diff --git a/Gopkg.lock b/Gopkg.lock index 8e8eb51663..f77586b102 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -309,7 +309,8 @@ version = "v1.0.3" [[projects]] - digest = "1:5003a6cd968a1dcf09b85b26822e762500629398ff7cdfa526443da128c90adb" + branch = "master" + digest = "1:5be3e54d888fbda5628080e633c638808a14c6cad2d10255ae2079b70eeb7a59" name = "github.com/jinzhu/gorm" packages = [ ".", @@ -317,8 +318,7 @@ "dialects/sqlite", ] pruneopts = "UT" - revision = "6ed508ec6a4ecb3531899a69cbc746ccf65a4166" - version = "v1.9.1" + revision = "32455088f24d6b1e9a502fb8e40fdc16139dbea8" [[projects]] branch = "master" diff --git a/Gopkg.toml b/Gopkg.toml index 0224157c5b..057e572e97 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -80,8 +80,8 @@ required = ["github.com/hashicorp/go-plugin", version = "1.0.3" [[constraint]] + branch = "master" name = "github.com/jinzhu/gorm" - version = "1.9.1" [[constraint]] name = "github.com/mitchellh/cli" diff --git a/pkg/server/plugin/datastore/sql/migration.go b/pkg/server/plugin/datastore/sql/migration.go index 95f926e6eb..5830bda244 100644 --- a/pkg/server/plugin/datastore/sql/migration.go +++ b/pkg/server/plugin/datastore/sql/migration.go @@ -9,7 +9,7 @@ import ( const ( // version of the database in the code - codeVersion = 1 + codeVersion = 2 ) func migrateDB(db *gorm.DB) (err error) { @@ -98,6 +98,8 @@ func migrateVersion(tx *gorm.DB, version int) (versionOut int, err error) { switch version { case 0: err = migrateToV1(tx) + case 1: + err = migrateToV2(tx) default: err = sqlError.New("no migration support for version %d", version) } @@ -135,3 +137,14 @@ func migrateToV1(tx *gorm.DB) error { } return nil } + +func migrateToV2(tx *gorm.DB) error { + // creates the join table.... no changes to the tables backing these + // models is expected. It's too bad GORM doesn't expose a way to piecemeal + // migrate. + if err := tx.AutoMigrate(&RegisteredEntry{}, &Bundle{}).Error; err != nil { + return sqlError.Wrap(err) + } + + return nil +} diff --git a/pkg/server/plugin/datastore/sql/models.go b/pkg/server/plugin/datastore/sql/models.go index bc093b8afe..fef24c50c9 100644 --- a/pkg/server/plugin/datastore/sql/models.go +++ b/pkg/server/plugin/datastore/sql/models.go @@ -25,6 +25,8 @@ type Bundle struct { TrustDomain string `gorm:"not null;unique_index"` CACerts []CACert + + FederatedEntries []RegisteredEntry `gorm:"many2many:federated_registration_entries;"` } type AttestedNode struct { @@ -55,12 +57,12 @@ func (NodeSelector) TableName() string { type RegisteredEntry struct { Model - EntryID string `gorm:"unique_index"` - SpiffeID string - ParentID string - TTL int32 - Selectors []Selector - // TODO: Add support to Federated Bundles [https://github.com/spiffe/spire/issues/42] + EntryID string `gorm:"unique_index"` + SpiffeID string + ParentID string + TTL int32 + Selectors []Selector + FederatesWith []Bundle `gorm:"many2many:federated_registration_entries;"` } // Keep time simple and easily comparable with UNIX time diff --git a/pkg/server/plugin/datastore/sql/sql.go b/pkg/server/plugin/datastore/sql/sql.go index 90a6680680..cdbb15c962 100644 --- a/pkg/server/plugin/datastore/sql/sql.go +++ b/pkg/server/plugin/datastore/sql/sql.go @@ -1,10 +1,12 @@ package sql import ( + "bytes" "context" "crypto/x509" "errors" "fmt" + "strings" "sync" "time" @@ -531,6 +533,39 @@ func deleteBundle(tx *gorm.DB, req *datastore.DeleteBundleRequest) (*datastore.D return nil, sqlError.Wrap(err) } + // Get a count of associated registration entries + entriesAssociation := tx.Model(model).Association("FederatedEntries") + entriesCount := entriesAssociation.Count() + if err := entriesAssociation.Error; err != nil { + return nil, sqlError.Wrap(err) + } + + if entriesCount > 0 { + switch req.Mode { + case datastore.DeleteBundleRequest_DELETE: + // TODO: figure out how to do this gracefully with GORM. + if err := tx.Exec(bindVars(tx, `DELETE FROM registered_entries WHERE id in ( + SELECT + registered_entries.id + FROM + registered_entries + INNER JOIN + federated_registration_entries + ON + federated_registration_entries.registered_entry_id = registered_entries.id + WHERE + federated_registration_entries.bundle_id = ?)`), model.ID).Error; err != nil { + return nil, sqlError.Wrap(err) + } + case datastore.DeleteBundleRequest_DISSOCIATE: + if err := entriesAssociation.Clear().Error; err != nil { + return nil, sqlError.Wrap(err) + } + default: + return nil, sqlError.New("cannot delete bundle; federated with %d registration entries", entriesCount) + } + } + // Fetch related CA certs for response before we delete them var caCerts []CACert if err := tx.Model(model).Related(&caCerts).Error; err != nil { @@ -774,13 +809,21 @@ func createRegistrationEntry(tx *gorm.DB, SpiffeID: req.Entry.SpiffeId, ParentID: req.Entry.ParentId, TTL: req.Entry.Ttl, - // TODO: Add support to Federated Bundles [https://github.com/spiffe/spire/issues/42] } if err := tx.Create(&newRegisteredEntry).Error; err != nil { return nil, sqlError.Wrap(err) } + federatesWith, err := makeFederatesWith(tx, req.Entry.FederatesWith) + if err != nil { + return nil, err + } + + if err := tx.Model(&newRegisteredEntry).Association("FederatesWith").Append(federatesWith).Error; err != nil { + return nil, err + } + for _, registeredSelector := range req.Entry.Selectors { newSelector := Selector{ RegisteredEntryID: newRegisteredEntry.ID, @@ -814,27 +857,13 @@ func fetchRegistrationEntry(tx *gorm.DB, return nil, sqlError.Wrap(err) } - var fetchedSelectors []*Selector - if err := tx.Model(&fetchedRegisteredEntry).Related(&fetchedSelectors).Error; err != nil { - return nil, sqlError.Wrap(err) - } - - selectors := make([]*common.Selector, 0, len(fetchedSelectors)) - - for _, selector := range fetchedSelectors { - selectors = append(selectors, &common.Selector{ - Type: selector.Type, - Value: selector.Value}) + entry, err := modelToEntry(tx, fetchedRegisteredEntry) + if err != nil { + return nil, err } return &datastore.FetchRegistrationEntryResponse{ - Entry: &common.RegistrationEntry{ - EntryId: fetchedRegisteredEntry.EntryID, - Selectors: selectors, - SpiffeId: fetchedRegisteredEntry.SpiffeID, - ParentId: fetchedRegisteredEntry.ParentID, - Ttl: fetchedRegisteredEntry.TTL, - }, + Entry: entry, }, nil } @@ -953,7 +982,6 @@ func updateRegistrationEntry(tx *gorm.DB, } // Get the existing entry - // TODO: Refactor message type to take EntryID directly from the entry - see #449 entry := RegisteredEntry{} if err := tx.Find(&entry, "entry_id = ?", req.Entry.EntryId).Error; err != nil { return nil, sqlError.Wrap(err) @@ -982,6 +1010,15 @@ func updateRegistrationEntry(tx *gorm.DB, return nil, sqlError.Wrap(err) } + federatesWith, err := makeFederatesWith(tx, req.Entry.FederatesWith) + if err != nil { + return nil, err + } + + if err := tx.Model(&entry).Association("FederatesWith").Replace(federatesWith).Error; err != nil { + return nil, err + } + req.Entry.EntryId = entry.EntryID return &datastore.UpdateRegistrationEntryResponse{ Entry: req.Entry, @@ -996,15 +1033,19 @@ func deleteRegistrationEntry(tx *gorm.DB, return nil, sqlError.Wrap(err) } - if err := tx.Delete(&entry).Error; err != nil { - return nil, sqlError.Wrap(err) - } - respEntry, err := modelToEntry(tx, entry) if err != nil { return nil, err } + if err := tx.Model(&entry).Association("FederatesWith").Clear().Error; err != nil { + return nil, err + } + + if err := tx.Delete(&entry).Error; err != nil { + return nil, sqlError.Wrap(err) + } + return &datastore.DeleteRegistrationEntryResponse{ Entry: respEntry, }, nil @@ -1157,23 +1198,36 @@ func modelsToUnsortedEntries(tx *gorm.DB, fetchedRegisteredEntries []RegisteredE } func modelToEntry(tx *gorm.DB, model RegisteredEntry) (*common.RegistrationEntry, error) { - var selectors []*common.Selector var fetchedSelectors []*Selector if err := tx.Model(&model).Related(&fetchedSelectors).Error; err != nil { return nil, sqlError.Wrap(err) } + selectors := make([]*common.Selector, 0, len(fetchedSelectors)) for _, selector := range fetchedSelectors { selectors = append(selectors, &common.Selector{ Type: selector.Type, - Value: selector.Value}) + Value: selector.Value, + }) + } + + var fetchedBundles []*Bundle + if err := tx.Model(&model).Association("FederatesWith").Find(&fetchedBundles).Error; err != nil { + return nil, sqlError.Wrap(err) + } + + var federatesWith []string + for _, bundle := range fetchedBundles { + federatesWith = append(federatesWith, bundle.TrustDomain) } + return &common.RegistrationEntry{ - EntryId: model.EntryID, - Selectors: selectors, - SpiffeId: model.SpiffeID, - ParentId: model.ParentID, - Ttl: model.TTL, + EntryId: model.EntryID, + Selectors: selectors, + SpiffeId: model.SpiffeID, + ParentId: model.ParentID, + Ttl: model.TTL, + FederatesWith: federatesWith, }, nil } @@ -1196,3 +1250,48 @@ func modelToJoinToken(model JoinToken) *datastore.JoinToken { Expiry: model.Expiry, } } + +func makeFederatesWith(tx *gorm.DB, ids []string) ([]*Bundle, error) { + var bundles []*Bundle + if err := tx.Where("trust_domain in (?)", ids).Find(&bundles).Error; err != nil { + return nil, err + } + + // make sure all of the ids were found + idset := make(map[string]bool) + for _, bundle := range bundles { + idset[bundle.TrustDomain] = true + } + + for _, id := range ids { + if !idset[id] { + return nil, fmt.Errorf("unable to find federated bundle %q", id) + } + } + + return bundles, nil +} + +func bindVars(db *gorm.DB, query string) string { + dialect := db.Dialect() + if dialect.BindVar(1) == "?" { + return query + } + + return bindVarsFn(func(n int) string { + return dialect.BindVar(n) + }, query) +} + +func bindVarsFn(fn func(int) string, query string) string { + var buf bytes.Buffer + var