)]}'
{
  "log": [
    {
      "commit": "c4a3aab4c8d14d05b7e2448ab11897b6f9093046",
      "tree": "61585da074852ab286fab9fefa671e35fc1e4658",
      "parents": [
        "42e61c6a3601d7f63176af3f53a3ac9c53120099"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Tue Mar 16 13:31:19 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Tue Mar 16 13:31:19 2021 +0100"
      },
      "message": "metropolis/proto: remove internal\n\nThis is now unused (as it has been replaced by proto/private) and can be\nremoved.\n\nTest Plan: Refactor.\n\nX-Origin-Diff: phab/D736\nGitOrigin-RevId: e71dfd70d36d0ae9b29e2b287fcc337cf2520a51\n"
    },
    {
      "commit": "72068da814af80568cb106b877ef8f5e526e684c",
      "tree": "31831657903e62d4a813c9d18d47413154f13560",
      "parents": [
        "d8af5bf4c14a5c53d1736695a1210b6eea4d246e"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Tue Mar 16 13:15:45 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Tue Mar 16 13:15:45 2021 +0100"
      },
      "message": "metropolis/proto: add private\n\nWe add a new proto package, \u0027private\u0027. This will hold all non-public\nproto messages for the implementation of the cluster lifecyclce design\ndocument.\n\nWe duplicate \u0027internal\u0027 for two reasons:\n\n - make it easier to port code accross to use the new protos/cluster\n   code, while slowly phasing out protos/internal.\n - \u0027internal\u0027 was a poor name choice, as it\u0027s significant in Go path\n   naming, and might cause some problems in the future. We have Bazel\u0027s\n   visiblility mechanism to protect accidental use.\n\nTest Plan: New proto, not yet used - see rest of stack.\n\nX-Origin-Diff: phab/D732\nGitOrigin-RevId: 15632353c46068b4f4c5025828c9c8459feaa335\n"
    },
    {
      "commit": "0ed2f96a3a86aff2c9ce36289aa5d58a75f4d59b",
      "tree": "afbe1fb6cd0a1667e981edfe97969338437bdaca",
      "parents": [
        "056042962060369bd7607ecfea51c515fc3a8140"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Mar 15 16:39:30 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Mar 15 16:39:30 2021 +0100"
      },
      "message": "metropolis/proto: EnrolmentConfig -\u003e NodeParameters\n\nThis starts off the move to a node configuration API conforming to\nthe lifecycle management design document.\n\nInstead of an Enrolment Config used only to join an existing cluster, we\nmove to a NodeParameters proto that must always be given to a node if\nit\u0027s supposed to either bootstrap a new cluster or join an existing one.\n\nThis links the existing cluster management code (and its state machine)\nto work with this file. However, that state machine will be removed very\nsoon, anyway.\n\nWe also remove everything related to golden tickets.\n\nThis breaks multi-node tests.\n\nX-Origin-Diff: phab/D710\nGitOrigin-RevId: f22615fbccab975f2d5e6928bdc7387ab3aa5714\n"
    },
    {
      "commit": "32d73486f4ea778cd3ea58e2d579e862cf67fb9c",
      "tree": "78e3444e0b55df55f512415dbfd34977cdca2350",
      "parents": [
        "6c4199afe4dc4d446679b862f528e840e60925df"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Feb 01 23:49:17 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Feb 01 23:49:17 2021 +0100"
      },
      "message": "metropolis: introduce AAA.Escrow RPC\n\nThis is a combined proto change and design document RFC.\n\nThis implements a generic \u0027Escrow\u0027 methid, used to allow external\nentities to log into a Metropolis cluster. This flow\u0027s subject vaguely\ncorresponds to \u0027Entity\u0027 objects from the Lifecycle DD, but this will be\nmore precisely defined in a subsequent change which introduces the\nactual entities objects, the way they\u0027re identified, and the way they\u0027re\nstored in the cluster.\n\nIn addition, this formalizes the part of the LDD in which entities are\nable to perform hardware attestation on nodes. The hardware attestation\npart is not fully implemented, but is placed within the bounds of the\nEscrow streaming RPC. Entities might also be able to performs this\nhardware attestation in a separate RPC call (having already requested a\nshort-lived certificate permitting access to RPC), but this is not yet\nsure.\n\nThis design, is in a way, a modernized version of GSSAPI. It assumes it\nruns over a confidential channel (TLS), and that it only ever returns\nx509 certificates emitted for the requesting client. It is also designed\nto handle flows that we expect to use within Metropolis.\n\nThis design has some known limitations:\n\n1) Limited decisionmaking abitility by the server to decide which proofs\n   are needed - ie., the server cannot change its mind what other proofs\n   are needed as the client presents some. Currently the server can\n   decide the proofs only based on the parameters given by the client,\n   and the initial context of the connection, ie. its originating\n   address and the presented TLS certificate.\n2) Limited expressibility of required proofs to the client, currently\n   all listed must be fulfilled.\n\nThis, however, can be extended as the protocol evolves, and can continue\nto support simple clients that handle only this protocol. Especially 2)\nmight be limiting us from preventing things like accepting emergency\ncertificates without necessarily needing an OIDC login, even though OIDC\nlogins are required for other kinds of certificates. We are explicitly\ntrying to keep things simple for now, and just not write ourselves into\na corner here.\n\nFinally, this API should cover all scenarios expressed within T865 -\nminus the entity storage part within the cluster.\n\nTest Plan: Proto change and review process.\n\nX-Origin-Diff: phab/D698\nGitOrigin-RevId: 92892b5522a4d41d572fd4c10f24d26f72919aeb\n"
