[OSS] gRPC call to get envoy bootstrap params (#12825)

Adds a new gRPC endpoint to get envoy bootstrap params. The new consul-dataplane service will use this
endpoint to generate an envoy bootstrap configuration.
This commit is contained in:
Riddhi Shah 2022-04-19 17:24:21 -07:00 committed by GitHub
parent 239c84a5c1
commit a1eb774407
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 1093 additions and 155 deletions

3
.changelog/12825.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:feature
grpc: New gRPC endpoint to return envoy bootstrap parameters.
```

View File

@ -677,8 +677,10 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve
s.publicConnectCAServer.Register(s.publicGRPCServer)
dataplane.NewServer(dataplane.Config{
GetStore: func() dataplane.StateStore { return s.FSM().State() },
Logger: logger.Named("grpc-api.dataplane"),
ACLResolver: plainACLResolver{s.ACLResolver},
Datacenter: s.config.Datacenter,
}).Register(s.publicGRPCServer)
// Initialize private gRPC server.

View File

@ -34,6 +34,8 @@ var (
startingVirtualIP = net.IP{240, 0, 0, 0}
virtualIPMaxOffset = net.IP{15, 255, 255, 254}
ErrNodeNotFound = errors.New("node not found")
)
func resizeNodeLookupKey(s string) string {
@ -1463,6 +1465,17 @@ func (s *Store) NodeService(nodeName string, serviceID string, entMeta *acl.Ente
}
func getNodeServiceTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (*structs.NodeService, error) {
sn, err := getServiceNodeTxn(tx, nodeName, serviceID, entMeta)
if err != nil {
return nil, err
}
if sn != nil {
return sn.ToNodeService(), nil
}
return nil, nil
}
func getServiceNodeTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (*structs.ServiceNode, error) {
// TODO: pass non-pointer type for ent meta
if entMeta == nil {
entMeta = structs.DefaultEnterpriseMetaInDefaultPartition()
@ -1477,12 +1490,48 @@ func getNodeServiceTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.Ente
if err != nil {
return nil, fmt.Errorf("failed querying service for node %q: %s", nodeName, err)
}
if service != nil {
return service.(*structs.ServiceNode).ToNodeService(), nil
return service.(*structs.ServiceNode), nil
}
return nil, nil
}
// ServiceNode is used to retrieve a specific service by service ID and node ID or name.
func (s *Store) ServiceNode(nodeID, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (uint64, *structs.ServiceNode, error) {
var (
node *structs.Node
err error
)
if nodeID != "" {
_, node, err = s.GetNodeID(types.NodeID(nodeID), entMeta)
if err != nil {
return 0, nil, fmt.Errorf("Failure looking up node by ID %s: %w", nodeID, err)
}
} else if nodeName != "" {
_, node, err = s.GetNode(nodeName, entMeta)
if err != nil {
return 0, nil, fmt.Errorf("Failure looking up node by name %s: %w", nodeName, err)
}
} else {
return 0, nil, fmt.Errorf("Node ID or name required to lookup the service")
}
if node == nil {
return 0, nil, ErrNodeNotFound
}
return nil, nil
tx := s.db.Txn(false)
defer tx.Abort()
// Get the table index.
idx := catalogServicesMaxIndex(tx, entMeta)
// Query the service
service, err := getServiceNodeTxn(tx, node.Node, serviceID, entMeta)
if err != nil {
return 0, nil, fmt.Errorf("failed querying service for node %q: %w", node.Node, err)
}
return idx, service, nil
}
func (s *Store) nodeServices(ws memdb.WatchSet, nodeNameOrID string, entMeta *acl.EnterpriseMeta, allowWildcard bool) (bool, uint64, *structs.Node, memdb.ResultIterator, error) {

View File

@ -265,6 +265,37 @@ func TestStateStore_EnsureRegistration(t *testing.T) {
t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx)
}
require.Equal(t, svcmap["redis1"], r)
// look service by node name
idx, sn, err := s.ServiceNode("", "node1", "redis1", nil)
if gotidx, wantidx := idx, uint64(2); err != nil || gotidx != wantidx {
t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx)
}
require.Equal(t, svcmap["redis1"].ToServiceNode("node1"), sn)
// lookup service by node ID
idx, sn, err = s.ServiceNode(string(nodeID), "", "redis1", nil)
if gotidx, wantidx := idx, uint64(2); err != nil || gotidx != wantidx {
t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx)
}
require.Equal(t, svcmap["redis1"].ToServiceNode("node1"), sn)
// lookup service by invalid node
_, _, err = s.ServiceNode("", "invalid-node", "redis1", nil)
if err != nil {
require.Equal(t, "node not found", err.Error())
}
if err == nil {
t.Fatalf("Expected error on lookup of \"invalid-node\"")
}
// lookup service without node name or ID
_, _, err = s.ServiceNode("", "", "redis1", nil)
if err != nil {
require.Equal(t, "Node ID or name required to lookup the service", err.Error())
}
if err == nil {
t.Fatalf("Expected error on lookup of service without node name or ID")
}
}
verifyNode()
verifyService()

View File

@ -54,7 +54,7 @@ func TestWatchRoots_Success(t *testing.T) {
// Mock the ACL Resolver to return an authorizer with `service:write`.
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizer(t), nil)
Return(testutils.TestAuthorizerServiceWriteAny(t), nil)
ctx := public.ContextWithToken(context.Background(), testACLToken)
@ -140,7 +140,7 @@ func TestWatchRoots_ACLTokenInvalidated(t *testing.T) {
// first two times it is called (initial connect and first re-auth).
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizer(t), nil).Twice()
Return(testutils.TestAuthorizerServiceWriteAny(t), nil).Twice()
ctx := public.ContextWithToken(context.Background(), testACLToken)
@ -208,7 +208,7 @@ func TestWatchRoots_StateStoreAbandoned(t *testing.T) {
// Mock the ACL Resolver to return an authorizer with `service:write`.