n int + for i := strings.Index(query, "?"); i != -1; i = strings.Index(query, "?") { + n++ + buf.WriteString(query[:i]) + buf.WriteString(fn(n)) + query = query[i+1:] + } + buf.WriteString(query) + return buf.String() +} diff --git a/pkg/server/plugin/datastore/sql/sql_test.go b/pkg/server/plugin/datastore/sql/sql_test.go index 119e98825f..9734e4818b 100644 --- a/pkg/server/plugin/datastore/sql/sql_test.go +++ b/pkg/server/plugin/datastore/sql/sql_test.go @@ -2,6 +2,7 @@ package sql import ( "context" + "crypto/x509" "encoding/json" "fmt" "io" @@ -31,7 +32,9 @@ func TestPlugin(t *testing.T) { type PluginSuite struct { suite.Suite - dir string + cert *x509.Certificate + cacert *x509.Certificate + dir string nextId int ds datastore.Plugin @@ -39,6 +42,12 @@ type PluginSuite struct { func (s *PluginSuite) SetupSuite() { var err error + s.cert, _, err = testutil.LoadSVIDFixture() + s.Require().NoError(err) + + s.cacert, _, err = testutil.LoadCAFixture() + s.Require().NoError(err) + s.dir, err = ioutil.TempDir("", "spire-datastore-sql-tests") s.Require().NoError(err) } @@ -94,16 +103,13 @@ func (s *PluginSuite) TestInvalidPluginConfiguration() { } func (s *PluginSuite) TestBundleCRUD() { - cert, _, err := testutil.LoadSVIDFixture() - s.Require().NoError(err) - bundle := &datastore.Bundle{ TrustDomain: "spiffe://foo", - CaCerts: cert.Raw, + CaCerts: s.cert.Raw, } // create - _, err = s.ds.CreateBundle(ctx, &datastore.CreateBundleRequest{ + _, err := s.ds.CreateBundle(ctx, &datastore.CreateBundleRequest{ Bundle: bundle, }) s.Require().NoError(err) @@ -119,12 +125,9 @@ func (s *PluginSuite) TestBundleCRUD() { s.Equal(1, len(lresp.Bundles)) s.Equal(bundle, lresp.Bundles[0]) - cert, _, err = testutil.LoadCAFixture() - s.Require().NoError(err) - bundle2 := &datastore.Bundle{ TrustDomain: bundle.TrustDomain, - CaCerts: cert.Raw, + CaCerts: s.cacert.Raw, } // append @@ -132,7 +135,7 @@ func (s *PluginSuite) TestBundleCRUD() { Bundle: bundle2, }) s.Require().NoError(err) - certs := append(bundle.CaCerts, cert.Raw...) + certs := append(bundle.CaCerts, s.cacert.Raw...) s.Require().NotNil(aresp.Bundle) s.Equal(certs, aresp.Bundle.CaCerts) @@ -147,7 +150,7 @@ func (s *PluginSuite) TestBundleCRUD() { // append on a new bundle bundle3 := &datastore.Bundle{ TrustDomain: "spiffe://bar", - CaCerts: cert.Raw, + CaCerts: s.cacert.Raw, } anresp, err := s.ds.AppendBundle(ctx, &datastore.AppendBundleRequest{ Bundle: bundle3, @@ -630,6 +633,86 @@ func (s *PluginSuite) TestListMatchingEntries() { } } +func (s *PluginSuite) TestRegistrationEntriesFederatesWithAgainstMissingBundle() { + // cannot federate with a trust bundle that does not exist + _, err := s.ds.CreateRegistrationEntry(ctx, &datastore.CreateRegistrationEntryRequest{ + Entry: makeFederatedRegistrationEntry(), + }) + s.Require().EqualError(err, `unable to find federated bundle "spiffe://otherdomain.org"`) +} + +func (s *PluginSuite) TestRegistrationEntriesFederatesWithSuccess() { + // create two bundles but only federate with one. having a second bundle + // has the side effect of asserting that only the code only associates + // the entry with the exact bundle referenced during creation. + s.createBundle("spiffe://otherdomain.org") + s.createBundle("spiffe://otherdomain2.org") + + expected := s.createRegistrationEntry(makeFederatedRegistrationEntry()) + // fetch the entry and make sure the federated trust ids come back + actual := s.fetchRegistrationEntry(expected.EntryId) + s.Require().Equal(expected, actual) +} + +func (s *PluginSuite) TestDeleteBundleRestrictedByRegistrationEntries() { + // create the bundle and associated entry + s.createBundle("spiffe://otherdomain.org") + s.createRegistrationEntry(makeFederatedRegistrationEntry()) + + // delete the bundle in RESTRICTED mode + _, err := s.ds.DeleteBundle(context.Background(), &datastore.DeleteBundleRequest{ + TrustDomain: "spiffe://otherdomain.org", + }) + s.Require().EqualError(err, "datastore-sql: cannot delete bundle; federated with 1 registration entries") +} + +func (s *PluginSuite) TestDeleteBundleDeleteRegistrationEntries() { + // create an unrelated registration entry to make sure the delete + // operation only deletes associated registration entries. + unrelated := s.createRegistrationEntry(&common.RegistrationEntry{ + SpiffeId: "spiffe://example.org/foo", + Selectors: []*common.Selector{{Type: "TYPE", Value: "VALUE"}}, + }) + + // create the bundle and associated entry + s.createBundle("spiffe://otherdomain.org") + entry := s.createRegistrationEntry(makeFederatedRegistrationEntry()) + + // delete the bundle in DELETE mode + _, err := s.ds.DeleteBundle(context.Background(), &datastore.DeleteBundleRequest{ + TrustDomain: "spiffe://otherdomain.org", + Mode: datastore.DeleteBundleRequest_DELETE, + }) + s.Require().NoError(err) + + // verify that the registeration entry has been deleted + resp, err := s.ds.FetchRegistrationEntry(context.Background(), &datastore.FetchRegistrationEntryRequest{ + EntryId: entry.EntryId, + }) + s.Require().NoError(err) + s.Require().Nil(resp.Entry) + + // make sure the unrelated entry still exists + s.fetchRegistrationEntry(unrelated.EntryId) +} + +func (s *PluginSuite) TestDeleteBundleDissociateRegistrationEntries() { + // create the bundle and associated entry + s.createBundle("spiffe://otherdomain.org") + entry := s.createRegistrationEntry(makeFederatedRegistrationEntry()) + + // delete the bundle in DISSOCIATE mode + _, err := s.ds.DeleteBundle(context.Background(), &datastore.DeleteBundleRequest{ + TrustDomain: "spiffe://otherdomain.org", + Mode: datastore.DeleteBundleRequest_DISSOCIATE, + }) + s.Require().NoError(err) + + // make sure the entry still exists, albeit without an associated bundle + entry = s.fetchRegistrationEntry(entry.EntryId) + s.Require().Empty(entry.FederatesWith) +} + func (s *PluginSuite) TestCreateJoinToken() { now := time.Now().Unix() req := &datastore.CreateJoinTokenRequest{ @@ -775,6 +858,16 @@ func (s *PluginSuite) TestMigration() { }, }) s.Require().NoError(err) + case 1: + // registration entries should gain the federates_with column. + // creating a new registration entry with a federated trust domain + // should be sufficient to test. + s.createBundle("spiffe://otherdomain.org") + s.createRegistrationEntry(&common.RegistrationEntry{ + SpiffeId: "spiffe://example.org/foo", + Selectors: []*common.Selector{{Type: "TYPE", Value: "VALUE"}}, + FederatesWith: []string{"spiffe://otherdomain.org"}, + }) default: s.T().Fatalf("no migration test added for version %d", i) } @@ -800,6 +893,14 @@ func (s *PluginSuite) TestRace() { }) } +func (s *PluginSuite) TestBindVar() { + fn := func(n int) string { + return fmt.Sprintf("$%d", n) + } + bound := bindVarsFn(fn, "SELECT whatever FROM foo WHERE x = ? AND y = ?") + s.Require().Equal("SELECT whatever FROM foo WHERE x = $1 AND y = $2", bound) +} + func (s *PluginSuite) getTestDataFromJsonFile(filePath string, jsonValue interface{}) { invalidRegistrationEntriesJson, err := ioutil.ReadFile(filePath) s.Require().NoError(err) @@ -808,7 +909,17 @@ func (s *PluginSuite) getTestDataFromJsonFile(filePath string, jsonValue interfa s.Require().NoError(err) } -func (s *PluginSuite) createRegistrationEntry(entry *datastore.RegistrationEntry) *datastore.RegistrationEntry { +func (s *PluginSuite) createBundle(trustDomain string) { + _, err := s.ds.CreateBundle(ctx, &datastore.CreateBundleRequest{ + Bundle: &datastore.Bundle{ + TrustDomain: trustDomain, + CaCerts: s.cert.Raw, + }, + }) + s.Require().NoError(err) +} + +func (s *PluginSuite) createRegistrationEntry(entry *common.RegistrationEntry) *common.RegistrationEntry { resp, err := s.ds.CreateRegistrationEntry(ctx, &datastore.CreateRegistrationEntryRequest{ Entry: entry, }) @@ -818,6 +929,26 @@ func (s *PluginSuite) createRegistrationEntry(entry *datastore.RegistrationEntry return resp.Entry } +func (s *PluginSuite) fetchRegistrationEntry(entryID string) *common.RegistrationEntry { + resp, err := s.ds.FetchRegistrationEntry(ctx, &datastore.FetchRegistrationEntryRequest{ + EntryId: entryID, + }) + s.Require().NoError(err) + s.Require().NotNil(resp) + s.Require().NotNil(resp.Entry) + return resp.Entry +} + +func makeFederatedRegistrationEntry() *common.RegistrationEntry { + return &common.RegistrationEntry{ + Selectors: []*common.Selector{ + {Type: "Type1", Value: "Value1"}, + }, + SpiffeId: "spiffe://example.org/foo", + FederatesWith: []string{"spiffe://otherdomain.org"}, + } +} + func (s *PluginSuite) getNodeSelectors(spiffeID string) []*common.Selector { resp, err := s.ds.GetNodeSelectors(ctx, &datastore.GetNodeSelectorsRequest{ SpiffeId: spiffeID, diff --git a/pkg/server/plugin/datastore/sql/testdata/migration/v1.sqlite3 b/pkg/server/plugin/datastore/sql/testdata/migration/v1.sqlite3 new file mode 100644 index 0000000000..407ae867c9 Binary files /dev/null and b/pkg/server/plugin/datastore/sql/testdata/migration/v1.sqlite3 differ diff --git a/proto/agent/nodeattestor/README_pb.md b/proto/agent/nodeattestor/README_pb.md index 7150886778..d1d9453756 100644 --- a/proto/agent/nodeattestor/README_pb.md +++ b/proto/agent/nodeattestor/README_pb.md @@ -100,7 +100,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/agent/workloadattestor/README_pb.md b/proto/agent/workloadattestor/README_pb.md index 4abb5681e3..6ba5f0e47d 100644 --- a/proto/agent/workloadattestor/README_pb.md +++ b/proto/agent/workloadattestor/README_pb.md @@ -100,7 +100,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/api/node/README_pb.md b/proto/api/node/README_pb.md index aece98013a..51341ff9c5 100644 --- a/proto/api/node/README_pb.md +++ b/proto/api/node/README_pb.md @@ -101,7 +101,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/api/registration/README_pb.md