forked from joeholley/supergloo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecurity.pb.go
238 lines (218 loc) · 9.01 KB
/
security.pb.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
// Code generated by protoc-gen-gogo. DO NOT EDIT.
// source: github.com/solo-io/supergloo/api/v1/security.proto
package v1
import (
bytes "bytes"
fmt "fmt"
math "math"
_ "github.com/gogo/protobuf/gogoproto"
proto "github.com/gogo/protobuf/proto"
core "github.com/solo-io/solo-kit/pkg/api/v1/resources/core"
)
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
var _ = fmt.Errorf
var _ = math.Inf
// This is a compile-time assertion to ensure that this generated file
// is compatible with the proto package it is being compiled against.
// A compilation error at this line likely means your copy of the
// proto package needs to be updated.
const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
// security rules apply ALLOW policies to communication in a mesh
// security rules specify the following:
// ALLOW those requests:
// - originating from from **source pods**
// - sent to **destination pods**
// - matching one or more **request matcher**
// if no security rules are present, all traffic in the mesh will be set to ALLOW
type SecurityRule struct {
// Status indicates the validation status of this resource.
// Status is read-only by clients, and set by supergloo during validation
Status core.Status `protobuf:"bytes,100,opt,name=status,proto3" json:"status"`
// Metadata contains the object metadata for this resource
Metadata core.Metadata `protobuf:"bytes,101,opt,name=metadata,proto3" json:"metadata"`
// target where we apply this rule. this can be a mesh group or an individual mesh
TargetMesh *core.ResourceRef `protobuf:"bytes,1,opt,name=target_mesh,json=targetMesh,proto3" json:"target_mesh,omitempty"`
// requests originating from these pods will have the rule applied
// leave empty to have all pods in the mesh apply these rules
//
// note that security policies are mapped to source pods by their
// service account. if other pods share the same service account,
// this security rule will apply to those pods as well.
//
// for fine-grained security policies, ensure that your
// service accounts properly reflect the desired
// boundary for your security rules
SourceSelector *PodSelector `protobuf:"bytes,2,opt,name=source_selector,json=sourceSelector,proto3" json:"source_selector,omitempty"`
// requests destined for these pods will have the rule applied
// leave empty to apply to all destination pods in the mesh
DestinationSelector *PodSelector `protobuf:"bytes,3,opt,name=destination_selector,json=destinationSelector,proto3" json:"destination_selector,omitempty"`
// Optional. A list of HTTP paths or gRPC methods to allow.
// gRPC methods must be presented as fully-qualified name in the form of
// "/packageName.serviceName/methodName" and are case sensitive.
// Exact match, prefix match, and suffix match are supported for paths.
// For example, the path "/books/review" matches
// "/books/review" (exact match), or "/books/*" (prefix match),
// or "*/review" (suffix match).
// If not specified, it allows to any path.
AllowedPaths []string `protobuf:"bytes,4,rep,name=allowed_paths,json=allowedPaths,proto3" json:"allowed_paths,omitempty"`
// Optional. A list of HTTP methods to allow (e.g., "GET", "POST").
// It is ignored in gRPC case because the value is always "POST".
// If set to ["*"] or not specified, it allows to any method.