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizer(t), nil)
Return(testutils.TestAuthorizerServiceWriteAny(t), nil)
ctx := public.ContextWithToken(context.Background(), testACLToken)

View File

@ -0,0 +1,260 @@
package dataplane
import (
"context"
"testing"
acl "github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/grpc/public"
"github.com/hashicorp/consul/agent/grpc/public/testutils"
structs "github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/proto-public/pbdataplane"
"github.com/hashicorp/consul/types"
"github.com/hashicorp/go-hclog"
mock "github.com/stretchr/testify/mock"
"github.com/stretchr/testify/require"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/structpb"
)
const (
testToken = "acl-token-get-envoy-bootstrap-params"
proxyServiceID = "web-proxy"
nodeName = "foo"
nodeID = "2980b72b-bd9d-9d7b-d4f9-951bf7508d95"
proxyConfigKey = "envoy_dogstatsd_url"
proxyConfigValue = "udp://127.0.0.1:8125"
serverDC = "dc1"
)
func testRegisterRequestProxy(t *testing.T) *structs.RegisterRequest {
return &structs.RegisterRequest{
Datacenter: serverDC,
Node: nodeName,
ID: types.NodeID(nodeID),
Address: "127.0.0.1",
Service: &structs.NodeService{
Kind: structs.ServiceKindConnectProxy,
Service: proxyServiceID,
ID: proxyServiceID,
Address: "127.0.0.2",
Port: 2222,
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "web",
Config: map[string]interface{}{
proxyConfigKey: proxyConfigValue,
},
},
EnterpriseMeta: *structs.DefaultEnterpriseMetaInDefaultPartition(),
},
}
}
func testRegisterIngressGateway(t *testing.T) *structs.RegisterRequest {
registerReq := structs.TestRegisterIngressGateway(t)
registerReq.ID = types.NodeID("2980b72b-bd9d-9d7b-d4f9-951bf7508d95")
registerReq.Service.ID = registerReq.Service.Service
registerReq.Service.Proxy.Config = map[string]interface{}{
proxyConfigKey: proxyConfigValue,
}
return registerReq
}
func TestGetEnvoyBootstrapParams_Success(t *testing.T) {
type testCase struct {
name string
registerReq *structs.RegisterRequest
nodeID bool
}
run := func(t *testing.T, tc testCase) {
store := testStateStore(t)
err := store.EnsureRegistration(1, tc.registerReq)
require.NoError(t, err)
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizerServiceRead(t, tc.registerReq.Service.ID), nil)
ctx := public.ContextWithToken(context.Background(), testToken)
server := NewServer(Config{
GetStore: func() StateStore { return store },
Logger: hclog.NewNullLogger(),
ACLResolver: aclResolver,
Datacenter: serverDC,
})
client := testClient(t, server)
req := &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: tc.registerReq.Service.ID,
NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: tc.registerReq.Node}}
if tc.nodeID {
req.NodeSpec = &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeId{NodeId: string(tc.registerReq.ID)}
}
resp, err := client.GetEnvoyBootstrapParams(ctx, req)
require.NoError(t, err)
require.Equal(t, tc.registerReq.Service.Proxy.DestinationServiceName, resp.Service)
require.Equal(t, serverDC, resp.Datacenter)
require.Equal(t, tc.registerReq.EnterpriseMeta.PartitionOrDefault(), resp.Partition)
require.Equal(t, tc.registerReq.EnterpriseMeta.NamespaceOrDefault(), resp.Namespace)
require.Contains(t, resp.Config.Fields, proxyConfigKey)
require.Equal(t, structpb.NewStringValue(proxyConfigValue), resp.Config.Fields[proxyConfigKey])
require.Equal(t, convertToResponseServiceKind(tc.registerReq.Service.Kind), resp.ServiceKind)
}
testCases := []testCase{
{
name: "lookup service side car proxy by node name",
registerReq: testRegisterRequestProxy(t),
},
{
name: "lookup service side car proxy by node ID",
registerReq: testRegisterRequestProxy(t),
nodeID: true,
},
{
name: "lookup ingress gw service by node name",
registerReq: testRegisterIngressGateway(t),
},
{
name: "lookup ingress gw service by node ID",
registerReq: testRegisterIngressGateway(t),
nodeID: true,
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
run(t, tc)
})
}
}
func TestGetEnvoyBootstrapParams_Error(t *testing.T) {
type testCase struct {
name string
req *pbdataplane.GetEnvoyBootstrapParamsRequest
expectedErrCode codes.Code
expecteErrMsg string
}
run := func(t *testing.T, tc testCase) {
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizerServiceRead(t, proxyServiceID), nil)
ctx := public.ContextWithToken(context.Background(), testToken)
store := testStateStore(t)
registerReq := testRegisterRequestProxy(t)
err := store.EnsureRegistration(1, registerReq)
require.NoError(t, err)
server := NewServer(Config{
GetStore: func() StateStore { return store },
Logger: hclog.NewNullLogger(),
ACLResolver: aclResolver,
})
client := testClient(t, server)
resp, err := client.GetEnvoyBootstrapParams(ctx, tc.req)
require.Nil(t, resp)
require.Error(t, err)
errStatus, ok := status.FromError(err)
require.True(t, ok)
require.Equal(t, tc.expectedErrCode.String(), errStatus.Code().String())
require.Equal(t, tc.expecteErrMsg, errStatus.Message())
}
testCases := []testCase{
{
name: "lookup-service-by-unregistered-node-name",
req: &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: proxyServiceID,
NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: "blah"}},
expectedErrCode: codes.NotFound,
expecteErrMsg: "node not found",
},
{
name: "lookup-service-by-unregistered-node-id",
req: &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: proxyServiceID,
NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeId{NodeId: "5980b72b-bd9d-9d7b-d4f9-951bf7508d98"}},
expectedErrCode: codes.NotFound,
expecteErrMsg: "node not found",
},
{
name: "lookup-service-by-unregistered-service",
req: &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: "blah-service",
NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: nodeName}},
expectedErrCode: codes.NotFound,
expecteErrMsg: "Service not found",
},
{
name: "lookup-service-without-node-details",
req: &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: proxyServiceID},
expectedErrCode: codes.InvalidArgument,
expecteErrMsg: "Node ID or name required to lookup the service",
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
run(t, tc)
})
}
}
func TestGetEnvoyBootstrapParams_Unauthenticated(t *testing.T) {
// Mock the ACL resolver to return ErrNotFound.
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", mock.Anything, mock.Anything, mock.Anything).
Return(nil, acl.ErrNotFound)
ctx := public.ContextWithToken(context.Background(), testToken)
store := testStateStore(t)
server := NewServer(Config{
GetStore: func() StateStore { return store },
Logger: hclog.NewNullLogger(),
ACLResolver: aclResolver,
})
client := testClient(t, server)
resp, err := client.GetEnvoyBootstrapParams(ctx, &pbdataplane.GetEnvoyBootstrapParamsRequest{})
require.Error(t, err)
require.Equal(t, codes.Unauthenticated.String(), status.Code(err).String())
require.Nil(t, resp)
}
func TestGetEnvoyBootstrapParams_PermissionDenied(t *testing.T) {
// Mock the ACL resolver to return a deny all authorizer
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything).