b/proto/api/registration/README_pb.md index 5c75b87b9d..163a48d392 100644 --- a/proto/api/registration/README_pb.md +++ b/proto/api/registration/README_pb.md @@ -1039,7 +1039,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/common/README_pb.md b/proto/common/README_pb.md index 7b52e65095..515644e246 100644 --- a/proto/common/README_pb.md +++ b/proto/common/README_pb.md @@ -80,7 +80,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/common/common.pb.go b/proto/common/common.pb.go index 647581fc20..79ae424c97 100644 --- a/proto/common/common.pb.go +++ b/proto/common/common.pb.go @@ -29,7 +29,7 @@ func (m *Empty) Reset() { *m = Empty{} } func (m *Empty) String() string { return proto.CompactTextString(m) } func (*Empty) ProtoMessage() {} func (*Empty) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{0} + return fileDescriptor_common_998099b84cf93b36, []int{0} } func (m *Empty) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Empty.Unmarshal(m, b) @@ -64,7 +64,7 @@ func (m *AttestationData) Reset() { *m = AttestationData{} } func (m *AttestationData) String() string { return proto.CompactTextString(m) } func (*AttestationData) ProtoMessage() {} func (*AttestationData) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{1} + return fileDescriptor_common_998099b84cf93b36, []int{1} } func (m *AttestationData) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AttestationData.Unmarshal(m, b) @@ -115,7 +115,7 @@ func (m *Selector) Reset() { *m = Selector{} } func (m *Selector) String() string { return proto.CompactTextString(m) } func (*Selector) ProtoMessage() {} func (*Selector) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{2} + return fileDescriptor_common_998099b84cf93b36, []int{2} } func (m *Selector) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Selector.Unmarshal(m, b) @@ -162,7 +162,7 @@ func (m *Selectors) Reset() { *m = Selectors{} } func (m *Selectors) String() string { return proto.CompactTextString(m) } func (*Selectors) ProtoMessage() {} func (*Selectors) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{3} + return fileDescriptor_common_998099b84cf93b36, []int{3} } func (m *Selectors) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Selectors.Unmarshal(m, b) @@ -203,8 +203,8 @@ type RegistrationEntry struct { SpiffeId string `protobuf:"bytes,3,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"` // * Time to live. Ttl int32 `protobuf:"varint,4,opt,name=ttl,proto3" json:"ttl,omitempty"` - // * A list of federated bundle spiffe ids. - FbSpiffeIds []string `protobuf:"bytes,5,rep,name=fb_spiffe_ids,json=fbSpiffeIds,proto3" json:"fb_spiffe_ids,omitempty"` + // * A list of federated trust domain SPIFFE IDs. + FederatesWith []string `protobuf:"bytes,5,rep,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"` // * Entry ID EntryId string `protobuf:"bytes,6,opt,name=entry_id,json=entryId,proto3" json:"entry_id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -216,7 +216,7 @@ func (m *RegistrationEntry) Reset() { *m = RegistrationEntry{} } func (m *RegistrationEntry) String() string { return proto.CompactTextString(m) } func (*RegistrationEntry) ProtoMessage() {} func (*RegistrationEntry) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{4} + return fileDescriptor_common_998099b84cf93b36, []int{4} } func (m *RegistrationEntry) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RegistrationEntry.Unmarshal(m, b) @@ -264,9 +264,9 @@ func (m *RegistrationEntry) GetTtl() int32 { return 0 } -func (m *RegistrationEntry) GetFbSpiffeIds() []string { +func (m *RegistrationEntry) GetFederatesWith() []string { if m != nil { - return m.FbSpiffeIds + return m.FederatesWith } return nil } @@ -291,7 +291,7 @@ func (m *RegistrationEntries) Reset() { *m = RegistrationEntries{} } func (m *RegistrationEntries) String() string { return proto.CompactTextString(m) } func (*RegistrationEntries) ProtoMessage() {} func (*RegistrationEntries) Descriptor() ([]byte, []int) { - return fileDescriptor_common_450217a1e26bcceb, []int{5} + return fileDescriptor_common_998099b84cf93b36, []int{5} } func (m *RegistrationEntries) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RegistrationEntries.Unmarshal(m, b) @@ -327,28 +327,28 @@ func init() { proto.RegisterType((*RegistrationEntries)(nil), "spire.common.RegistrationEntries") } -func init() { proto.RegisterFile("common.proto", fileDescriptor_common_450217a1e26bcceb) } +func init() { proto.RegisterFile("common.proto", fileDescriptor_common_998099b84cf93b36) } -var fileDescriptor_common_450217a1e26bcceb = []byte{ - // 313 bytes of a gzipped FileDescriptorProto +var fileDescriptor_common_998099b84cf93b36 = []byte{ + // 319 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x52, 0x4f, 0x4b, 0xfb, 0x40, - 0x10, 0x25, 0xbf, 0x34, 0x6d, 0x32, 0xed, 0x0f, 0x75, 0x15, 0x89, 0x78, 0x30, 0xec, 0x29, 0xa7, - 0x20, 0xda, 0x4b, 0x0f, 0x1e, 0x14, 0x7b, 0xe8, 0x4d, 0xb6, 0x37, 0x2f, 0x65, 0xdb, 0x4c, 0x64, - 0xa1, 0xf9, 0xc3, 0xee, 0x28, 0xe4, 0x7b, 0xfa, 0x81, 0x24, 0xbb, 0x4d, 0xd5, 0x2a, 0x78, 0x9b, - 0x7d, 0xf3, 0xde, 0x63, 0xde, 0x63, 0x61, 0xb2, 0xa9, 0xcb, 0xb2, 0xae, 0xb2, 0x46, 0xd7, 0x54, - 0xb3, 0x89, 0x69, 0x94, 0xc6, 0xcc, 0x61, 0x7c, 0x04, 0xc1, 0xbc, 0x6c, 0xa8, 0xe5, 0x33, 0x38, - 0xba, 0x27, 0x42, 0x43, 0x92, 0x54, 0x5d, 0x3d, 0x4a, 0x92, 0x8c, 0xc1, 0x80, 0xda, 0x06, 0x63, - 0x2f, 0xf1, 0xd2, 0x48, 0xd8, 0xb9, 0xc3, 0x72, 0x49, 0x32, 0xfe, 0x97, 0x78, 0xe9, 0x44, 0xd8, - 0x99, 0x4f, 0x21, 0x5c, 0xe2, 0x16, 0x37, 0x54, 0xeb, 0x5f, 0x35, 0x67, 0x10, 0xbc, 0xc9, 0xed, - 0x2b, 0x5a, 0x51, 0x24, 0xdc, 0x83, 0xdf, 0x41, 0xd4, 0xab, 0x0c, 0xbb, 0x86, 0x11, 0x56, 0xa4, - 0x15, 0x9a, 0xd8, 0x4b, 0xfc, 0x74, 0x7c, 0x73, 0x9e, 0x7d, 0x3d, 0x33, 0xeb, 0x99, 0xa2, 0xa7, - 0xf1, 0x77, 0x0f, 0x4e, 0x04, 0xbe, 0x28, 0x43, 0xda, 0x5e, 0x3c, 0xaf, 0x48, 0xb7, 0x6c, 0x0a, - 0x91, 0xe9, 0x4d, 0xff, 0x70, 0xfa, 0x24, 0xb2, 0x4b, 0x88, 0x1a, 0xa9, 0xb1, 0xa2, 0x95, 0xca, - 0x77, 0x47, 0x86, 0x0e, 0x58, 0xe4, 0xdd, 0xd2, 0x34, 0xaa, 0x28, 0xb0, 0x5b, 0xfa, 0x6e, 0xe9, - 0x80, 0x45, 0xce, 0x8e, 0xc1, 0x27, 0xda, 0xc6, 0x83, 0xc4, 0x4b, 0x03, 0xd1, 0x8d, 0x8c, 0xc3, - 0xff, 0x62, 0xbd, 0xda, 0x2b, 0x4c, 0x1c, 0x24, 0x7e, 0x1a, 0x89, 0x71, 0xb1, 0x5e, 0xee, 0x44, - 0x86, 0x5d, 0x40, 0xd8, 0xc5, 0x68, 0x3b, 0xc7, 0xa1, 0x75, 0xb4, 0xb1, 0xda, 0x45, 0xce, 0x9f, - 0xe0, 0xf4, 0x30, 0x95, 0x42, 0xc3, 0x66, 0x87, 0xfd, 0x5c, 0x7d, 0x4f, 0xf5, 0xa3, 0x89, 0x7d, - 0x51, 0x0f, 0xe1, 0xf3, 0xd0, 0x91, 0xd6, 0x43, 0xfb, 0x01, 0x6e, 0x3f, 0x02, 0x00, 0x00, 0xff, - 0xff, 0xb9, 0xa4, 0x13, 0xc7, 0x10, 0x02, 0x00, 0x00, + 0x10, 0x25, 0xbf, 0x34, 0x6d, 0x32, 0xbf, 0xfa, 0x6f, 0x15, 0x89, 0x78, 0x30, 0x04, 0x84, 0x9c, + 0x82, 0x68, 0x2f, 0x3d, 0x78, 0x50, 0xec, 0xa1, 0x37, 0x59, 0x0f, 0x82, 0x97, 0xb2, 0x36, 0x53, + 0xbb, 0xd0, 0xfc, 0x61, 0x77, 0x54, 0xf2, 0x49, 0xfd, 0x3a, 0xb2, 0xbb, 0xa6, 0x6a, 0x15, 0xbc, + 0xcd, 0xbe, 0x79, 0xf3, 0x78, 0xef, 0xb1, 0x30, 0x9c, 0xd7, 0x65, 0x59, 0x57, 0x79, 0xa3, 0x6a, + 0xaa, 0xd9, 0x50, 0x37, 0x52, 0x61, 0xee, 0xb0, 0x74, 0x00, 0xc1, 0xa4, 0x6c, 0xa8, 0x4d, 0xc7, + 0xb0, 0x73, 0x45, 0x84, 0x9a, 0x04, 0xc9, 0xba, 0xba, 0x11, 0x24, 0x18, 0x83, 0x1e, 0xb5, 0x0d, + 0xc6, 0x5e, 0xe2, 0x65, 0x11, 0xb7, 0xb3, 0xc1, 0x0a, 0x41, 0x22, 0xfe, 0x97, 0x78, 0xd9, 0x90, + 0xdb, 0x39, 0x1d, 0x41, 0x78, 0x87, 0x2b, 0x9c, 0x53, 0xad, 0x7e, 0xbd, 0x39, 0x80, 0xe0, 0x45, + 0xac, 0x9e, 0xd1, 0x1e, 0x45, 0xdc, 0x3d, 0xd2, 0x4b, 0x88, 0xba, 0x2b, 0xcd, 0xce, 0x60, 0x80, + 0x15, 0x29, 0x89, 0x3a, 0xf6, 0x12, 0x3f, 0xfb, 0x7f, 0x7e, 0x98, 0x7f, 0xb5, 0x99, 0x77, 0x4c, + 0xde, 0xd1, 0xd2, 0x37, 0x0f, 0xf6, 0x38, 0x3e, 0x49, 0x4d, 0xca, 0x3a, 0x9e, 0x54, 0xa4, 0x5a, + 0x36, 0x82, 0x48, 0x77, 0xa2, 0x7f, 0x28, 0x7d, 0x12, 0xd9, 0x31, 0x44, 0x8d, 0x50, 0x58, 0xd1, + 0x4c, 0x16, 0x1f, 0x26, 0x43, 0x07, 0x4c, 0x0b, 0xb3, 0xd4, 0x8d, 0x5c, 0x2c, 0xd0, 0x2c, 0x7d, + 0xb7, 0x74, 0xc0, 0xb4, 0x60, 0xbb, 0xe0, 0x13, 0xad, 0xe2, 0x5e, 0xe2, 0x65, 0x01, 0x37, 0x23, + 0x3b, 0x85, 0xed, 0x05, 0x16, 0xa8, 0x04, 0xa1, 0x9e, 0xbd, 0x4a, 0x5a, 0xc6, 0x41, 0xe2, 0x67, + 0x11, 0xdf, 0x5a, 0xa3, 0xf7, 0x92, 0x96, 0xec, 0x08, 0x42, 0x93, 0xa4, 0x35, 0xa2, 0x7d, 0x2b, + 0x6a, 0x93, 0xb5, 0xd3, 0x22, 0xbd, 0x85, 0xfd, 0xcd, 0x60, 0x12, 0x35, 0x1b, 0x6f, 0x56, 0x74, + 0xf2, 0x3d, 0xd8, 0x8f, 0x32, 0xd6, 0x5d, 0x5d, 0x87, 0x0f, 0x7d, 0x47, 0x7a, 0xec, 0xdb, 0x3f, + 0x70, 0xf1, 0x1e, 0x00, 0x00, 0xff, 0xff, 0x9d, 0xef, 0x83, 0x88, 0x13, 0x02, 0x00, 0x00, } diff --git a/proto/common/common.proto b/proto/common/common.proto index 0d655b5623..703e883201 100644 --- a/proto/common/common.proto +++ b/proto/common/common.proto @@ -43,8 +43,8 @@ message RegistrationEntry { string spiffe_id = 3; /** Time to live. */ int32 ttl = 4; - /** A list of federated bundle spiffe ids. */ - repeated string fb_spiffe_ids = 5; + /** A list of federated trust domain SPIFFE IDs. */ + repeated string federates_with = 5; /** Entry ID */ string entry_id = 6; } diff --git a/proto/server/datastore/README_pb.md b/proto/server/datastore/README_pb.md index 9256b20bd9..5a033e3417 100644 --- a/proto/server/datastore/README_pb.md +++ b/proto/server/datastore/README_pb.md @@ -93,6 +93,7 @@ - [UpdateRegistrationEntryResponse](#spire.server.datastore.UpdateRegistrationEntryResponse) - [BySelectors.MatchBehavior](#spire.server.datastore.BySelectors.MatchBehavior) + - [DeleteBundleRequest.Mode](#spire.server.datastore.DeleteBundleRequest.Mode) - [DataStore](#spire.server.datastore.DataStore) @@ -428,7 +429,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | @@ -723,6 +724,7 @@ Represents a type with a list of Selector. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | trust_domain | [string](#string) | | | +| mode | [DeleteBundleRequest.Mode](#spire.server.datastore.DeleteBundleRequest.Mode) | | | @@ -1228,6 +1230,20 @@ Represents a type with a list of Selector. | MATCH_SUBSET | 1 | | + + + +### DeleteBundleRequest.Mode +Mode controls the delete behavior if there are other records +associated with the bundle (e.g. registration entries). + +| Name | Number | Description | +| ---- | ------ | ----------- | +| RESTRICT | 0 | RESTRICT prevents the bundle from being deleted in the presence of associated entries | +| DELETE | 1 | DELETE deletes the bundle and associated entries | +| DISSOCIATE | 2 | DISSOCIATE deletes the bundle and dissociates associated entries | + + diff --git a/proto/server/datastore/datastore.pb.go b/proto/server/datastore/datastore.pb.go index 7bab6d382e..f9708ea476 100644 --- a/proto/server/datastore/datastore.pb.go +++ b/proto/server/datastore/datastore.pb.go @@ -86,6 +86,37 @@ type RegistrationEntry = common.RegistrationEntry // RegistrationEntries from public import github.com/spiffe/spire/proto/common/common.proto type RegistrationEntries = common.RegistrationEntries +// Mode controls the delete behavior if there are other records +// associated with the bundle (e.g. registration entries). +type DeleteBundleRequest_Mode int32 + +const ( + // RESTRICT prevents the bundle from being deleted in the presence of associated entries + DeleteBundleRequest_RESTRICT DeleteBundleRequest_Mode = 0 + // DELETE deletes the bundle and associated entries + DeleteBundleRequest_DELETE DeleteBundleRequest_Mode = 1 + // DISSOCIATE deletes the bundle and dissociates associated entries + DeleteBundleRequest_DISSOCIATE DeleteBundleRequest_Mode = 2 +) + +var DeleteBundleRequest_Mode_name = map[int32]string{ + 0: "RESTRICT", + 1: "DELETE", + 2: "DISSOCIATE", +} +var DeleteBundleRequest_Mode_value = map[string]int32{ + "RESTRICT": 0, + "DELETE": 1, + "DISSOCIATE": 2, +} + +func (x DeleteBundleRequest_Mode) String() string { + return proto.EnumName(DeleteBundleRequest_Mode_name, int32(x)) +} +func (DeleteBundleRequest_Mode) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_datastore_4f64055bc62c5380, []int{11, 0} +} + type BySelectors_MatchBehavior int32 const ( @@ -106,7 +137,7 @@ func (x BySelectors_MatchBehavior) String() string { return proto.EnumName(BySelectors_MatchBehavior_name, int32(x)) } func (BySelectors_MatchBehavior) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{33, 0} + return fileDescriptor_datastore_4f64055bc62c5380, []int{33, 0} } type Bundle struct { @@ -123,7 +154,7 @@ func (m *Bundle) Reset() { *m = Bundle{} } func (m *Bundle) String() string { return proto.CompactTextString(m) } func (*Bundle) ProtoMessage() {} func (*Bundle) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{0} + return fileDescriptor_datastore_4f64055bc62c5380, []int{0} } func (m *Bundle) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Bundle.Unmarshal(m, b) @@ -168,7 +199,7 @@ func (m *CreateBundleRequest) Reset() { *m = CreateBundleRequest{} } func (m *CreateBundleRequest) String() string { return proto.CompactTextString(m) } func (*CreateBundleRequest) ProtoMessage() {} func (*CreateBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{1} + return fileDescriptor_datastore_4f64055bc62c5380, []int{1} } func (m *CreateBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateBundleRequest.Unmarshal(m, b) @@ -206,7 +237,7 @@ func (m *CreateBundleResponse) Reset() { *m = CreateBundleResponse{} } func (m *CreateBundleResponse) String() string { return proto.CompactTextString(m) } func (*CreateBundleResponse) ProtoMessage() {} func (*CreateBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{2} + return fileDescriptor_datastore_4f64055bc62c5380, []int{2} } func (m *CreateBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateBundleResponse.Unmarshal(m, b) @@ -244,7 +275,7 @@ func (m *FetchBundleRequest) Reset() { *m = FetchBundleRequest{} } func (m *FetchBundleRequest) String() string { return proto.CompactTextString(m) } func (*FetchBundleRequest) ProtoMessage() {} func (*FetchBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{3} + return fileDescriptor_datastore_4f64055bc62c5380, []int{3} } func (m *FetchBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchBundleRequest.Unmarshal(m, b) @@ -282,7 +313,7 @@ func (m *FetchBundleResponse) Reset() { *m = FetchBundleResponse{} } func (m *FetchBundleResponse) String() string { return proto.CompactTextString(m) } func (*FetchBundleResponse) ProtoMessage() {} func (*FetchBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{4} + return fileDescriptor_datastore_4f64055bc62c5380, []int{4} } func (m *FetchBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchBundleResponse.Unmarshal(m, b) @@ -319,7 +350,7 @@ func (m *ListBundlesRequest) Reset() { *m = ListBundlesRequest{} } func (m *ListBundlesRequest) String() string { return proto.CompactTextString(m) } func (*ListBundlesRequest) ProtoMessage() {} func (*ListBundlesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{5} + return fileDescriptor_datastore_4f64055bc62c5380, []int{5} } func (m *ListBundlesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListBundlesRequest.Unmarshal(m, b) @@ -350,7 +381,7 @@ func (m *ListBundlesResponse) Reset() { *m = ListBundlesResponse{} } func (m *ListBundlesResponse) String() string { return proto.CompactTextString(m) } func (*ListBundlesResponse) ProtoMessage() {} func (*ListBundlesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{6} + return fileDescriptor_datastore_4f64055bc62c5380, []int{6} } func (m *ListBundlesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListBundlesResponse.Unmarshal(m, b) @@ -388,7 +419,7 @@ func (m *UpdateBundleRequest) Reset() { *m = UpdateBundleRequest{} } func (m *UpdateBundleRequest) String() string { return proto.CompactTextString(m) } func (*UpdateBundleRequest) ProtoMessage() {} func (*UpdateBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{7} + return fileDescriptor_datastore_4f64055bc62c5380, []int{7} } func (m *UpdateBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateBundleRequest.Unmarshal(m, b) @@ -426,7 +457,7 @@ func (m *UpdateBundleResponse) Reset() { *m = UpdateBundleResponse{} } func (m *UpdateBundleResponse) String() string { return proto.CompactTextString(m) } func (*UpdateBundleResponse) ProtoMessage() {} func (*UpdateBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{8} + return fileDescriptor_datastore_4f64055bc62c5380, []int{8} } func (m *UpdateBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateBundleResponse.Unmarshal(m, b) @@ -464,7 +495,7 @@ func (m *AppendBundleRequest) Reset() { *m = AppendBundleRequest{} } func (m *AppendBundleRequest) String() string { return proto.CompactTextString(m) } func (*AppendBundleRequest) ProtoMessage() {} func (*AppendBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{9} + return fileDescriptor_datastore_4f64055bc62c5380, []int{9} } func (m *AppendBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AppendBundleRequest.Unmarshal(m, b) @@ -502,7 +533,7 @@ func (m *AppendBundleResponse) Reset() { *m = AppendBundleResponse{} } func (m *AppendBundleResponse) String() string { return proto.CompactTextString(m) } func (*AppendBundleResponse) ProtoMessage() {} func (*AppendBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{10} + return fileDescriptor_datastore_4f64055bc62c5380, []int{10} } func (m *AppendBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AppendBundleResponse.Unmarshal(m, b) @@ -530,17 +561,18 @@ func (m *AppendBundleResponse) GetBundle() *Bundle { } type DeleteBundleRequest struct { - TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` + Mode DeleteBundleRequest_Mode `protobuf:"varint,2,opt,name=mode,proto3,enum=spire.server.datastore.DeleteBundleRequest_Mode" json:"mode,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *DeleteBundleRequest) Reset() { *m = DeleteBundleRequest{} } func (m *DeleteBundleRequest) String() string { return proto.CompactTextString(m) } func (*DeleteBundleRequest) ProtoMessage() {} func (*DeleteBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{11} + return fileDescriptor_datastore_4f64055bc62c5380, []int{11} } func (m *DeleteBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteBundleRequest.Unmarshal(m, b) @@ -567,6 +599,13 @@ func (m *DeleteBundleRequest) GetTrustDomain() string { return "" } +func (m *DeleteBundleRequest) GetMode() DeleteBundleRequest_Mode { + if m != nil { + return m.Mode + } + return DeleteBundleRequest_RESTRICT +} + type DeleteBundleResponse struct { Bundle *Bundle `protobuf:"bytes,1,opt,name=bundle,proto3" json:"bundle,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -578,7 +617,7 @@ func (m *DeleteBundleResponse) Reset() { *m = DeleteBundleResponse{} } func (m *DeleteBundleResponse) String() string { return proto.CompactTextString(m) } func (*DeleteBundleResponse) ProtoMessage() {} func (*DeleteBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{12} + return fileDescriptor_datastore_4f64055bc62c5380, []int{12} } func (m *DeleteBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteBundleResponse.Unmarshal(m, b) @@ -619,7 +658,7 @@ func (m *NodeSelectors) Reset() { *m = NodeSelectors{} } func (m *NodeSelectors) String() string { return proto.CompactTextString(m) } func (*NodeSelectors) ProtoMessage() {} func (*NodeSelectors) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{13} + return fileDescriptor_datastore_4f64055bc62c5380, []int{13} } func (m *NodeSelectors) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_NodeSelectors.Unmarshal(m, b) @@ -664,7 +703,7 @@ func (m *SetNodeSelectorsRequest) Reset() { *m = SetNodeSelectorsRequest func (m *SetNodeSelectorsRequest) String() string { return proto.CompactTextString(m) } func (*SetNodeSelectorsRequest) ProtoMessage() {} func (*SetNodeSelectorsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{14} + return fileDescriptor_datastore_4f64055bc62c5380, []int{14} } func (m *SetNodeSelectorsRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_SetNodeSelectorsRequest.Unmarshal(m, b) @@ -701,7 +740,7 @@ func (m *SetNodeSelectorsResponse) Reset() { *m = SetNodeSelectorsRespon func (m *SetNodeSelectorsResponse) String() string { return proto.CompactTextString(m) } func (*SetNodeSelectorsResponse) ProtoMessage() {} func (*SetNodeSelectorsResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{15} + return fileDescriptor_datastore_4f64055bc62c5380, []int{15} } func (m *SetNodeSelectorsResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_SetNodeSelectorsResponse.Unmarshal(m, b) @@ -732,7 +771,7 @@ func (m *GetNodeSelectorsRequest) Reset() { *m = GetNodeSelectorsRequest func (m *GetNodeSelectorsRequest) String() string { return proto.CompactTextString(m) } func (*GetNodeSelectorsRequest) ProtoMessage() {} func (*GetNodeSelectorsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{16} + return fileDescriptor_datastore_4f64055bc62c5380, []int{16} } func (m *GetNodeSelectorsRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetNodeSelectorsRequest.Unmarshal(m, b) @@ -770,7 +809,7 @@ func (m *GetNodeSelectorsResponse) Reset() { *m = GetNodeSelectorsRespon func (m *GetNodeSelectorsResponse) String() string { return proto.CompactTextString(m) } func (*GetNodeSelectorsResponse) ProtoMessage() {} func (*GetNodeSelectorsResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{17} + return fileDescriptor_datastore_4f64055bc62c5380, []int{17} } func (m *GetNodeSelectorsResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetNodeSelectorsResponse.Unmarshal(m, b) @@ -815,7 +854,7 @@ func (m *AttestedNode) Reset() { *m = AttestedNode{} } func (m *AttestedNode) String() string { return proto.CompactTextString(m) } func (*AttestedNode) ProtoMessage() {} func (*AttestedNode) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{18} + return fileDescriptor_datastore_4f64055bc62c5380, []int{18} } func (m *AttestedNode) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AttestedNode.Unmarshal(m, b) @@ -874,7 +913,7 @@ func (m *CreateAttestedNodeRequest) Reset() { *m = CreateAttestedNodeReq func (m *CreateAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*CreateAttestedNodeRequest) ProtoMessage() {} func (*CreateAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{19} + return fileDescriptor_datastore_4f64055bc62c5380, []int{19} } func (m *CreateAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateAttestedNodeRequest.Unmarshal(m, b) @@ -912,7 +951,7 @@ func (m *CreateAttestedNodeResponse) Reset() { *m = CreateAttestedNodeRe func (m *CreateAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*CreateAttestedNodeResponse) ProtoMessage() {} func (*CreateAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{20} + return fileDescriptor_datastore_4f64055bc62c5380, []int{20} } func (m *CreateAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateAttestedNodeResponse.Unmarshal(m, b) @@ -950,7 +989,7 @@ func (m *FetchAttestedNodeRequest) Reset() { *m = FetchAttestedNodeReque func (m *FetchAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*FetchAttestedNodeRequest) ProtoMessage() {} func (*FetchAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{21} + return fileDescriptor_datastore_4f64055bc62c5380, []int{21} } func (m *FetchAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchAttestedNodeRequest.Unmarshal(m, b) @@ -988,7 +1027,7 @@ func (m *FetchAttestedNodeResponse) Reset() { *m = FetchAttestedNodeResp func (m *FetchAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*FetchAttestedNodeResponse) ProtoMessage() {} func (*FetchAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{22} + return fileDescriptor_datastore_4f64055bc62c5380, []int{22} } func (m *FetchAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchAttestedNodeResponse.Unmarshal(m, b) @@ -1026,7 +1065,7 @@ func (m *ListAttestedNodesRequest) Reset() { *m = ListAttestedNodesReque func (m *ListAttestedNodesRequest) String() string { return proto.CompactTextString(m) } func (*ListAttestedNodesRequest) ProtoMessage() {} func (*ListAttestedNodesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{23} + return fileDescriptor_datastore_4f64055bc62c5380, []int{23} } func (m *ListAttestedNodesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListAttestedNodesRequest.Unmarshal(m, b) @@ -1064,7 +1103,7 @@ func (m *ListAttestedNodesResponse) Reset() { *m = ListAttestedNodesResp func (m *ListAttestedNodesResponse) String() string { return proto.CompactTextString(m) } func (*ListAttestedNodesResponse) ProtoMessage() {} func (*ListAttestedNodesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{24} + return fileDescriptor_datastore_4f64055bc62c5380, []int{24} } func (m *ListAttestedNodesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListAttestedNodesResponse.Unmarshal(m, b) @@ -1104,7 +1143,7 @@ func (m *UpdateAttestedNodeRequest) Reset() { *m = UpdateAttestedNodeReq func (m *UpdateAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*UpdateAttestedNodeRequest) ProtoMessage() {} func (*UpdateAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{25} + return fileDescriptor_datastore_4f64055bc62c5380, []int{25} } func (m *UpdateAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateAttestedNodeRequest.Unmarshal(m, b) @@ -1156,7 +1195,7 @@ func (m *UpdateAttestedNodeResponse) Reset() { *m = UpdateAttestedNodeRe func (m *UpdateAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*UpdateAttestedNodeResponse) ProtoMessage() {} func (*UpdateAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{26} + return fileDescriptor_datastore_4f64055bc62c5380, []int{26} } func (m *UpdateAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateAttestedNodeResponse.Unmarshal(m, b) @@ -1194,7 +1233,7 @@ func (m *DeleteAttestedNodeRequest) Reset() { *m = DeleteAttestedNodeReq func (m *DeleteAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*DeleteAttestedNodeRequest) ProtoMessage() {} func (*DeleteAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{27} + return fileDescriptor_datastore_4f64055bc62c5380, []int{27} } func (m *DeleteAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteAttestedNodeRequest.Unmarshal(m, b) @@ -1232,7 +1271,7 @@ func (m *DeleteAttestedNodeResponse) Reset() { *m = DeleteAttestedNodeRe func (m *DeleteAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*DeleteAttestedNodeResponse) ProtoMessage() {} func (*DeleteAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{28} + return fileDescriptor_datastore_4f64055bc62c5380, []int{28} } func (m *DeleteAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteAttestedNodeResponse.Unmarshal(m, b) @@ -1270,7 +1309,7 @@ func (m *CreateRegistrationEntryRequest) Reset() { *m = CreateRegistrati func (m *CreateRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*CreateRegistrationEntryRequest) ProtoMessage() {} func (*CreateRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{29} + return fileDescriptor_datastore_4f64055bc62c5380, []int{29} } func (m *CreateRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRegistrationEntryRequest.Unmarshal(m, b) @@ -1308,7 +1347,7 @@ func (m *CreateRegistrationEntryResponse) Reset() { *m = CreateRegistrat func (m *CreateRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*CreateRegistrationEntryResponse) ProtoMessage() {} func (*CreateRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{30} + return fileDescriptor_datastore_4f64055bc62c5380, []int{30} } func (m *CreateRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRegistrationEntryResponse.Unmarshal(m, b) @@ -1346,7 +1385,7 @@ func (m *FetchRegistrationEntryRequest) Reset() { *m = FetchRegistration func (m *FetchRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*FetchRegistrationEntryRequest) ProtoMessage() {} func (*FetchRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{31} + return fileDescriptor_datastore_4f64055bc62c5380, []int{31} } func (m *FetchRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchRegistrationEntryRequest.Unmarshal(m, b) @@ -1384,7 +1423,7 @@ func (m *FetchRegistrationEntryResponse) Reset() { *m = FetchRegistratio func (m *FetchRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*FetchRegistrationEntryResponse) ProtoMessage() {} func (*FetchRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{32} + return fileDescriptor_datastore_4f64055bc62c5380, []int{32} } func (m *FetchRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchRegistrationEntryResponse.Unmarshal(m, b) @@ -1423,7 +1462,7 @@ func (m *BySelectors) Reset() { *m = BySelectors{} } func (m *BySelectors) String() string { return proto.CompactTextString(m) } func (*BySelectors) ProtoMessage() {} func (*BySelectors) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{33} + return fileDescriptor_datastore_4f64055bc62c5380, []int{33} } func (m *BySelectors) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_BySelectors.Unmarshal(m, b) @@ -1470,7 +1509,7 @@ func (m *ListRegistrationEntriesRequest) Reset() { *m = ListRegistration func (m *ListRegistrationEntriesRequest) String() string { return proto.CompactTextString(m) } func (*ListRegistrationEntriesRequest) ProtoMessage() {} func (*ListRegistrationEntriesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{34} + return fileDescriptor_datastore_4f64055bc62c5380, []int{34} } func (m *ListRegistrationEntriesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRegistrationEntriesRequest.Unmarshal(m, b) @@ -1522,7 +1561,7 @@ func (m *ListRegistrationEntriesResponse) Reset() { *m = ListRegistratio func (m *ListRegistrationEntriesResponse) String() string { return proto.CompactTextString(m) } func (*ListRegistrationEntriesResponse) ProtoMessage() {} func (*ListRegistrationEntriesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{35} + return fileDescriptor_datastore_4f64055bc62c5380, []int{35} } func (m *ListRegistrationEntriesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRegistrationEntriesResponse.Unmarshal(m, b) @@ -1560,7 +1599,7 @@ func (m *UpdateRegistrationEntryRequest) Reset() { *m = UpdateRegistrati func (m *UpdateRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*UpdateRegistrationEntryRequest) ProtoMessage() {} func (*UpdateRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{36} + return fileDescriptor_datastore_4f64055bc62c5380, []int{36} } func (m *UpdateRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRegistrationEntryRequest.Unmarshal(m, b) @@ -1598,7 +1637,7 @@ func (m *UpdateRegistrationEntryResponse) Reset() { *m = UpdateRegistrat func (m *UpdateRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*UpdateRegistrationEntryResponse) ProtoMessage() {} func (*UpdateRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{37} + return fileDescriptor_datastore_4f64055bc62c5380, []int{37} } func (m *UpdateRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRegistrationEntryResponse.Unmarshal(m, b) @@ -1636,7 +1675,7 @@ func (m *DeleteRegistrationEntryRequest) Reset() { *m = DeleteRegistrati func (m *DeleteRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*DeleteRegistrationEntryRequest) ProtoMessage() {} func (*DeleteRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{38} + return fileDescriptor_datastore_4f64055bc62c5380, []int{38} } func (m *DeleteRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRegistrationEntryRequest.Unmarshal(m, b) @@ -1674,7 +1713,7 @@ func (m *DeleteRegistrationEntryResponse) Reset() { *m = DeleteRegistrat func (m *DeleteRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*DeleteRegistrationEntryResponse) ProtoMessage() {} func (*DeleteRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{39} + return fileDescriptor_datastore_4f64055bc62c5380, []int{39} } func (m *DeleteRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRegistrationEntryResponse.Unmarshal(m, b) @@ -1715,7 +1754,7 @@ func (m *JoinToken) Reset() { *m = JoinToken{} } func (m *JoinToken) String() string { return proto.CompactTextString(m) } func (*JoinToken) ProtoMessage() {} func (*JoinToken) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{40} + return fileDescriptor_datastore_4f64055bc62c5380, []int{40} } func (m *JoinToken) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_JoinToken.Unmarshal(m, b) @@ -1760,7 +1799,7 @@ func (m *CreateJoinTokenRequest) Reset() { *m = CreateJoinTokenRequest{} func (m *CreateJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*CreateJoinTokenRequest) ProtoMessage() {} func (*CreateJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{41} + return fileDescriptor_datastore_4f64055bc62c5380, []int{41} } func (m *CreateJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateJoinTokenRequest.Unmarshal(m, b) @@ -1798,7 +1837,7 @@ func (m *CreateJoinTokenResponse) Reset() { *m = CreateJoinTokenResponse func (m *CreateJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*CreateJoinTokenResponse) ProtoMessage() {} func (*CreateJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{42} + return fileDescriptor_datastore_4f64055bc62c5380, []int{42} } func (m *CreateJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateJoinTokenResponse.Unmarshal(m, b) @@ -1836,7 +1875,7 @@ func (m *FetchJoinTokenRequest) Reset() { *m = FetchJoinTokenRequest{} } func (m *FetchJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*FetchJoinTokenRequest) ProtoMessage() {} func (*FetchJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{43} + return fileDescriptor_datastore_4f64055bc62c5380, []int{43} } func (m *FetchJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchJoinTokenRequest.Unmarshal(m, b) @@ -1874,7 +1913,7 @@ func (m *FetchJoinTokenResponse) Reset() { *m = FetchJoinTokenResponse{} func (m *FetchJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*FetchJoinTokenResponse) ProtoMessage() {} func (*FetchJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{44} + return fileDescriptor_datastore_4f64055bc62c5380, []int{44} } func (m *FetchJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchJoinTokenResponse.Unmarshal(m, b) @@ -1912,7 +1951,7 @@ func (m *DeleteJoinTokenRequest) Reset() { *m = DeleteJoinTokenRequest{} func (m *DeleteJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*DeleteJoinTokenRequest) ProtoMessage() {} func (*DeleteJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{45} + return fileDescriptor_datastore_4f64055bc62c5380, []int{45} } func (m *DeleteJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteJoinTokenRequest.Unmarshal(m, b) @@ -1950,7 +1989,7 @@ func (m *DeleteJoinTokenResponse) Reset() { *m = DeleteJoinTokenResponse func (m *DeleteJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*DeleteJoinTokenResponse) ProtoMessage() {} func (*DeleteJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{46} + return fileDescriptor_datastore_4f64055bc62c5380, []int{46} } func (m *DeleteJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteJoinTokenResponse.Unmarshal(m, b) @@ -1988,7 +2027,7 @@ func (m *PruneJoinTokensRequest) Reset() { *m = PruneJoinTokensRequest{} func (m *PruneJoinTokensRequest) String() string { return proto.CompactTextString(m) } func (*PruneJoinTokensRequest) ProtoMessage() {} func (*PruneJoinTokensRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{47} + return fileDescriptor_datastore_4f64055bc62c5380, []int{47} } func (m *PruneJoinTokensRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PruneJoinTokensRequest.Unmarshal(m, b) @@ -2025,7 +2064,7 @@ func (m *PruneJoinTokensResponse) Reset() { *m = PruneJoinTokensResponse func (m *PruneJoinTokensResponse) String() string { return proto.CompactTextString(m) } func (*PruneJoinTokensResponse) ProtoMessage() {} func (*PruneJoinTokensResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_5f1f189cc5ca3aad, []int{48} + return fileDescriptor_datastore_4f64055bc62c5380, []int{48} } func (m *PruneJoinTokensResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PruneJoinTokensResponse.Unmarshal(m, b) @@ -2095,6 +2134,7 @@ func init() { proto.RegisterType((*DeleteJoinTokenResponse)(nil), "spire.server.datastore.DeleteJoinTokenResponse") proto.RegisterType((*PruneJoinTokensRequest)(nil), "spire.server.datastore.PruneJoinTokensRequest") proto.RegisterType((*PruneJoinTokensResponse)(nil), "spire.server.datastore.PruneJoinTokensResponse") + proto.RegisterEnum("spire.server.datastore.DeleteBundleRequest_Mode", DeleteBundleRequest_Mode_name, DeleteBundleRequest_Mode_value) proto.RegisterEnum("spire.server.datastore.BySelectors_MatchBehavior", BySelectors_MatchBehavior_name, BySelectors_MatchBehavior_value) } @@ -2977,103 +3017,107 @@ var _DataStore_serviceDesc = grpc.ServiceDesc{ Metadata: "datastore.proto", } -func init() { proto.RegisterFile("datastore.proto", fileDescriptor_datastore_5f1f189cc5ca3aad) } - -var fileDescriptor_datastore_5f1f189cc5ca3aad = []byte{ - // 1519 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x59, 0x7f, 0x53, 0xdb, 0x46, - 0x13, 0x8e, 0x71, 0x20, 0xf1, 0xda, 0xfc, 0xc8, 0x41, 0x8c, 0xed, 0xbc, 0x2f, 0x10, 0xbd, 0xc9, - 0x3b, 0x69, 0x7e, 0xd8, 0xc1, 0x4d, 0x08, 0x49, 0x67, 0xda, 0x02, 0x21, 0x2e, 0x9d, 0x42, 0x19, - 0x1b, 0x48, 0x26, 0xe9, 0x54, 0x23, 0xdb, 0x67, 0xa3, 0xd4, 0x48, 0xaa, 0x74, 0x4e, 0xe3, 0xc9, - 0x07, 0xe8, 0x4c, 0xa7, 0xdf, 0xa5, 0x7f, 0xf4, 0x0b, 0xf4, 0xe3, 0xf4, 0x63, 0x74, 0x74, 0x27, - 0x59, 0x92, 0xa5, 0x15, 0x32, 0xa6, 0x7f, 0x61, 0x9d, 0xf6, 0xd9, 0xe7, 0xb9, 0xf5, 0xde, 0xde, - 0xae, 0x81, 0xf9, 0xb6, 0xc2, 0x14, 0x8b, 0xe9, 0x26, 0x2d, 0x1b, 0xa6, 0xce, 0x74, 0x92, 0xb7, - 0x0c, 0xd5, 0xa4, 0x65, 0x8b, 0x9a, 0x1f, 0xa8, 0x59, 0x1e, 0xbe, 0x2d, 0xad, 0x74, 0x75, 0xbd, - 0xdb, 0xa3, 0x15, 0x6e, 0xd5, 0xec, 0x77, 0x2a, 0xbf, 0x98, 0x8a, 0x61, 0x50, 0xd3, 0x12, 0xb8, - 0xd2, 0x66, 0x57, 0x65, 0xa7, 0xfd, 0x66, 0xb9, 0xa5, 0x9f, 0x55, 0x2c, 0x43, 0xed, 0x74, 0x68, - 0x85, 0x7b, 0x12, 0x80, 0x4a, 0x4b, 0x3f, 0x3b, 0xd3, 0xb5, 0x8a, 0xd1, 0xeb, 0x77, 0x55, 0xf7, - 0x8f, 0x83, 0x5c, 0x4f, 0x84, 0x14, 0x7f, 0x04, 0x44, 0x7a, 0x05, 0x33, 0xdb, 0x7d, 0xad, 0xdd, - 0xa3, 0xe4, 0x36, 0xe4, 0x98, 0xd9, 0xb7, 0x98, 0xdc, 0xd6, 0xcf, 0x14, 0x55, 0x2b, 0xa4, 0xd6, - 0x52, 0xf7, 0x32, 0xf5, 0x2c, 0x5f, 0x7b, 0xc9, 0x97, 0x48, 0x11, 0xae, 0xb7, 0x14, 0xb9, 0x45, - 0x4d, 0x66, 0x15, 0xa6, 0xd6, 0x52, 0xf7, 0x72, 0xf5, 0x6b, 0x2d, 0x65, 0xc7, 0x7e, 0x94, 0xf6, - 0x61, 0x71, 0xc7, 0xa4, 0x0a, 0xa3, 0xc2, 0x5b, 0x9d, 0xfe, 0xdc, 0xa7, 0x16, 0x23, 0x1b, 0x30, - 0xd3, 0xe4, 0x0b, 0xdc, 0x5d, 0xb6, 0xba, 0x52, 0x8e, 0x0e, 0x4a, 0xd9, 0x81, 0x39, 0xd6, 0xd2, - 0x01, 0x2c, 0x05, 0xdd, 0x59, 0x86, 0xae, 0x59, 0xf4, 0xc2, 0xfe, 0x9e, 0x01, 0x79, 0x45, 0x59, - 0xeb, 0x34, 0xa8, 0xee, 0xfc, 0x2d, 0xdb, 0xfb, 0x0a, 0x00, 0x27, 0xd4, 0xb1, 0x04, 0xe4, 0x3b, - 0xd5, 0x62, 0x62, 0xd5, 0x72, 0x74, 0x48, 0xdf, 0xc3, 0x62, 0x60, 0xd5, 0x21, 0xd9, 0x84, 0x6b, - 0x02, 0x66, 0x15, 0x52, 0x6b, 0xe9, 0x04, 0x2c, 0xae, 0xb9, 0xad, 0xfa, 0xd8, 0x68, 0x5f, 0xe6, - 0xb7, 0x11, 0x74, 0x37, 0x61, 0x14, 0xf6, 0x61, 0x71, 0xcb, 0x30, 0xa8, 0xd6, 0xbe, 0x34, 0x79, - 0x41, 0x77, 0x13, 0xca, 0xdb, 0x84, 0xc5, 0x97, 0xb4, 0x47, 0x47, 0xa3, 0x97, 0x20, 0x5b, 0x0e, - 0x60, 0x29, 0x88, 0x9c, 0x50, 0x49, 0x13, 0x66, 0x0f, 0xf4, 0x36, 0x6d, 0xd0, 0x1e, 0x6d, 0x31, - 0xdd, 0xb4, 0xc8, 0x2d, 0xc8, 0x88, 