diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index bf4e727..0000000 --- a/.gitmodules +++ /dev/null @@ -1,6 +0,0 @@ -[submodule "wfe-containerd-protos/vendor/containerd"] - path = wfe-containerd-protos/vendor/containerd - url = https://github.com/containerd/containerd.git -[submodule "wfe-buildkit-protos/vendor/buildkit"] - path = wfe-buildkit-protos/vendor/buildkit - url = https://github.com/moby/buildkit.git diff --git a/wfe-buildkit-protos/proto/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/runhcs.proto b/wfe-buildkit-protos/proto/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/runhcs.proto new file mode 100644 index 0000000..8546c61 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/runhcs.proto @@ -0,0 +1,124 @@ +syntax = "proto3"; + +package containerd.runhcs.v1; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"; + +// Options are the set of customizations that can be passed at Create time. +message Options { + // Enable debug tracing (sets the logrus log level to debug). This may be deprecated in the future, prefer + // log_level as this will override debug if both of them are set. + bool debug = 1; + + enum DebugType { + NPIPE = 0; + FILE = 1; + ETW = 2; + } + + // debug tracing output type + DebugType debug_type = 2; + + // registry key root for storage of the runhcs container state + string registry_root = 3; + + // sandbox_image is the image to use for the sandbox that matches the + // sandbox_platform. + string sandbox_image = 4; + + // sandbox_platform is a CRI setting that specifies the platform + // architecture for all sandbox's in this runtime. Values are + // 'windows/amd64' and 'linux/amd64'. + string sandbox_platform = 5; + + enum SandboxIsolation { + PROCESS = 0; + HYPERVISOR = 1; + } + + // sandbox_isolation is a CRI setting that specifies the isolation level of + // the sandbox. For Windows runtime PROCESS and HYPERVISOR are valid. For + // LCOW only HYPERVISOR is valid and default if omitted. + SandboxIsolation sandbox_isolation = 6; + + // boot_files_root_path is the path to the directory containing the LCOW + // kernel and root FS files. + string boot_files_root_path = 7; + + // vm_processor_count is the default number of processors to create for the + // hypervisor isolated utility vm. + // + // The platform default if omitted is 2, unless the host only has a single + // core in which case it is 1. + int32 vm_processor_count = 8; + + // vm_memory_size_in_mb is the default amount of memory to assign to the + // hypervisor isolated utility vm. + // + // The platform default is 1024MB if omitted. + int32 vm_memory_size_in_mb = 9; + + // GPUVHDPath is the path to the gpu vhd to add to the uvm + // when a container requests a gpu + string GPUVHDPath = 10; + + // scale_cpu_limits_to_sandbox indicates that container CPU limits should + // be adjusted to account for the difference in number of cores between the + // host and UVM. + bool scale_cpu_limits_to_sandbox = 11; + + // default_container_scratch_size_in_gb is the default scratch size (sandbox.vhdx) + // to be used for containers. Every container will get a sandbox of `size_in_gb` assigned + // instead of the default of 20GB. + int32 default_container_scratch_size_in_gb = 12; + + // default_vm_scratch_size_in_gb is the default scratch size (sandbox.vhdx) + // to be used for the UVM. This only applies to WCOW as LCOW doesn't mount a scratch + // specifically for the UVM. + int32 default_vm_scratch_size_in_gb = 13; + + // share_scratch specifies if we'd like to reuse scratch space between multiple containers. + // This currently only affects LCOW. The sandbox containers scratch space is re-used for all + // subsequent containers launched in the pod. + bool share_scratch = 14; + + // NCProxyAddr is the address of the network configuration proxy service. If omitted + // the network is setup locally. + string NCProxyAddr = 15; + + // log_level specifies the logrus log level for the shim. Supported values are a string representation of the + // logrus log levels: "trace", "debug", "info", "warn", "error", "fatal", "panic". This setting will override + // the `debug` field if both are specified, unless the level specified is also "debug", as these are equivalent. + string log_level = 16; + + // io_retry_timeout_in_sec is the timeout in seconds for how long to try and reconnect to an upstream IO provider if a connection is lost. + // The typical example is if Containerd has restarted but is expected to come back online. A 0 for this field is interpreted as an infinite + // timeout. + int32 io_retry_timeout_in_sec = 17; + + // default_container_annotations specifies a set of annotations that should be set for every workload container + map default_container_annotations = 18; + + // no_inherit_host_timezone specifies to skip inheriting the hosts time zone for WCOW UVMs and instead default to + // UTC. + bool no_inherit_host_timezone = 19; + + // scrub_logs enables removing environment variables and other potentially sensitive information from logs + bool scrub_logs = 20; +} + +// ProcessDetails contains additional information about a process. This is the additional +// info returned in the Pids query. +message ProcessDetails { + string image_name = 1; + google.protobuf.Timestamp created_at = 2; + uint64 kernel_time_100_ns = 3; + uint64 memory_commit_bytes = 4; + uint64 memory_working_set_private_bytes = 5; + uint64 memory_working_set_shared_bytes = 6; + uint32 process_id = 7; + uint64 user_time_100_ns = 8; + string exec_id = 9; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/cgroups/v3/cgroup1/stats/metrics.proto b/wfe-buildkit-protos/proto/github.com/containerd/cgroups/v3/cgroup1/stats/metrics.proto new file mode 100644 index 0000000..e6e4444 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/cgroups/v3/cgroup1/stats/metrics.proto @@ -0,0 +1,158 @@ +syntax = "proto3"; + +package io.containerd.cgroups.v1; + +option go_package = "github.com/containerd/cgroups/cgroup1/stats"; + +message Metrics { + repeated HugetlbStat hugetlb = 1; + PidsStat pids = 2; + CPUStat cpu = 3; + MemoryStat memory = 4; + BlkIOStat blkio = 5; + RdmaStat rdma = 6; + repeated NetworkStat network = 7; + CgroupStats cgroup_stats = 8; + MemoryOomControl memory_oom_control = 9; +} + +message HugetlbStat { + uint64 usage = 1; + uint64 max = 2; + uint64 failcnt = 3; + string pagesize = 4; +} + +message PidsStat { + uint64 current = 1; + uint64 limit = 2; +} + +message CPUStat { + CPUUsage usage = 1; + Throttle throttling = 2; +} + +message CPUUsage { + // values in nanoseconds + uint64 total = 1; + uint64 kernel = 2; + uint64 user = 3; + repeated uint64 per_cpu = 4; + +} + +message Throttle { + uint64 periods = 1; + uint64 throttled_periods = 2; + uint64 throttled_time = 3; +} + +message MemoryStat { + uint64 cache = 1; + uint64 rss = 2; + uint64 rss_huge = 3; + uint64 mapped_file = 4; + uint64 dirty = 5; + uint64 writeback = 6; + uint64 pg_pg_in = 7; + uint64 pg_pg_out = 8; + uint64 pg_fault = 9; + uint64 pg_maj_fault = 10; + uint64 inactive_anon = 11; + uint64 active_anon = 12; + uint64 inactive_file = 13; + uint64 active_file = 14; + uint64 unevictable = 15; + uint64 hierarchical_memory_limit = 16; + uint64 hierarchical_swap_limit = 17; + uint64 total_cache = 18; + uint64 total_rss = 19; + uint64 total_rss_huge = 20; + uint64 total_mapped_file = 21; + uint64 total_dirty = 22; + uint64 total_writeback = 23; + uint64 total_pg_pg_in = 24; + uint64 total_pg_pg_out = 25; + uint64 total_pg_fault = 26; + uint64 total_pg_maj_fault = 27; + uint64 total_inactive_anon = 28; + uint64 total_active_anon = 29; + uint64 total_inactive_file = 30; + uint64 total_active_file = 31; + uint64 total_unevictable = 32; + MemoryEntry usage = 33; + MemoryEntry swap = 34; + MemoryEntry kernel = 35; + MemoryEntry kernel_tcp = 36; + +} + +message MemoryEntry { + uint64 limit = 1; + uint64 usage = 2; + uint64 max = 3; + uint64 failcnt = 4; +} + +message MemoryOomControl { + uint64 oom_kill_disable = 1; + uint64 under_oom = 2; + uint64 oom_kill = 3; +} + +message BlkIOStat { + repeated BlkIOEntry io_service_bytes_recursive = 1; + repeated BlkIOEntry io_serviced_recursive = 2; + repeated BlkIOEntry io_queued_recursive = 3; + repeated BlkIOEntry io_service_time_recursive = 4; + repeated BlkIOEntry io_wait_time_recursive = 5; + repeated BlkIOEntry io_merged_recursive = 6; + repeated BlkIOEntry io_time_recursive = 7; + repeated BlkIOEntry sectors_recursive = 8; +} + +message BlkIOEntry { + string op = 1; + string device = 2; + uint64 major = 3; + uint64 minor = 4; + uint64 value = 5; +} + +message RdmaStat { + repeated RdmaEntry current = 1; + repeated RdmaEntry limit = 2; +} + +message RdmaEntry { + string device = 1; + uint32 hca_handles = 2; + uint32 hca_objects = 3; +} + +message NetworkStat { + string name = 1; + uint64 rx_bytes = 2; + uint64 rx_packets = 3; + uint64 rx_errors = 4; + uint64 rx_dropped = 5; + uint64 tx_bytes = 6; + uint64 tx_packets = 7; + uint64 tx_errors = 8; + uint64 tx_dropped = 9; +} + +// CgroupStats exports per-cgroup statistics. +message CgroupStats { + // number of tasks sleeping + uint64 nr_sleeping = 1; + // number of tasks running + uint64 nr_running = 2; + // number of tasks in stopped state + uint64 nr_stopped = 3; + // number of tasks in uninterruptible state + uint64 nr_uninterruptible = 4; + // number of tasks waiting on IO + uint64 nr_io_wait = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/container.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/container.proto new file mode 100644 index 0000000..bacee0d --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/container.proto @@ -0,0 +1,46 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/any.proto"; +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ContainerCreate { + string id = 1; + string image = 2; + message Runtime { + string name = 1; + google.protobuf.Any options = 2; + } + Runtime runtime = 3; +} + +message ContainerUpdate { + string id = 1; + string image = 2; + map labels = 3; + string snapshot_key = 4; +} + +message ContainerDelete { + string id = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/content.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/content.proto new file mode 100644 index 0000000..58bd915 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/content.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ContentCreate { + string digest = 1; + int64 size = 2; +} + +message ContentDelete { + string digest = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/image.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/image.proto new file mode 100644 index 0000000..0fa2430 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/image.proto @@ -0,0 +1,38 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.images.v1; + +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ImageCreate { + string name = 1; + map labels = 2; +} + +message ImageUpdate { + string name = 1; + map labels = 2; +} + +message ImageDelete { + string name = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/namespace.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/namespace.proto new file mode 100644 index 0000000..f7757e4 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/namespace.proto @@ -0,0 +1,38 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message NamespaceCreate { + string name = 1; + map labels = 2; +} + +message NamespaceUpdate { + string name = 1; + map labels = 2; +} + +message NamespaceDelete { + string name = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/sandbox.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/sandbox.proto new file mode 100644 index 0000000..f1c5195 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/sandbox.proto @@ -0,0 +1,37 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; + +message SandboxCreate { + string sandbox_id = 1; +} + +message SandboxStart { + string sandbox_id = 1; +} + +message SandboxExit { + string sandbox_id = 1; + uint32 exit_status = 2; + google.protobuf.Timestamp exited_at = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/snapshot.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/snapshot.proto new file mode 100644 index 0000000..b00c023 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/snapshot.proto @@ -0,0 +1,41 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message SnapshotPrepare { + string key = 1; + string parent = 2; + string snapshotter = 5; +} + +message SnapshotCommit { + string key = 1; + string name = 2; + string snapshotter = 5; +} + +message SnapshotRemove { + string key = 1; + string snapshotter = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/task.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/task.proto new file mode 100644 index 0000000..4964a16 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/events/task.proto @@ -0,0 +1,93 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/timestamp.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; +import "github.com/containerd/containerd/api/types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message TaskCreate { + string container_id = 1; + string bundle = 2; + repeated containerd.types.Mount rootfs = 3; + TaskIO io = 4; + string checkpoint = 5; + uint32 pid = 6; +} + +message TaskStart { + string container_id = 1; + uint32 pid = 2; +} + +message TaskDelete { + string container_id = 1; + uint32 pid = 2; + uint32 exit_status = 3; + google.protobuf.Timestamp exited_at = 4; + // id is the specific exec. By default if omitted will be `""` thus matches + // the init exec of the task matching `container_id`. + string id = 5; +} + +message TaskIO { + string stdin = 1; + string stdout = 2; + string stderr = 3; + bool terminal = 4; +} + +message TaskExit { + string container_id = 1; + string id = 2; + uint32 pid = 3; + uint32 exit_status = 4; + google.protobuf.Timestamp exited_at = 5; +} + +message TaskOOM { + string container_id = 1; +} + +message TaskExecAdded { + string container_id = 1; + string exec_id = 2; +} + +message TaskExecStarted { + string container_id = 1; + string exec_id = 2; + uint32 pid = 3; +} + +message TaskPaused { + string container_id = 1; +} + +message TaskResumed { + string container_id = 1; +} + +message TaskCheckpointed { + string container_id = 1; + string checkpoint = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/runtime/sandbox/v1/sandbox.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/runtime/sandbox/v1/sandbox.proto new file mode 100644 index 0000000..0cf801c --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/runtime/sandbox/v1/sandbox.proto @@ -0,0 +1,149 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.runtime.sandbox.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +import "github.com/containerd/containerd/api/types/mount.proto"; +import "github.com/containerd/containerd/api/types/platform.proto"; +import "github.com/containerd/containerd/api/types/metrics.proto"; + +option go_package = "github.com/containerd/containerd/api/runtime/sandbox/v1;sandbox"; + +// Sandbox is an optional interface that shim may implement to support sandboxes environments. +// A typical example of sandbox is microVM or pause container - an entity that groups containers and/or +// holds resources relevant for this group. +service Sandbox { + // CreateSandbox will be called right after sandbox shim instance launched. + // It is a good place to initialize sandbox environment. + rpc CreateSandbox(CreateSandboxRequest) returns (CreateSandboxResponse); + + // StartSandbox will start a previously created sandbox. + rpc StartSandbox(StartSandboxRequest) returns (StartSandboxResponse); + + // Platform queries the platform the sandbox is going to run containers on. + // containerd will use this to generate a proper OCI spec. + rpc Platform(PlatformRequest) returns (PlatformResponse); + + // StopSandbox will stop existing sandbox instance + rpc StopSandbox(StopSandboxRequest) returns (StopSandboxResponse); + + // WaitSandbox blocks until sandbox exits. + rpc WaitSandbox(WaitSandboxRequest) returns (WaitSandboxResponse); + + // SandboxStatus will return current status of the running sandbox instance + rpc SandboxStatus(SandboxStatusRequest) returns (SandboxStatusResponse); + + // PingSandbox is a lightweight API call to check whether sandbox alive. + rpc PingSandbox(PingRequest) returns (PingResponse); + + // ShutdownSandbox must shutdown shim instance. + rpc ShutdownSandbox(ShutdownSandboxRequest) returns (ShutdownSandboxResponse); + + // SandboxMetrics retrieves metrics about a sandbox instance. + rpc SandboxMetrics(SandboxMetricsRequest) returns (SandboxMetricsResponse); +} + +message CreateSandboxRequest { + string sandbox_id = 1; + string bundle_path = 2; + repeated containerd.types.Mount rootfs = 3; + google.protobuf.Any options = 4; + string netns_path = 5; + map annotations = 6; +} + +message CreateSandboxResponse {} + +message StartSandboxRequest { + string sandbox_id = 1; +} + +message StartSandboxResponse { + uint32 pid = 1; + google.protobuf.Timestamp created_at = 2; +} + +message PlatformRequest { + string sandbox_id = 1; +} + +message PlatformResponse { + containerd.types.Platform platform = 1; +} + +message StopSandboxRequest { + string sandbox_id = 1; + uint32 timeout_secs = 2; +} + +message StopSandboxResponse {} + +message UpdateSandboxRequest { + string sandbox_id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message WaitSandboxRequest { + string sandbox_id = 1; +} + +message WaitSandboxResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message UpdateSandboxResponse {} + +message SandboxStatusRequest { + string sandbox_id = 1; + bool verbose = 2; +} + +message SandboxStatusResponse { + string sandbox_id = 1; + uint32 pid = 2; + string state = 3; + map info = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp exited_at = 6; + google.protobuf.Any extra = 7; +} + +message PingRequest { + string sandbox_id = 1; +} + +message PingResponse {} + +message ShutdownSandboxRequest { + string sandbox_id = 1; +} + +message ShutdownSandboxResponse {} + +message SandboxMetricsRequest { + string sandbox_id = 1; +} + +message SandboxMetricsResponse { + containerd.types.Metric metrics = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/containers/v1/containers.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/containers/v1/containers.proto new file mode 100644 index 0000000..3de07ff --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/containers/v1/containers.proto @@ -0,0 +1,181 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.containers.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/containers/v1;containers"; + +// Containers provides metadata storage for containers used in the execution +// service. +// +// The objects here provide an state-independent view of containers for use in +// management and resource pinning. From that perspective, containers do not +// have a "state" but rather this is the set of resources that will be +// considered in use by the container. +// +// From the perspective of the execution service, these objects represent the +// base parameters for creating a container process. +// +// In general, when looking to add fields for this type, first ask yourself +// whether or not the function of the field has to do with runtime execution or +// is invariant of the runtime state of the container. If it has to do with +// runtime, or changes as the "container" is started and stops, it probably +// doesn't belong on this object. +service Containers { + rpc Get(GetContainerRequest) returns (GetContainerResponse); + rpc List(ListContainersRequest) returns (ListContainersResponse); + rpc ListStream(ListContainersRequest) returns (stream ListContainerMessage); + rpc Create(CreateContainerRequest) returns (CreateContainerResponse); + rpc Update(UpdateContainerRequest) returns (UpdateContainerResponse); + rpc Delete(DeleteContainerRequest) returns (google.protobuf.Empty); +} + +message Container { + // ID is the user-specified identifier. + // + // This field may not be updated. + string id = 1; + + // Labels provides an area to include arbitrary data on containers. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + // + // Note that to add a new value to this field, read the existing set and + // include the entire result in the update call. + map labels = 2; + + // Image contains the reference of the image used to build the + // specification and snapshots for running this container. + // + // If this field is updated, the spec and rootfs needed to updated, as well. + string image = 3; + + message Runtime { + // Name is the name of the runtime. + string name = 1; + // Options specify additional runtime initialization options. + google.protobuf.Any options = 2; + } + // Runtime specifies which runtime to use for executing this container. + Runtime runtime = 4; + + // Spec to be used when creating the container. This is runtime specific. + google.protobuf.Any spec = 5; + + // Snapshotter specifies the snapshotter name used for rootfs + string snapshotter = 6; + + // SnapshotKey specifies the snapshot key to use for the container's root + // filesystem. When starting a task from this container, a caller should + // look up the mounts from the snapshot service and include those on the + // task create request. + // + // Snapshots referenced in this field will not be garbage collected. + // + // This field is set to empty when the rootfs is not a snapshot. + // + // This field may be updated. + string snapshot_key = 7; + + // CreatedAt is the time the container was first created. + google.protobuf.Timestamp created_at = 8; + + // UpdatedAt is the last time the container was mutated. + google.protobuf.Timestamp updated_at = 9; + + // Extensions allow clients to provide zero or more blobs that are directly + // associated with the container. One may provide protobuf, json, or other + // encoding formats. The primary use of this is to further decorate the + // container object with fields that may be specific to a client integration. + // + // The key portion of this map should identify a "name" for the extension + // that should be unique against other extensions. When updating extension + // data, one should only update the specified extension using field paths + // to select a specific map key. + map extensions = 10; + + // Sandbox ID this container belongs to. + string sandbox = 11; +} + +message GetContainerRequest { + string id = 1; +} + +message GetContainerResponse { + Container container = 1; +} + +message ListContainersRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, containers that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListContainersResponse { + repeated Container containers = 1; +} + +message CreateContainerRequest { + Container container = 1; +} + +message CreateContainerResponse { + Container container = 1; +} + +// UpdateContainerRequest updates the metadata on one or more container. +// +// The operation should follow semantics described in +// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask, +// unless otherwise qualified. +message UpdateContainerRequest { + // Container provides the target values, as declared by the mask, for the update. + // + // The ID field must be set. + Container container = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateContainerResponse { + Container container = 1; +} + +message DeleteContainerRequest { + string id = 1; +} + +message ListContainerMessage { + Container container = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/content/v1/content.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/content/v1/content.proto new file mode 100644 index 0000000..8aea063 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/content/v1/content.proto @@ -0,0 +1,330 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.content.v1; + +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "google/protobuf/empty.proto"; + +option go_package = "github.com/containerd/containerd/api/services/content/v1;content"; + +// Content provides access to a content addressable storage system. +service Content { + // Info returns information about a committed object. + // + // This call can be used for getting the size of content and checking for + // existence. + rpc Info(InfoRequest) returns (InfoResponse); + + // Update updates content metadata. + // + // This call can be used to manage the mutable content labels. The + // immutable metadata such as digest, size, and committed at cannot + // be updated. + rpc Update(UpdateRequest) returns (UpdateResponse); + + // List streams the entire set of content as Info objects and closes the + // stream. + // + // Typically, this will yield a large response, chunked into messages. + // Clients should make provisions to ensure they can handle the entire data + // set. + rpc List(ListContentRequest) returns (stream ListContentResponse); + + // Delete will delete the referenced object. + rpc Delete(DeleteContentRequest) returns (google.protobuf.Empty); + + // Read allows one to read an object based on the offset into the content. + // + // The requested data may be returned in one or more messages. + rpc Read(ReadContentRequest) returns (stream ReadContentResponse); + + // Status returns the status for a single reference. + rpc Status(StatusRequest) returns (StatusResponse); + + // ListStatuses returns the status of ongoing object ingestions, started via + // Write. + // + // Only those matching the regular expression will be provided in the + // response. If the provided regular expression is empty, all ingestions + // will be provided. + rpc ListStatuses(ListStatusesRequest) returns (ListStatusesResponse); + + // Write begins or resumes writes to a resource identified by a unique ref. + // Only one active stream may exist at a time for each ref. + // + // Once a write stream has started, it may only write to a single ref, thus + // once a stream is started, the ref may be omitted on subsequent writes. + // + // For any write transaction represented by a ref, only a single write may + // be made to a given offset. If overlapping writes occur, it is an error. + // Writes should be sequential and implementations may throw an error if + // this is required. + // + // If expected_digest is set and already part of the content store, the + // write will fail. + // + // When completed, the commit flag should be set to true. If expected size + // or digest is set, the content will be validated against those values. + rpc Write(stream WriteContentRequest) returns (stream WriteContentResponse); + + // Abort cancels the ongoing write named in the request. Any resources + // associated with the write will be collected. + rpc Abort(AbortRequest) returns (google.protobuf.Empty); +} + +message Info { + // Digest is the hash identity of the blob. + string digest = 1; + + // Size is the total number of bytes in the blob. + int64 size = 2; + + // CreatedAt provides the time at which the blob was committed. + google.protobuf.Timestamp created_at = 3; + + // UpdatedAt provides the time the info was last updated. + google.protobuf.Timestamp updated_at = 4; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 5; +} + +message InfoRequest { + string digest = 1; +} + +message InfoResponse { + Info info = 1; +} + +message UpdateRequest { + Info info = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // In info, Digest, Size, and CreatedAt are immutable, + // other field may be updated using this mask. + // If no mask is provided, all mutable field are updated. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateResponse { + Info info = 1; +} + +message ListContentRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, containers that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListContentResponse { + repeated Info info = 1; +} + +message DeleteContentRequest { + // Digest specifies which content to delete. + string digest = 1; +} + +// ReadContentRequest defines the fields that make up a request to read a portion of +// data from a stored object. +message ReadContentRequest { + // Digest is the hash identity to read. + string digest = 1; + + // Offset specifies the number of bytes from the start at which to begin + // the read. If zero or less, the read will be from the start. This uses + // standard zero-indexed semantics. + int64 offset = 2; + + // size is the total size of the read. If zero, the entire blob will be + // returned by the service. + int64 size = 3; +} + +// ReadContentResponse carries byte data for a read request. +message ReadContentResponse { + int64 offset = 1; // offset of the returned data + bytes data = 2; // actual data +} + +message Status { + google.protobuf.Timestamp started_at = 1; + google.protobuf.Timestamp updated_at = 2; + string ref = 3; + int64 offset = 4; + int64 total = 5; + string expected = 6; +} + + +message StatusRequest { + string ref = 1; +} + +message StatusResponse { + Status status = 1; +} + +message ListStatusesRequest { + repeated string filters = 1; +} + +message ListStatusesResponse { + repeated Status statuses = 1; +} + +// WriteAction defines the behavior of a WriteRequest. +enum WriteAction { + // WriteActionStat instructs the writer to return the current status while + // holding the lock on the write. + STAT = 0; + + // WriteActionWrite sets the action for the write request to write data. + // + // Any data included will be written at the provided offset. The + // transaction will be left open for further writes. + // + // This is the default. + WRITE = 1; + + // WriteActionCommit will write any outstanding data in the message and + // commit the write, storing it under the digest. + // + // This can be used in a single message to send the data, verify it and + // commit it. + // + // This action will always terminate the write. + COMMIT = 2; +} + +// WriteContentRequest writes data to the request ref at offset. +message WriteContentRequest { + // Action sets the behavior of the write. + // + // When this is a write and the ref is not yet allocated, the ref will be + // allocated and the data will be written at offset. + // + // If the action is write and the ref is allocated, it will accept data to + // an offset that has not yet been written. + // + // If the action is write and there is no data, the current write status + // will be returned. This works differently from status because the stream + // holds a lock. + WriteAction action = 1; + + // Ref identifies the pre-commit object to write to. + string ref = 2; + + // Total can be set to have the service validate the total size of the + // committed content. + // + // The latest value before or with the commit action message will be use to + // validate the content. If the offset overflows total, the service may + // report an error. It is only required on one message for the write. + // + // If the value is zero or less, no validation of the final content will be + // performed. + int64 total = 3; + + // Expected can be set to have the service validate the final content against + // the provided digest. + // + // If the digest is already present in the object store, an AlreadyExists + // error will be returned. + // + // Only the latest version will be used to check the content against the + // digest. It is only required to include it on a single message, before or + // with the commit action message. + string expected = 4; + + // Offset specifies the number of bytes from the start at which to begin + // the write. For most implementations, this means from the start of the + // file. This uses standard, zero-indexed semantics. + // + // If the action is write, the remote may remove all previously written + // data after the offset. Implementations may support arbitrary offsets but + // MUST support reseting this value to zero with a write. If an + // implementation does not support a write at a particular offset, an + // OutOfRange error must be returned. + int64 offset = 5; + + // Data is the actual bytes to be written. + // + // If this is empty and the message is not a commit, a response will be + // returned with the current write state. + bytes data = 6; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 7; +} + +// WriteContentResponse is returned on the culmination of a write call. +message WriteContentResponse { + // Action contains the action for the final message of the stream. A writer + // should confirm that they match the intended result. + WriteAction action = 1; + + // StartedAt provides the time at which the write began. + // + // This must be set for stat and commit write actions. All other write + // actions may omit this. + google.protobuf.Timestamp started_at = 2; + + // UpdatedAt provides the last time of a successful write. + // + // This must be set for stat and commit write actions. All other write + // actions may omit this. + google.protobuf.Timestamp updated_at = 3; + + // Offset is the current committed size for the write. + int64 offset = 4; + + // Total provides the current, expected total size of the write. + // + // We include this to provide consistency with the Status structure on the + // client writer. + // + // This is only valid on the Stat and Commit response. + int64 total = 5; + + // Digest, if present, includes the digest up to the currently committed + // bytes. If action is commit, this field will be set. It is implementation + // defined if this is set for other actions. + string digest = 6; +} + +message AbortRequest { + string ref = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/diff/v1/diff.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/diff/v1/diff.proto new file mode 100644 index 0000000..2aa5ad8 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/diff/v1/diff.proto @@ -0,0 +1,90 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.diff.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; +import "github.com/containerd/containerd/api/types/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/services/diff/v1;diff"; + +// Diff service creates and applies diffs +service Diff { + // Apply applies the content associated with the provided digests onto + // the provided mounts. Archive content will be extracted and + // decompressed if necessary. + rpc Apply(ApplyRequest) returns (ApplyResponse); + + // Diff creates a diff between the given mounts and uploads the result + // to the content store. + rpc Diff(DiffRequest) returns (DiffResponse); +} + +message ApplyRequest { + // Diff is the descriptor of the diff to be extracted + containerd.types.Descriptor diff = 1; + + repeated containerd.types.Mount mounts = 2; + + map payloads = 3; + // SyncFs is to synchronize the underlying filesystem containing files. + bool sync_fs = 4; +} + +message ApplyResponse { + // Applied is the descriptor for the object which was applied. + // If the input was a compressed blob then the result will be + // the descriptor for the uncompressed blob. + containerd.types.Descriptor applied = 1; +} + +message DiffRequest { + // Left are the mounts which represent the older copy + // in which is the base of the computed changes. + repeated containerd.types.Mount left = 1; + + // Right are the mounts which represents the newer copy + // in which changes from the left were made into. + repeated containerd.types.Mount right = 2; + + // MediaType is the media type descriptor for the created diff + // object + string media_type = 3; + + // Ref identifies the pre-commit content store object. This + // reference can be used to get the status from the content store. + string ref = 4; + + // Labels are the labels to apply to the generated content + // on content store commit. + map labels = 5; + + // SourceDateEpoch specifies the timestamp used to provide control for reproducibility. + // See also https://reproducible-builds.org/docs/source-date-epoch/ . + // + // Since containerd v2.0, the whiteout timestamps are set to zero (1970-01-01), + // not to the source date epoch. + google.protobuf.Timestamp source_date_epoch = 6; +} + +message DiffResponse { + // Diff is the descriptor of the diff which can be applied + containerd.types.Descriptor diff = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/events/v1/events.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/events/v1/events.proto new file mode 100644 index 0000000..3ea43e3 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/events/v1/events.proto @@ -0,0 +1,62 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.events.v1; + +import "github.com/containerd/containerd/api/types/event.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; + +option go_package = "github.com/containerd/containerd/api/services/events/v1;events"; + +service Events { + // Publish an event to a topic. + // + // The event will be packed into a timestamp envelope with the namespace + // introspected from the context. The envelope will then be dispatched. + rpc Publish(PublishRequest) returns (google.protobuf.Empty); + + // Forward sends an event that has already been packaged into an envelope + // with a timestamp and namespace. + // + // This is useful if earlier timestamping is required or when forwarding on + // behalf of another component, namespace or publisher. + rpc Forward(ForwardRequest) returns (google.protobuf.Empty); + + // Subscribe to a stream of events, possibly returning only that match any + // of the provided filters. + // + // Unlike many other methods in containerd, subscribers will get messages + // from all namespaces unless otherwise specified. If this is not desired, + // a filter can be provided in the format 'namespace==' to + // restrict the received events. + rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope); +} + +message PublishRequest { + string topic = 1; + google.protobuf.Any event = 2; +} + +message ForwardRequest { + containerd.types.Envelope envelope = 1; +} + +message SubscribeRequest { + repeated string filters = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/images/v1/images.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/images/v1/images.proto new file mode 100644 index 0000000..2f47ab2 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/images/v1/images.proto @@ -0,0 +1,149 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.images.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "github.com/containerd/containerd/api/types/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/services/images/v1;images"; + +// Images is a service that allows one to register images with containerd. +// +// In containerd, an image is merely the mapping of a name to a content root, +// described by a descriptor. The behavior and state of image is purely +// dictated by the type of the descriptor. +// +// From the perspective of this service, these references are mostly shallow, +// in that the existence of the required content won't be validated until +// required by consuming services. +// +// As such, this can really be considered a "metadata service". +service Images { + // Get returns an image by name. + rpc Get(GetImageRequest) returns (GetImageResponse); + + // List returns a list of all images known to containerd. + rpc List(ListImagesRequest) returns (ListImagesResponse); + + // Create an image record in the metadata store. + // + // The name of the image must be unique. + rpc Create(CreateImageRequest) returns (CreateImageResponse); + + // Update assigns the name to a given target image based on the provided + // image. + rpc Update(UpdateImageRequest) returns (UpdateImageResponse); + + // Delete deletes the image by name. + rpc Delete(DeleteImageRequest) returns (google.protobuf.Empty); +} + +message Image { + // Name provides a unique name for the image. + // + // Containerd treats this as the primary identifier. + string name = 1; + + // Labels provides free form labels for the image. These are runtime only + // and do not get inherited into the package image in any way. + // + // Labels may be updated using the field mask. + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 2; + + // Target describes the content entry point of the image. + containerd.types.Descriptor target = 3; + + // CreatedAt is the time the image was first created. + google.protobuf.Timestamp created_at = 7; + + // UpdatedAt is the last time the image was mutated. + google.protobuf.Timestamp updated_at = 8; +} + +message GetImageRequest { + string name = 1; +} + +message GetImageResponse { + Image image = 1; +} + +message CreateImageRequest { + Image image = 1; + + google.protobuf.Timestamp source_date_epoch = 2; +} + +message CreateImageResponse { + Image image = 1; +} + +message UpdateImageRequest { + // Image provides a full or partial image for update. + // + // The name field must be set or an error will be returned. + Image image = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + google.protobuf.FieldMask update_mask = 2; + + google.protobuf.Timestamp source_date_epoch = 3; +} + +message UpdateImageResponse { + Image image = 1; +} + +message ListImagesRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, images that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListImagesResponse { + repeated Image images = 1; +} + +message DeleteImageRequest { + string name = 1; + + // Sync indicates that the delete and cleanup should be done + // synchronously before returning to the caller + // + // Default is false + bool sync = 2; + + // Target value for image to be deleted + // + // If image descriptor does not match the same digest, + // the delete operation will return "not found" error. + optional containerd.types.Descriptor target = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/introspection/v1/introspection.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/introspection/v1/introspection.proto new file mode 100644 index 0000000..12fbcf5 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/introspection/v1/introspection.proto @@ -0,0 +1,133 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.introspection.v1; + +import "google/protobuf/any.proto"; +import "github.com/containerd/containerd/api/types/introspection.proto"; +import "github.com/containerd/containerd/api/types/platform.proto"; +import "google/rpc/status.