Return(acl.DenyAll(), nil)
ctx := public.ContextWithToken(context.Background(), testToken)
store := testStateStore(t)
registerReq := structs.TestRegisterRequestProxy(t)
proxyServiceID := "web-sidecar-proxy"
registerReq.Service.ID = proxyServiceID
err := store.EnsureRegistration(1, registerReq)
require.NoError(t, err)
server := NewServer(Config{
GetStore: func() StateStore { return store },
Logger: hclog.NewNullLogger(),
ACLResolver: aclResolver,
})
client := testClient(t, server)
req := &pbdataplane.GetEnvoyBootstrapParamsRequest{
ServiceId: proxyServiceID,
NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: registerReq.Node}}
resp, err := client.GetEnvoyBootstrapParams(ctx, req)
require.Error(t, err)
require.Equal(t, codes.PermissionDenied.String(), status.Code(err).String())
require.Nil(t, resp)
}

View File

@ -0,0 +1,87 @@
package dataplane
import (
"context"
"errors"
"strings"
acl "github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/consul/state"
"github.com/hashicorp/consul/agent/grpc/public"
structs "github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/proto-public/pbdataplane"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/structpb"
)
func (s *Server) GetEnvoyBootstrapParams(ctx context.Context, req *pbdataplane.GetEnvoyBootstrapParamsRequest) (*pbdataplane.GetEnvoyBootstrapParamsResponse, error) {
logger := s.Logger.Named("get-envoy-bootstrap-params").With("service_id", req.GetServiceId(), "request_id", public.TraceID())
logger.Trace("Started processing request")
defer logger.Trace("Finished processing request")
token := public.TokenFromContext(ctx)
var authzContext acl.AuthorizerContext
entMeta := acl.NewEnterpriseMetaWithPartition(req.GetPartition(), req.GetNamespace())
authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, &entMeta, &authzContext)
if err != nil {
return nil, status.Error(codes.Unauthenticated, err.Error())
}
store := s.GetStore()
_, svc, err := store.ServiceNode(req.GetNodeId(), req.GetNodeName(), req.GetServiceId(), &entMeta)
if err != nil {
logger.Error("Error looking up service", "error", err)
if errors.Is(err, state.ErrNodeNotFound) {
return nil, status.Error(codes.NotFound, err.Error())
} else if strings.Contains(err.Error(), "Node ID or name required") {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else {
return nil, status.Error(codes.Internal, "Failure looking up service")
}
}
if svc == nil {
return nil, status.Error(codes.NotFound, "Service not found")
}
if err := authz.ToAllowAuthorizer().ServiceReadAllowed(svc.ServiceName, &authzContext); err != nil {
return nil, status.Error(codes.PermissionDenied, err.Error())
}
// Build out the response
resp := &pbdataplane.GetEnvoyBootstrapParamsResponse{
Service: svc.ServiceProxy.DestinationServiceName,
Partition: svc.EnterpriseMeta.PartitionOrDefault(),
Namespace: svc.EnterpriseMeta.NamespaceOrDefault(),
Datacenter: s.Datacenter,
ServiceKind: convertToResponseServiceKind(svc.ServiceKind),
}
bootstrapConfig, err := structpb.NewStruct(svc.ServiceProxy.Config)
if err != nil {
logger.Error("Error creating the envoy boostrap params config", "error", err)
return nil, status.Error(codes.Unknown, "Error creating the envoy boostrap params config")
}
resp.Config = bootstrapConfig
return resp, nil
}
func convertToResponseServiceKind(serviceKind structs.ServiceKind) (respKind pbdataplane.ServiceKind) {
switch serviceKind {
case structs.ServiceKindConnectProxy:
respKind = pbdataplane.ServiceKind_CONNECT_PROXY
case structs.ServiceKindMeshGateway:
respKind = pbdataplane.ServiceKind_MESH_GATEWAY
case structs.ServiceKindTerminatingGateway:
respKind = pbdataplane.ServiceKind_TERMINATING_GATEWAY
case structs.ServiceKindIngressGateway:
respKind = pbdataplane.ServiceKind_INGRESS_GATEWAY
case structs.ServiceKindTypical:
respKind = pbdataplane.ServiceKind_TYPICAL
}
return
}

View File

@ -12,14 +12,17 @@ import (
"github.com/hashicorp/consul/proto-public/pbdataplane"
)
func (d *Server) SupportedDataplaneFeatures(ctx context.Context, req *pbdataplane.SupportedDataplaneFeaturesRequest) (*pbdataplane.SupportedDataplaneFeaturesResponse, error) {
d.Logger.Trace("Received request for supported dataplane features")
func (s *Server) GetSupportedDataplaneFeatures(ctx context.Context, req *pbdataplane.GetSupportedDataplaneFeaturesRequest) (*pbdataplane.GetSupportedDataplaneFeaturesResponse, error) {
logger := s.Logger.Named("get-supported-dataplane-features").With("request_id", public.TraceID())
logger.Trace("Started processing request")
defer logger.Trace("Finished processing request")
// Require the given ACL token to have `service:write` on any service
token := public.TokenFromContext(ctx)
var authzContext acl.AuthorizerContext
entMeta := structs.WildcardEnterpriseMetaInPartition(structs.WildcardSpecifier)
authz, err := d.ACLResolver.ResolveTokenAndDefaultMeta(token, entMeta, &authzContext)
authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, entMeta, &authzContext)
if err != nil {
return nil, status.Error(codes.Unauthenticated, err.Error())
}
@ -42,5 +45,5 @@ func (d *Server) SupportedDataplaneFeatures(ctx context.Context, req *pbdataplan
},
}
return &pbdataplane.SupportedDataplaneFeaturesResponse{SupportedDataplaneFeatures: supportedFeatures}, nil
return &pbdataplane.GetSupportedDataplaneFeaturesResponse{SupportedDataplaneFeatures: supportedFeatures}, nil
}

View File

@ -22,15 +22,14 @@ func TestSupportedDataplaneFeatures_Success(t *testing.T) {
// Mock the ACL Resolver to return an authorizer with `service:write`.
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything).
Return(testutils.TestAuthorizer(t), nil)
Return(testutils.TestAuthorizerServiceWriteAny(t), nil)
ctx := public.ContextWithToken(context.Background(), testACLToken)
server := NewServer(Config{
Logger: hclog.NewNullLogger(),
ACLResolver: aclResolver,
})
client := testClient(t, server)
resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{})
resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{})
require.NoError(t, err)
require.Equal(t, 3, len(resp.SupportedDataplaneFeatures))
@ -59,14 +58,14 @@ func TestSupportedDataplaneFeatures_Unauthenticated(t *testing.T) {
ACLResolver: aclResolver,
})
client := testClient(t, server)
resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{})
resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{})
require.Error(t, err)
require.Equal(t, codes.Unauthenticated.String(), status.Code(err).String())
require.Nil(t, resp)
}
func TestSupportedDataplaneFeatures_PermissionDenied(t *testing.T) {
// Mock the ACL resolver to return ErrNotFound.
// Mock the ACL resolver to return a deny all authorizer
aclResolver := &MockACLResolver{}
aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything).