0x83, 0x2d, 0xab, 0x6d, 0x47, 0xc0, 0x75, 0xb1, 0xb0, 0xd7, - 0x26, 0x4f, 0x20, 0x63, 0xb9, 0x96, 0x85, 0x29, 0x9e, 0x31, 0x79, 0x87, 0xc8, 0x39, 0xf3, 0xae, - 0xa3, 0xba, 0x67, 0x28, 0xfd, 0x08, 0xcb, 0x0d, 0xca, 0x02, 0x34, 0xee, 0x8e, 0x77, 0xfc, 0x0e, - 0x85, 0xf2, 0xbb, 0x98, 0xf2, 0xa0, 0x03, 0x9f, 0xff, 0x12, 0x14, 0xc2, 0xfe, 0x45, 0x5c, 0xa4, - 0x0d, 0x58, 0xae, 0x21, 0xdc, 0x71, 0x3b, 0x95, 0x64, 0x28, 0xd4, 0x10, 0x9f, 0x97, 0x23, 0xfa, - 0xcf, 0x14, 0xe4, 0xb6, 0x18, 0xa3, 0x16, 0xa3, 0x6d, 0xdb, 0x28, 0x3e, 0xf0, 0x55, 0xb8, 0xa9, - 0x70, 0x63, 0x85, 0xa9, 0xba, 0x26, 0xdb, 0xfe, 0x65, 0x36, 0x30, 0x28, 0x2f, 0x92, 0x99, 0xfa, - 0xa2, 0xef, 0xe5, 0x4b, 0x85, 0x29, 0x47, 0x03, 0x83, 0x92, 0x87, 0x40, 0xec, 0x42, 0x2a, 0x5b, - 0xd4, 0x54, 0x95, 0x9e, 0xac, 0xf5, 0xcf, 0x9a, 0xd4, 0x2c, 0xa4, 0x39, 0x60, 0xc1, 0x7e, 0xd3, - 0xe0, 0x2f, 0x0e, 0xf8, 0x3a, 0xb9, 0x03, 0x73, 0xdc, 0x5a, 0xd3, 0x99, 0xac, 0x74, 0x18, 0x35, - 0x0b, 0x57, 0xd7, 0x52, 0xf7, 0xd2, 0xf5, 0x9c, 0xbd, 0x7a, 0xa0, 0xb3, 0x2d, 0x7b, 0x4d, 0x3a, - 0x86, 0xa2, 0xa8, 0x9a, 0x7e, 0xe9, 0x6e, 0x40, 0x37, 0xe1, 0xaa, 0xa6, 0xb7, 0xdd, 0x0c, 0xbc, - 0x83, 0x85, 0x24, 0x00, 0xe5, 0x08, 0xe9, 0x04, 0x4a, 0x51, 0x6e, 0x87, 0x55, 0xea, 0xa2, 0x7e, - 0x9f, 0x41, 0x81, 0xd7, 0xd6, 0x28, 0xb5, 0xb1, 0x5f, 0xff, 0x31, 0x14, 0x23, 0x80, 0x13, 0xeb, - 0x69, 0x41, 0xc1, 0x2e, 0xc3, 0xfe, 0x37, 0xc3, 0x74, 0xac, 0xc1, 0x8d, 0xe6, 0x40, 0xa6, 0x1f, - 0x6d, 0x67, 0x96, 0xdc, 0xa4, 0x1d, 0xdd, 0x74, 0x29, 0x6e, 0x95, 0xc5, 0x85, 0x5e, 0x76, 0x2f, - 0xf4, 0xf2, 0x9e, 0xc6, 0x36, 0x9e, 0x9c, 0x28, 0xbd, 0x3e, 0xad, 0xcf, 0x37, 0x07, 0xbb, 0x02, - 0xb4, 0xcd, 0x31, 0xd2, 0x6b, 0x28, 0x46, 0x90, 0x38, 0xda, 0x5f, 0xc0, 0xb4, 0xad, 0xc4, 0xad, - 0xf7, 0xc9, 0xc4, 0x0b, 0x88, 0xf4, 0x7b, 0x0a, 0x8a, 0xa2, 0x4a, 0x8f, 0x1b, 0x4f, 0x24, 0x17, - 0xa7, 0x12, 0xe7, 0x62, 0x3a, 0x22, 0x17, 0x4f, 0xa0, 0x14, 0xa5, 0x66, 0xe2, 0x2f, 0x69, 0x13, - 0x8a, 0xa2, 0xc4, 0x8e, 0x9d, 0x35, 0x27, 0x50, 0x8a, 0x42, 0x4e, 0xac, 0xe8, 0x35, 0xac, 0x88, - 0xe3, 0x51, 0xa7, 0x5d, 0xd5, 0x62, 0x26, 0x3f, 0xe7, 0xbb, 0x1a, 0x33, 0x07, 0xae, 0xac, 0xa7, - 0x30, 0x4d, 0xed, 0x67, 0xc7, 0xf9, 0x6a, 0xb0, 0x28, 0x87, 0x61, 0xc2, 0x5a, 0x7a, 0x03, 0xab, - 0xa8, 0x63, 0x47, 0xf5, 0x05, 0x3d, 0xbf, 0x80, 0xff, 0xf2, 0x03, 0x84, 0x2a, 0x2e, 0xc2, 0x75, - 0x6e, 0xe9, 0xc5, 0xf1, 0x1a, 0x7f, 0xde, 0x6b, 0xdb, 0xdb, 0xc5, 0xb0, 0x93, 0x89, 0xfa, 0x2b, - 0x05, 0xd9, 0xed, 0x81, 0x77, 0xd7, 0x3d, 0x09, 0x16, 0xf2, 0x64, 0xd7, 0x19, 0xa9, 0xc1, 0xf4, - 0x99, 0xc2, 0x5a, 0xa7, 0x3c, 0x7d, 0xe7, 0xaa, 0xeb, 0xe8, 0x4d, 0xeb, 0x31, 0x95, 0xf7, 0x6d, - 0xc0, 0x36, 0x3d, 0x55, 0x3e, 0xa8, 0xba, 0x59, 0x17, 0x78, 0xa9, 0x0a, 0xb3, 0x81, 0x75, 0x32, - 0x0f, 0xd9, 0xfd, 0xad, 0xa3, 0x9d, 0x6f, 0xe4, 0xdd, 0x37, 0x5b, 0x3b, 0x47, 0x0b, 0x57, 0xc8, - 0x02, 0xe4, 0xc4, 0x42, 0xe3, 0x78, 0xbb, 0xb1, 0x7b, 0xb4, 0x90, 0x92, 0xfe, 0x4e, 0xc1, 0x8a, - 0x7d, 0xba, 0x47, 0xf7, 0xa8, 0x7a, 0x85, 0xe4, 0x4b, 0xc8, 0x35, 0x07, 0xb2, 0xa1, 0x98, 0x54, - 0x63, 0x6e, 0x74, 0xb3, 0xd5, 0xff, 0x84, 0x6a, 0x48, 0x83, 0x99, 0xaa, 0xd6, 0x15, 0x45, 0x04, - 0x9a, 0x83, 0x43, 0x0e, 0xd8, 0x6b, 0x93, 0x57, 0x1c, 0xef, 0xbf, 0xe7, 0x6d, 0xfc, 0xff, 0x12, - 0x6c, 0xb3, 0x9e, 0x6d, 0xfa, 0xa2, 0x2b, 0x74, 0x78, 0xa7, 0x25, 0x9d, 0x4c, 0x47, 0xc3, 0x3d, - 0x4d, 0x3f, 0xc0, 0x2a, 0xba, 0x53, 0x27, 0x0f, 0x9e, 0x03, 0x4f, 0x1a, 0x75, 0x58, 0xcf, 0xce, - 0xcd, 0x04, 0xd7, 0xde, 0x4e, 0x32, 0x51, 0x3d, 0xfe, 0x85, 0x33, 0x85, 0x3a, 0x9e, 0x2c, 0x7d, - 0xbf, 0x80, 0x15, 0x51, 0x5e, 0x2e, 0x72, 0xa8, 0xde, 0xc0, 0x2a, 0x0a, 0x9e, 0x4c, 0xd6, 0x73, - 0xc8, 0x7c, 0xab, 0xab, 0xda, 0x91, 0xfe, 0x13, 0xd5, 0xc8, 0x12, 0x4c, 0x33, 0xfb, 0x83, 0x43, - 0x2f, 0x1e, 0x48, 0x1e, 0x66, 0xf8, 0xc5, 0x36, 0xe0, 0xc9, 0x94, 0xae, 0x3b, 0x4f, 0xd2, 0x5b, - 0xc8, 0x8b, 0xfa, 0x33, 0x74, 0xe0, 0xee, 0xe4, 0x6b, 0x80, 0xf7, 0xba, 0xaa, 0xc9, 0x9e, 0xb3, - 0x6c, 0xf5, 0x36, 0x96, 0x82, 0x1e, 0x3a, 0xf3, 0xde, 0xfd, 0x28, 0xbd, 0x83, 0xe5, 0x90, 0x6f, - 0x67, 0xa3, 0x93, 0x3b, 0x7f, 0x04, 0x37, 0x79, 0x89, 0x0a, 0xe9, 0x8e, 0xdc, 0xbf, 0xbd, 0xcf, - 0x51, 0xf3, 0x4b, 0x93, 0x52, 0x86, 0xbc, 0xf8, 0x62, 0x13, 0x6a, 0x79, 0x07, 0xcb, 0x21, 0xfb, - 0x4b, 0x13, 0xf3, 0x15, 0xe4, 0x0f, 0xcd, 0xbe, 0xe6, 0xf9, 0x1e, 0x56, 0xa5, 0xbb, 0x30, 0x17, - 0xd1, 0xdb, 0xa4, 0xeb, 0xb3, 0x34, 0xd0, 0xbc, 0x14, 0x61, 0x39, 0xe4, 0x40, 0xa8, 0xab, 0xfe, - 0x91, 0x87, 0x8c, 0xdd, 0xdc, 0x36, 0x6c, 0x7a, 0xa2, 0x42, 0xce, 0x3f, 0xbf, 0x93, 0x07, 0x98, - 0xce, 0x88, 0x1f, 0x0d, 0x4a, 0x0f, 0x93, 0x19, 0x3b, 0x61, 0xe9, 0x40, 0xd6, 0x37, 0xa1, 0x93, - 0xfb, 0x18, 0x38, 0x3c, 0xff, 0x97, 0x1e, 0x24, 0xb2, 0xf5, 0x78, 0x7c, 0x43, 0x3a, 0xce, 0x13, - 0x9e, 0xef, 0x71, 0x9e, 0xa8, 0xa9, 0x5f, 0x85, 0x9c, 0x7f, 0xd8, 0xc6, 0x43, 0x17, 0x31, 0xe1, - 0xe3, 0xa1, 0x8b, 0x9c, 0xdf, 0x55, 0xc8, 0xf9, 0x07, 0x67, 0x9c, 0x2a, 0x62, 0x5a, 0xc7, 0xa9, - 0x22, 0x67, 0x71, 0x15, 0x72, 0xfe, 0xc9, 0x18, 0xa7, 0x8a, 0x98, 0xbc, 0x71, 0xaa, 0xc8, 0x61, - 0xfb, 0x13, 0x90, 0xf0, 0xb8, 0x42, 0xd6, 0xe3, 0x93, 0x2a, 0xa2, 0x9b, 0x2c, 0x55, 0xc7, 0x81, - 0x38, 0xe4, 0x1f, 0xe1, 0x46, 0x68, 0x34, 0x21, 0x8f, 0x63, 0xf3, 0x2c, 0x8a, 0x7a, 0x7d, 0x0c, - 0x84, 0xc7, 0x1c, 0x1a, 0x2c, 0x70, 0x66, 0x6c, 0xd0, 0xc1, 0x99, 0xf1, 0xa9, 0xe5, 0x13, 0x90, - 0x70, 0xab, 0x8f, 0x07, 0x1c, 0x1d, 0x52, 0xf0, 0x80, 0xc7, 0x4c, 0x12, 0x9f, 0x80, 0x84, 0xbb, - 0x7a, 0x9c, 0x1c, 0x9d, 0x1d, 0x70, 0xf2, 0x98, 0xa1, 0xa1, 0x0f, 0x0b, 0xa3, 0xbf, 0x6d, 0x90, - 0x0a, 0xe6, 0x07, 0xf9, 0x95, 0xa5, 0xf4, 0x38, 0x39, 0xc0, 0xa3, 0xad, 0x25, 0xa6, 0xad, 0x8d, - 0x4b, 0x8b, 0xfe, 0xb2, 0xf2, 0x5b, 0xca, 0xbd, 0xb4, 0x43, 0xdd, 0x06, 0xd9, 0x88, 0x3f, 0x2b, - 0x58, 0x4f, 0x54, 0x7a, 0x36, 0x36, 0xce, 0x11, 0xf3, 0x6b, 0xca, 0xb9, 0xb5, 0xc3, 0x5a, 0x9e, - 0xc6, 0x1e, 0x1e, 0x54, 0xca, 0xc6, 0xb8, 0x30, 0x5f, 0x58, 0x90, 0x56, 0x18, 0x0f, 0x4b, 0xfc, - 0x94, 0x80, 0x87, 0xe5, 0xbc, 0x9e, 0xdb, 0x16, 0x83, 0x34, 0xb8, 0xb8, 0x98, 0xf8, 0x56, 0x1b, - 0x17, 0x73, 0x5e, 0x27, 0x6d, 0x8b, 0x41, 0xda, 0x5a, 0x5c, 0x4c, 0x7c, 0x13, 0x8d, 0x8b, 0x39, - 0xaf, 0x7f, 0x36, 0x61, 0x7e, 0xa4, 0xe3, 0x24, 0xe5, 0xf8, 0xe4, 0x1b, 0x6d, 0xd9, 0x4a, 0x95, - 0xc4, 0xf6, 0x0e, 0xa7, 0x0e, 0x73, 0xc1, 0xce, 0x92, 0x3c, 0x8a, 0x4d, 0xb2, 0x10, 0x63, 0x39, - 0xa9, 0xb9, 0xb7, 0xc9, 0x91, 0xf6, 0x11, 0xdf, 0x64, 0x74, 0x5f, 0x8a, 0x6f, 0x12, 0xeb, 0x4b, - 0x4d, 0x98, 0x1f, 0x69, 0x0a, 0x71, 0xce, 0xe8, 0xf6, 0x13, 0xe7, 0x44, 0xba, 0x4d, 0xf2, 0x16, - 0x32, 0x3b, 0xba, 0xd6, 0x51, 0xbb, 0x7d, 0x93, 0x92, 0xbb, 0xc1, 0x51, 0xc8, 0xf9, 0x97, 0xd8, - 0xf0, 0xbd, 0x4b, 0xf2, 0xff, 0xf3, 0xcc, 0x86, 0x8d, 0xde, 0x6c, 0x8d, 0xb2, 0x43, 0xfe, 0x7a, - 0x4f, 0xeb, 0xe8, 0xe4, 0xb3, 0x48, 0x60, 0xc0, 0xc6, 0xe5, 0xb8, 0x9f, 0xc4, 0x54, 0xf0, 0x6c, - 0x67, 0xdf, 0x66, 0x86, 0x1b, 0x3d, 0xbc, 0x72, 0x98, 0x3a, 0x9c, 0x6a, 0xce, 0xf0, 0xb1, 0xfb, - 0xf3, 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0x09, 0xde, 0xc2, 0x3f, 0x4c, 0x1c, 0x00, 0x00, +func init() { proto.RegisterFile("datastore.proto", fileDescriptor_datastore_4f64055bc62c5380) } + +var fileDescriptor_datastore_4f64055bc62c5380 = []byte{ + // 1584 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x59, 0xfd, 0x72, 0xda, 0xc6, + 0x16, 0x8f, 0xfc, 0x15, 0x73, 0xc0, 0x1f, 0x59, 0x27, 0x18, 0xc8, 0xbd, 0xb6, 0xa3, 0x9b, 0xdc, + 0xc9, 0xcd, 0x87, 0xb0, 0xb9, 0x89, 0xe3, 0xa4, 0x33, 0x6d, 0x6d, 0x4c, 0x28, 0x9d, 0xd8, 0xf1, + 0x08, 0xec, 0x64, 0x92, 0x4e, 0x35, 0x02, 0x16, 0xac, 0x14, 0x24, 0x2a, 0x2d, 0x69, 0x98, 0x3c, + 0x40, 0x67, 0x3a, 0x7d, 0x97, 0x76, 0xa6, 0x2f, 0xd0, 0xc7, 0xe9, 0x63, 0x74, 0xb4, 0x2b, 0x81, + 0x84, 0xb4, 0xb2, 0x30, 0xee, 0x5f, 0x46, 0xab, 0xf3, 0x3b, 0xbf, 0xdf, 0x1e, 0x9d, 0x3d, 0x7b, + 0x76, 0x0d, 0x2b, 0x4d, 0x95, 0xa8, 0x16, 0x31, 0x4c, 0x2c, 0xf5, 0x4c, 0x83, 0x18, 0x28, 0x6d, + 0xf5, 0x34, 0x13, 0x4b, 0x16, 0x36, 0x3f, 0x62, 0x53, 0x1a, 0xbe, 0xcd, 0x6d, 0xb4, 0x0d, 0xa3, + 0xdd, 0xc1, 0x79, 0x6a, 0x55, 0xef, 0xb7, 0xf2, 0x3f, 0x99, 0x6a, 0xaf, 0x87, 0x4d, 0x8b, 0xe1, + 0x72, 0x7b, 0x6d, 0x8d, 0x9c, 0xf7, 0xeb, 0x52, 0xc3, 0xe8, 0xe6, 0xad, 0x9e, 0xd6, 0x6a, 0xe1, + 0x3c, 0xf5, 0xc4, 0x00, 0xf9, 0x86, 0xd1, 0xed, 0x1a, 0x7a, 0xbe, 0xd7, 0xe9, 0xb7, 0x35, 0xf7, + 0x8f, 0x83, 0xdc, 0x89, 0x85, 0x64, 0x7f, 0x18, 0x44, 0x7c, 0x09, 0x0b, 0x07, 0x7d, 0xbd, 0xd9, + 0xc1, 0xe8, 0x0e, 0xa4, 0x88, 0xd9, 0xb7, 0x88, 0xd2, 0x34, 0xba, 0xaa, 0xa6, 0x67, 0x84, 0x2d, + 0xe1, 0x7e, 0x42, 0x4e, 0xd2, 0xb1, 0x43, 0x3a, 0x84, 0xb2, 0xb0, 0xd8, 0x50, 0x95, 0x06, 0x36, + 0x89, 0x95, 0x99, 0xd9, 0x12, 0xee, 0xa7, 0xe4, 0xeb, 0x0d, 0xb5, 0x68, 0x3f, 0x8a, 0x47, 0xb0, + 0x56, 0x34, 0xb1, 0x4a, 0x30, 0xf3, 0x26, 0xe3, 0x1f, 0xfb, 0xd8, 0x22, 0x68, 0x17, 0x16, 0xea, + 0x74, 0x80, 0xba, 0x4b, 0x16, 0x36, 0xa4, 0xf0, 0xa0, 0x48, 0x0e, 0xcc, 0xb1, 0x16, 0x8f, 0xe1, + 0xa6, 0xdf, 0x9d, 0xd5, 0x33, 0x74, 0x0b, 0x5f, 0xda, 0xdf, 0x33, 0x40, 0x2f, 0x31, 0x69, 0x9c, + 0xfb, 0xd5, 0x5d, 0x3c, 0x65, 0x7b, 0x5e, 0x3e, 0xe0, 0x94, 0x3a, 0x6e, 0x02, 0x7a, 0xa5, 0x59, + 0x84, 0x8d, 0x5a, 0x8e, 0x0e, 0xf1, 0x35, 0xac, 0xf9, 0x46, 0x1d, 0x92, 0x3d, 0xb8, 0xce, 0x60, + 0x56, 0x46, 0xd8, 0x9a, 0x8d, 0xc1, 0xe2, 0x9a, 0xdb, 0xaa, 0x4f, 0x7b, 0xcd, 0xab, 0xfc, 0x1a, + 0x7e, 0x77, 0x53, 0x46, 0xe1, 0x08, 0xd6, 0xf6, 0x7b, 0x3d, 0xac, 0x37, 0xaf, 0x4c, 0x9e, 0xdf, + 0xdd, 0x94, 0xf2, 0x7e, 0x17, 0x60, 0xed, 0x10, 0x77, 0xf0, 0x78, 0xf8, 0x62, 0xac, 0x90, 0x43, + 0x98, 0xeb, 0x1a, 0x4d, 0x4c, 0x57, 0xc7, 0x72, 0x61, 0x9b, 0x47, 0x18, 0xe2, 0x5d, 0x3a, 0x32, + 0x9a, 0x58, 0xa6, 0x68, 0x71, 0x1b, 0xe6, 0xec, 0x27, 0x94, 0x82, 0x45, 0xb9, 0x54, 0xad, 0xc9, + 0x95, 0x62, 0x6d, 0xf5, 0x1a, 0x02, 0x58, 0x38, 0x2c, 0xbd, 0x2a, 0xd5, 0x4a, 0xab, 0x02, 0x5a, + 0x06, 0x38, 0xac, 0x54, 0xab, 0xaf, 0x8b, 0x95, 0xfd, 0x5a, 0x69, 0x75, 0xc6, 0x0e, 0x81, 