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/introspection/v1;introspection"; + +service Introspection { + // Plugins returns a list of plugins in containerd. + // + // Clients can use this to detect features and capabilities when using + // containerd. + rpc Plugins(PluginsRequest) returns (PluginsResponse); + // Server returns information about the containerd server + rpc Server(google.protobuf.Empty) returns (ServerResponse); + // PluginInfo returns information directly from a plugin if the plugin supports it + rpc PluginInfo(PluginInfoRequest) returns (PluginInfoResponse); +} + +message Plugin { + // Type defines the type of plugin. + // + // See package plugin for a list of possible values. Non core plugins may + // define their own values during registration. + string type = 1; + + // ID identifies the plugin uniquely in the system. + string id = 2; + + // Requires lists the plugin types required by this plugin. + repeated string requires = 3; + + // Platforms enumerates the platforms this plugin will support. + // + // If values are provided here, the plugin will only be operable under the + // provided platforms. + // + // If this is empty, the plugin will work across all platforms. + // + // If the plugin prefers certain platforms over others, they should be + // listed from most to least preferred. + repeated types.Platform platforms = 4; + + // Exports allows plugins to provide values about state or configuration to + // interested parties. + // + // One example is exposing the configured path of a snapshotter plugin. + map exports = 5; + + // Capabilities allows plugins to communicate feature switches to allow + // clients to detect features that may not be on be default or may be + // different from version to version. + // + // Use this sparingly. + repeated string capabilities = 6; + + // InitErr will be set if the plugin fails initialization. + // + // This means the plugin may have been registered but a non-terminal error + // was encountered during initialization. + // + // Plugins that have this value set cannot be used. + google.rpc.Status init_err = 7; +} + +message PluginsRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, plugins that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message PluginsResponse { + repeated Plugin plugins = 1; +} + +message ServerResponse { + string uuid = 1; + uint64 pid = 2; + uint64 pidns = 3; // PID namespace, such as 4026531836 + repeated DeprecationWarning deprecations = 4; +} + +message DeprecationWarning { + string id = 1; + string message = 2; + google.protobuf.Timestamp last_occurrence = 3; +} + +message PluginInfoRequest { + string type = 1; + string id = 2; + + // Options may be used to request extra dynamic information from + // a plugin. + // This object is determined by the plugin and the plugin may return + // NotImplemented or InvalidArgument if it is not supported + google.protobuf.Any options = 3; +} + +message PluginInfoResponse { + Plugin plugin = 1; + google.protobuf.Any extra = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/leases/v1/leases.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/leases/v1/leases.proto new file mode 100644 index 0000000..8551fce --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/leases/v1/leases.proto @@ -0,0 +1,116 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +syntax = "proto3"; + +package containerd.services.leases.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/leases/v1;leases"; + +// Leases service manages resources leases within the metadata store. +service Leases { + // Create creates a new lease for managing changes to metadata. A lease + // can be used to protect objects from being removed. + rpc Create(CreateRequest) returns (CreateResponse); + + // Delete deletes the lease and makes any unreferenced objects created + // during the lease eligible for garbage collection if not referenced + // or retained by other resources during the lease. + rpc Delete(DeleteRequest) returns (google.protobuf.Empty); + + // List lists all active leases, returning the full list of + // leases and optionally including the referenced resources. + rpc List(ListRequest) returns (ListResponse); + + // AddResource references the resource by the provided lease. + rpc AddResource(AddResourceRequest) returns (google.protobuf.Empty); + + // DeleteResource dereferences the resource by the provided lease. + rpc DeleteResource(DeleteResourceRequest) returns (google.protobuf.Empty); + + // ListResources lists all the resources referenced by the lease. + rpc ListResources(ListResourcesRequest) returns (ListResourcesResponse); +} + +// Lease is an object which retains resources while it exists. +message Lease { + string id = 1; + + google.protobuf.Timestamp created_at = 2; + + map labels = 3; +} + +message CreateRequest { + // ID is used to identity the lease, when the id is not set the service + // generates a random identifier for the lease. + string id = 1; + + map labels = 3; +} + +message CreateResponse { + Lease lease = 1; +} + +message DeleteRequest { + string id = 1; + + // Sync indicates that the delete and cleanup should be done + // synchronously before returning to the caller + // + // Default is false + bool sync = 2; +} + +message ListRequest { + repeated string filters = 1; +} + +message ListResponse { + repeated Lease leases = 1; +} + +message Resource { + string id = 1; + + // For snapshotter resource, there are many snapshotter types here, like + // overlayfs, devmapper etc. The type will be formatted with type, + // like "snapshotter/overlayfs". + string type = 2; +} + +message AddResourceRequest { + string id = 1; + + Resource resource = 2; +} + +message DeleteResourceRequest { + string id = 1; + + Resource resource = 2; +} + +message ListResourcesRequest { + string id = 1; +} + +message ListResourcesResponse { + repeated Resource resources = 1 ; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/mounts/v1/mounts.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/mounts/v1/mounts.proto new file mode 100644 index 0000000..0e78467 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/mounts/v1/mounts.proto @@ -0,0 +1,78 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +syntax = "proto3"; + +package containerd.services.mounts.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/services/mounts/v1;mounts"; + +// Mounts service manages mounts +service Mounts { + rpc Activate(ActivateRequest) returns (ActivateResponse); + rpc Deactivate(DeactivateRequest) returns (google.protobuf.Empty); + rpc Info(InfoRequest) returns (InfoResponse); + rpc Update(UpdateRequest) returns (UpdateResponse); + rpc List(ListRequest) returns (stream ListMessage); +} + +message ActivateRequest { + string name = 1; + + repeated containerd.types.Mount mounts = 2; + + map labels = 3; + + bool temporary = 4; + +} + +message ActivateResponse { + containerd.types.ActivationInfo info = 1; +} + +message DeactivateRequest { + string name = 1; +} + +message InfoRequest { + string name = 1; +} + +message InfoResponse { + containerd.types.ActivationInfo info = 1; +} + +message UpdateRequest { + containerd.types.ActivationInfo info = 1; + + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateResponse { + containerd.types.ActivationInfo info = 1; +} + +message ListRequest { + repeated string filters = 1; +} + +message ListMessage { + containerd.types.ActivationInfo info = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/namespaces/v1/namespace.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/namespaces/v1/namespace.proto new file mode 100644 index 0000000..910bcd6 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/namespaces/v1/namespace.proto @@ -0,0 +1,107 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.namespaces.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; + +option go_package = "github.com/containerd/containerd/api/services/namespaces/v1;namespaces"; + +// Namespaces provides the ability to manipulate containerd namespaces. +// +// All objects in the system are required to be a member of a namespace. If a +// namespace is deleted, all objects, including containers, images and +// snapshots, will be deleted, as well. +// +// Unless otherwise noted, operations in containerd apply only to the namespace +// supplied per request. +// +// I hope this goes without saying, but namespaces are themselves NOT +// namespaced. +service Namespaces { + rpc Get(GetNamespaceRequest) returns (GetNamespaceResponse); + rpc List(ListNamespacesRequest) returns (ListNamespacesResponse); + rpc Create(CreateNamespaceRequest) returns (CreateNamespaceResponse); + rpc Update(UpdateNamespaceRequest) returns (UpdateNamespaceResponse); + rpc Delete(DeleteNamespaceRequest) returns (google.protobuf.Empty); +} + +message Namespace { + string name = 1; + + // Labels provides an area to include arbitrary data on namespaces. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + // + // Note that to add a new value to this field, read the existing set and + // include the entire result in the update call. + map labels = 2; +} + +message GetNamespaceRequest { + string name = 1; +} + +message GetNamespaceResponse { + Namespace namespace = 1; +} + +message ListNamespacesRequest { + string filter = 1; +} + +message ListNamespacesResponse { + repeated Namespace namespaces = 1; +} + +message CreateNamespaceRequest { + Namespace namespace = 1; +} + +message CreateNamespaceResponse { + Namespace namespace = 1; +} + +// UpdateNamespaceRequest updates the metadata for a namespace. +// +// The operation should follow semantics described in +// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask, +// unless otherwise qualified. +message UpdateNamespaceRequest { + // Namespace provides the target value, as declared by the mask, for the update. + // + // The namespace field must be set. + Namespace namespace = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // For the most part, this applies only to selectively updating labels on + // the namespace. While field masks are typically limited to ascii alphas + // and digits, we just take everything after the "labels." as the map key. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateNamespaceResponse { + Namespace namespace = 1; +} + +message DeleteNamespaceRequest { + string name = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/sandbox/v1/sandbox.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/sandbox/v1/sandbox.proto new file mode 100644 index 0000000..87e6ec3 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/sandbox/v1/sandbox.proto @@ -0,0 +1,204 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +// Sandbox is a v2 runtime extension that allows more complex execution environments for containers. +// This adds a notion of groups of containers that share same lifecycle and/or resources. +// A few good fits for sandbox can be: +// - A "pause" container in k8s, that acts as a parent process for child containers to hold network namespace. +// - (micro)VMs that launch a VM process and executes containers inside guest OS. +// containerd in this case remains implementation agnostic and delegates sandbox handling to runtimes. +// See proposal and discussion here: https://github.com/containerd/containerd/issues/4131 +package containerd.services.sandbox.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +import "github.com/containerd/containerd/api/types/sandbox.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; +import "github.com/containerd/containerd/api/types/platform.proto"; +import "github.com/containerd/containerd/api/types/metrics.proto"; + +option go_package = "github.com/containerd/containerd/api/services/sandbox/v1;sandbox"; + +// Store provides a metadata storage interface for sandboxes. Similarly to `Containers`, +// sandbox object includes info required to start a new instance, but no runtime state. +// When running a new sandbox instance, store objects are used as base type to create from. +service Store { + rpc Create(StoreCreateRequest) returns (StoreCreateResponse); + rpc Update(StoreUpdateRequest) returns (StoreUpdateResponse); + rpc Delete(StoreDeleteRequest) returns (StoreDeleteResponse); + rpc List(StoreListRequest) returns (StoreListResponse); + rpc Get(StoreGetRequest) returns (StoreGetResponse); +} + +message StoreCreateRequest { + containerd.types.Sandbox sandbox = 1; +} + +message StoreCreateResponse { + containerd.types.Sandbox sandbox = 1; +} + +message StoreUpdateRequest { + containerd.types.Sandbox sandbox = 1; + repeated string fields = 2; +} + +message StoreUpdateResponse { + containerd.types.Sandbox sandbox = 1; +} + +message StoreDeleteRequest { + string sandbox_id = 1; +} + +message StoreDeleteResponse {} + +message StoreListRequest { + repeated string filters = 1; +} + +message StoreListResponse { + repeated containerd.types.Sandbox list = 1; +} + +message StoreGetRequest { + string sandbox_id = 1; +} + +message StoreGetResponse { + containerd.types.Sandbox sandbox = 1; +} + +// Controller is an interface to manage runtime sandbox instances. +service Controller { + rpc Create(ControllerCreateRequest) returns (ControllerCreateResponse); + rpc Start(ControllerStartRequest) returns (ControllerStartResponse); + rpc Platform(ControllerPlatformRequest) returns (ControllerPlatformResponse); + rpc Stop(ControllerStopRequest) returns (ControllerStopResponse); + rpc Wait(ControllerWaitRequest) returns (ControllerWaitResponse); + rpc Status(ControllerStatusRequest) returns (ControllerStatusResponse); + rpc Shutdown(ControllerShutdownRequest) returns (ControllerShutdownResponse); + rpc Metrics(ControllerMetricsRequest) returns (ControllerMetricsResponse); + rpc Update(ControllerUpdateRequest) returns (ControllerUpdateResponse); +} + +message ControllerCreateRequest { + string sandbox_id = 1; + repeated containerd.types.Mount rootfs = 2; + google.protobuf.Any options = 3; + string netns_path = 4; + map annotations = 5; + containerd.types.Sandbox sandbox = 6; + string sandboxer = 10; +} + +message ControllerCreateResponse { + string sandbox_id = 1; +} + +message ControllerStartRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerStartResponse { + string sandbox_id = 1; + uint32 pid = 2; + google.protobuf.Timestamp created_at = 3; + map labels = 4; + // Address of the sandbox for containerd to connect, + // for calling Task or other APIs serving in the sandbox. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string address = 5; + uint32 version = 6; +} + +message ControllerPlatformRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerPlatformResponse { + containerd.types.Platform platform = 1; +} + +message ControllerStopRequest { + string sandbox_id = 1; + uint32 timeout_secs = 2; + string sandboxer = 10; +} + +message ControllerStopResponse {} + +message ControllerWaitRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerWaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message ControllerStatusRequest { + string sandbox_id = 1; + bool verbose = 2; + string sandboxer = 10; +} + +message ControllerStatusResponse { + string sandbox_id = 1; + uint32 pid = 2; + string state = 3; + map info = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp exited_at = 6; + google.protobuf.Any extra = 7; + // Address of the sandbox for containerd to connect, + // for calling Task or other APIs serving in the sandbox. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string address = 8; + uint32 version = 9; +} + +message ControllerShutdownRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerShutdownResponse {} + +message ControllerMetricsRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerMetricsResponse { + types.Metric metrics = 1; +} + +message ControllerUpdateRequest { + string sandbox_id = 1; + string sandboxer = 2; + containerd.types.Sandbox sandbox = 3; + repeated string fields = 4; +} + +message ControllerUpdateResponse { +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/snapshots/v1/snapshots.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/snapshots/v1/snapshots.proto new file mode 100644 index 0000000..78b8603 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/snapshots/v1/snapshots.proto @@ -0,0 +1,181 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.snapshots.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/services/snapshots/v1;snapshots"; + +// Snapshot service manages snapshots +service Snapshots { + rpc Prepare(PrepareSnapshotRequest) returns (PrepareSnapshotResponse); + rpc View(ViewSnapshotRequest) returns (ViewSnapshotResponse); + rpc Mounts(MountsRequest) returns (MountsResponse); + rpc Commit(CommitSnapshotRequest) returns (google.protobuf.Empty); + rpc Remove(RemoveSnapshotRequest) returns (google.protobuf.Empty); + rpc Stat(StatSnapshotRequest) returns (StatSnapshotResponse); + rpc Update(UpdateSnapshotRequest) returns (UpdateSnapshotResponse); + rpc List(ListSnapshotsRequest) returns (stream ListSnapshotsResponse); + rpc Usage(UsageRequest) returns (UsageResponse); + rpc Cleanup(CleanupRequest) returns (google.protobuf.Empty); +} + +message PrepareSnapshotRequest { + string snapshotter = 1; + string key = 2; + string parent = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; +} + +message PrepareSnapshotResponse { + repeated containerd.types.Mount mounts = 1; +} + +message ViewSnapshotRequest { + string snapshotter = 1; + string key = 2; + string parent = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; +} + +message ViewSnapshotResponse { + repeated containerd.types.Mount mounts = 1; +} + +message MountsRequest { + string snapshotter = 1; + string key = 2; +} + +message MountsResponse { + repeated containerd.types.Mount mounts = 1; +} + +message RemoveSnapshotRequest { + string snapshotter = 1; + string key = 2; +} + +message CommitSnapshotRequest { + string snapshotter = 1; + string name = 2; + string key = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; + + string parent = 5; +} + +message StatSnapshotRequest { + string snapshotter = 1; + string key = 2; +} + +enum Kind { + UNKNOWN = 0; + VIEW = 1; + ACTIVE = 2; + COMMITTED = 3; +} + +message Info { + string name = 1; + string parent = 2; + Kind kind = 3; + + // CreatedAt provides the time at which the snapshot was created. + google.protobuf.Timestamp created_at = 4; + + // UpdatedAt provides the time the info was last updated. + google.protobuf.Timestamp updated_at = 5; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 6; +} + +message StatSnapshotResponse { + Info info = 1; +} + +message UpdateSnapshotRequest { + string snapshotter = 1; + Info info = 2; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // In info, Name, Parent, Kind, Created are immutable, + // other field may be updated using this mask. + // If no mask is provided, all mutable field are updated. + google.protobuf.FieldMask update_mask = 3; +} + +message UpdateSnapshotResponse { + Info info = 1; +} + +message ListSnapshotsRequest{ + string snapshotter = 1; + + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, images that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 2; +} + +message ListSnapshotsResponse { + repeated Info info = 1; +} + +message UsageRequest { + string snapshotter = 1; + string key = 2; +} + +message UsageResponse { + int64 size = 1; + int64 inodes = 2; +} + +message CleanupRequest { + string snapshotter = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto new file mode 100644 index 0000000..4c14f2e --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto @@ -0,0 +1,31 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.streaming.v1; + +import "google/protobuf/any.proto"; + +option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming"; + +service Streaming { + rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any); +} + +message StreamInit { + string id = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/tasks/v1/tasks.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/tasks/v1/tasks.proto new file mode 100644 index 0000000..8ddd319 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/tasks/v1/tasks.proto @@ -0,0 +1,227 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.tasks.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/any.proto"; +import "github.com/containerd/containerd/api/types/mount.proto"; +import "github.com/containerd/containerd/api/types/metrics.proto"; +import "github.com/containerd/containerd/api/types/descriptor.proto"; +import "github.com/containerd/containerd/api/types/task/task.