Return(acl.DenyAll(), nil)
@ -76,7 +75,7 @@ func TestSupportedDataplaneFeatures_PermissionDenied(t *testing.T) {
ACLResolver: aclResolver,
})
client := testClient(t, server)
resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{})
resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{})
require.Error(t, err)
require.Equal(t, codes.PermissionDenied.String(), status.Code(err).String())
require.Nil(t, resp)

View File

@ -1,10 +1,12 @@
package dataplane
import (
"github.com/hashicorp/go-hclog"
"google.golang.org/grpc"
"github.com/hashicorp/go-hclog"
"github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/proto-public/pbdataplane"
)
@ -13,8 +15,15 @@ type Server struct {
}
type Config struct {
GetStore func() StateStore
Logger hclog.Logger
ACLResolver ACLResolver
// Datacenter of the Consul server this gRPC server is hosted on
Datacenter string
}
type StateStore interface {
ServiceNode(string, string, string, *acl.EnterpriseMeta) (uint64, *structs.ServiceNode, error)
}
//go:generate mockery -name ACLResolver -inpkg

View File

@ -4,12 +4,23 @@ import (
"context"
"net"
"testing"
"time"
"github.com/hashicorp/consul/agent/consul/state"
"github.com/hashicorp/consul/proto-public/pbdataplane"
"github.com/stretchr/testify/require"
"google.golang.org/grpc"
)
func testStateStore(t *testing.T) *state.Store {
t.Helper()
gc, err := state.NewTombstoneGC(time.Second, time.Millisecond)
require.NoError(t, err)
return state.NewStateStore(gc)
}
func testClient(t *testing.T, server *Server) pbdataplane.DataplaneServiceClient {
t.Helper()

View File

@ -8,7 +8,7 @@ import (
"github.com/hashicorp/consul/acl"
)
func TestAuthorizer(t *testing.T) acl.Authorizer {
func TestAuthorizerServiceWriteAny(t *testing.T) acl.Authorizer {
t.Helper()
policy, err := acl.NewPolicyFromSource(`
@ -23,3 +23,22 @@ func TestAuthorizer(t *testing.T) acl.Authorizer {
return authz
}
func TestAuthorizerServiceRead(t *testing.T, serviceName string) acl.Authorizer {
t.Helper()
aclRule := &acl.Policy{
PolicyRules: acl.PolicyRules{
Services: []*acl.ServiceRule{
{
Name: serviceName,
Policy: acl.PolicyRead,
},
},
},
}
authz, err := acl.NewPolicyAuthorizerWithDefaults(acl.DenyAll(), []*acl.Policy{aclRule}, nil)
require.NoError(t, err)
return authz
}

View File

@ -0,0 +1,13 @@
package public
import "github.com/hashicorp/go-uuid"
// We tag logs with a unique identifier to ease debugging. In the future this
// should probably be a real Open Telemetry trace ID.
func TraceID() string {
id, err := uuid.GenerateUUID()
if err != nil {
return ""
}
return id
}

View File

@ -2,20 +2,22 @@ syntax = "proto3";
package connectca;
option go_package = "github.com/hashicorp/consul/proto-public/pbconnectca";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/hashicorp/consul/proto-public/pbconnectca";
service ConnectCAService {
// WatchRoots provides a stream on which you can receive the list of active
// Connect CA roots. Current roots are sent immediately at the start of the
// stream, and new lists will be sent whenever the roots are rotated.
rpc WatchRoots(google.protobuf.Empty) returns (stream WatchRootsResponse) {};
rpc WatchRoots(google.protobuf.Empty) returns (stream WatchRootsResponse) {}
// Sign a leaf certificate for the service or agent identified by the SPIFFE
// ID in the given CSR's SAN.
rpc Sign(SignRequest) returns (SignResponse) {};
rpc Sign(SignRequest) returns (SignResponse) {}
}
message WatchRootsResponse {
@ -38,41 +40,41 @@ message WatchRootsResponse {
}
message CARoot {
// id is a globally unique ID (UUID) representing this CA root.
string id = 1;
// id is a globally unique ID (UUID) representing this CA root.
string id = 1;
// name is a human-friendly name for this CA root. This value is opaque to
// Consul and is not used for anything internally.
string name = 2;
// name is a human-friendly name for this CA root. This value is opaque to
// Consul and is not used for anything internally.
string name = 2;
// serial_number is the x509 serial number of the certificate.
uint64 serial_number = 3;
// serial_number is the x509 serial number of the certificate.
uint64 serial_number = 3;
// signing_key_id is the connect.HexString encoded id of the public key that
// corresponds to the private key used to sign leaf certificates in the
// local datacenter.
//
// The value comes from x509.Certificate.SubjectKeyId of the local leaf
// signing cert.
//
// See https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.1 for more detail.
string signing_key_id = 4;
// signing_key_id is the connect.HexString encoded id of the public key that
// corresponds to the private key used to sign leaf certificates in the
// local datacenter.
//
// The value comes from x509.Certificate.SubjectKeyId of the local leaf
// signing cert.
//
// See https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.1 for more detail.
string signing_key_id = 4;
// root_cert is the PEM-encoded public certificate.
string root_cert = 5;
// root_cert is the PEM-encoded public certificate.
string root_cert = 5;
// intermediate_certs is a list of PEM-encoded intermediate certs to
// attach to any leaf certs signed by this CA.
repeated string intermediate_certs = 6;
// intermediate_certs is a list of PEM-encoded intermediate certs to
// attach to any leaf certs signed by this CA.
repeated string intermediate_certs = 6;
// active is true if this is the current active CA. This must only
// be true for exactly one CA.
bool active = 7;
// active is true if this is the current active CA. This must only
// be true for exactly one CA.
bool active = 7;
// rotated_out_at is the time at which this CA was removed from the state.
// This will only be set on roots that have been rotated out from being the
// active root.
google.protobuf.Timestamp rotated_out_at = 8;
// rotated_out_at is the time at which this CA was removed from the state.
// This will only be set on roots that have been rotated out from being the
// active root.
google.protobuf.Timestamp rotated_out_at = 8;
}
message SignRequest {

View File

@ -8,12 +8,12 @@ import (
)
// MarshalBinary implements encoding.BinaryMarshaler
func (msg *SupportedDataplaneFeaturesRequest) MarshalBinary() ([]byte, error) {
func (msg *GetSupportedDataplaneFeaturesRequest) MarshalBinary() ([]byte, error) {
return proto.Marshal(msg)
}
// UnmarshalBinary implements encoding.BinaryUnmarshaler
func (msg *SupportedDataplaneFeaturesRequest) UnmarshalBinary(b []byte) error {
func (msg *GetSupportedDataplaneFeaturesRequest) UnmarshalBinary(b []byte) error {
return proto.Unmarshal(b, msg)
}
@ -28,11 +28,31 @@ func (msg *DataplaneFeatureSupport) UnmarshalBinary(b []byte) error {
}
// MarshalBinary implements encoding.BinaryMarshaler
func (msg *SupportedDataplaneFeaturesResponse) MarshalBinary() ([]byte, error) {
func (msg *GetSupportedDataplaneFeaturesResponse) MarshalBinary() ([]byte, error) {
return proto.Marshal(msg)
}
// UnmarshalBinary implements encoding.BinaryUnmarshaler
func (msg *SupportedDataplaneFeaturesResponse) UnmarshalBinary(b []byte) error {
func (msg *GetSupportedDataplaneFeaturesResponse) UnmarshalBinary(b []byte) error {
return proto.Unmarshal(b, msg)
}
// MarshalBinary implements encoding.BinaryMarshaler
func (msg *GetEnvoyBootstrapParamsRequest) MarshalBinary() ([]byte, error) {
return proto.Marshal(msg)
}
// UnmarshalBinary implements encoding.BinaryUnmarshaler
func (msg *GetEnvoyBootstrapParamsRequest) UnmarshalBinary(b []byte) error {
return proto.Unmarshal(b, msg)
}
// MarshalBinary implements encoding.BinaryMarshaler
func (msg *GetEnvoyBootstrapParamsResponse) MarshalBinary() ([]byte, error) {
return proto.Marshal(msg)
}
// UnmarshalBinary implements encoding.BinaryUnmarshaler
func (msg *GetEnvoyBootstrapParamsResponse) UnmarshalBinary(b []byte) error {
return proto.Unmarshal(b, msg)
}

View File

@ -16,6 +16,7 @@ import (
status "google.golang.org/grpc/status"
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
structpb "google.golang.org/protobuf/types/known/structpb"
reflect "reflect"
sync "sync"
)
@ -83,14 +84,83 @@ func (DataplaneFeatures) EnumDescriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0}
}
type SupportedDataplaneFeaturesRequest struct {
type ServiceKind int32
const (
// ServiceKind Typical is a typical, classic Consul service. This is
// represented by the absence of a value. This was chosen for ease of
// backwards compatibility: existing services in the catalog would
// default to the typical service.