AllowedMethods []string `protobuf:"bytes,5,rep,name=allowed_methods,json=allowedMethods,proto3" json:"allowed_methods,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *SecurityRule) Reset() { *m = SecurityRule{} }
func (m *SecurityRule) String() string { return proto.CompactTextString(m) }
func (*SecurityRule) ProtoMessage() {}
func (*SecurityRule) Descriptor() ([]byte, []int) {
return fileDescriptor_79fb25227d9beebd, []int{0}
}
func (m *SecurityRule) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_SecurityRule.Unmarshal(m, b)
}
func (m *SecurityRule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_SecurityRule.Marshal(b, m, deterministic)
}
func (m *SecurityRule) XXX_Merge(src proto.Message) {
xxx_messageInfo_SecurityRule.Merge(m, src)
}
func (m *SecurityRule) XXX_Size() int {
return xxx_messageInfo_SecurityRule.Size(m)
}
func (m *SecurityRule) XXX_DiscardUnknown() {
xxx_messageInfo_SecurityRule.DiscardUnknown(m)
}
var xxx_messageInfo_SecurityRule proto.InternalMessageInfo
func (m *SecurityRule) GetStatus() core.Status {
if m != nil {
return m.Status
}
return core.Status{}
}
func (m *SecurityRule) GetMetadata() core.Metadata {
if m != nil {
return m.Metadata
}
return core.Metadata{}
}
func (m *SecurityRule) GetTargetMesh() *core.ResourceRef {
if m != nil {
return m.TargetMesh
}
return nil
}
func (m *SecurityRule) GetSourceSelector() *PodSelector {
if m != nil {
return m.SourceSelector
}
return nil
}
func (m *SecurityRule) GetDestinationSelector() *PodSelector {
if m != nil {
return m.DestinationSelector
}
return nil
}
func (m *SecurityRule) GetAllowedPaths() []string {
if m != nil {
return m.AllowedPaths
}
return nil
}
func (m *SecurityRule) GetAllowedMethods() []string {
if m != nil {
return m.AllowedMethods
}
return nil
}
func init() {
proto.RegisterType((*SecurityRule)(nil), "supergloo.solo.io.SecurityRule")
}
func init() {
proto.RegisterFile("github.com/solo-io/supergloo/api/v1/security.proto", fileDescriptor_79fb25227d9beebd)
}
var fileDescriptor_79fb25227d9beebd = []byte{
// 397 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcf, 0xae, 0xd2, 0x40,
0x14, 0x87, 0xe5, 0x52, 0x89, 0x0e, 0xff, 0xe2, 0x48, 0x4c, 0xc5, 0x04, 0x89, 0x2e, 0x60, 0x21,
0xd3, 0x80, 0x1b, 0xc3, 0x92, 0x8d, 0x2b, 0x12, 0x2c, 0x3b, 0x37, 0x64, 0x68, 0x0f, 0xed, 0x84,
0x96, 0xd3, 0xcc, 0x4c, 0x35, 0x6e, 0x79, 0x1a, 0xdf, 0xc2, 0xad, 0x4f, 0xe1, 0xc2, 0x37, 0xe0,
0x0d, 0x4c, 0xdb, 0x19, 0x94, 0x68, 0x4c, 0xef, 0xaa, 0x9d, 0x73, 0xbe, 0xef, 0x64, 0x66, 0x7e,
0x43, 0x16, 0x91, 0xd0, 0x71, 0xbe, 0x67, 0x01, 0xa6, 0x9e, 0xc2, 0x04, 0x67, 0x02, 0x3d, 0x95,
0x67, 0x20, 0xa3, 0x04, 0xd1, 0xe3, 0x99, 0xf0, 0x3e, 0xcd, 0x3d, 0x05, 0x41, 0x2e, 0x85, 0xfe,
