request. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters passed in as opaque key-value pairs. + // The Plugin is responsible for parsing and validating these parameters. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED. The read/write access mode that the Provisioner SHOULD provision for the bucket + // associated with `bucket_id`. + AccessMode access_mode = 2; + } + + // REQUIRED. Access to at least one bucket MUST be requested. + repeated AccessedBucket buckets = 6; } message DriverGrantBucketAccessResponse { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account known to the Provisioner. + // This value WILL be used by COSI to make subsequent calls related to the access, so the + // Provisioner MUST be able to correlate `account_id` to the backend access. + // It is RECOMMENDED to use the backend storage system's bucket ID. + string account_id = 1; + + message BucketInfo { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + + // REQUIRED: EXACTLY one protocol bucket info result MUST be non-nil. + // The Provisioner MUST fill in all required bucket info for the requested protocol. + // The Provisioner SHOULD fill in as much bucket info as is known given the parameters. + // It MUST NOT support (return a non-nil result) non-requested protocols. + // COSI WILL expose this information to users, and it WILL be treated as sensitive/secret + // information. + // COSI WILL not log the information or store it in plaintext. + ObjectProtocolAndBucketInfo bucket_info = 2; + } + + // REQUIRED. The Provisioner MUST return info for all `buckets` in the request. + repeated BucketInfo buckets = 2; + + // REQUIRED. + CredentialInfo credentials = 3; } ``` #### DriverRevokeBucketAccess +A Plugin MUST implement this RPC call. + +This operation MUST be idempotent. If an access corresponding to the specified name already doesn't +exist, the Plugin MUST reply OK. + ```protobuf message DriverRevokeBucketAccessRequest { - // TODO: unimplemented + // REQUIRED. The unique identifier for the backend access account + string account_id = 1; + + // REQUIRED. The object storage protocol associated with the provisioned access. + ObjectProtocol protocol = 2; + + // REQUIRED. The authentication type associated with the provisioned access. + AuthenticationType authentication_type = 3; + + // REQUIRED when `authentication_type` is `SERVICE_ACCOUNT`. + // OPTIONAL for all other authentication types. + // COSI WILL NOT set this when the requested `authentication_type` is not `SERVICE_ACCOUNT`. + string service_account_name = 4; + + // OPTIONAL. Plugin specific parameters associated with the provisioned access. + map parameters = 5; + + message AccessedBucket { + // REQUIRED. The unique identifier for the backend bucket known to the Provisioner. + string bucket_id = 1; + } + + // REQUIRED. Buckets associated with the provisioned access. + repeated AccessedBucket buckets = 6; } message DriverRevokeBucketAccessResponse {