ServiceKind_TYPICAL ServiceKind = 0
// ServiceKind Connect Proxy is a proxy for the Connect feature. This
// service proxies another service within Consul and speaks the connect
// protocol.
ServiceKind_CONNECT_PROXY ServiceKind = 1
// ServiceKind Mesh Gateway is a Mesh Gateway for the Connect feature. This
// service will proxy connections based off the SNI header set by other
// connect proxies.
ServiceKind_MESH_GATEWAY ServiceKind = 2
// ServiceKind Terminating Gateway is a Terminating Gateway for the Connect
// feature. This service will proxy connections to services outside the mesh.
ServiceKind_TERMINATING_GATEWAY ServiceKind = 3
// ServiceKind Ingress Gateway is an Ingress Gateway for the Connect feature.
// This service will ingress connections into the service mesh.
ServiceKind_INGRESS_GATEWAY ServiceKind = 4
)
// Enum value maps for ServiceKind.
var (
ServiceKind_name = map[int32]string{
0: "TYPICAL",
1: "CONNECT_PROXY",
2: "MESH_GATEWAY",
3: "TERMINATING_GATEWAY",
4: "INGRESS_GATEWAY",
}
ServiceKind_value = map[string]int32{
"TYPICAL": 0,
"CONNECT_PROXY": 1,
"MESH_GATEWAY": 2,
"TERMINATING_GATEWAY": 3,
"INGRESS_GATEWAY": 4,
}
)
func (x ServiceKind) Enum() *ServiceKind {
p := new(ServiceKind)
*p = x
return p
}
func (x ServiceKind) String() string {
return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
}
func (ServiceKind) Descriptor() protoreflect.EnumDescriptor {
return file_proto_public_pbdataplane_dataplane_proto_enumTypes[1].Descriptor()
}
func (ServiceKind) Type() protoreflect.EnumType {
return &file_proto_public_pbdataplane_dataplane_proto_enumTypes[1]
}
func (x ServiceKind) Number() protoreflect.EnumNumber {
return protoreflect.EnumNumber(x)
}
// Deprecated: Use ServiceKind.Descriptor instead.
func (ServiceKind) EnumDescriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{1}
}
type GetSupportedDataplaneFeaturesRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
}
func (x *SupportedDataplaneFeaturesRequest) Reset() {
*x = SupportedDataplaneFeaturesRequest{}
func (x *GetSupportedDataplaneFeaturesRequest) Reset() {
*x = GetSupportedDataplaneFeaturesRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[0]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@ -98,13 +168,13 @@ func (x *SupportedDataplaneFeaturesRequest) Reset() {
}
}
func (x *SupportedDataplaneFeaturesRequest) String() string {
func (x *GetSupportedDataplaneFeaturesRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*SupportedDataplaneFeaturesRequest) ProtoMessage() {}
func (*GetSupportedDataplaneFeaturesRequest) ProtoMessage() {}
func (x *SupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message {
func (x *GetSupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[0]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@ -116,8 +186,8 @@ func (x *SupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message
return mi.MessageOf(x)
}
// Deprecated: Use SupportedDataplaneFeaturesRequest.ProtoReflect.Descriptor instead.
func (*SupportedDataplaneFeaturesRequest) Descriptor() ([]byte, []int) {
// Deprecated: Use GetSupportedDataplaneFeaturesRequest.ProtoReflect.Descriptor instead.
func (*GetSupportedDataplaneFeaturesRequest) Descriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0}
}
@ -176,7 +246,7 @@ func (x *DataplaneFeatureSupport) GetSupported() bool {
return false
}
type SupportedDataplaneFeaturesResponse struct {
type GetSupportedDataplaneFeaturesResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
@ -184,8 +254,8 @@ type SupportedDataplaneFeaturesResponse struct {
SupportedDataplaneFeatures []*DataplaneFeatureSupport `protobuf:"bytes,1,rep,name=supported_dataplane_features,json=supportedDataplaneFeatures,proto3" json:"supported_dataplane_features,omitempty"`
}
func (x *SupportedDataplaneFeaturesResponse) Reset() {
*x = SupportedDataplaneFeaturesResponse{}
func (x *GetSupportedDataplaneFeaturesResponse) Reset() {
*x = GetSupportedDataplaneFeaturesResponse{}
if protoimpl.UnsafeEnabled {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@ -193,13 +263,13 @@ func (x *SupportedDataplaneFeaturesResponse) Reset() {
}
}
func (x *SupportedDataplaneFeaturesResponse) String() string {
func (x *GetSupportedDataplaneFeaturesResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*SupportedDataplaneFeaturesResponse) ProtoMessage() {}
func (*GetSupportedDataplaneFeaturesResponse) ProtoMessage() {}
func (x *SupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message {
func (x *GetSupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[2]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@ -211,64 +281,303 @@ func (x *SupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message
return mi.MessageOf(x)
}
// Deprecated: Use SupportedDataplaneFeaturesResponse.ProtoReflect.Descriptor instead.
func (*SupportedDataplaneFeaturesResponse) Descriptor() ([]byte, []int) {
// Deprecated: Use GetSupportedDataplaneFeaturesResponse.ProtoReflect.Descriptor instead.
func (*GetSupportedDataplaneFeaturesResponse) Descriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{2}
}
func (x *SupportedDataplaneFeaturesResponse) GetSupportedDataplaneFeatures() []*DataplaneFeatureSupport {
func (x *GetSupportedDataplaneFeaturesResponse) GetSupportedDataplaneFeatures() []*DataplaneFeatureSupport {
if x != nil {
return x.SupportedDataplaneFeatures
}
return nil
}
type GetEnvoyBootstrapParamsRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
// Types that are assignable to NodeSpec:
// *GetEnvoyBootstrapParamsRequest_NodeId
// *GetEnvoyBootstrapParamsRequest_NodeName
NodeSpec isGetEnvoyBootstrapParamsRequest_NodeSpec `protobuf_oneof:"node_spec"`
// The proxy service ID
ServiceId string `protobuf:"bytes,3,opt,name=service_id,json=serviceId,proto3" json:"service_id,omitempty"`
Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"`
Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"`
}
func (x *GetEnvoyBootstrapParamsRequest) Reset() {
*x = GetEnvoyBootstrapParamsRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *GetEnvoyBootstrapParamsRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*GetEnvoyBootstrapParamsRequest) ProtoMessage() {}
func (x *GetEnvoyBootstrapParamsRequest) ProtoReflect() protoreflect.Message {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use GetEnvoyBootstrapParamsRequest.ProtoReflect.Descriptor instead.
