| Serge Bazanski | efdb6e9 | 2020-07-13 17:19:27 +0200 | [diff] [blame] | 1 | // Copyright 2020 The Monogon Project Authors. |
| 2 | // |
| 3 | // SPDX-License-Identifier: Apache-2.0 |
| 4 | // |
| 5 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | // you may not use this file except in compliance with the License. |
| 7 | // You may obtain a copy of the License at |
| 8 | // |
| 9 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | // |
| 11 | // Unless required by applicable law or agreed to in writing, software |
| 12 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | // See the License for the specific language governing permissions and |
| 15 | // limitations under the License. |
| 16 | |
| 17 | syntax = "proto3"; |
| 18 | package smalltown.core.proto.api; |
| 19 | option go_package = "git.monogon.dev/source/nexantic.git/core/proto/api"; |
| 20 | |
| 21 | import "core/proto/api/enrolment.proto"; |
| 22 | |
| 23 | // NodeDebugService exposes debug and testing endpoints that allow introspection into a running Smalltown instance. |
| 24 | // It is not authenticated and will be disabled in production. It is currently consumed by core/cmd/dbg and |
| 25 | // by tests. For exact documentation of the available parameters please look at core/internal/node/debug.go. |
| 26 | service NodeDebugService { |
| 27 | // GetDebugKubeconfig issues kubeconfigs with arbitrary identities and groups for debugging |
| 28 | rpc GetDebugKubeconfig(GetDebugKubeconfigRequest) returns (GetDebugKubeconfigResponse); |
| 29 | // GetComponentLogs dumps various log ringbuffers for binaries that we run. |
| 30 | rpc GetComponentLogs(GetComponentLogsRequest) returns (GetComponentLogsResponse); |
| Serge Bazanski | 57b4375 | 2020-07-13 19:17:48 +0200 | [diff] [blame] | 31 | // GetGoldenTicket requests a 'golden ticket' which can be used to enroll any node into the cluster. |
| 32 | // This bypasses integrity checks. |
| 33 | rpc GetGoldenTicket(GetGoldenTicketRequest) returns (GetGoldenTicketResponse); |
| Serge Bazanski | efdb6e9 | 2020-07-13 17:19:27 +0200 | [diff] [blame] | 34 | } |
| 35 | |
| 36 | |
| 37 | message GetDebugKubeconfigRequest { |
| 38 | string id = 1; // Kubernetes identity (user) |
| 39 | repeated string groups = 2; // Kubernetes groups |
| 40 | } |
| 41 | |
| 42 | message GetDebugKubeconfigResponse { |
| 43 | string debug_kubeconfig = 1; |
| 44 | } |
| 45 | |
| 46 | message GetComponentLogsRequest { |
| 47 | // For supported paths see core/internal/node/debug.go |
| 48 | repeated string component_path = 1; |
| 49 | uint32 tail_lines = 2; // 0 = whole ring buffer |
| 50 | } |
| 51 | |
| 52 | message GetComponentLogsResponse { |
| 53 | repeated string line = 1; |
| 54 | } |
| Serge Bazanski | 57b4375 | 2020-07-13 19:17:48 +0200 | [diff] [blame] | 55 | |
| 56 | message GetGoldenTicketRequest { |
| 57 | // IP address at which the new node will run. |
| 58 | string external_ip = 1; |
| 59 | } |
| 60 | |
| 61 | message GetGoldenTicketResponse { |
| 62 | // Ticket to use in the new node's EnrolmentConfig. |
| 63 | GoldenTicket ticket = 1; |
| 64 | } |