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/tasks/v1;tasks"; + +service Tasks { + // Create a task. + rpc Create(CreateTaskRequest) returns (CreateTaskResponse); + + // Start a process. + rpc Start(StartRequest) returns (StartResponse); + + // Delete a task and on disk state. + rpc Delete(DeleteTaskRequest) returns (DeleteResponse); + + rpc DeleteProcess(DeleteProcessRequest) returns (DeleteResponse); + + rpc Get(GetRequest) returns (GetResponse); + + rpc List(ListTasksRequest) returns (ListTasksResponse); + + // Kill a task or process. + rpc Kill(KillRequest) returns (google.protobuf.Empty); + + rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); + + rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); + + rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); + + rpc Pause(PauseTaskRequest) returns (google.protobuf.Empty); + + rpc Resume(ResumeTaskRequest) returns (google.protobuf.Empty); + + rpc ListPids(ListPidsRequest) returns (ListPidsResponse); + + rpc Checkpoint(CheckpointTaskRequest) returns (CheckpointTaskResponse); + + rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); + + rpc Metrics(MetricsRequest) returns (MetricsResponse); + + rpc Wait(WaitRequest) returns (WaitResponse); +} + +message CreateTaskRequest { + string container_id = 1; + + // RootFS provides the pre-chroot mounts to perform in the shim before + // executing the container task. + // + // These are for mounts that cannot be performed in the user namespace. + // Typically, these mounts should be resolved from snapshots specified on + // the container object. + repeated containerd.types.Mount rootfs = 3; + + string stdin = 4; + string stdout = 5; + string stderr = 6; + bool terminal = 7; + + containerd.types.Descriptor checkpoint = 8; + + google.protobuf.Any options = 9; + + string runtime_path = 10; +} + +message CreateTaskResponse { + string container_id = 1; + uint32 pid = 2; +} + +message StartRequest { + string container_id = 1; + string exec_id = 2; +} + +message StartResponse { + uint32 pid = 1; +} + +message DeleteTaskRequest { + string container_id = 1; +} + +message DeleteResponse { + string id = 1; + uint32 pid = 2; + uint32 exit_status = 3; + google.protobuf.Timestamp exited_at = 4; +} + +message DeleteProcessRequest { + string container_id = 1; + string exec_id = 2; +} + +message GetRequest { + string container_id = 1; + string exec_id = 2; +} + +message GetResponse { + containerd.v1.types.Process process = 1; +} + +message ListTasksRequest { + string filter = 1; +} + +message ListTasksResponse { + repeated containerd.v1.types.Process tasks = 1; +} + +message KillRequest { + string container_id = 1; + string exec_id = 2; + uint32 signal = 3; + bool all = 4; +} + +message ExecProcessRequest { + string container_id = 1; + string stdin = 2; + string stdout = 3; + string stderr = 4; + bool terminal = 5; + // Spec for starting a process in the target container. + // + // For runc, this is a process spec, for example. + google.protobuf.Any spec = 6; + // id of the exec process + string exec_id = 7; +} + +message ExecProcessResponse { +} + +message ResizePtyRequest { + string container_id = 1; + string exec_id = 2; + uint32 width = 3; + uint32 height = 4; +} + +message CloseIORequest { + string container_id = 1; + string exec_id = 2; + bool stdin = 3; +} + +message PauseTaskRequest { + string container_id = 1; +} + +message ResumeTaskRequest { + string container_id = 1; +} + +message ListPidsRequest { + string container_id = 1; +} + +message ListPidsResponse { + // Processes includes the process ID and additional process information + repeated containerd.v1.types.ProcessInfo processes = 1; +} + +message CheckpointTaskRequest { + string container_id = 1; + string parent_checkpoint = 2; + google.protobuf.Any options = 3; +} + +message CheckpointTaskResponse { + repeated containerd.types.Descriptor descriptors = 1; +} + +message UpdateTaskRequest { + string container_id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message MetricsRequest { + repeated string filters = 1; +} + +message MetricsResponse { + repeated types.Metric metrics = 1; +} + +message WaitRequest { + string container_id = 1; + string exec_id = 2; +} + +message WaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto new file mode 100644 index 0000000..a8f25ee --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto @@ -0,0 +1,39 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.transfer.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; + +option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer"; + +service Transfer { + rpc Transfer(TransferRequest) returns (google.protobuf.Empty); +} + +message TransferRequest { + google.protobuf.Any source = 1; + google.protobuf.Any destination = 2; + TransferOptions options = 3; +} + +message TransferOptions { + string progress_stream = 1; + // Progress min interval +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/version/v1/version.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/version/v1/version.proto new file mode 100644 index 0000000..bd948ff --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/services/version/v1/version.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.version.v1; + +import "google/protobuf/empty.proto"; + +// TODO(stevvooe): Should version service actually be versioned? +option go_package = "github.com/containerd/containerd/api/services/version/v1;version"; + +service Version { + rpc Version(google.protobuf.Empty) returns (VersionResponse); +} + +message VersionResponse { + string version = 1; + string revision = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/descriptor.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/descriptor.proto new file mode 100644 index 0000000..faaf416 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/descriptor.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Descriptor describes a blob in a content store. +// +// This descriptor can be used to reference content from an +// oci descriptor found in a manifest. +// See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor +message Descriptor { + string media_type = 1; + string digest = 2; + int64 size = 3; + map annotations = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/event.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/event.proto new file mode 100644 index 0000000..a73bc9d --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/event.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "github.com/containerd/containerd/api/types/fieldpath.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message Envelope { + option (containerd.types.fieldpath) = true; + google.protobuf.Timestamp timestamp = 1; + string namespace = 2; + string topic = 3; + google.protobuf.Any event = 4; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/fieldpath.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/fieldpath.proto new file mode 100644 index 0000000..8b29084 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/fieldpath.proto @@ -0,0 +1,42 @@ +// Protocol Buffers for Go with Gadgets +// +// Copyright (c) 2013, The GoGo Authors. All rights reserved. +// http://github.com/gogo/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; +package containerd.types; + +import "google/protobuf/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +extend google.protobuf.FileOptions { + optional bool fieldpath_all = 63300; +} + +extend google.protobuf.MessageOptions { + optional bool fieldpath = 64400; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/introspection.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/introspection.proto new file mode 100644 index 0000000..8f3fcb5 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/introspection.proto @@ -0,0 +1,46 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message RuntimeRequest { + string runtime_path = 1; + // Options correspond to CreateTaskRequest.options. + // This is needed to pass the runc binary path, etc. + google.protobuf.Any options = 2; +} + +message RuntimeVersion { + string version = 1; + string revision = 2; +} + +message RuntimeInfo { + string name = 1; + RuntimeVersion version = 2; + // Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.) + google.protobuf.Any options = 3; + // OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md + google.protobuf.Any features = 4; + // Annotations of the shim. Irrelevant to features.Annotations. + map annotations = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/metrics.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/metrics.proto new file mode 100644 index 0000000..3e6a775 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/metrics.proto @@ -0,0 +1,30 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message Metric { + google.protobuf.Timestamp timestamp = 1; + string id = 2; + google.protobuf.Any data = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/mount.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/mount.proto new file mode 100644 index 0000000..2f3b0b6 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/mount.proto @@ -0,0 +1,65 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Mount describes mounts for a container. +// +// This type is the lingua franca of ContainerD. All services provide mounts +// to be used with the container at creation time. +// +// The Mount type follows the structure of the mount syscall, including a type, +// source, target and options. +message Mount { + // Type defines the nature of the mount. + string type = 1; + + // Source specifies the name of the mount. Depending on mount type, this + // may be a volume name or a host path, or even ignored. + string source = 2; + + // Target path in container + string target = 3; + + // Options specifies zero or more fstab style mount options. + repeated string options = 4; +} + +message ActiveMount { + Mount mount = 1; + + google.protobuf.Timestamp mounted_at = 2; + + string mount_point = 3; + + map data = 4; +} + +message ActivationInfo { + string name = 1; + + repeated ActiveMount active = 2; + + repeated Mount system = 3; + + map labels = 4; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/platform.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/platform.proto new file mode 100644 index 0000000..0b91800 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/platform.proto @@ -0,0 +1,30 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Platform follows the structure of the OCI platform specification, from +// descriptors. +message Platform { + string os = 1; + string architecture = 2; + string variant = 3; + string os_version = 4; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runc/options/oci.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runc/options/oci.proto new file mode 100644 index 0000000..a30b5bb --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runc/options/oci.proto @@ -0,0 +1,63 @@ +syntax = "proto3"; + +package containerd.runc.v1; + +option go_package = "github.com/containerd/containerd/api/types/runc/options;options"; + +message Options { + // disable pivot root when creating a container + bool no_pivot_root = 1; + // create a new keyring for the container + bool no_new_keyring = 2; + // place the shim in a cgroup + string shim_cgroup = 3; + // set the I/O's pipes uid + uint32 io_uid = 4; + // set the I/O's pipes gid + uint32 io_gid = 5; + // binary name of the runc binary + string binary_name = 6; + // runc root directory + string root = 7; + // criu binary path. + // + // Removed in containerd v2.0: string criu_path = 8; + reserved 8; + // enable systemd cgroups + bool systemd_cgroup = 9; + // criu image path + string criu_image_path = 10; + // criu work path + string criu_work_path = 11; + // task api address, can be a unix domain socket, or vsock address. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string task_api_address = 12; + // task api version, currently supported value is 2 and 3. + uint32 task_api_version = 13; +} + +message CheckpointOptions { + // exit the container after a checkpoint + bool exit = 1; + // checkpoint open tcp connections + bool open_tcp = 2; + // checkpoint external unix sockets + bool external_unix_sockets = 3; + // checkpoint terminals (ptys) + bool terminal = 4; + // allow checkpointing of file locks + bool file_locks = 5; + // restore provided namespaces as empty namespaces + repeated string empty_namespaces = 6; + // set the cgroups mode, soft, full, strict + string cgroups_mode = 7; + // checkpoint image path + string image_path = 8; + // checkpoint work path + string work_path = 9; +} + +message ProcessDetails { + // exec process id if the process is managed by a shim + string exec_id = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runtimeoptions/v1/api.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runtimeoptions/v1/api.proto new file mode 100644 index 0000000..f0a7d56 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/runtimeoptions/v1/api.proto @@ -0,0 +1,17 @@ +// To regenerate api.pb.go run `make protos` +syntax = "proto3"; + +package runtimeoptions.v1; + +option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions"; + +message Options { + // TypeUrl specifies the type of the content inside the config file. + string type_url = 1; + // ConfigPath specifies the filesystem location of the config file + // used by the runtime. + string config_path = 2; + // Blob specifies an in-memory TOML blob passed from containerd's configuration section + // for this runtime. This will be used if config_path is not specified. + bytes config_body = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/sandbox.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/sandbox.proto new file mode 100644 index 0000000..b0bf233 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/sandbox.proto @@ -0,0 +1,54 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Sandbox represents a sandbox metadata object that keeps all info required by controller to +// work with a particular instance. +message Sandbox { + // SandboxID is a unique instance identifier within namespace + string sandbox_id = 1; + message Runtime { + // Name is the name of the runtime. + string name = 1; + // Options specify additional runtime initialization options for the shim (this data will be available in StartShim). + // Typically this data expected to be runtime shim implementation specific. + google.protobuf.Any options = 2; + } + // Runtime specifies which runtime to use for executing this container. + Runtime runtime = 2; + // Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the + // bundle directory (similary to OCI spec). + google.protobuf.Any spec = 3; + // Labels provides an area to include arbitrary data on containers. + map labels = 4; + // CreatedAt is the time the container was first created. + google.protobuf.Timestamp created_at = 5; + // UpdatedAt is the last time the container was mutated. + google.protobuf.Timestamp updated_at = 6; + // Extensions allow clients to provide optional blobs that can be handled by runtime. + map extensions = 7; + // Sandboxer is the name of the sandbox controller who manages the sandbox. + string sandboxer = 10; + +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/task/task.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/task/task.proto new file mode 100644 index 0000000..afc8e94 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/task/task.proto @@ -0,0 +1,55 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.v1.types; + +import "google/protobuf/timestamp.proto"; +import "google/protobuf/any.proto"; + +option go_package = "github.com/containerd/containerd/api/types/task"; + +enum Status { + UNKNOWN = 0; + CREATED = 1; + RUNNING = 2; + STOPPED = 3; + PAUSED = 4; + PAUSING = 5; +} + +message Process { + string container_id = 1; + string id = 2; + uint32 pid = 3; + Status status = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + bool terminal = 8; + uint32 exit_status = 9; + google.protobuf.Timestamp exited_at = 10; +} + +message ProcessInfo { + // PID is the process ID. + uint32 pid = 1; + // Info contains additional process information. + // + // Info varies by platform. + google.protobuf.Any info = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/imagestore.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/imagestore.proto new file mode 100644 index 0000000..57ac2eb --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/imagestore.proto @@ -0,0 +1,82 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "github.com/containerd/containerd/api/types/platform.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message ImageStore { + string name = 1; + map labels = 2; + + // Content filters + + repeated types.Platform platforms = 3; + bool all_metadata = 4; + uint32 manifest_limit = 5; + + // Import naming + + // extra_references are used to set image names on imports of sub-images from the index + repeated ImageReference extra_references = 6; + + // Unpack Configuration, multiple allowed + + repeated UnpackConfiguration unpacks = 10; +} + +message UnpackConfiguration { + // platform is the platform to unpack for, used for resolving manifest and snapshotter + // if not provided + types.Platform platform = 1; + + // snapshotter to unpack to, if not provided default for platform shoudl be used + string snapshotter = 2; +} + +// ImageReference is used to create or find a reference for an image +message ImageReference { + string name = 1; + + // is_prefix determines whether the Name should be considered + // a prefix (without tag or digest). + // For lookup, this may allow matching multiple tags. + // For store, this must have a tag or digest added. + bool is_prefix = 2; + + // allow_overwrite allows overwriting or ignoring the name if + // another reference is provided (such as through an annotation). + // Only used if IsPrefix is true. + bool allow_overwrite = 3; + + // add_digest adds the manifest digest to the reference. + // For lookup, this allows matching tags with any digest. + // For store, this allows adding the digest to the name. + // Only used if IsPrefix is true. + bool add_digest = 4; + + // skip_named_digest only considers digest references which do not + // have a non-digested named reference. + // For lookup, this will deduplicate digest references when there is a named match. + // For store, this only adds this digest reference when there is no matching full + // name reference from the prefix. + // Only used if IsPrefix is true. + bool skip_named_digest = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/importexport.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/importexport.proto new file mode 100644 index 0000000..c18bae1 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/importexport.proto @@ -0,0 +1,52 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +import "github.com/containerd/containerd/api/types/platform.proto"; + +message ImageImportStream { + // Stream is used to identify the binary input stream for the import operation. + // The stream uses the transfer binary stream protocol with the client as the sender. + // The binary data is expected to be a raw tar stream. + string stream = 1; + + string media_type = 2; + + bool force_compress = 3; +} + +message ImageExportStream { + // Stream is used to identify the binary output stream for the export operation. + // The stream uses the transfer binary stream protocol with the server as the sender. + // The binary data is expected to be a raw tar stream. + string stream = 1; + + string media_type = 2; + + // The specified platforms + repeated types.Platform platforms = 3; + // Whether to include all platforms + bool all_platforms = 4; + // Skips the creation of the Docker compatible manifest.json file + bool skip_compatibility_manifest = 5; + // Excludes non-distributable blobs such as Windows base layers. + bool skip_non_distributable = 6; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/progress.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/progress.proto new file mode 100644 index 0000000..094c363 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/progress.proto @@ -0,0 +1,32 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "github.com/containerd/containerd/api/types/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message Progress { + string event = 1; + string name = 2; + repeated string parents = 3; + int64 progress = 4; + int64 total = 5; + containerd.types.Descriptor desc = 6; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/registry.