func (*GetEnvoyBootstrapParamsRequest) Descriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{3}
}
func (m *GetEnvoyBootstrapParamsRequest) GetNodeSpec() isGetEnvoyBootstrapParamsRequest_NodeSpec {
if m != nil {
return m.NodeSpec
}
return nil
}
func (x *GetEnvoyBootstrapParamsRequest) GetNodeId() string {
if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeId); ok {
return x.NodeId
}
return ""
}
func (x *GetEnvoyBootstrapParamsRequest) GetNodeName() string {
if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeName); ok {
return x.NodeName
}
return ""
}
func (x *GetEnvoyBootstrapParamsRequest) GetServiceId() string {
if x != nil {
return x.ServiceId
}
return ""
}
func (x *GetEnvoyBootstrapParamsRequest) GetPartition() string {
if x != nil {
return x.Partition
}
return ""
}
func (x *GetEnvoyBootstrapParamsRequest) GetNamespace() string {
if x != nil {
return x.Namespace
}
return ""
}
type isGetEnvoyBootstrapParamsRequest_NodeSpec interface {
isGetEnvoyBootstrapParamsRequest_NodeSpec()
}
type GetEnvoyBootstrapParamsRequest_NodeId struct {
NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3,oneof"`
}
type GetEnvoyBootstrapParamsRequest_NodeName struct {
NodeName string `protobuf:"bytes,2,opt,name=node_name,json=nodeName,proto3,oneof"`
}
func (*GetEnvoyBootstrapParamsRequest_NodeId) isGetEnvoyBootstrapParamsRequest_NodeSpec() {}
func (*GetEnvoyBootstrapParamsRequest_NodeName) isGetEnvoyBootstrapParamsRequest_NodeSpec() {}
type GetEnvoyBootstrapParamsResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
ServiceKind ServiceKind `protobuf:"varint,1,opt,name=service_kind,json=serviceKind,proto3,enum=dataplane.ServiceKind" json:"service_kind,omitempty"`
// The destination service name
Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"`
Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace,omitempty"`
Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"`
Datacenter string `protobuf:"bytes,5,opt,name=datacenter,proto3" json:"datacenter,omitempty"`
Config *structpb.Struct `protobuf:"bytes,6,opt,name=config,proto3" json:"config,omitempty"`
}
func (x *GetEnvoyBootstrapParamsResponse) Reset() {
*x = GetEnvoyBootstrapParamsResponse{}
if protoimpl.UnsafeEnabled {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *GetEnvoyBootstrapParamsResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*GetEnvoyBootstrapParamsResponse) ProtoMessage() {}
func (x *GetEnvoyBootstrapParamsResponse) ProtoReflect() protoreflect.Message {
mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use GetEnvoyBootstrapParamsResponse.ProtoReflect.Descriptor instead.
func (*GetEnvoyBootstrapParamsResponse) Descriptor() ([]byte, []int) {
return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{4}
}
func (x *GetEnvoyBootstrapParamsResponse) GetServiceKind() ServiceKind {
if x != nil {
return x.ServiceKind
}
return ServiceKind_TYPICAL
}
func (x *GetEnvoyBootstrapParamsResponse) GetService() string {
if x != nil {
return x.Service
}
return ""
}
func (x *GetEnvoyBootstrapParamsResponse) GetNamespace() string {
if x != nil {
return x.Namespace
}
return ""
}
func (x *GetEnvoyBootstrapParamsResponse) GetPartition() string {
if x != nil {
return x.Partition
}
return ""
}
func (x *GetEnvoyBootstrapParamsResponse) GetDatacenter() string {
if x != nil {
return x.Datacenter
}
return ""
}
func (x *GetEnvoyBootstrapParamsResponse) GetConfig() *structpb.Struct {
if x != nil {
return x.Config
}
return nil
}
var File_proto_public_pbdataplane_dataplane_proto protoreflect.FileDescriptor
var file_proto_public_pbdataplane_dataplane_proto_rawDesc = []byte{
0x0a, 0x28, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2d, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70,
0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x70,
0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x09, 0x64, 0x61, 0x74, 0x61,
0x70, 0x6c, 0x61, 0x6e, 0x65, 0x22, 0x23, 0x0a, 0x21, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74,
0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75,
0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x78, 0x0a, 0x17, 0x44, 0x61,
0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, 0x75,
0x70, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x3f, 0x0a, 0x0c, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65,
0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x64, 0x61,
0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e,
0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x0b, 0x66, 0x65, 0x61, 0x74, 0x75,
0x72, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72,
0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f,
0x72, 0x74, 0x65, 0x64, 0x22, 0x8a, 0x01, 0x0a, 0x22, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74,
0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75,
0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x64, 0x0a, 0x1c, 0x73,
0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61,
0x6e, 0x65, 0x5f, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
0x0b, 0x32, 0x22, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61,
0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, 0x75,
0x70, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x1a, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64,
0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65,
0x73, 0x2a, 0x77, 0x0a, 0x11, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65,
0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57,
0x4e, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x57, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x53, 0x45, 0x52,
0x56, 0x45, 0x52, 0x53, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x45, 0x44, 0x47, 0x45, 0x5f, 0x43,
0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47,
0x45, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x21, 0x0a, 0x1d, 0x45, 0x4e, 0x56, 0x4f, 0x59,
0x5f, 0x42, 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49,
0x47, 0x55, 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x03, 0x32, 0x8f, 0x01, 0x0a, 0x10, 0x44,
0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12,
0x7b, 0x0a, 0x1a, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61,
0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x2c, 0x2e,
0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72,
0x70, 0x6c, 0x61, 0x6e, 0x65, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x22, 0x26, 0x0a, 0x24, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72,
0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74,
0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x64, 0x61,
0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65,
0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72,
0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x36, 0x5a, 0x34,
0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69,
0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x2d, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70,
0x6c, 0x61, 0x6e, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x78, 0x0a, 0x17, 0x44,
0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53,
0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x3f, 0x0a, 0x0c, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72,
0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x64,
0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61,
0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x0b, 0x66, 0x65, 0x61, 0x74,
0x75, 0x72, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f,
0x72, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x75, 0x70, 0x70,
0x6f, 0x72, 0x74, 0x65, 0x64, 0x22, 0x8d, 0x01, 0x0a, 0x25, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70,
0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46,
0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12,
0x64, 0x0a, 0x1c, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74,
0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x5f, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x18,
0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e,
0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75,
0x72, 0x65, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x1a, 0x73, 0x75, 0x70, 0x70, 0x6f,
0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61,
0x74, 0x75, 0x72, 0x65, 0x73, 0x22, 0xc2, 0x01, 0x0a, 0x1e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76,
0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d,
0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x19, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65,
0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x6e, 0x6f, 0x64,
0x65, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61,
0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x69, 0x64,
0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x49,
0x64, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04,
0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12,
0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01,
0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x42, 0x0b, 0x0a,
0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x22, 0x83, 0x02, 0x0a, 0x1f, 0x47,
0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70,
0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x39,
0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01,