0xc2, 0x32, 0x89, 0x1a, 0xe9, 0x93, 0x2b, 0xc0, 0x0a, 0x85, 0x09, 0x1c, 0x0e, 0x22, 0x8c, 0xb0,
0xec, 0x7a, 0xc5, 0x5f, 0x05, 0x0e, 0x6b, 0x0e, 0x4f, 0x20, 0xd0, 0x28, 0x8d, 0x33, 0xff, 0x97,
0x53, 0x7c, 0x8f, 0x42, 0x5b, 0x25, 0x05, 0xcd, 0x43, 0xae, 0xb9, 0x51, 0xbc, 0x1a, 0x8a, 0xd2,
0x5c, 0xe7, 0xca, 0x08, 0x6f, 0x6a, 0x08, 0x12, 0x0e, 0xf7, 0xd8, 0x91, 0x5d, 0x57, 0xca, 0xab,
0x6f, 0x4d, 0xd2, 0xd9, 0x9a, 0x4b, 0xf3, 0xf3, 0x04, 0xe8, 0x82, 0xb4, 0xaa, 0x1d, 0xb8, 0xe1,
0xb8, 0x31, 0x6d, 0x2f, 0x06, 0x2c, 0x40, 0x09, 0xf6, 0xfa, 0xd8, 0xb6, 0xec, 0xad, 0x9c, 0xef,
0x3f, 0x5e, 0x3e, 0xf0, 0x0d, 0x49, 0xdf, 0x91, 0x47, 0xf6, 0xa0, 0x2e, 0x94, 0xd6, 0xb3, 0x5b,
0x6b, 0x6d, 0xba, 0xc6, 0xbb, 0xd2, 0x74, 0x49, 0xda, 0x9a, 0xcb, 0x08, 0xf4, 0x2e, 0x05, 0x15,
0xbb, 0x8d, 0x52, 0x7e, 0x7e, 0x2b, 0xfb, 0xa0, 0x30, 0x97, 0x01, 0xf8, 0x70, 0xf0, 0x49, 0x45,
0xaf, 0x41, 0xc5, 0xf4, 0x3d, 0xe9, 0x57, 0x8d, 0x9d, 0x0d, 0xc6, 0xbd, 0x2b, 0xfd, 0x11, 0xfb,
0x2b, 0x76, 0xb6, 0xc1, 0x70, 0x6b, 0x28, 0xbf, 0x57, 0x69, 0x76, 0x4d, 0x3f, 0x90, 0x41, 0x08,
0x4a, 0x8b, 0x13, 0xd7, 0x02, 0x4f, 0xbf, 0xa7, 0x35, 0x6b, 0x4d, 0x7b, 0xfa, 0x87, 0x7b, 0x1d,
0xf9, 0x9a, 0x74, 0x79, 0x92, 0xe0, 0x67, 0x08, 0x77, 0x19, 0xd7, 0xb1, 0x72, 0x9d, 0x71, 0x73,
0xfa, 0xd8, 0xef, 0x98, 0xe2, 0xa6, 0xa8, 0xd1, 0x09, 0xe9, 0x5b, 0x28, 0x05, 0x1d, 0x63, 0xa8,
0xdc, 0x87, 0x25, 0xd6, 0x33, 0xe5, 0x75, 0x55, 0x5d, 0xbe, 0x38, 0x5f, 0x1c, 0x87, 0xdc, 0x29,
0x79, 0xbe, 0x38, 0x7d, 0xda, 0xb5, 0x8f, 0x5c, 0xe6, 0x09, 0xa8, 0xd5, 0xec, 0xeb, 0xcf, 0x51,
0xe3, 0xe3, 0xe4, 0xbf, 0x0f, 0x38, 0x3b, 0x46, 0x26, 0xff, 0x7d, 0xab, 0xcc, 0xfd, 0xed, 0xaf,
0x00, 0x00, 0x00, 0xff, 0xff, 0x97, 0xb0, 0x93, 0xd6, 0x4f, 0x03, 0x00, 0x00,
}
func (this *SecurityRule) Equal(that interface{}) bool {
if that == nil {
return this == nil
}
that1, ok := that.(*SecurityRule)
if !ok {
that2, ok := that.(SecurityRule)
if ok {
that1 = &that2
} else {
return false
}
}
if that1 == nil {
return this == nil
} else if this == nil {
return false
}
if !this.Status.Equal(&that1.Status) {
return false
}
if !this.Metadata.Equal(&that1.Metadata) {
return false
}
if !this.TargetMesh.Equal(that1.TargetMesh) {
return false
}
if !this.SourceSelector.Equal(that1.SourceSelector) {
return false
}
if !this.DestinationSelector.Equal(that1.DestinationSelector) {
return false
}
if len(this.AllowedPaths) != len(that1.AllowedPaths) {
return false
}
for i := range this.AllowedPaths {
if this.AllowedPaths[i] != that1.AllowedPaths[i] {
return false
}
}
if len(this.AllowedMethods) != len(that1.AllowedMethods) {
return false
}
for i := range this.AllowedMethods {
if this.AllowedMethods[i] != that1.AllowedMethods[i] {
return false
}
}
if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) {
return false
}
return true
}