0xdf, + 0xe7, 0x94, 0x21, 0xa8, 0xc3, 0xd2, 0xb1, 0xd1, 0xc4, 0x55, 0xdc, 0xc1, 0x0d, 0x62, 0x98, 0x16, + 0xba, 0x0d, 0x09, 0x56, 0x51, 0x14, 0xad, 0xe9, 0x4c, 0x7c, 0x91, 0x0d, 0x54, 0x9a, 0xe8, 0x09, + 0x24, 0x2c, 0xd7, 0x32, 0x33, 0x43, 0x53, 0x35, 0xed, 0x10, 0x39, 0xc5, 0xc6, 0x75, 0x24, 0x8f, + 0x0c, 0xc5, 0xef, 0x61, 0xbd, 0x8a, 0x89, 0x8f, 0xc6, 0x8d, 0x74, 0xd1, 0xeb, 0x90, 0x29, 0xbf, + 0xc7, 0x53, 0xee, 0x77, 0xe0, 0xf1, 0x9f, 0x83, 0x4c, 0xd0, 0x3f, 0x8b, 0x8b, 0xb8, 0x0b, 0xeb, + 0x65, 0x0e, 0x77, 0xd4, 0x4c, 0x45, 0x05, 0x32, 0x65, 0x8e, 0xcf, 0xab, 0x11, 0xfd, 0x87, 0x00, + 0xa9, 0x7d, 0x42, 0xb0, 0x45, 0x70, 0xd3, 0x36, 0x8a, 0x0e, 0x7c, 0x01, 0x6e, 0xa9, 0xd4, 0x58, + 0x25, 0x9a, 0xa1, 0x2b, 0xb6, 0x7f, 0x85, 0x0c, 0x7a, 0x2c, 0xff, 0x12, 0xf2, 0x9a, 0xe7, 0xe5, + 0xa1, 0x4a, 0xd4, 0xda, 0xa0, 0x87, 0xd1, 0x23, 0x40, 0x76, 0x05, 0x57, 0x2c, 0x6c, 0x6a, 0x6a, + 0x47, 0xd1, 0xfb, 0xdd, 0x3a, 0x36, 0x33, 0xb3, 0x14, 0xb0, 0x6a, 0xbf, 0xa9, 0xd2, 0x17, 0xc7, + 0x74, 0x1c, 0xdd, 0x85, 0x65, 0x6a, 0xad, 0x1b, 0x44, 0x51, 0x5b, 0x04, 0x9b, 0x99, 0xb9, 0x2d, + 0xe1, 0xfe, 0xac, 0x9c, 0xb2, 0x47, 0x8f, 0x0d, 0xb2, 0x6f, 0x8f, 0x89, 0xa7, 0x90, 0x65, 0xe5, + 0xda, 0x2b, 0xdd, 0x0d, 0xe8, 0x1e, 0xcc, 0xe9, 0xf6, 0x9a, 0x60, 0x21, 0xb9, 0xcb, 0x0b, 0x89, + 0x0f, 0x4a, 0x11, 0xe2, 0x19, 0xe4, 0xc2, 0xdc, 0x0e, 0xcb, 0xe3, 0x65, 0xfd, 0x3e, 0x83, 0x0c, + 0x2d, 0xea, 0x61, 0x6a, 0x23, 0x3f, 0xff, 0x29, 0x64, 0x43, 0x80, 0x53, 0xeb, 0x69, 0x40, 0xc6, + 0xae, 0xff, 0xde, 0x37, 0xc3, 0x74, 0x2c, 0xc3, 0x8d, 0xfa, 0x40, 0xc1, 0x9f, 0x6c, 0x67, 0x96, + 0x52, 0xc7, 0x2d, 0xc3, 0x74, 0x29, 0x6e, 0x4b, 0xac, 0x93, 0x90, 0xdc, 0x4e, 0x42, 0xaa, 0xe8, + 0x64, 0xf7, 0xc9, 0x99, 0xda, 0xe9, 0x63, 0x79, 0xa5, 0x3e, 0x28, 0x31, 0xd0, 0x01, 0xc5, 0x88, + 0x6f, 0x20, 0x1b, 0x42, 0xe2, 0x68, 0x7f, 0x01, 0xf3, 0xb6, 0x12, 0x77, 0xa3, 0x89, 0x27, 0x9e, + 0x41, 0xc4, 0x5f, 0x05, 0xc8, 0xb2, 0xed, 0x61, 0xd2, 0x78, 0x72, 0x72, 0x71, 0x26, 0x76, 0x2e, + 0xce, 0x86, 0xe4, 0xe2, 0x19, 0xe4, 0xc2, 0xd4, 0x4c, 0xfd, 0x91, 0xf6, 0x20, 0xcb, 0x4a, 0xec, + 0xc4, 0x59, 0x73, 0x06, 0xb9, 0x30, 0xe4, 0xd4, 0x8a, 0xde, 0xc0, 0x06, 0x5b, 0x1e, 0x32, 0x6e, + 0x6b, 0x16, 0x31, 0xe9, 0x3a, 0x2f, 0xe9, 0xc4, 0x1c, 0xb8, 0xb2, 0x9e, 0xc2, 0x3c, 0xb6, 0x9f, + 0x1d, 0xe7, 0x9b, 0xfe, 0xa2, 0x1c, 0x84, 0x31, 0x6b, 0xf1, 0x2d, 0x6c, 0x72, 0x1d, 0x3b, 0xaa, + 0x2f, 0xe9, 0xf9, 0x05, 0xfc, 0x9b, 0x2e, 0x20, 0xae, 0xe2, 0x2c, 0x2c, 0x52, 0xcb, 0x51, 0x1c, + 0xaf, 0xd3, 0xe7, 0x4a, 0xd3, 0x9e, 0x2e, 0x0f, 0x3b, 0x9d, 0xa8, 0x3f, 0x05, 0x48, 0x1e, 0x0c, + 0x46, 0x7b, 0xdd, 0x13, 0x7f, 0x21, 0x8f, 0xb7, 0x9d, 0xa1, 0x32, 0xcc, 0x77, 0x55, 0xd2, 0x38, + 0x77, 0xf6, 0xfe, 0x1d, 0xee, 0x4e, 0x3b, 0x62, 0x92, 0x8e, 0x6c, 0xc0, 0x01, 0x3e, 0x57, 0x3f, + 0x6a, 0x86, 0x29, 0x33, 0xbc, 0x58, 0x80, 0x25, 0xdf, 0x38, 0x5a, 0x81, 0xe4, 0xd1, 0x7e, 0xad, + 0xf8, 0x8d, 0x52, 0x7a, 0xbb, 0x4f, 0x3b, 0x81, 0x55, 0x48, 0xb1, 0x81, 0xea, 0xe9, 0x41, 0xb5, + 0x54, 0x5b, 0x15, 0xc4, 0xbf, 0x04, 0xd8, 0xb0, 0x57, 0xf7, 0xf8, 0x1c, 0xb5, 0x51, 0x21, 0xf9, + 0x12, 0x52, 0xf5, 0x81, 0xd2, 0x53, 0x4d, 0xac, 0x13, 0x37, 0xba, 0xc9, 0xc2, 0xbf, 0x02, 0x35, + 0xa4, 0x4a, 0x4c, 0x4d, 0x6f, 0xb3, 0x22, 0x02, 0xf5, 0xc1, 0x09, 0x05, 0x54, 0x9a, 0xe8, 0x25, + 0xc5, 0x7b, 0xf7, 0x79, 0x1b, 0xff, 0x9f, 0x18, 0xd3, 0x94, 0x93, 0x75, 0x4f, 0x74, 0x99, 0x8e, + 0xd1, 0x6a, 0x99, 0x8d, 0xa7, 0xa3, 0xea, 0xae, 0xa6, 0xef, 0x60, 0x93, 0x3b, 0x53, 0x27, 0x0f, + 0x9e, 0x03, 0x4d, 0x1a, 0x6d, 0x58, 0xcf, 0x2e, 0xcc, 0x04, 0xd7, 0xde, 0x4e, 0x32, 0x56, 0x3d, + 0xfe, 0x81, 0x35, 0xc5, 0x75, 0x3c, 0x5d, 0xfa, 0x7e, 0x01, 0x1b, 0xac, 0xbc, 0x5c, 0x66, 0x51, + 0xbd, 0x85, 0x4d, 0x2e, 0x78, 0x3a, 0x59, 0xcf, 0x21, 0xf1, 0xad, 0xa1, 0xe9, 0x35, 0xe3, 0x07, + 0xac, 0xa3, 0x9b, 0x30, 0x4f, 0xec, 0x1f, 0x0e, 0x3d, 0x7b, 0x40, 0x69, 0x58, 0xa0, 0x1b, 0xdb, + 0x80, 0x26, 0xd3, 0xac, 0xec, 0x3c, 0x89, 0xef, 0x20, 0xcd, 0xea, 0xcf, 0xd0, 0x81, 0x3b, 0x93, + 0xaf, 0x01, 0x3e, 0x18, 0x9a, 0xae, 0x8c, 0x9c, 0x25, 0x0b, 0x77, 0x78, 0x29, 0x38, 0x42, 0x27, + 0x3e, 0xb8, 0x3f, 0xc5, 0xf7, 0xb0, 0x1e, 0xf0, 0xed, 0x4c, 0x74, 0x7a, 0xe7, 0x8f, 0xe1, 0x16, + 0x2d, 0x51, 0x01, 0xdd, 0xa1, 0xf3, 0xb7, 0xe7, 0x39, 0x6e, 0x7e, 0x65, 0x52, 0x24, 0x48, 0xb3, + 0x0f, 0x1b, 0x53, 0xcb, 0x7b, 0x58, 0x0f, 0xd8, 0x5f, 0x99, 0x98, 0xaf, 0x20, 0x7d, 0x62, 0xf6, + 0xf5, 0x91, 0xef, 0x61, 0x55, 0xba, 0x07, 0xcb, 0x21, 0xbd, 0xcd, 0xac, 0xbc, 0x84, 0x7d, 0xcd, + 0x4b, 0x16, 0xd6, 0x03, 0x0e, 0x98, 0xba, 0xc2, 0x6f, 0x69, 0x48, 0xd8, 0xcd, 0x6d, 0xd5, 0xa6, + 0x47, 0x1a, 0xa4, 0xbc, 0x17, 0x07, 0xe8, 0x21, 0x4f, 0x67, 0xc8, 0x6d, 0x45, 0xee, 0x51, 0x3c, + 0x63, 0x27, 0x2c, 0x2d, 0x48, 0x7a, 0xae, 0x06, 0xd0, 0x03, 0x1e, 0x38, 0x78, 0xf1, 0x90, 0x7b, + 0x18, 0xcb, 0x76, 0xc4, 0xe3, 0xb9, 0x1d, 0xe0, 0xf3, 0x04, 0x2f, 0x16, 0xf8, 0x3c, 0x61, 0xd7, + 0x0d, 0x1a, 0xa4, 0xbc, 0xa7, 0x7c, 0x7e, 0xe8, 0x42, 0xae, 0x16, 0xf8, 0xa1, 0x0b, 0xbd, 0x38, + 0xd0, 0x20, 0xe5, 0x3d, 0xb1, 0xf3, 0xa9, 0x42, 0xae, 0x09, 0xf8, 0x54, 0xa1, 0x97, 0x00, 0x1a, + 0xa4, 0xbc, 0x27, 0x63, 0x3e, 0x55, 0xc8, 0x99, 0x9c, 0x4f, 0x15, 0x7a, 0xd8, 0xfe, 0x0c, 0x28, + 0x78, 0x5c, 0x41, 0x3b, 0xd1, 0x49, 0x15, 0xd2, 0x4d, 0xe6, 0x0a, 0x93, 0x40, 0x1c, 0xf2, 0x4f, + 0x70, 0x23, 0x70, 0x34, 0x41, 0xdb, 0x91, 0x79, 0x16, 0x46, 0xbd, 0x33, 0x01, 0x62, 0xc4, 0x1c, + 0x38, 0x58, 0xf0, 0x99, 0x79, 0x07, 0x1d, 0x3e, 0x33, 0xff, 0xd4, 0xf2, 0x19, 0x50, 0xb0, 0xd5, + 0xe7, 0x07, 0x9c, 0x7b, 0x48, 0xe1, 0x07, 0x3c, 0xe2, 0x24, 0xf1, 0x19, 0x50, 0xb0, 0xab, 0xe7, + 0x93, 0x73, 0xcf, 0x0e, 0x7c, 0xf2, 0x88, 0x43, 0x43, 0x1f, 0x56, 0xc7, 0xef, 0x36, 0x50, 0x9e, + 0xe7, 0x87, 0x73, 0xcb, 0x92, 0xdb, 0x8e, 0x0f, 0x18, 0xd1, 0x96, 0x63, 0xd3, 0x96, 0x27, 0xa5, + 0xe5, 0xde, 0xac, 0xfc, 0x22, 0xb8, 0x9b, 0x76, 0xa0, 0xdb, 0x40, 0xbb, 0xd1, 0x6b, 0x85, 0xd7, + 0x13, 0xe5, 0x9e, 0x4d, 0x8c, 0x73, 0xc4, 0xfc, 0x2c, 0x38, 0xbb, 0x76, 0x50, 0xcb, 0xd3, 0xc8, + 0xc5, 0xc3, 0x95, 0xb2, 0x3b, 0x29, 0xcc, 0x13, 0x16, 0x4e, 0x2b, 0xcc, 0x0f, 0x4b, 0xf4, 0x29, + 0x81, 0x1f, 0x96, 0x8b, 0x7a, 0x6e, 0x5b, 0x0c, 0xa7, 0xc1, 0xe5, 0x8b, 0x89, 0x6e, 0xb5, 0xf9, + 0x62, 0x2e, 0xea, 0xa4, 0x6d, 0x31, 0x9c, 0xb6, 0x96, 0x2f, 0x26, 0xba, 0x89, 0xe6, 0x8b, 0xb9, + 0xa8, 0x7f, 0x36, 0x61, 0x65, 0xac, 0xe3, 0x44, 0x52, 0x74, 0xf2, 0x8d, 0xb7, 0x6c, 0xb9, 0x7c, + 0x6c, 0x7b, 0x87, 0xd3, 0x80, 0x65, 0x7f, 0x67, 0x89, 0x1e, 0x47, 0x26, 0x59, 0x80, 0x51, 0x8a, + 0x6b, 0x3e, 0x9a, 0xe4, 0x58, 0xfb, 0xc8, 0x9f, 0x64, 0x78, 0x5f, 0xca, 0x9f, 0x24, 0xaf, 0x2f, + 0x35, 0x61, 0x65, 0xac, 0x29, 0xe4, 0x73, 0x86, 0xb7, 0x9f, 0x7c, 0x4e, 0x4e, 0xb7, 0x89, 0xde, + 0x41, 0xa2, 0x68, 0xe8, 0x2d, 0xad, 0xdd, 0x37, 0x31, 0xba, 0xe7, 0x3f, 0x0a, 0x39, 0xff, 0x8b, + 0x1b, 0xbe, 0x77, 0x49, 0xfe, 0x7b, 0x91, 0xd9, 0xb0, 0xd1, 0x5b, 0x2a, 0x63, 0x72, 0x42, 0x5f, + 0x57, 0xf4, 0x96, 0x81, 0xfe, 0x17, 0x0a, 0xf4, 0xd9, 0xb8, 0x1c, 0x0f, 0xe2, 0x98, 0x32, 0x9e, + 0x83, 0xe4, 0xbb, 0xc4, 0x70, 0xa2, 0x27, 0xd7, 0x4e, 0x84, 0x93, 0x99, 0xfa, 0x02, 0x3d, 0x76, + 0xff, 0xff, 0xef, 0x00, 0x00, 0x00, 0xff, 0xff, 0x04, 0x23, 0x83, 0x84, 0xc5, 0x1c, 0x00, 0x00, } diff --git a/proto/server/datastore/datastore.proto b/proto/server/datastore/datastore.proto index e3984bc20e..2a987493d7 100644 --- a/proto/server/datastore/datastore.proto +++ b/proto/server/datastore/datastore.proto @@ -58,7 +58,19 @@ message AppendBundleResponse { } message DeleteBundleRequest { + // Mode controls the delete behavior if there are other records + // associated with the bundle (e.g. registration entries). + enum Mode { + // RESTRICT prevents the bundle from being deleted in the presence of associated entries + RESTRICT = 0; + // DELETE deletes the bundle and associated entries + DELETE = 1; + // DISSOCIATE deletes the bundle and dissociates associated entries + DISSOCIATE = 2; + } + string trust_domain = 1; + Mode mode = 2; } message DeleteBundleResponse { diff --git a/proto/server/nodeattestor/README_pb.md b/proto/server/nodeattestor/README_pb.md index b823fab1f4..43cd674ab1 100644 --- a/proto/server/nodeattestor/README_pb.md +++ b/proto/server/nodeattestor/README_pb.md @@ -196,7 +196,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/server/noderesolver/README_pb.md b/proto/server/noderesolver/README_pb.md index 1628ef2a4d..1e10583e47 100644 --- a/proto/server/noderesolver/README_pb.md +++ b/proto/server/noderesolver/README_pb.md @@ -197,7 +197,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/proto/test/dummy/README_pb.md b/proto/test/dummy/README_pb.md index d12e688e70..df079a08bf 100644 --- a/proto/test/dummy/README_pb.md +++ b/proto/test/dummy/README_pb.md @@ -106,7 +106,7 @@ manage the various registered nodes and workloads that are controlled by it. | parent_id | [string](#string) | | The SPIFFE ID of an entity that is authorized to attest the validity of a selector | | spiffe_id | [string](#string) | | The SPIFFE ID is a structured string used to identify a resource or caller. It is defined as a URI comprising a “trust domain” and an associated path. | | ttl | [int32](#int32) | | Time to live. | -| fb_spiffe_ids | [string](#string) | repeated | A list of federated bundle spiffe ids. | +| federates_with | [string](#string) | repeated | A list of federated trust domain SPIFFE IDs. | | entry_id | [string](#string) | | Entry ID | diff --git a/test/fixture/registration/entries.json b/test/fixture/registration/entries.json index e079b19241..b6c810ec5d 100644 --- a/test/fixture/registration/entries.json +++ b/test/fixture/registration/entries.json @@ -17,7 +17,8 @@ ], "spiffe_id": "spiffe://id1", "parent_id": "spiffe://parent", - "ttl": 200 + "ttl": 200, + "federates_with": "spiffe://otherdomain.org" }, { "selectors": [ @@ -92,4 +93,4 @@ "ttl": 200 } ] -} \ No newline at end of file +}