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/registry.proto new file mode 100644 index 0000000..88248fd --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/registry.proto @@ -0,0 +1,97 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message OCIRegistry { + string reference = 1; + RegistryResolver resolver = 2; +} + +enum HTTPDebug { + DISABLED = 0; + // Enable HTTP debugging + DEBUG = 1; + // Enable HTTP requests tracing + TRACE = 2; + // Enable both HTTP debugging and requests tracing + BOTH = 3; +} + +message RegistryResolver { + // auth_stream is used to refer to a stream which auth callbacks may be + // made on. + string auth_stream = 1; + + // Headers + map headers = 2; + + string host_dir = 3; + + string default_scheme = 4; + // Force skip verify + // CA callback? Client TLS callback? + + // Whether to debug/trace HTTP requests to OCI registry. + HTTPDebug http_debug = 5; + + // Stream ID to use for HTTP logs (when logs are streamed to client). + // When empty, logs are written to containerd logs. + string logs_stream = 6; +} + +// AuthRequest is sent as a callback on a stream +message AuthRequest { + // host is the registry host + string host = 1; + + // reference is the namespace and repository name requested from the registry + string reference = 2; + + // wwwauthenticate is the HTTP WWW-Authenticate header values returned from the registry + repeated string wwwauthenticate = 3; +} + +enum AuthType { + NONE = 0; + + // CREDENTIALS is used to exchange username/password for access token + // using an oauth or "Docker Registry Token" server + CREDENTIALS = 1; + + // REFRESH is used to exchange secret for access token using an oauth + // or "Docker Registry Token" server + REFRESH = 2; + + // HEADER is used to set the HTTP Authorization header to secret + // directly for the registry. + // Value should be ` ` + HEADER = 3; +} + +message AuthResponse { + AuthType authType = 1; + string secret = 2; + string username = 3; + google.protobuf.Timestamp expire_at = 4; + // TODO: Stream error +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/streaming.proto b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/streaming.proto new file mode 100644 index 0000000..234956c --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/containerd/api/types/transfer/streaming.proto @@ -0,0 +1,29 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message Data { + bytes data = 1; +} + +message WindowUpdate { + int32 update = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/continuity/proto/manifest.proto b/wfe-buildkit-protos/proto/github.com/containerd/continuity/proto/manifest.proto new file mode 100644 index 0000000..35df41f --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/continuity/proto/manifest.proto @@ -0,0 +1,98 @@ +syntax = "proto3"; + +package proto; +option go_package = "github.com/containerd/continuity/proto;proto"; + +// Manifest specifies the entries in a container bundle, keyed and sorted by +// path. +message Manifest { + repeated Resource resource = 1; +} + +message Resource { + // Path specifies the path from the bundle root. If more than one + // path is present, the entry may represent a hardlink, rather than using + // a link target. The path format is operating system specific. + repeated string path = 1; + + // NOTE(stevvooe): Need to define clear precedence for user/group/uid/gid precedence. + + // Uid specifies the user id for the resource. + int64 uid = 2; + + // Gid specifies the group id for the resource. + int64 gid = 3; + + // user and group are not currently used but their field numbers have been + // reserved for future use. As such, they are marked as deprecated. + string user = 4 [deprecated=true]; // "deprecated" stands for "reserved" here + string group = 5 [deprecated=true]; // "deprecated" stands for "reserved" here + + // Mode defines the file mode and permissions. We've used the same + // bit-packing from Go's os package, + // http://golang.org/pkg/os/#FileMode, since they've done the work of + // creating a cross-platform layout. + uint32 mode = 6; + + // NOTE(stevvooe): Beyond here, we start defining type specific fields. + + // Size specifies the size in bytes of the resource. This is only valid + // for regular files. + uint64 size = 7; + + // Digest specifies the content digest of the target file. Only valid for + // regular files. The strings are formatted in OCI style, i.e. :. + // For detailed information about the format, please refer to OCI Image Spec: + // https://github.com/opencontainers/image-spec/blob/master/descriptor.md#digests-and-verification + // The digests are sorted in lexical order and implementations may choose + // which algorithms they prefer. + repeated string digest = 8; + + // Target defines the target of a hard or soft link. Absolute links start + // with a slash and specify the resource relative to the bundle root. + // Relative links do not start with a slash and are relative to the + // resource path. + string target = 9; + + // Major specifies the major device number for character and block devices. + uint64 major = 10; + + // Minor specifies the minor device number for character and block devices. + uint64 minor = 11; + + // Xattr provides storage for extended attributes for the target resource. + repeated XAttr xattr = 12; + + // Ads stores one or more alternate data streams for the target resource. + repeated ADSEntry ads = 13; + +} + +// XAttr encodes extended attributes for a resource. +message XAttr { + // Name specifies the attribute name. + string name = 1; + + // Data specifies the associated data for the attribute. + bytes data = 2; +} + +// ADSEntry encodes information for a Windows Alternate Data Stream. +message ADSEntry { + // Name specifices the stream name. + string name = 1; + + // Data specifies the stream data. + // See also the description about the digest below. + bytes data = 2; + + // Digest is a CAS representation of the stream data. + // + // At least one of data or digest MUST be specified, and either one of them + // SHOULD be specified. + // + // How to access the actual data using the digest is implementation-specific, + // and implementations can choose not to implement digest. + // So, digest SHOULD be used only when the stream data is large. + string digest = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/request.proto b/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/request.proto new file mode 100644 index 0000000..37da334 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/request.proto @@ -0,0 +1,29 @@ +syntax = "proto3"; + +package ttrpc; + +import "proto/status.proto"; + +option go_package = "github.com/containerd/ttrpc"; + +message Request { + string service = 1; + string method = 2; + bytes payload = 3; + int64 timeout_nano = 4; + repeated KeyValue metadata = 5; +} + +message Response { + Status status = 1; + bytes payload = 2; +} + +message StringList { + repeated string list = 1; +} + +message KeyValue { + string key = 1; + string value = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/test.proto b/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/test.proto new file mode 100644 index 0000000..0e114d5 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/containerd/ttrpc/test.proto @@ -0,0 +1,16 @@ +syntax = "proto3"; + +package ttrpc; + +option go_package = "github.com/containerd/ttrpc/internal"; + +message TestPayload { + string foo = 1; + int64 deadline = 2; + string metadata = 3; +} + +message EchoPayload { + int64 seq = 1; + string msg = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/google/certificate-transparency-go/client/configpb/multilog.proto b/wfe-buildkit-protos/proto/github.com/google/certificate-transparency-go/client/configpb/multilog.proto new file mode 100644 index 0000000..0774c35 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/google/certificate-transparency-go/client/configpb/multilog.proto @@ -0,0 +1,45 @@ +// Copyright 2017 Google LLC. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package configpb; + +option go_package = "github.com/google/certificate-transparency-go/client/multilog/configpb"; + +import "google/protobuf/timestamp.proto"; + +// TemporalLogConfig is a set of LogShardConfig messages, whose +// time limits should be contiguous. +message TemporalLogConfig { + repeated LogShardConfig shard = 1; +} + +// LogShardConfig describes the acceptable date range for a single shard of a temporal +// log. +message LogShardConfig { + string uri = 1; + + // The log's public key in DER-encoded PKIX form. + bytes public_key_der = 2; + + // not_after_start defines the start of the range of acceptable NotAfter + // values, inclusive. + // Leaving this unset implies no lower bound to the range. + google.protobuf.Timestamp not_after_start = 3; + // not_after_limit defines the end of the range of acceptable NotAfter values, + // exclusive. + // Leaving this unset implies no upper bound to the range. + google.protobuf.Timestamp not_after_limit = 4; +} diff --git a/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/annotations.proto b/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/annotations.proto new file mode 100644 index 0000000..aecc5e7 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/annotations.proto @@ -0,0 +1,51 @@ +syntax = "proto3"; + +package grpc.gateway.protoc_gen_openapiv2.options; + +import "google/protobuf/descriptor.proto"; +import "protoc-gen-openapiv2/options/openapiv2.proto"; + +option go_package = "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options"; + +extend google.protobuf.FileOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Swagger openapiv2_swagger = 1042; +} +extend google.protobuf.MethodOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Operation openapiv2_operation = 1042; +} +extend google.protobuf.MessageOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Schema openapiv2_schema = 1042; +} +extend google.protobuf.EnumOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + EnumSchema openapiv2_enum = 1042; +} +extend google.protobuf.ServiceOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Tag openapiv2_tag = 1042; +} +extend google.protobuf.FieldOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + JSONSchema openapiv2_field = 1042; +} diff --git a/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/openapiv2.proto b/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/openapiv2.proto new file mode 100644 index 0000000..444a568 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options/openapiv2.proto @@ -0,0 +1,762 @@ +syntax = "proto3"; + +package grpc.gateway.protoc_gen_openapiv2.options; + +import "google/protobuf/struct.proto"; + +option go_package = "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options"; + +// Scheme describes the schemes supported by the OpenAPI Swagger +// and Operation objects. +enum Scheme { + UNKNOWN = 0; + HTTP = 1; + HTTPS = 2; + WS = 3; + WSS = 4; +} + +// `Swagger` is a representation of OpenAPI v2 specification's Swagger object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#swaggerObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// title: "Echo API"; +// version: "1.0"; +// description: ""; +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/main/LICENSE"; +// }; +// }; +// schemes: HTTPS; +// consumes: "application/json"; +// produces: "application/json"; +// }; +// +message Swagger { + // Specifies the OpenAPI Specification version being used. It can be + // used by the OpenAPI UI and other clients to interpret the API listing. The + // value MUST be "2.0". + string swagger = 1; + // Provides metadata about the API. The metadata can be used by the + // clients if needed. + Info info = 2; + // The host (name or ip) serving the API. This MUST be the host only and does + // not include the scheme nor sub-paths. It MAY include a port. If the host is + // not included, the host serving the documentation is to be used (including + // the port). The host does not support path templating. + string host = 3; + // The base path on which the API is served, which is relative to the host. If + // it is not included, the API is served directly under the host. The value + // MUST start with a leading slash (/). The basePath does not support path + // templating. + // Note that using `base_path` does not change the endpoint paths that are + // generated in the resulting OpenAPI file. If you wish to use `base_path` + // with relatively generated OpenAPI paths, the `base_path` prefix must be + // manually removed from your `google.api.http` paths and your code changed to + // serve the API from the `base_path`. + string base_path = 4; + // The transfer protocol of the API. Values MUST be from the list: "http", + // "https", "ws", "wss". If the schemes is not included, the default scheme to + // be used is the one used to access the OpenAPI definition itself. + repeated Scheme schemes = 5; + // A list of MIME types the APIs can consume. This is global to all APIs but + // can be overridden on specific API calls. Value MUST be as described under + // Mime Types. + repeated string consumes = 6; + // A list of MIME types the APIs can produce. This is global to all APIs but + // can be overridden on specific API calls. Value MUST be as described under + // Mime Types. + repeated string produces = 7; + // field 8 is reserved for 'paths'. + reserved 8; + // field 9 is reserved for 'definitions', which at this time are already + // exposed as and customizable as proto messages. + reserved 9; + // An object to hold responses that can be used across operations. This + // property does not define global responses for all operations. + map responses = 10; + // Security scheme definitions that can be used across the specification. + SecurityDefinitions security_definitions = 11; + // A declaration of which security schemes are applied for the API as a whole. + // The list of values describes alternative security schemes that can be used + // (that is, there is a logical OR between the security requirements). + // Individual operations can override this definition. + repeated SecurityRequirement security = 12; + // A list of tags for API documentation control. Tags can be used for logical + // grouping of operations by resources or any other qualifier. + repeated Tag tags = 13; + // Additional external documentation. + ExternalDocumentation external_docs = 14; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 15; +} + +// `Operation` is a representation of OpenAPI v2 specification's Operation object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#operationObject +// +// Example: +// +// service EchoService { +// rpc Echo(SimpleMessage) returns (SimpleMessage) { +// option (google.api.http) = { +// get: "/v1/example/echo/{id}" +// }; +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { +// summary: "Get a message."; +// operation_id: "getMessage"; +// tags: "echo"; +// responses: { +// key: "200" +// value: { +// description: "OK"; +// } +// } +// }; +// } +// } +message Operation { + // A list of tags for API documentation control. Tags can be used for logical + // grouping of operations by resources or any other qualifier. + repeated string tags = 1; + // A short summary of what the operation does. For maximum readability in the + // swagger-ui, this field SHOULD be less than 120 characters. + string summary = 2; + // A verbose explanation of the operation behavior. GFM syntax can be used for + // rich text representation. + string description = 3; + // Additional external documentation for this operation. + ExternalDocumentation external_docs = 4; + // Unique string used to identify the operation. The id MUST be unique among + // all operations described in the API. Tools and libraries MAY use the + // operationId to uniquely identify an operation, therefore, it is recommended + // to follow common programming naming conventions. + string operation_id = 5; + // A list of MIME types the operation can consume. This overrides the consumes + // definition at the OpenAPI Object. An empty value MAY be used to clear the + // global definition. Value MUST be as described under Mime Types. + repeated string consumes = 6; + // A list of MIME types the operation can produce. This overrides the produces + // definition at the OpenAPI Object. An empty value MAY be used to clear the + // global definition. Value MUST be as described under Mime Types. + repeated string produces = 7; + // field 8 is reserved for 'parameters'. + reserved 8; + // The list of possible responses as they are returned from executing this + // operation. + map responses = 9; + // The transfer protocol for the operation. Values MUST be from the list: + // "http", "https", "ws", "wss". The value overrides the OpenAPI Object + // schemes definition. + repeated Scheme schemes = 10; + // Declares this operation to be deprecated. Usage of the declared operation + // should be refrained. Default value is false. + bool deprecated = 11; + // A declaration of which security schemes are applied for this operation. The + // list of values describes alternative security schemes that can be used + // (that is, there is a logical OR between the security requirements). This + // definition overrides any declared top-level security. To remove a top-level + // security declaration, an empty array can be used. + repeated SecurityRequirement security = 12; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 13; + // Custom parameters such as HTTP request headers. + // See: https://swagger.io/docs/specification/2-0/describing-parameters/ + // and https://swagger.io/specification/v2/#parameter-object. + Parameters parameters = 14; +} + +// `Parameters` is a representation of OpenAPI v2 specification's parameters object. +// Note: This technically breaks compatibility with the OpenAPI 2 definition structure as we only +// allow header parameters to be set here since we do not want users specifying custom non-header +// parameters beyond those inferred from the Protobuf schema. +// See: https://swagger.io/specification/v2/#parameter-object +message Parameters { + // `Headers` is one or more HTTP header parameter. + // See: https://swagger.io/docs/specification/2-0/describing-parameters/#header-parameters + repeated HeaderParameter headers = 1; +} + +// `HeaderParameter` a HTTP header parameter. +// See: https://swagger.io/specification/v2/#parameter-object +message HeaderParameter { + // `Type` is a supported HTTP header type. + // See https://swagger.io/specification/v2/#parameterType. + enum Type { + UNKNOWN = 0; + STRING = 1; + NUMBER = 2; + INTEGER = 3; + BOOLEAN = 4; + } + + // `Name` is the header name. + string name = 1; + // `Description` is a short description of the header. + string description = 2; + // `Type` is the type of the object. The value MUST be one of "string", "number", "integer", or "boolean". The "array" type is not supported. + // See: https://swagger.io/specification/v2/#parameterType. + Type type = 3; + // `Format` The extending format for the previously mentioned type. + string format = 4; + // `Required` indicates if the header is optional + bool required = 5; + // field 6 is reserved for 'items', but in OpenAPI-specific way. + reserved 6; + // field 7 is reserved `Collection Format`. Determines the format of the array if type array is used. + reserved 7; +} + +// `Header` is a representation of OpenAPI v2 specification's Header object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#headerObject +// +message Header { + // `Description` is a short description of the header. + string description = 1; + // The type of the object. The value MUST be one of "string", "number", "integer", or "boolean". The "array" type is not supported. + string type = 2; + // `Format` The extending format for the previously mentioned type. + string format = 3; + // field 4 is reserved for 'items', but in OpenAPI-specific way. + reserved 4; + // field 5 is reserved `Collection Format` Determines the format of the array if type array is used. + reserved 5; + // `Default` Declares the value of the header that the server will use if none is provided. + // See: https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-6.2. + // Unlike JSON Schema this value MUST conform to the defined type for the header. + string default = 6; + // field 7 is reserved for 'maximum'. + reserved 7; + // field 8 is reserved for 'exclusiveMaximum'. + reserved 8; + // field 9 is reserved for 'minimum'. + reserved 9; + // field 10 is reserved for 'exclusiveMinimum'. + reserved 10; + // field 11 is reserved for 'maxLength'. + reserved 11; + // field 12 is reserved for 'minLength'. + reserved 12; + // 'Pattern' See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.3. + string pattern = 13; + // field 14 is reserved for 'maxItems'. + reserved 14; + // field 15 is reserved for 'minItems'. + reserved 15; + // field 16 is reserved for 'uniqueItems'. + reserved 16; + // field 17 is reserved for 'enum'. + reserved 17; + // field 18 is reserved for 'multipleOf'. + reserved 18; +} + +// `Response` is a representation of OpenAPI v2 specification's Response object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#responseObject +// +message Response { + // `Description` is a short description of the response. + // GFM syntax can be used for rich text representation. + string description = 1; + // `Schema` optionally defines the structure of the response. + // If `Schema` is not provided, it means there is no content to the response. + Schema schema = 2; + // `Headers` A list of headers that are sent with the response. + // `Header` name is expected to be a string in the canonical format of the MIME header key + // See: https://golang.org/pkg/net/textproto/#CanonicalMIMEHeaderKey + map headers = 3; + // `Examples` gives per-mimetype response examples. + // See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#example-object + map examples = 4; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 5; +} + +// `Info` is a representation of OpenAPI v2 specification's Info object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#infoObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// title: "Echo API"; +// version: "1.0"; +// description: ""; +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/main/LICENSE"; +// }; +// }; +// ... +// }; +// +message Info { + // The title of the application. + string title = 1; + // A short description of the application. GFM syntax can be