1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
syntax = "proto3";
// If you make any changes make sure you run: make regenerate-proto
package gitlab.agent.gitlab.api;
option go_package = "gitlab.com/gitlab-org/cluster-integration/gitlab-agent/v16/internal/gitlab/api";
import "pkg/agentcfg/agentcfg.proto";
import "validate/validate.proto";
// Configuration contains shared fields from agentcfg.CiAccessProjectCF and agentcfg.CiAccessGroupCF.
// It is used to parse response from the allowed_agents API endpoint.
// See https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/kubernetes_ci_access.md#apiv4joballowed_agents-api.
message Configuration {
string default_namespace = 1 [json_name = "default_namespace"];
agentcfg.CiAccessAsCF access_as = 2 [json_name = "access_as"];
}
message AllowedAgent {
int64 id = 1 [json_name = "id"];
ConfigProject config_project = 2 [json_name = "config_project", (validate.rules).message.required = true];
Configuration configuration = 3 [json_name = "configuration"];
}
message ConfigProject {
int64 id = 1 [json_name = "id"];
}
message Pipeline {
int64 id = 1 [json_name = "id"];
}
message Project {
int64 id = 1 [json_name = "id"];
repeated Group groups = 2 [json_name = "groups"];
}
message Group {
int64 id = 1 [json_name = "id"];
}
message Job {
int64 id = 1 [json_name = "id"];
}
message User {
int64 id = 1 [json_name = "id"];
string username = 2 [json_name = "username", (validate.rules).string.min_bytes = 1];
}
message Environment {
string slug = 1 [json_name = "slug", (validate.rules).string.min_bytes = 1];
string tier = 2 [json_name = "tier", (validate.rules).string.min_bytes = 1];
}
message GetAgentInfoResponse {
int64 project_id = 1 [json_name = "project_id", (validate.rules).int64.gt = 0];
int64 agent_id = 2 [json_name = "agent_id", (validate.rules).int64.gt = 0];
string agent_name = 3 [json_name = "agent_name", (validate.rules).string.min_bytes = 1];
GitalyInfo gitaly_info = 4 [json_name = "gitaly_info", (validate.rules).message.required = true];
GitalyRepository gitaly_repository = 5 [json_name = "gitaly_repository", (validate.rules).message.required = true];
string DefaultBranch = 6 [json_name = "default_branch", (validate.rules).string.min_bytes = 1];
}
message GitalyInfo {
string address = 1 [json_name = "address", (validate.rules).string.min_bytes = 1];
string token = 2 [json_name = "token"];
map<string, string> features = 3 [json_name = "features"];
}
message GitalyRepository {
string storage_name = 1 [json_name = "storage_name", (validate.rules).string.min_bytes = 1];
string relative_path = 2 [json_name = "relative_path", (validate.rules).string.min_bytes = 1];
string gl_repository = 3 [json_name = "gl_repository", (validate.rules).string.min_bytes = 1];
string gl_project_path = 4 [json_name = "gl_project_path", (validate.rules).string.min_bytes = 1];
}
message GetProjectInfoResponse {
int64 project_id = 1 [json_name = "project_id", (validate.rules).int64.gt = 0];
GitalyInfo gitaly_info = 2 [json_name = "gitaly_info", (validate.rules).message.required = true];
GitalyRepository gitaly_repository = 3 [json_name = "gitaly_repository", (validate.rules).message.required = true];
string default_branch = 4 [json_name = "default_branch", (validate.rules).string.min_bytes = 1];
}
message AllowedAgentsForJob {
repeated AllowedAgent allowed_agents = 1 [json_name = "allowed_agents"];
Job job = 2 [json_name = "job", (validate.rules).message.required = true];
Pipeline pipeline = 3 [json_name = "pipeline", (validate.rules).message.required = true];
Project project = 4 [json_name = "project", (validate.rules).message.required = true];
User user = 5 [json_name = "user", (validate.rules).message.required = true];
Environment environment = 6 [json_name = "environment"]; // optional
}
message AuthorizeProxyUserRequest {
int64 agent_id = 1 [json_name = "agent_id", (validate.rules).int64.gt = 0];
string access_type = 2 [json_name = "access_type", (validate.rules).string = {in: ["session_cookie"]}];
string access_key = 3 [json_name = "access_key", (validate.rules).string.min_bytes = 1];
string csrf_token = 4 [json_name = "csrf_token", (validate.rules).string.min_bytes = 1];
}
message AuthorizeProxyUserResponse {
AuthorizedAgentForUser agent = 1 [json_name = "agent", (validate.rules).message.required = true];
User user = 2 [json_name = "user", (validate.rules).message.required = true];
AccessAsProxyAuthorization access_as = 3 [json_name = "access_as", (validate.rules).message.required = true];
}
message AuthorizedAgentForUser {
int64 id = 1 [json_name = "id"];
ConfigProject config_project = 2 [json_name = "config_project", (validate.rules).message.required = true];
}
message AccessAsProxyAuthorization {
oneof access_as {
option (validate.required) = true;
AccessAsAgentAuthorization agent = 1 [json_name = "agent", (validate.rules).message.required = true];
AccessAsUserAuthorization user = 2 [json_name = "user", (validate.rules).message.required = true];
}
}
message AccessAsAgentAuthorization {}
message AccessAsUserAuthorization {
repeated ProjectAccessCF projects = 1 [json_name = "projects"];
repeated GroupAccessCF groups = 2 [json_name = "groups"];
}
message ProjectAccessCF {
int64 id = 1 [json_name = "id"];
repeated string roles = 2 [json_name = "roles"];
}
message GroupAccessCF {
int64 id = 1 [json_name = "id"];
repeated string roles = 2 [json_name = "roles"];
}
message AgentConfigurationRequest {
int64 agent_id = 1 [json_name = "agent_id", (validate.rules).int64.gt = 0];
agentcfg.ConfigurationFile agent_config = 2 [json_name = "agent_config", (validate.rules).message.required = true];
}
|