0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65,
0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x0b, 0x73, 0x65,
0x72, 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72,
0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76,
0x69, 0x63, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65,
0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63,
0x65, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04,
0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12,
0x1e, 0x0a, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x05, 0x20,
0x01, 0x28, 0x09, 0x52, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x12,
0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32,
0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
0x2a, 0x77, 0x0a, 0x11, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61,
0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x57, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x53, 0x45, 0x52, 0x56,
0x45, 0x52, 0x53, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x45, 0x44, 0x47, 0x45, 0x5f, 0x43, 0x45,
0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47, 0x45,
0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x21, 0x0a, 0x1d, 0x45, 0x4e, 0x56, 0x4f, 0x59, 0x5f,
0x42, 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47,
0x55, 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x03, 0x2a, 0x6d, 0x0a, 0x0b, 0x53, 0x65, 0x72,
0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x59, 0x50, 0x49,
0x43, 0x41, 0x4c, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54,
0x5f, 0x50, 0x52, 0x4f, 0x58, 0x59, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x4d, 0x45, 0x53, 0x48,
0x5f, 0x47, 0x41, 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x45,
0x52, 0x4d, 0x49, 0x4e, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x5f, 0x47, 0x41, 0x54, 0x45, 0x57, 0x41,
0x59, 0x10, 0x03, 0x12, 0x13, 0x0a, 0x0f, 0x49, 0x4e, 0x47, 0x52, 0x45, 0x53, 0x53, 0x5f, 0x47,
0x41, 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x04, 0x32, 0x8d, 0x02, 0x0a, 0x10, 0x44, 0x61, 0x74,
0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x84, 0x01,
0x0a, 0x1d, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61,
0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12,
0x2f, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x53,
0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e,
0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
0x1a, 0x30, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74,
0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61,
0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
0x73, 0x65, 0x22, 0x00, 0x12, 0x72, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79,
0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12,
0x29, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x45,
0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72,
0x61, 0x6d, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2a, 0x2e, 0x64, 0x61, 0x74,
0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42,
0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65,
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68,
0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70,
0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2d, 0x70, 0x75,
0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65,
0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@ -283,24 +592,32 @@ func file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP() []byte {
return file_proto_public_pbdataplane_dataplane_proto_rawDescData
}
var file_proto_public_pbdataplane_dataplane_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
var file_proto_public_pbdataplane_dataplane_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
var file_proto_public_pbdataplane_dataplane_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
var file_proto_public_pbdataplane_dataplane_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
var file_proto_public_pbdataplane_dataplane_proto_goTypes = []interface{}{
(DataplaneFeatures)(0), // 0: dataplane.DataplaneFeatures
(*SupportedDataplaneFeaturesRequest)(nil), // 1: dataplane.SupportedDataplaneFeaturesRequest
(*DataplaneFeatureSupport)(nil), // 2: dataplane.DataplaneFeatureSupport
(*SupportedDataplaneFeaturesResponse)(nil), // 3: dataplane.SupportedDataplaneFeaturesResponse
(DataplaneFeatures)(0), // 0: dataplane.DataplaneFeatures
(ServiceKind)(0), // 1: dataplane.ServiceKind
(*GetSupportedDataplaneFeaturesRequest)(nil), // 2: dataplane.GetSupportedDataplaneFeaturesRequest
(*DataplaneFeatureSupport)(nil), // 3: dataplane.DataplaneFeatureSupport
(*GetSupportedDataplaneFeaturesResponse)(nil), // 4: dataplane.GetSupportedDataplaneFeaturesResponse
(*GetEnvoyBootstrapParamsRequest)(nil), // 5: dataplane.GetEnvoyBootstrapParamsRequest
(*GetEnvoyBootstrapParamsResponse)(nil), // 6: dataplane.GetEnvoyBootstrapParamsResponse
(*structpb.Struct)(nil), // 7: google.protobuf.Struct
}
var file_proto_public_pbdataplane_dataplane_proto_depIdxs = []int32{
0, // 0: dataplane.DataplaneFeatureSupport.feature_name:type_name -> dataplane.DataplaneFeatures
2, // 1: dataplane.SupportedDataplaneFeaturesResponse.supported_dataplane_features:type_name -> dataplane.DataplaneFeatureSupport
1, // 2: dataplane.DataplaneService.SupportedDataplaneFeatures:input_type -> dataplane.SupportedDataplaneFeaturesRequest
3, // 3: dataplane.DataplaneService.SupportedDataplaneFeatures:output_type -> dataplane.SupportedDataplaneFeaturesResponse
3, // [3:4] is the sub-list for method output_type
2, // [2:3] is the sub-list for method input_type
2, // [2:2] is the sub-list for extension type_name
2, // [2:2] is the sub-list for extension extendee
0, // [0:2] is the sub-list for field type_name
3, // 1: dataplane.GetSupportedDataplaneFeaturesResponse.supported_dataplane_features:type_name -> dataplane.DataplaneFeatureSupport
1, // 2: dataplane.GetEnvoyBootstrapParamsResponse.service_kind:type_name -> dataplane.ServiceKind
7, // 3: dataplane.GetEnvoyBootstrapParamsResponse.config:type_name -> google.protobuf.Struct
2, // 4: dataplane.DataplaneService.GetSupportedDataplaneFeatures:input_type -> dataplane.GetSupportedDataplaneFeaturesRequest
5, // 5: dataplane.DataplaneService.GetEnvoyBootstrapParams:input_type -> dataplane.GetEnvoyBootstrapParamsRequest
4, // 6: dataplane.DataplaneService.GetSupportedDataplaneFeatures:output_type -> dataplane.GetSupportedDataplaneFeaturesResponse
6, // 7: dataplane.DataplaneService.GetEnvoyBootstrapParams:output_type -> dataplane.GetEnvoyBootstrapParamsResponse
6, // [6:8] is the sub-list for method output_type
4, // [4:6] is the sub-list for method input_type
4, // [4:4] is the sub-list for extension type_name
4, // [4:4] is the sub-list for extension extendee
0, // [0:4] is the sub-list for field type_name
}
func init() { file_proto_public_pbdataplane_dataplane_proto_init() }
@ -310,7 +627,7 @@ func file_proto_public_pbdataplane_dataplane_proto_init() {
}
if !protoimpl.UnsafeEnabled {
file_proto_public_pbdataplane_dataplane_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*SupportedDataplaneFeaturesRequest); i {
switch v := v.(*GetSupportedDataplaneFeaturesRequest); i {
case 0:
return &v.state
case 1:
@ -334,7 +651,31 @@ func file_proto_public_pbdataplane_dataplane_proto_init() {
}
}
file_proto_public_pbdataplane_dataplane_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*SupportedDataplaneFeaturesResponse); i {
switch v := v.(*GetSupportedDataplaneFeaturesResponse); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_proto_public_pbdataplane_dataplane_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*GetEnvoyBootstrapParamsRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_proto_public_pbdataplane_dataplane_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*GetEnvoyBootstrapParamsResponse); i {
case 0:
return &v.state
case 1:
@ -346,13 +687,17 @@ func file_proto_public_pbdataplane_dataplane_proto_init() {
}
}
}
file_proto_public_pbdataplane_dataplane_proto_msgTypes[3].OneofWrappers = []interface{}{
(*GetEnvoyBootstrapParamsRequest_NodeId)(nil),
(*GetEnvoyBootstrapParamsRequest_NodeName)(nil),
}
type x struct{}
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_proto_public_pbdataplane_dataplane_proto_rawDesc,
NumEnums: 1,
NumMessages: 3,
NumEnums: 2,
NumMessages: 5,
NumExtensions: 0,
NumServices: 1,
},
@ -379,7 +724,8 @@ const _ = grpc.SupportPackageIsVersion6
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
type DataplaneServiceClient interface {
SupportedDataplaneFeatures(ctx context.Context, in *SupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*SupportedDataplaneFeaturesResponse, error)
GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error)
GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error)
}
type dataplaneServiceClient struct {
@ -390,9 +736,18 @@ func NewDataplaneServiceClient(cc grpc.ClientConnInterface) DataplaneServiceClie
return &dataplaneServiceClient{cc}
}
func (c *dataplaneServiceClient) SupportedDataplaneFeatures(ctx context.Context, in *SupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*SupportedDataplaneFeaturesResponse, error) {
out := new(SupportedDataplaneFeaturesResponse)
err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/SupportedDataplaneFeatures", in, out, opts...)