used for rich + // text representation. + string description = 2; + // The Terms of Service for the API. + string terms_of_service = 3; + // The contact information for the exposed API. + Contact contact = 4; + // The license information for the exposed API. + License license = 5; + // Provides the version of the application API (not to be confused + // with the specification version). + string version = 6; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 7; +} + +// `Contact` is a representation of OpenAPI v2 specification's Contact object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#contactObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// ... +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// ... +// }; +// ... +// }; +// +message Contact { + // The identifying name of the contact person/organization. + string name = 1; + // The URL pointing to the contact information. MUST be in the format of a + // URL. + string url = 2; + // The email address of the contact person/organization. MUST be in the format + // of an email address. + string email = 3; +} + +// `License` is a representation of OpenAPI v2 specification's License object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#licenseObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// ... +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/main/LICENSE"; +// }; +// ... +// }; +// ... +// }; +// +message License { + // The license name used for the API. + string name = 1; + // A URL to the license used for the API. MUST be in the format of a URL. + string url = 2; +} + +// `ExternalDocumentation` is a representation of OpenAPI v2 specification's +// ExternalDocumentation object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#externalDocumentationObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// ... +// external_docs: { +// description: "More about gRPC-Gateway"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// } +// ... +// }; +// +message ExternalDocumentation { + // A short description of the target documentation. GFM syntax can be used for + // rich text representation. + string description = 1; + // The URL for the target documentation. Value MUST be in the format + // of a URL. + string url = 2; +} + +// `Schema` is a representation of OpenAPI v2 specification's Schema object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject +// +message Schema { + JSONSchema json_schema = 1; + // Adds support for polymorphism. The discriminator is the schema property + // name that is used to differentiate between other schema that inherit this + // schema. The property name used MUST be defined at this schema and it MUST + // be in the required property list. When used, the value MUST be the name of + // this schema or any schema that inherits it. + string discriminator = 2; + // Relevant only for Schema "properties" definitions. Declares the property as + // "read only". This means that it MAY be sent as part of a response but MUST + // NOT be sent as part of the request. Properties marked as readOnly being + // true SHOULD NOT be in the required list of the defined schema. Default + // value is false. + bool read_only = 3; + // field 4 is reserved for 'xml'. + reserved 4; + // Additional external documentation for this schema. + ExternalDocumentation external_docs = 5; + // A free-form property to include an example of an instance for this schema in JSON. + // This is copied verbatim to the output. + string example = 6; +} + +// `EnumSchema` is subset of fields from the OpenAPI v2 specification's Schema object. +// Only fields that are applicable to Enums are included +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_enum) = { +// ... +// title: "MyEnum"; +// description:"This is my nice enum"; +// example: "ZERO"; +// required: true; +// ... +// }; +// +message EnumSchema { + // A short description of the schema. + string description = 1; + string default = 2; + // The title of the schema. + string title = 3; + bool required = 4; + bool read_only = 5; + // Additional external documentation for this schema. + ExternalDocumentation external_docs = 6; + string example = 7; + // Ref is used to define an external reference to include in the message. + // This could be a fully qualified proto message reference, and that type must + // be imported into the protofile. If no message is identified, the Ref will + // be used verbatim in the output. + // For example: + // `ref: ".google.protobuf.Timestamp"`. + string ref = 8; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 9; +} + +// `JSONSchema` represents properties from JSON Schema taken, and as used, in +// the OpenAPI v2 spec. +// +// This includes changes made by OpenAPI v2. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject +// +// See also: https://cswr.github.io/JsonSchema/spec/basic_types/, +// https://github.com/json-schema-org/json-schema-spec/blob/master/schema.json +// +// Example: +// +// message SimpleMessage { +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = { +// json_schema: { +// title: "SimpleMessage" +// description: "A simple message." +// required: ["id"] +// } +// }; +// +// // Id represents the message identifier. +// string id = 1; [ +// (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { +// description: "The unique identifier of the simple message." +// }]; +// } +// +message JSONSchema { + // field 1 is reserved for '$id', omitted from OpenAPI v2. + reserved 1; + // field 2 is reserved for '$schema', omitted from OpenAPI v2. + reserved 2; + // Ref is used to define an external reference to include in the message. + // This could be a fully qualified proto message reference, and that type must + // be imported into the protofile. If no message is identified, the Ref will + // be used verbatim in the output. + // For example: + // `ref: ".google.protobuf.Timestamp"`. + string ref = 3; + // field 4 is reserved for '$comment', omitted from OpenAPI v2. + reserved 4; + // The title of the schema. + string title = 5; + // A short description of the schema. + string description = 6; + string default = 7; + bool read_only = 8; + // A free-form property to include a JSON example of this field. This is copied + // verbatim to the output swagger.json. Quotes must be escaped. + // This property is the same for 2.0 and 3.0.0 https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/3.0.0.md#schemaObject https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject + string example = 9; + double multiple_of = 10; + // Maximum represents an inclusive upper limit for a numeric instance. The + // value of MUST be a number, + double maximum = 11; + bool exclusive_maximum = 12; + // minimum represents an inclusive lower limit for a numeric instance. The + // value of MUST be a number, + double minimum = 13; + bool exclusive_minimum = 14; + uint64 max_length = 15; + uint64 min_length = 16; + string pattern = 17; + // field 18 is reserved for 'additionalItems', omitted from OpenAPI v2. + reserved 18; + // field 19 is reserved for 'items', but in OpenAPI-specific way. + // TODO(ivucica): add 'items'? + reserved 19; + uint64 max_items = 20; + uint64 min_items = 21; + bool unique_items = 22; + // field 23 is reserved for 'contains', omitted from OpenAPI v2. + reserved 23; + uint64 max_properties = 24; + uint64 min_properties = 25; + repeated string required = 26; + // field 27 is reserved for 'additionalProperties', but in OpenAPI-specific + // way. TODO(ivucica): add 'additionalProperties'? + reserved 27; + // field 28 is reserved for 'definitions', omitted from OpenAPI v2. + reserved 28; + // field 29 is reserved for 'properties', but in OpenAPI-specific way. + // TODO(ivucica): add 'additionalProperties'? + reserved 29; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: + // patternProperties, dependencies, propertyNames, const + reserved 30 to 33; + // Items in 'array' must be unique. + repeated string array = 34; + + enum JSONSchemaSimpleTypes { + UNKNOWN = 0; + ARRAY = 1; + BOOLEAN = 2; + INTEGER = 3; + NULL = 4; + NUMBER = 5; + OBJECT = 6; + STRING = 7; + } + + repeated JSONSchemaSimpleTypes type = 35; + // `Format` + string format = 36; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: contentMediaType, contentEncoding, if, then, else + reserved 37 to 41; + // field 42 is reserved for 'allOf', but in OpenAPI-specific way. + // TODO(ivucica): add 'allOf'? + reserved 42; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: + // anyOf, oneOf, not + reserved 43 to 45; + // Items in `enum` must be unique https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.5.1 + repeated string enum = 46; + + // Additional field level properties used when generating the OpenAPI v2 file. + FieldConfiguration field_configuration = 1001; + + // 'FieldConfiguration' provides additional field level properties used when generating the OpenAPI v2 file. + // These properties are not defined by OpenAPIv2, but they are used to control the generation. + message FieldConfiguration { + // Alternative parameter name when used as path parameter. If set, this will + // be used as the complete parameter name when this field is used as a path + // parameter. Use this to avoid having auto generated path parameter names + // for overlapping paths. + string path_param_name = 47; + // Declares this field to be deprecated. Allows for the generated OpenAPI + // parameter to be marked as deprecated without affecting the proto field. + bool deprecated = 49; + } + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 48; +} + +// `Tag` is a representation of OpenAPI v2 specification's Tag object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#tagObject +// +message Tag { + // The name of the tag. Use it to allow override of the name of a + // global Tag object, then use that name to reference the tag throughout the + // OpenAPI file. + string name = 1; + // A short description for the tag. GFM syntax can be used for rich text + // representation. + string description = 2; + // Additional external documentation for this tag. + ExternalDocumentation external_docs = 3; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 4; +} + +// `SecurityDefinitions` is a representation of OpenAPI v2 specification's +// Security Definitions object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securityDefinitionsObject +// +// A declaration of the security schemes available to be used in the +// specification. This does not enforce the security schemes on the operations +// and only serves to provide the relevant details for each scheme. +message SecurityDefinitions { + // A single security scheme definition, mapping a "name" to the scheme it + // defines. + map security = 1; +} + +// `SecurityScheme` is a representation of OpenAPI v2 specification's +// Security Scheme object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securitySchemeObject +// +// Allows the definition of a security scheme that can be used by the +// operations. Supported schemes are basic authentication, an API key (either as +// a header or as a query parameter) and OAuth2's common flows (implicit, +// password, application and access code). +message SecurityScheme { + // The type of the security scheme. Valid values are "basic", + // "apiKey" or "oauth2". + enum Type { + TYPE_INVALID = 0; + TYPE_BASIC = 1; + TYPE_API_KEY = 2; + TYPE_OAUTH2 = 3; + } + + // The location of the API key. Valid values are "query" or "header". + enum In { + IN_INVALID = 0; + IN_QUERY = 1; + IN_HEADER = 2; + } + + // The flow used by the OAuth2 security scheme. Valid values are + // "implicit", "password", "application" or "accessCode". + enum Flow { + FLOW_INVALID = 0; + FLOW_IMPLICIT = 1; + FLOW_PASSWORD = 2; + FLOW_APPLICATION = 3; + FLOW_ACCESS_CODE = 4; + } + + // The type of the security scheme. Valid values are "basic", + // "apiKey" or "oauth2". + Type type = 1; + // A short description for security scheme. + string description = 2; + // The name of the header or query parameter to be used. + // Valid for apiKey. + string name = 3; + // The location of the API key. Valid values are "query" or + // "header". + // Valid for apiKey. + In in = 4; + // The flow used by the OAuth2 security scheme. Valid values are + // "implicit", "password", "application" or "accessCode". + // Valid for oauth2. + Flow flow = 5; + // The authorization URL to be used for this flow. This SHOULD be in + // the form of a URL. + // Valid for oauth2/implicit and oauth2/accessCode. + string authorization_url = 6; + // The token URL to be used for this flow. This SHOULD be in the + // form of a URL. + // Valid for oauth2/password, oauth2/application and oauth2/accessCode. + string token_url = 7; + // The available scopes for the OAuth2 security scheme. + // Valid for oauth2. + Scopes scopes = 8; + // Custom properties that start with "x-" such as "x-foo" used to describe + // extra functionality that is not covered by the standard OpenAPI Specification. + // See: https://swagger.io/docs/specification/2-0/swagger-extensions/ + map extensions = 9; +} + +// `SecurityRequirement` is a representation of OpenAPI v2 specification's +// Security Requirement object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securityRequirementObject +// +// Lists the required security schemes to execute this operation. The object can +// have multiple security schemes declared in it which are all required (that +// is, there is a logical AND between the schemes). +// +// The name used for each property MUST correspond to a security scheme +// declared in the Security Definitions. +message SecurityRequirement { + // If the security scheme is of type "oauth2", then the value is a list of + // scope names required for the execution. For other security scheme types, + // the array MUST be empty. + message SecurityRequirementValue { + repeated string scope = 1; + } + // Each name must correspond to a security scheme which is declared in + // the Security Definitions. If the security scheme is of type "oauth2", + // then the value is a list of scope names required for the execution. + // For other security scheme types, the array MUST be empty. + map security_requirement = 1; +} + +// `Scopes` is a representation of OpenAPI v2 specification's Scopes object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#scopesObject +// +// Lists the available scopes for an OAuth2 security scheme. +message Scopes { + // Maps between a name of a scope to a short description of it (as the value + // of the property). + map scope = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit b/wfe-buildkit-protos/proto/github.com/moby/buildkit deleted file mode 120000 index ec10f85..0000000 --- a/wfe-buildkit-protos/proto/github.com/moby/buildkit +++ /dev/null @@ -1 +0,0 @@ -/Users/sienna/Development/sunbeam/wfe/wfe-buildkit-protos/vendor/buildkit \ No newline at end of file diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/services/control/control.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/services/control/control.proto new file mode 100644 index 0000000..128408e --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/services/control/control.proto @@ -0,0 +1,253 @@ +syntax = "proto3"; + +package moby.buildkit.v1; + +option go_package = "github.com/moby/buildkit/api/services/control;moby_buildkit_v1"; + +// import "github.com/containerd/containerd/api/types/descriptor.proto"; +import "github.com/moby/buildkit/api/types/worker.proto"; +import "github.com/moby/buildkit/solver/pb/ops.proto"; +import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto"; +import "google/protobuf/timestamp.proto"; +import "google/rpc/status.proto"; + +service Control { + rpc DiskUsage(DiskUsageRequest) returns (DiskUsageResponse); + rpc Prune(PruneRequest) returns (stream UsageRecord); + rpc Solve(SolveRequest) returns (SolveResponse); + rpc Status(StatusRequest) returns (stream StatusResponse); + rpc Session(stream BytesMessage) returns (stream BytesMessage); + rpc ListWorkers(ListWorkersRequest) returns (ListWorkersResponse); + rpc Info(InfoRequest) returns (InfoResponse); + + rpc ListenBuildHistory(BuildHistoryRequest) returns (stream BuildHistoryEvent); + rpc UpdateBuildHistory(UpdateBuildHistoryRequest) returns (UpdateBuildHistoryResponse); +} + +message PruneRequest { + repeated string filter = 1; + bool all = 2; + int64 keepDuration = 3; + + int64 reservedSpace = 4; + int64 maxUsedSpace = 5; + int64 minFreeSpace = 6; +} + +message DiskUsageRequest { + repeated string filter = 1; + int64 ageLimit = 2; +} + +message DiskUsageResponse { + repeated UsageRecord record = 1; +} + +message UsageRecord { + string ID = 1; + bool Mutable = 2; + bool InUse = 3; + int64 Size = 4; + string Parent = 5 [deprecated=true]; + google.protobuf.Timestamp CreatedAt = 6; + google.protobuf.Timestamp LastUsedAt = 7; + int64 UsageCount = 8; + string Description = 9; + string RecordType = 10; + bool Shared = 11; + repeated string Parents = 12; +} + +message SolveRequest { + string Ref = 1; + pb.Definition Definition = 2; + // ExporterDeprecated and ExporterAttrsDeprecated are deprecated in favor + // of the new Exporters. If these fields are set, then they will be + // appended to the Exporters field if Exporters was not explicitly set. + string ExporterDeprecated = 3; + map ExporterAttrsDeprecated = 4; + string Session = 5; + string Frontend = 6; + map FrontendAttrs = 7; + CacheOptions Cache = 8; + repeated string Entitlements = 9; + map FrontendInputs = 10; + bool Internal = 11; // Internal builds are not recorded in build history + moby.buildkit.v1.sourcepolicy.Policy SourcePolicy = 12; + repeated Exporter Exporters = 13; + bool EnableSessionExporter = 14; + string SourcePolicySession = 15; +} + +message CacheOptions { + // ExportRefDeprecated is deprecated in favor or the new Exports since BuildKit v0.4.0. + // When ExportRefDeprecated is set, the solver appends + // {.Type = "registry", .Attrs = ExportAttrs.add("ref", ExportRef)} + // to Exports for compatibility. (planned to be removed) + string ExportRefDeprecated = 1; + // ImportRefsDeprecated is deprecated in favor or the new Imports since BuildKit v0.4.0. + // When ImportRefsDeprecated is set, the solver appends + // {.Type = "registry", .Attrs = {"ref": importRef}} + // for each of the ImportRefs entry to Imports for compatibility. (planned to be removed) + repeated string ImportRefsDeprecated = 2; + // ExportAttrsDeprecated is deprecated since BuildKit v0.4.0. + // See the description of ExportRefDeprecated. + map ExportAttrsDeprecated = 3; + // Exports was introduced in BuildKit v0.4.0. + repeated CacheOptionsEntry Exports = 4; + // Imports was introduced in BuildKit v0.4.0. + repeated CacheOptionsEntry Imports = 5; +} + +message CacheOptionsEntry { + // Type is like "registry" or "local" + string Type = 1; + // Attrs are like mode=(min,max), ref=example.com:5000/foo/bar . + // See cache importer/exporter implementations' documentation. + map Attrs = 2; +} + +message SolveResponse { + map ExporterResponse = 1; +} + +message StatusRequest { + string Ref = 1; +} + +message StatusResponse { + repeated Vertex vertexes = 1; + repeated VertexStatus statuses = 2; + repeated VertexLog logs = 3; + repeated VertexWarning warnings = 4; +} + +message Vertex { + string digest = 1; + repeated string inputs = 2; + string name = 3; + bool cached = 4; + google.protobuf.Timestamp started = 5; + google.protobuf.Timestamp completed = 6; + string error = 7; // typed errors? + pb.ProgressGroup progressGroup = 8; +} + +message VertexStatus { + string ID = 1; + string vertex = 2; + string name = 3; + int64 current = 4; + int64 total = 5; + google.protobuf.Timestamp timestamp = 6; + google.protobuf.Timestamp started = 7; + google.protobuf.Timestamp completed = 8; +} + +message VertexLog { + string vertex = 1; + google.protobuf.Timestamp timestamp = 2; + int64 stream = 3; + bytes msg = 4; +} + +message VertexWarning { + string vertex = 1; + int64 level = 2; + bytes short = 3; + repeated bytes detail = 4; + string url = 5; + pb.SourceInfo info = 6; + repeated pb.Range ranges = 7; +} + +message BytesMessage { + bytes data = 1; +} + +message ListWorkersRequest { + repeated string filter = 1; // containerd style +} + +message ListWorkersResponse { + repeated moby.buildkit.v1.types.WorkerRecord record = 1; +} + +message InfoRequest {} + +message InfoResponse { + moby.buildkit.v1.types.BuildkitVersion buildkitVersion = 1; +} + +message BuildHistoryRequest { + bool ActiveOnly = 1; + string Ref = 2; + bool EarlyExit = 3; + repeated string Filter = 4; + int32 Limit = 5; +} + +enum BuildHistoryEventType { + STARTED = 0; + COMPLETE = 1; + DELETED = 2; +} + +message BuildHistoryEvent { + BuildHistoryEventType type = 1; + BuildHistoryRecord record = 2; +} + +message BuildHistoryRecord { + string Ref = 1; + string Frontend = 2; + map FrontendAttrs = 3; + repeated Exporter Exporters = 4; + google.rpc.Status error = 5; + google.protobuf.Timestamp CreatedAt = 6; + google.protobuf.Timestamp CompletedAt = 7; + Descriptor logs = 8; + map ExporterResponse = 9; + BuildResultInfo Result = 10; + map Results = 11; + int32 Generation = 12; + Descriptor trace = 13; + bool pinned = 14; + int32 numCachedSteps = 15; + int32 numTotalSteps = 16; + int32 numCompletedSteps = 17; + Descriptor externalError = 18; + int32 numWarnings = 19; + // TODO: tags + // TODO: unclipped logs +} + +message UpdateBuildHistoryRequest { + string Ref = 1; + bool Pinned = 2; + bool Delete = 3; + bool Finalize = 4; +} + +message UpdateBuildHistoryResponse {} + +message Descriptor { + string media_type = 1; + string digest = 2; + int64 size = 3; + map annotations = 5; +} + +message BuildResultInfo { + Descriptor ResultDeprecated = 1; + repeated Descriptor Attestations = 2; + map Results = 3; +} + +// Exporter describes the output exporter +message Exporter { + // Type identifies the exporter + string Type = 1; + // Attrs specifies exporter configuration + map Attrs = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/types/worker.