    },
    {
      "commit": "31370b07f0df2dc2765d812d4ce00a6b35185b16",
      "tree": "15563902eee9591083284441c8505b084b275d0a",
      "parents": [
        "313816f41244d7520eb2b6f8c231328ee5b7a4ef"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 16:31:14 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 16:31:14 2021 +0100"
      },
      "message": "*: git.monogon.dev -\u003e source.monogon.dev\n\nThis implements T882, setting our (virtual) GOPATH to source.monogon.dev\nfor this repository.\n\nTest Plan: Refactor, CI only.\n\nX-Origin-Diff: phab/D686\nGitOrigin-RevId: c5e2309089948ffc3a98e68e2e0e1cbb157d3a36\n"
    },
    {
      "commit": "0be9be88224dd87eedb10436b11615fa59862271",
      "tree": "2cffcd0ca273ada48c0b42a36bd25bb1cc2da35c",
      "parents": [
        "549b72b2d65051403301f53111509f77e88b379b"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 15:23:44 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 15:23:44 2021 +0100"
      },
      "message": "metropolis: Lock down visibility rules\n\nThis formalizes the package structure introduced by D683.\n\nTest Plan: Pure refactor, CI only.\n\nX-Origin-Diff: phab/D684\nGitOrigin-RevId: 574aa14c71faf94f4a5c02a2110e2e3fef7d36ac\n"
    },
    {
      "commit": "549b72b2d65051403301f53111509f77e88b379b",
      "tree": "b4e523d5d17e8130545e58b58870b4a18118a780",
      "parents": [
        "696f39abb19ffcca03e9fc5a98681338216b1e7f"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 14:54:19 2021 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Thu Jan 07 14:54:19 2021 +0100"
      },
      "message": "metropolis: unify utility packages\n\nOne last sweeping rename / reshuffle.\n\nWe get rid of //metropolis/node/common and //golibs, unifying them into\na single //metropolis/pkg meta-package.\n\nThis is to be documented somwhere properly, but here\u0027s the new logic\nbehind selecting where to place a new library package:\n\n - if it\u0027s specific to k8s-on-metropolis, put it in\n   //metropolis/node/kubernetes/*. This is a self-contained tree that\n   other paths cannot import from.\n - if it\u0027s a big new subsystem of the metropolis core, put it in\n   //metropolis/node/core. This can be imported by anything in\n   //m/n (eg the Kubernetes code at //m/n/kubernetes\n - otherwise, treat it as generic library that\u0027s part of the metropolis\n   project, and put it in //metropolis/pkg. This can be imported by\n   anything within //metropolis.\n\nThis will be followed up by a diff that updates visibility rules.\n\nTest Plan: Pure refactor, CI only.\n\nX-Origin-Diff: phab/D683\nGitOrigin-RevId: 883e7f09a7d22d64e966d07bbe839454ed081c79\n"
    },
    {
      "commit": "662b5b3119b0798980b887d1ef9fa1b5632aa7fb",
      "tree": "3e1fc4ab033530e6d579112ba500d2c6edb43368",
      "parents": [
        "39f2f691726dc6e0a291aa8609085b835a313dad"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Dec 21 13:49:00 2020 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Dec 21 13:49:00 2020 +0100"
      },
      "message": "smalltown -\u003e metropolis\n\nThis pass removes all mentions of Smalltown, both from code and comments,\nand replaces them with appropriate new terminology.\n\nTest Plan: Refactor, covered by CI.\n\nX-Origin-Diff: phab/D674\nGitOrigin-RevId: 04a94d44ef07d46f7821530da5614daefe16d7ea\n"
    },
    {
      "commit": "77cb6c5ec3acadf02ad5005dd751cfbf0ec1602f",
      "tree": "7ddfcdf78c489a5d6fad7a20bd3580d803407450",
      "parents": [
        "26d41999e0c71813648c16ad84bba810c3b9d593"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Sat Dec 19 00:09:22 2020 +0100"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Sat Dec 19 00:09:22 2020 +0100"
      },
      "message": "core -\u003e metropolis\n\nSmalltown is now called Metropolis!\n\nThis is the first commit in a series of cleanup commits that prepare us\nfor an open source release. This one just some Bazel packages around to\nfollow a stricter directory layout.\n\nAll of Metropolis now lives in `//metropolis`.\n\nAll of Metropolis Node code now lives in `//metropolis/node`.\n\nAll of the main /init now lives in `//m/n/core`.\n\nAll of the Kubernetes functionality/glue now lives in `//m/n/kubernetes`.\n\nNext steps:\n     - hunt down all references to Smalltown and replace them appropriately\n     - narrow down visibility rules\n     - document new code organization\n     - move `//build/toolchain` to `//monogon/build/toolchain`\n     - do another cleanup pass between `//golibs` and\n       `//monogon/node/{core,common}`.\n     - remove `//delta` and `//anubis`\n\nFixes T799.\n\nTest Plan: Just a very large refactor. CI should help us out here.\n\nBug: T799\n\nX-Origin-Diff: phab/D667\nGitOrigin-RevId: 6029b8d4edc42325d50042596b639e8b122d0ded\n"
    }
  ]
}