func (c *dataplaneServiceClient) GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error) {
out := new(GetSupportedDataplaneFeaturesResponse)
err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/GetSupportedDataplaneFeatures", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *dataplaneServiceClient) GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error) {
out := new(GetEnvoyBootstrapParamsResponse)
err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/GetEnvoyBootstrapParams", in, out, opts...)
if err != nil {
return nil, err
}
@ -401,35 +756,57 @@ func (c *dataplaneServiceClient) SupportedDataplaneFeatures(ctx context.Context,
// DataplaneServiceServer is the server API for DataplaneService service.
type DataplaneServiceServer interface {
SupportedDataplaneFeatures(context.Context, *SupportedDataplaneFeaturesRequest) (*SupportedDataplaneFeaturesResponse, error)
GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error)
GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error)
}
// UnimplementedDataplaneServiceServer can be embedded to have forward compatible implementations.
type UnimplementedDataplaneServiceServer struct {
}
func (*UnimplementedDataplaneServiceServer) SupportedDataplaneFeatures(context.Context, *SupportedDataplaneFeaturesRequest) (*SupportedDataplaneFeaturesResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method SupportedDataplaneFeatures not implemented")
func (*UnimplementedDataplaneServiceServer) GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method GetSupportedDataplaneFeatures not implemented")
}
func (*UnimplementedDataplaneServiceServer) GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method GetEnvoyBootstrapParams not implemented")
}
func RegisterDataplaneServiceServer(s *grpc.Server, srv DataplaneServiceServer) {
s.RegisterService(&_DataplaneService_serviceDesc, srv)
}
func _DataplaneService_SupportedDataplaneFeatures_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(SupportedDataplaneFeaturesRequest)
func _DataplaneService_GetSupportedDataplaneFeatures_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(GetSupportedDataplaneFeaturesRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(DataplaneServiceServer).SupportedDataplaneFeatures(ctx, in)
return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/dataplane.DataplaneService/SupportedDataplaneFeatures",
FullMethod: "/dataplane.DataplaneService/GetSupportedDataplaneFeatures",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(DataplaneServiceServer).SupportedDataplaneFeatures(ctx, req.(*SupportedDataplaneFeaturesRequest))
return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, req.(*GetSupportedDataplaneFeaturesRequest))
}
return interceptor(ctx, in, info, handler)
}
func _DataplaneService_GetEnvoyBootstrapParams_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(GetEnvoyBootstrapParamsRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/dataplane.DataplaneService/GetEnvoyBootstrapParams",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, req.(*GetEnvoyBootstrapParamsRequest))
}
return interceptor(ctx, in, info, handler)
}
@ -439,8 +816,12 @@ var _DataplaneService_serviceDesc = grpc.ServiceDesc{
HandlerType: (*DataplaneServiceServer)(nil),
Methods: []grpc.MethodDesc{
{
MethodName: "SupportedDataplaneFeatures",
Handler: _DataplaneService_SupportedDataplaneFeatures_Handler,
MethodName: "GetSupportedDataplaneFeatures",
Handler: _DataplaneService_GetSupportedDataplaneFeatures_Handler,
},
{
MethodName: "GetEnvoyBootstrapParams",
Handler: _DataplaneService_GetEnvoyBootstrapParams_Handler,
},
},
Streams: []grpc.StreamDesc{},

View File

@ -4,29 +4,78 @@ syntax = "proto3";
package dataplane;
import "google/protobuf/struct.proto";
option go_package = "github.com/hashicorp/consul/proto-public/pbdataplane";
message SupportedDataplaneFeaturesRequest {}
message GetSupportedDataplaneFeaturesRequest {}
enum DataplaneFeatures {
UNKNOWN = 0;
WATCH_SERVERS = 1;
EDGE_CERTIFICATE_MANAGEMENT = 2;
ENVOY_BOOTSTRAP_CONFIGURATION = 3;
UNKNOWN = 0;
WATCH_SERVERS = 1;
EDGE_CERTIFICATE_MANAGEMENT = 2;
ENVOY_BOOTSTRAP_CONFIGURATION = 3;
}
message DataplaneFeatureSupport {
DataplaneFeatures feature_name = 1;
bool supported = 2;
DataplaneFeatures feature_name = 1;
bool supported = 2;
}
message SupportedDataplaneFeaturesResponse {
repeated DataplaneFeatureSupport supported_dataplane_features = 1;
message GetSupportedDataplaneFeaturesResponse {
repeated DataplaneFeatureSupport supported_dataplane_features = 1;
}
message GetEnvoyBootstrapParamsRequest {
oneof node_spec {
string node_id = 1;
string node_name = 2;
}
// The proxy service ID
string service_id = 3;
string partition = 4;
string namespace = 5;
}
enum ServiceKind {
// ServiceKind Typical is a typical, classic Consul service. This is
// represented by the absence of a value. This was chosen for ease of
// backwards compatibility: existing services in the catalog would
// default to the typical service.
TYPICAL = 0;
// ServiceKind Connect Proxy is a proxy for the Connect feature. This
// service proxies another service within Consul and speaks the connect
// protocol.
CONNECT_PROXY = 1;
// ServiceKind Mesh Gateway is a Mesh Gateway for the Connect feature. This
// service will proxy connections based off the SNI header set by other
// connect proxies.
MESH_GATEWAY = 2;
// ServiceKind Terminating Gateway is a Terminating Gateway for the Connect
// feature. This service will proxy connections to services outside the mesh.
TERMINATING_GATEWAY = 3;
// ServiceKind Ingress Gateway is an Ingress Gateway for the Connect feature.
// This service will ingress connections into the service mesh.
INGRESS_GATEWAY = 4;
}
message GetEnvoyBootstrapParamsResponse {
ServiceKind service_kind = 1;
// The destination service name
string service = 2;
string namespace = 3;
string partition = 4;
string datacenter = 5;
google.protobuf.Struct config = 6;
}
service DataplaneService {
rpc SupportedDataplaneFeatures(SupportedDataplaneFeaturesRequest) returns (SupportedDataplaneFeaturesResponse) {};
rpc GetSupportedDataplaneFeatures(GetSupportedDataplaneFeaturesRequest) returns (GetSupportedDataplaneFeaturesResponse) {}
rpc GetEnvoyBootstrapParams(GetEnvoyBootstrapParamsRequest) returns (GetEnvoyBootstrapParamsResponse) {}
}