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/types/worker.proto new file mode 100644 index 0000000..8f56566 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/api/types/worker.proto @@ -0,0 +1,40 @@ +syntax = "proto3"; + +package moby.buildkit.v1.types; + +option go_package = "github.com/moby/buildkit/api/types;moby_buildkit_v1_types"; + +import "github.com/moby/buildkit/solver/pb/ops.proto"; + +message WorkerRecord { + string ID = 1; + map Labels = 2; + repeated pb.Platform platforms = 3; + repeated GCPolicy GCPolicy = 4; + BuildkitVersion BuildkitVersion = 5; + repeated CDIDevice CDIDevices = 6; +} + +message GCPolicy { + bool all = 1; + int64 keepDuration = 2; + repeated string filters = 4; + + // reservedSpace was renamed from freeBytes + int64 reservedSpace = 3; + int64 maxUsedSpace = 5; + int64 minFreeSpace = 6; +} + +message BuildkitVersion { + string package = 1; + string version = 2; + string revision = 3; +} + +message CDIDevice { + string Name = 1; + bool AutoAllow = 2; + map Annotations = 3; + bool OnDemand = 4; +} \ No newline at end of file diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/cache/contenthash/checksum.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/cache/contenthash/checksum.proto new file mode 100644 index 0000000..60122c9 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/cache/contenthash/checksum.proto @@ -0,0 +1,27 @@ +syntax = "proto3"; + +package contenthash; + +option go_package = "github.com/moby/buildkit/cache/contenthash"; + +enum CacheRecordType { + FILE = 0; + DIR = 1; + DIR_HEADER = 2; + SYMLINK = 3; +} + +message CacheRecord { + string digest = 1; + CacheRecordType type = 2; + string linkname = 3; +} + +message CacheRecordWithPath { + string path = 1; + CacheRecord record = 2; +} + +message CacheRecords { + repeated CacheRecordWithPath paths = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/frontend/gateway/pb/gateway.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/frontend/gateway/pb/gateway.proto new file mode 100644 index 0000000..6480778 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/frontend/gateway/pb/gateway.proto @@ -0,0 +1,407 @@ +syntax = "proto3"; + +package moby.buildkit.v1.frontend; + +option go_package = "github.com/moby/buildkit/frontend/gateway/pb;moby_buildkit_v1_frontend"; + +import "github.com/moby/buildkit/api/types/worker.proto"; +import "github.com/moby/buildkit/solver/pb/ops.proto"; +import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto"; +import "github.com/moby/buildkit/util/apicaps/pb/caps.proto"; +import "github.com/tonistiigi/fsutil/types/stat.proto"; +import "google/protobuf/timestamp.proto"; +import "google/rpc/status.proto"; + +service LLBBridge { + // apicaps:CapResolveImage + rpc ResolveImageConfig(ResolveImageConfigRequest) returns (ResolveImageConfigResponse); + // apicaps:CapSourceMetaResolver + rpc ResolveSourceMeta(ResolveSourceMetaRequest) returns (ResolveSourceMetaResponse); + // apicaps:CapSolveBase + rpc Solve(SolveRequest) returns (SolveResponse); + // apicaps:CapReadFile + rpc ReadFile(ReadFileRequest) returns (ReadFileResponse); + // apicaps:CapReadDir + rpc ReadDir(ReadDirRequest) returns (ReadDirResponse); + // apicaps:CapStatFile + rpc StatFile(StatFileRequest) returns (StatFileResponse); + // apicaps:CapGatewayEvaluate + rpc Evaluate(EvaluateRequest) returns (EvaluateResponse); + rpc Ping(PingRequest) returns (PongResponse); + rpc Return(ReturnRequest) returns (ReturnResponse); + // apicaps:CapFrontendInputs + rpc Inputs(InputsRequest) returns (InputsResponse); + + rpc NewContainer(NewContainerRequest) returns (NewContainerResponse); + rpc ReleaseContainer(ReleaseContainerRequest) returns (ReleaseContainerResponse); + rpc ExecProcess(stream ExecMessage) returns (stream ExecMessage); + + // apicaps:CapGatewayExecFilesystem + rpc ReadFileContainer(ReadFileRequest) returns (ReadFileResponse); + rpc ReadDirContainer(ReadDirRequest) returns (ReadDirResponse); + rpc StatFileContainer(StatFileRequest) returns (StatFileResponse); + + // apicaps:CapGatewayWarnings + rpc Warn(WarnRequest) returns (WarnResponse); +} + +message Result { + oneof result { + // Deprecated non-array refs. + string refDeprecated = 1; + RefMapDeprecated refsDeprecated = 2; + + Ref ref = 3; + RefMap refs = 4; + } + map metadata = 10; + // 11 was used during development and is reserved for old attestation format + map attestations = 12; +} + +message RefMapDeprecated { + map refs = 1; +} + +message Ref { + string id = 1; + pb.Definition def = 2; +} + +message RefMap { + map refs = 1; +} + +message Attestations { + repeated Attestation attestation = 1; +} + +message Attestation { + AttestationKind kind = 1; + map metadata = 2; + + Ref ref = 3; + string path = 4; + string inTotoPredicateType = 5; + repeated InTotoSubject inTotoSubjects = 6; +} + +enum AttestationKind { + InToto = 0; + Bundle = 1; +} + +message InTotoSubject { + InTotoSubjectKind kind = 1; + + repeated string digest = 2; + string name = 3; +} + +enum InTotoSubjectKind { + Self = 0; + Raw = 1; +} + +message ReturnRequest { + Result result = 1; + google.rpc.Status error = 2; +} + +message ReturnResponse { +} + +message InputsRequest { +} + +message InputsResponse { + map Definitions = 1; +} + +message ResolveImageConfigRequest { + string Ref = 1; + pb.Platform Platform = 2; + string ResolveMode = 3; + string LogName = 4; + int32 ResolverType = 5; + string SessionID = 6; + string StoreID = 7; + repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 8; +} + +message ResolveImageConfigResponse { + string Digest = 1; + bytes Config = 2; + string Ref = 3; +} + +message ResolveSourceMetaRequest { + pb.SourceOp Source = 1; + pb.Platform Platform = 2; + string LogName = 3; + string ResolveMode = 4; + ResolveSourceGitRequest Git = 5; + ResolveSourceImageRequest Image = 6; + ResolveSourceHTTPRequest HTTP = 7; + repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 8; +} + +message ResolveSourceMetaResponse { + pb.SourceOp Source = 1; + ResolveSourceImageResponse Image = 2; + ResolveSourceGitResponse Git = 3; + ResolveSourceHTTPResponse HTTP = 4; +} + +message ResolveSourceImageRequest { + bool NoConfig = 1; + bool AttestationChain = 2; + repeated string ResolveAttestations = 3; +} + +message AttestationChain { + string Root = 1; + string ImageManifest = 2; + string AttestationManifest = 3; + repeated string SignatureManifests = 4; + map Blobs = 5; +} + +message ResolveSourceImageResponse { + string Digest = 1; + bytes Config = 2; + AttestationChain AttestationChain = 3; +} + +message ResolveSourceGitRequest { + // Return full commit and tag object bytes. + bool ReturnObject = 1; +} + +message ResolveSourceGitResponse { + string Checksum = 1; + string Ref = 2; + string CommitChecksum = 3; + bytes CommitObject = 4; + bytes TagObject = 5; +} + +message ResolveSourceHTTPResponse { + string Checksum = 1; + string Filename = 2; + google.protobuf.Timestamp LastModified = 3; + ChecksumResponse ChecksumResponse = 4; +} + +message ResolveSourceHTTPRequest { + ChecksumRequest ChecksumRequest = 1; +} + +message ChecksumRequest { + enum ChecksumAlgo { + CHECKSUM_ALGO_SHA256 = 0; + CHECKSUM_ALGO_SHA384 = 1; + CHECKSUM_ALGO_SHA512 = 2; + } + ChecksumAlgo Algo = 1; + bytes Suffix = 2; +} + +message ChecksumResponse { + string Digest = 1; + bytes Suffix = 2; +} + +message SolveRequest { + pb.Definition Definition = 1; + string Frontend = 2; + map FrontendOpt = 3; + // 4 was removed in BuildKit v0.11.0. + bool allowResultReturn = 5; + bool allowResultArrayRef = 6; + + // apicaps.CapSolveInlineReturn deprecated + bool Final = 10; + bytes ExporterAttr = 11; + // CacheImports was added in BuildKit v0.4.0. + // apicaps:CapImportCaches + repeated CacheOptionsEntry CacheImports = 12; + + // apicaps:CapFrontendInputs + map FrontendInputs = 13; + + bool Evaluate = 14; + + repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 15; +} + +// CacheOptionsEntry corresponds to the control.CacheOptionsEntry +message CacheOptionsEntry { + string Type = 1; + map Attrs = 2; +} + +message SolveResponse { + // deprecated + string ref = 1; // can be used by readfile request + // deprecated + // bytes ExporterAttr = 2; + + // these fields are returned when allowMapReturn was set + Result result = 3; +} + +message ReadFileRequest { + string Ref = 1; + string FilePath = 2; + FileRange Range = 3; + int32 MountIndex = 4; +} + +message FileRange { + int64 Offset = 1; + int64 Length = 2; +} + +message ReadFileResponse { + bytes Data = 1; +} + +message ReadDirRequest { + string Ref = 1; + string DirPath = 2; + string IncludePattern = 3; + int32 MountIndex = 4; +} + +message ReadDirResponse { + repeated fsutil.types.Stat entries = 1; +} + +message StatFileRequest { + string Ref = 1; + string Path = 2; + int32 MountIndex = 3; +} + +message StatFileResponse { + fsutil.types.Stat stat = 1; +} + +message EvaluateRequest { + string Ref = 1; +} + +message EvaluateResponse { +} + +message PingRequest{ +} +message PongResponse{ + repeated moby.buildkit.v1.apicaps.APICap FrontendAPICaps = 1; + repeated moby.buildkit.v1.apicaps.APICap LLBCaps = 2; + repeated moby.buildkit.v1.types.WorkerRecord Workers = 3; +} + +message WarnRequest { + string digest = 1; + int64 level = 2; + bytes short = 3; + repeated bytes detail = 4; + string url = 5; + pb.SourceInfo info = 6; + repeated pb.Range ranges = 7; +} + +message WarnResponse{} + +message NewContainerRequest { + string ContainerID = 1; + // For mount input values we can use random identifiers passed with ref + repeated pb.Mount Mounts = 2; + pb.NetMode Network = 3; + pb.Platform platform = 4; + pb.WorkerConstraints constraints = 5; + repeated pb.HostIP extraHosts = 6; + string hostname = 7; +} + +message NewContainerResponse{} + +message ReleaseContainerRequest { + string ContainerID = 1; +} + +message ReleaseContainerResponse{} + +message ExecMessage { + string ProcessID = 1; + oneof Input { + // InitMessage sent from client to server will start a new process in a + // container + InitMessage Init = 2; + // FdMessage used from client to server for input (stdin) and + // from server to client for output (stdout, stderr) + FdMessage File = 3; + // ResizeMessage used from client to server for terminal resize events + ResizeMessage Resize = 4; + // StartedMessage sent from server to client after InitMessage to + // indicate the process has started. + StartedMessage Started = 5; + // ExitMessage sent from server to client will contain the exit code + // when the process ends. + ExitMessage Exit = 6; + // DoneMessage from server to client will be the last message for any + // process. Note that FdMessage might be sent after ExitMessage. + DoneMessage Done = 7; + // SignalMessage is used from client to server to send signal events + SignalMessage Signal = 8; + } +} + +message InitMessage{ + string ContainerID = 1; + pb.Meta Meta = 2; + repeated uint32 Fds = 3; + bool Tty = 4; + pb.SecurityMode Security = 5; + repeated pb.SecretEnv secretenv = 6; +} + +message ExitMessage { + uint32 Code = 1; + google.rpc.Status Error = 2; +} + +message StartedMessage{} + +message DoneMessage{} + +message FdMessage{ + uint32 Fd = 1; // what fd the data was from + bool EOF = 2; // true if eof was reached + bytes Data = 3; +} + +message ResizeMessage{ + uint32 Rows = 1; + uint32 Cols = 2; +} + +message SignalMessage { + // we only send name (ie HUP, INT) because the int values + // are platform dependent. + string Name = 1; +} + +message Blob { + Descriptor descriptor = 1; + bytes data = 2; +} + +message Descriptor { + string media_type = 1; + string digest = 2; + int64 size = 3; + map annotations = 5; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/auth/auth.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/auth/auth.proto new file mode 100644 index 0000000..a4ed599 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/auth/auth.proto @@ -0,0 +1,54 @@ +syntax = "proto3"; + +package moby.filesync.v1; + +option go_package = "github.com/moby/buildkit/session/auth"; + +service Auth{ + rpc Credentials(CredentialsRequest) returns (CredentialsResponse); + rpc FetchToken(FetchTokenRequest) returns (FetchTokenResponse); + rpc GetTokenAuthority(GetTokenAuthorityRequest) returns (GetTokenAuthorityResponse); + rpc VerifyTokenAuthority(VerifyTokenAuthorityRequest) returns (VerifyTokenAuthorityResponse); +} + +message CredentialsRequest { + string Host = 1; +} + +message CredentialsResponse { + string Username = 1; + string Secret = 2; +} + +message FetchTokenRequest { + string ClientID = 1; + string Host = 2; + string Realm = 3; + string Service = 4; + repeated string Scopes = 5; +} + +message FetchTokenResponse { + string Token = 1; + int64 ExpiresIn = 2; // seconds + int64 IssuedAt = 3; // timestamp +} + +message GetTokenAuthorityRequest { + string Host = 1; + bytes Salt = 2; +} + +message GetTokenAuthorityResponse { + bytes PublicKey = 1; +} + +message VerifyTokenAuthorityRequest { + string Host = 1; + bytes Payload = 2; + bytes Salt = 3; +} + +message VerifyTokenAuthorityResponse { + bytes Signed = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/exporter/exporter.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/exporter/exporter.proto new file mode 100644 index 0000000..0a04233 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/exporter/exporter.proto @@ -0,0 +1,23 @@ +syntax = "proto3"; + +package moby.exporter.v1; + +option go_package = "github.com/moby/buildkit/session/exporter"; + +service Exporter { + rpc FindExporters(FindExportersRequest) returns (FindExportersResponse); +} + +message FindExportersRequest{ + map metadata = 1; + repeated string refs = 2; +} + +message FindExportersResponse { + repeated ExporterRequest exporters = 1; +} + +message ExporterRequest { + string Type = 1; + map Attrs = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/filesync/filesync.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/filesync/filesync.proto new file mode 100644 index 0000000..9b0f647 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/filesync/filesync.proto @@ -0,0 +1,23 @@ +syntax = "proto3"; + +package moby.filesync.v1; + +option go_package = "github.com/moby/buildkit/session/filesync"; + +import "github.com/tonistiigi/fsutil/types/wire.proto"; + +// FileSync exposes local files from the client to the server. +service FileSync{ + rpc DiffCopy(stream fsutil.types.Packet) returns (stream fsutil.types.Packet); + rpc TarStream(stream fsutil.types.Packet) returns (stream fsutil.types.Packet); +} + +// FileSend allows sending files from the server back to the client. +service FileSend{ + rpc DiffCopy(stream BytesMessage) returns (stream BytesMessage); +} + +// BytesMessage contains a chunk of byte data +message BytesMessage { + bytes data = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/secrets/secrets.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/secrets/secrets.proto new file mode 100644 index 0000000..2f3f2a3 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/secrets/secrets.proto @@ -0,0 +1,19 @@ +syntax = "proto3"; + +package moby.buildkit.secrets.v1; + +option go_package = "github.com/moby/buildkit/session/secrets"; + +service Secrets{ + rpc GetSecret(GetSecretRequest) returns (GetSecretResponse); +} + + +message GetSecretRequest { + string ID = 1; + map annotations = 2; +} + +message GetSecretResponse { + bytes data = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/sshforward/ssh.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/sshforward/ssh.proto new file mode 100644 index 0000000..9b21255 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/sshforward/ssh.proto @@ -0,0 +1,22 @@ +syntax = "proto3"; + +package moby.sshforward.v1; + +option go_package = "github.com/moby/buildkit/session/sshforward"; + +service SSH { + rpc CheckAgent(CheckAgentRequest) returns (CheckAgentResponse); + rpc ForwardAgent(stream BytesMessage) returns (stream BytesMessage); +} + +// BytesMessage contains a chunk of byte data +message BytesMessage{ + bytes data = 1; +} + +message CheckAgentRequest { + string ID = 1; +} + +message CheckAgentResponse { +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/upload/upload.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/upload/upload.proto new file mode 100644 index 0000000..9106e83 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/session/upload/upload.proto @@ -0,0 +1,14 @@ +syntax = "proto3"; + +package moby.upload.v1; + +option go_package = "github.com/moby/buildkit/session/upload"; + +service Upload { + rpc Pull(stream BytesMessage) returns (stream BytesMessage); +} + +// BytesMessage contains a chunk of byte data +message BytesMessage{ + bytes data = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/errdefs/errdefs.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/errdefs/errdefs.proto new file mode 100644 index 0000000..df0dd8c --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/errdefs/errdefs.proto @@ -0,0 +1,52 @@ +syntax = "proto3"; + +package errdefs; + +option go_package = "github.com/moby/buildkit/solver/errdefs"; + +import "github.com/moby/buildkit/solver/pb/ops.proto"; + +message Vertex { + string digest = 1; +} + +message Source { + pb.SourceInfo info = 1; + repeated pb.Range ranges = 2; +} + +message Frontend { + string name = 1; // frontend name e.g. dockerfile.v0 or gateway.v0 + string source = 2; // used by the gateway frontend to identify the source, which corresponds to the image name +} + +message FrontendCap { + string name = 1; +} + +message Subrequest { + string name = 1; +} + +message Solve { + repeated string inputIDs = 1; + repeated string mountIDs = 2; + pb.Op op = 3; + + oneof subject { + FileAction file = 4; + ContentCache cache = 5; + } + + map description = 6; +} + +message FileAction { + // Index of the file action that failed the exec. + int64 index = 1; +} + +message ContentCache { + // Original index of result that failed the slow cache calculation. + int64 index = 1; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/pb/ops.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/pb/ops.proto new file mode 100644 index 0000000..731123b --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/pb/ops.proto @@ -0,0 +1,446 @@ +syntax = "proto3"; + +// Package pb provides the protobuf definition of LLB: low-level builder instruction. +// LLB is DAG-structured; Op represents a vertex, and Definition represents a graph. +package pb; + +option go_package = "github.com/moby/buildkit/solver/pb"; + +// Op represents a vertex of the LLB DAG. +message Op { + // changes to this structure must be represented in json.go. + // inputs is a set of input edges. + repeated Input inputs = 1; + oneof op { + ExecOp exec = 2; + SourceOp source = 3; + FileOp file = 4; + BuildOp build = 5; + MergeOp merge = 6; + DiffOp diff = 7; + } + Platform platform = 10; + WorkerConstraints constraints = 11; +} + +// Platform is github.com/opencontainers/image-spec/specs-go/v1.Platform +message Platform { + string Architecture = 1; + string OS = 2; + string Variant = 3; + string OSVersion = 4; + repeated string OSFeatures = 5; // unused +} + +// Input represents an input edge for an Op. +message Input { + // digest of the marshaled input Op + string digest = 1; + // output index of the input Op + int64 index = 2; +} + +// ExecOp executes a command in a container. +message ExecOp { + Meta meta = 1; + repeated Mount mounts = 2; + NetMode network = 3; + SecurityMode security = 4; + repeated SecretEnv secretenv = 5; + repeated CDIDevice cdiDevices = 6; +} + +// Meta is a set of arguments for ExecOp. +// Meta is unrelated to LLB metadata. +// FIXME: rename (ExecContext? ExecArgs?) +message Meta { + repeated string args = 1; + repeated string env = 2; + string cwd = 3; + string user = 4; + ProxyEnv proxy_env = 5; + repeated HostIP extraHosts = 6; + string hostname = 7; + repeated Ulimit ulimit = 9; + string cgroupParent = 10; + bool removeMountStubsRecursive = 11; + repeated int32 validExitCodes = 12; +} + +message HostIP { + string Host = 1; + string IP = 2; +} + +message Ulimit { + string Name = 1; + int64 Soft = 2; + int64 Hard = 3; +} + +enum NetMode { + UNSET = 0; // sandbox + HOST = 1; + NONE = 2; +} + +enum SecurityMode { + SANDBOX = 0; + INSECURE = 1; // privileged mode +} + +// SecretEnv is an environment variable that is backed by a secret. +message SecretEnv { + string ID = 1; + string name = 2; + bool optional = 3; +} + +// CDIDevice specifies a CDI device information. +message CDIDevice { + // Fully qualified CDI device name (e.g., vendor.com/gpu=gpudevice1) + // https://github.com/cncf-tags/container-device-interface/blob/main/SPEC.md + string name = 1; + // Optional defines if CDI device is required. + bool optional = 2; +} + +// Mount specifies how to mount an input Op as a filesystem. +message Mount { + int64 input = 1; + string selector = 2; + string dest = 3; + int64 output = 4; + bool readonly = 5; + MountType mountType = 6; + TmpfsOpt TmpfsOpt = 19; + CacheOpt cacheOpt = 20; + SecretOpt secretOpt = 21; + SSHOpt SSHOpt = 22; + string resultID = 23; + MountContentCache contentCache = 24; +} + +// MountType defines a type of a mount from a supported set +enum MountType { + BIND = 0; + SECRET = 1; + SSH = 2; + CACHE = 3; + TMPFS = 4; +} + +// MountContentCache ... +enum MountContentCache { + DEFAULT = 0; + ON = 1; + OFF = 2; +} + +// TmpfsOpt defines options describing tpmfs mounts +message TmpfsOpt { + // Specify an upper limit on the size of the filesystem. + int64 size = 1; +} + +// CacheOpt defines options specific to cache mounts +message CacheOpt { + // ID is an optional namespace for the mount + string ID = 1; + // Sharing is the sharing mode for the mount + CacheSharingOpt sharing = 2; +} + +// CacheSharingOpt defines different sharing modes for cache mount +enum CacheSharingOpt { + // SHARED cache mount can be used concurrently by multiple writers + SHARED = 0; + // PRIVATE creates a new mount if there are multiple writers + PRIVATE = 1; + // LOCKED pauses second writer until first one releases the mount + LOCKED = 2; +} + +// SecretOpt defines options describing secret mounts +message SecretOpt { + // ID of secret. Used for quering the value. + string ID = 1; + // UID of secret file + uint32 uid = 2; + // GID of secret file + uint32 gid = 3; + // Mode is the filesystem mode of secret file + uint32 mode = 4; + // Optional defines if secret value is required. Error is produced + // if value is not found and optional is false. + bool optional = 5; +} + +// SSHOpt defines options describing ssh mounts +message SSHOpt { + // ID of exposed ssh rule. Used for quering the value. + string ID = 1; + // UID of agent socket + uint32 uid = 2; + // GID of agent socket + uint32 gid = 3; + // Mode is the filesystem mode of agent socket + uint32 mode = 4; + // Optional defines if ssh socket is required. Error is produced + // if client does not expose ssh. + bool optional = 5; +} + +// SourceOp specifies a source such as build contexts and images. +message SourceOp { + // TODO: use source type or any type instead of URL protocol. + // identifier e.g. local://, docker-image://, git://, https://... + string identifier = 1; + // attrs are defined in attr.go + map attrs = 2; +} + +// BuildOp is used for nested build invocation. +// BuildOp is experimental and can break without backwards compatibility +message BuildOp { + int64 builder = 1; + map inputs = 2; + Definition def = 3; + map attrs = 4; + // outputs +} + +// BuildInput is used for BuildOp. +message BuildInput { + int64 input = 1; +} + +// OpMetadata is a per-vertex metadata entry, which can be defined for arbitrary Op vertex and overridable on the run time. +message OpMetadata { + // ignore_cache specifies to ignore the cache for this Op. + bool ignore_cache = 1; + // Description can be used for keeping any text fields that builder doesn't parse + map description = 2; + // index 3 reserved for WorkerConstraint in previous versions + // WorkerConstraint worker_constraint = 3; + ExportCache export_cache = 4; + + map caps = 5; + + ProgressGroup progress_group = 6; +} + +// Source is a source mapping description for a file +message Source { + map locations = 1; + repeated SourceInfo infos = 2; +} + +// Locations is a list of ranges with a index to its source map. +message Locations { + repeated Location locations = 1; +} + +// Source info contains the shared metadata of a source mapping +message SourceInfo { + string filename = 1; + bytes data = 2; + Definition definition = 3; + string language = 4; +} + +// Location defines list of areas in to source file +message Location { + int32 sourceIndex = 1; + repeated Range ranges = 2; +} + +// Range is an area in the source file +message Range { + Position start = 1; + Position end = 2; +} + +// Position is single location in a source file +message Position { + int32 line = 1; + int32 character = 2; +} + +message ExportCache { + bool Value = 1; +} + +message ProgressGroup { + string id = 1; + string name = 2; + bool weak = 3; +} + +message ProxyEnv { + string http_proxy = 1; + string https_proxy = 2; + string ftp_proxy = 3; + string no_proxy = 4; + string all_proxy = 5; +} + +// WorkerConstraints defines conditions for the worker +message WorkerConstraints { + repeated string filter = 1; // containerd-style filter +} + +// Definition is the LLB definition structure with per-vertex metadata entries +message Definition { + // def is a list of marshaled Op messages + repeated bytes def = 1; + // metadata contains metadata for the each of the Op messages. + // A key must be an LLB op digest string. Currently, empty string is not expected as a key, but it may change in the future. + map metadata = 2; + // Source contains the source mapping information for the vertexes in the definition + Source Source = 3; +} + +message FileOp { + repeated FileAction actions = 2; +} + +message FileAction { + // changes to this structure must be represented in json.go. + int64 input = 1; // could be real input or target (target index + max input index) + int64 secondaryInput = 2; // --//-- + int64 output = 3; + oneof action { + // FileActionCopy copies files from secondaryInput on top of input + FileActionCopy copy = 4; + // FileActionMkFile creates a new file + FileActionMkFile mkfile = 5; + // FileActionMkDir creates a new directory + FileActionMkDir mkdir = 6; + // FileActionRm removes a file + FileActionRm rm = 7; + // FileActionSymlink creates a symlink + FileActionSymlink symlink = 8; + } +} + +message FileActionCopy { + // src is the source path + string src = 1; + // dest path + string dest = 2; + // optional owner override + ChownOpt owner = 3; + // optional permission bits override + int32 mode = 4; + // followSymlink resolves symlinks in src + bool followSymlink = 5; + // dirCopyContents only copies contents if src is a directory + bool dirCopyContents = 6; + // attemptUnpackDockerCompatibility detects if src is an archive to unpack it instead + bool attemptUnpackDockerCompatibility = 7; + // createDestPath creates dest path directories if needed + bool createDestPath = 8; + // allowWildcard allows filepath.Match wildcards in src path + bool allowWildcard = 9; + // allowEmptyWildcard doesn't fail the whole copy if wildcard doesn't resolve to files + bool allowEmptyWildcard = 10; + // optional created time override + int64 timestamp = 11; + // include only files/dirs matching at least one of these patterns + repeated string include_patterns = 12; + // exclude files/dir matching any of these patterns (even if they match an include pattern) + repeated string exclude_patterns = 13; + // alwaysReplaceExistingDestPaths results in an existing dest path that differs in type from the src path being replaced rather than the default of returning an error + bool alwaysReplaceExistingDestPaths = 14; + // mode in non-octal format + string modeStr = 15; + // required paths that must be included in the copy. This is only used when + // include_patterns has at least one pattern. + repeated string required_paths = 16; +} + +message FileActionMkFile { + // path for the new file + string path = 1; + // permission bits + int32 mode = 2; + // data is the new file contents + bytes data = 3; + // optional owner for the new file + ChownOpt owner = 4; + // optional created time override + int64 timestamp = 5; +} + +message FileActionSymlink { + // destination path for the new file representing the link + string oldpath = 1; + // source path for the link + string newpath = 2; + // optional owner for the new file + ChownOpt owner = 3; + // optional created time override + int64 timestamp = 4; +} + +message FileActionMkDir { + // path for the new directory + string path = 1; + // permission bits + int32 mode = 2; + // makeParents creates parent directories as well if needed + bool makeParents = 3; + // optional owner for the new directory + ChownOpt owner = 4; + // optional created time override + int64 timestamp = 5; +} + +message FileActionRm { + // path to remove + string path = 1; + // allowNotFound doesn't fail the rm if file is not found + bool allowNotFound = 2; + // allowWildcard allows filepath.Match wildcards in path + bool allowWildcard = 3; +} + +message ChownOpt { + UserOpt user = 1; + UserOpt group = 2; +} + +message UserOpt { + // changes to this structure must be represented in json.go. + oneof user { + NamedUserOpt byName = 1; + uint32 byID = 2; + } +} + +message NamedUserOpt { + string name = 1; + int64 input = 2; +} + +message MergeInput { + int64 input = 1; +} + +message MergeOp { + repeated MergeInput inputs = 1; +} + +message LowerDiffInput { + int64 input = 1; +} + +message UpperDiffInput { + int64 input = 1; +} + +message DiffOp { + LowerDiffInput lower = 1; + UpperDiffInput upper = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/pb/policy.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/pb/policy.proto new file mode 100644 index 0000000..ca3cac4 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/pb/policy.proto @@ -0,0 +1,66 @@ +syntax = "proto3"; + +package moby.buildkit.v1.sourcepolicy; + +option go_package = "github.com/moby/buildkit/sourcepolicy/pb;moby_buildkit_v1_sourcepolicy"; + +// Rule defines the action(s) to take when a source is matched +message Rule { + PolicyAction action = 1; + Selector selector = 2; + Update updates = 3; +} + +// Update contains updates to the matched build step after rule is applied +message Update { + string identifier = 1; + map attrs = 2; +} + +// Selector identifies a source to match a policy to +message Selector { + string identifier = 1; + // MatchType is the type of match to perform on the source identifier + MatchType match_type = 2; + repeated AttrConstraint constraints = 3; +} + +// PolicyAction defines the action to take when a source is matched +enum PolicyAction { + ALLOW = 0; + DENY = 1; + CONVERT = 2; +} + +// AttrConstraint defines a constraint on a source attribute +message AttrConstraint { + string key = 1; + string value = 2; + AttrMatch condition = 3; +} + +// AttrMatch defines the condition to match a source attribute +enum AttrMatch { + EQUAL = 0; + NOTEQUAL = 1; + MATCHES = 2; +} + +// Policy is the list of rules the policy engine will perform +message Policy { + int64 version = 1; // Currently 1 + repeated Rule rules = 2; +} + +// Match type is used to determine how a rule source is matched +enum MatchType { + // WILDCARD is the default matching type. + // It may first attempt to due an exact match but will follow up with a wildcard match + // For something more powerful, use REGEX + WILDCARD = 0; + // EXACT treats the source identifier as a litteral string match + EXACT = 1; + // REGEX treats the source identifier as a regular expression + // With regex matching you can also use match groups to replace values in the destination identifier + REGEX = 2; +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/policysession/policysession.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/policysession/policysession.proto new file mode 100644 index 0000000..209a124 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/policysession/policysession.proto @@ -0,0 +1,36 @@ +syntax = "proto3"; + +package moby.buildkit.v1.sourcepolicy.policysession; + +option go_package = "github.com/moby/buildkit/sourcepolicy/policysession"; + +import "github.com/moby/buildkit/frontend/gateway/pb/gateway.proto"; +import "github.com/moby/buildkit/solver/pb/ops.proto"; +import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto"; + +service PolicyVerifier { + rpc CheckPolicy(CheckPolicyRequest) returns (CheckPolicyResponse); +} + +message CheckPolicyRequest { + pb.Platform Platform = 1; + moby.buildkit.v1.frontend.ResolveSourceMetaResponse Source = 2; + map caps = 3; +} + +message CheckPolicyResponse { + oneof result { + DecisionResponse decision = 1; + moby.buildkit.v1.frontend.ResolveSourceMetaRequest request = 2; + } +} + +message DecisionResponse { + moby.buildkit.v1.sourcepolicy.PolicyAction action = 1; + repeated DenyMessage denyMessages = 2; + pb.SourceOp update = 3; +} + +message DenyMessage { + string message = 1; +} \ No newline at end of file diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/apicaps/pb/caps.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/apicaps/pb/caps.proto new file mode 100644 index 0000000..7906d19 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/apicaps/pb/caps.proto @@ -0,0 +1,15 @@ +syntax = "proto3"; + +package moby.buildkit.v1.apicaps; + +option go_package = "github.com/moby/buildkit/util/apicaps/pb;moby_buildkit_v1_apicaps"; + +// APICap defines a capability supported by the service +message APICap { + string ID = 1; + bool Enabled = 2; + bool Deprecated = 3; // Unused. May be used for warnings in the future + string DisabledReason = 4; // Reason key for detection code + string DisabledReasonMsg = 5; // Message to the user + string DisabledAlternative = 6; // Identifier that updated client could catch. +} diff --git a/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/stack/stack.proto b/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/stack/stack.proto new file mode 100644 index 0000000..aec8c55 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/moby/buildkit/util/stack/stack.proto @@ -0,0 +1,19 @@ +syntax = "proto3"; + +package stack; + +option go_package = "github.com/moby/buildkit/util/stack"; + +message Stack { + repeated Frame frames = 1; + repeated string cmdline = 2; + int32 pid = 3; + string version = 4; + string revision = 5; +} + +message Frame { + string Name = 1; + string File = 2; + int32 Line = 3; +} diff --git a/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil b/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil deleted file mode 120000 index 68ba7b6..0000000 --- a/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil +++ /dev/null @@ -1 +0,0 @@ -/Users/sienna/Development/sunbeam/wfe/wfe-buildkit-protos/vendor/buildkit/vendor/github.com/tonistiigi/fsutil \ No newline at end of file diff --git a/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/stat.proto b/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/stat.proto new file mode 100644 index 0000000..417ffb8 --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/stat.proto @@ -0,0 +1,21 @@ +syntax = "proto3"; + +package fsutil.types; + +option go_package = "github.com/tonistiigi/fsutil/types"; + +import "github.com/planetscale/vtprotobuf/vtproto/ext.proto"; + +message Stat { + string path = 1; + uint32 mode = 2; + uint32 uid = 3; + uint32 gid = 4; + int64 size = 5; + int64 modTime = 6; + // int32 typeflag = 7; + string linkname = 7; + int64 devmajor = 8; + int64 devminor = 9; + map xattrs = 10; +} diff --git a/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/wire.proto b/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/wire.proto new file mode 100644 index 0000000..470050b --- /dev/null +++ b/wfe-buildkit-protos/proto/github.com/tonistiigi/fsutil/types/wire.proto @@ -0,0 +1,23 @@ +syntax = "proto3"; + +package fsutil.types; + +option go_package = "github.com/tonistiigi/fsutil/types"; + +import "github.com/planetscale/vtprotobuf/vtproto/ext.proto"; +import "github.com/tonistiigi/fsutil/types/stat.proto"; + +message Packet { + option (vtproto.mempool) = true; + enum PacketType { + PACKET_STAT = 0; + PACKET_REQ = 1; + PACKET_DATA = 2; + PACKET_FIN = 3; + PACKET_ERR = 4; + } + PacketType type = 1; + Stat stat = 2; + uint32 ID = 3; + bytes data = 4; +} diff --git a/wfe-buildkit-protos/vendor/buildkit b/wfe-buildkit-protos/vendor/buildkit deleted file mode 160000 index 7ea9fa1..0000000 --- a/wfe-buildkit-protos/vendor/buildkit +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 7ea9fa1c7cd9eacf8551661793191f2aac09863d diff --git a/wfe-containerd-protos/build.rs b/wfe-containerd-protos/build.rs index 973a83e..4b8fec2 100644 --- a/wfe-containerd-protos/build.rs +++ b/wfe-containerd-protos/build.rs @@ -1,7 +1,7 @@ use std::path::PathBuf; fn main() -> Result<(), Box> { - let api_dir = PathBuf::from("vendor/containerd/api"); + let api_dir = PathBuf::from("proto/api"); // Collect all .proto files, excluding internal runtime shim protos let proto_files: Vec = walkdir(&api_dir)? diff --git a/wfe-containerd-protos/proto/api/events/container.proto b/wfe-containerd-protos/proto/api/events/container.proto new file mode 100644 index 0000000..6592c49 --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/container.proto @@ -0,0 +1,46 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/any.proto"; +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ContainerCreate { + string id = 1; + string image = 2; + message Runtime { + string name = 1; + google.protobuf.Any options = 2; + } + Runtime runtime = 3; +} + +message ContainerUpdate { + string id = 1; + string image = 2; + map labels = 3; + string snapshot_key = 4; +} + +message ContainerDelete { + string id = 1; +} diff --git a/wfe-containerd-protos/proto/api/events/content.proto b/wfe-containerd-protos/proto/api/events/content.proto new file mode 100644 index 0000000..13e4d7f --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/content.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ContentCreate { + string digest = 1; + int64 size = 2; +} + +message ContentDelete { + string digest = 1; +} diff --git a/wfe-containerd-protos/proto/api/events/image.proto b/wfe-containerd-protos/proto/api/events/image.proto new file mode 100644 index 0000000..a6baeb6 --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/image.proto @@ -0,0 +1,38 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.images.v1; + +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message ImageCreate { + string name = 1; + map labels = 2; +} + +message ImageUpdate { + string name = 1; + map labels = 2; +} + +message ImageDelete { + string name = 1; +} diff --git a/wfe-containerd-protos/proto/api/events/namespace.proto b/wfe-containerd-protos/proto/api/events/namespace.proto new file mode 100644 index 0000000..89a3d20 --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/namespace.proto @@ -0,0 +1,38 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message NamespaceCreate { + string name = 1; + map labels = 2; +} + +message NamespaceUpdate { + string name = 1; + map labels = 2; +} + +message NamespaceDelete { + string name = 1; +} diff --git a/wfe-containerd-protos/proto/api/events/sandbox.proto b/wfe-containerd-protos/proto/api/events/sandbox.proto new file mode 100644 index 0000000..f70fa7e --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/sandbox.proto @@ -0,0 +1,37 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; + +message SandboxCreate { + string sandbox_id = 1; +} + +message SandboxStart { + string sandbox_id = 1; +} + +message SandboxExit { + string sandbox_id = 1; + uint32 exit_status = 2; + google.protobuf.Timestamp exited_at = 3; +} diff --git a/wfe-containerd-protos/proto/api/events/snapshot.proto b/wfe-containerd-protos/proto/api/events/snapshot.proto new file mode 100644 index 0000000..75be997 --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/snapshot.proto @@ -0,0 +1,41 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message SnapshotPrepare { + string key = 1; + string parent = 2; + string snapshotter = 5; +} + +message SnapshotCommit { + string key = 1; + string name = 2; + string snapshotter = 5; +} + +message SnapshotRemove { + string key = 1; + string snapshotter = 5; +} diff --git a/wfe-containerd-protos/proto/api/events/task.proto b/wfe-containerd-protos/proto/api/events/task.proto new file mode 100644 index 0000000..90c5593 --- /dev/null +++ b/wfe-containerd-protos/proto/api/events/task.proto @@ -0,0 +1,93 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.events; + +import "google/protobuf/timestamp.proto"; +import "types/fieldpath.proto"; +import "types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/events;events"; +option (containerd.types.fieldpath_all) = true; + +message TaskCreate { + string container_id = 1; + string bundle = 2; + repeated containerd.types.Mount rootfs = 3; + TaskIO io = 4; + string checkpoint = 5; + uint32 pid = 6; +} + +message TaskStart { + string container_id = 1; + uint32 pid = 2; +} + +message TaskDelete { + string container_id = 1; + uint32 pid = 2; + uint32 exit_status = 3; + google.protobuf.Timestamp exited_at = 4; + // id is the specific exec. By default if omitted will be `""` thus matches + // the init exec of the task matching `container_id`. + string id = 5; +} + +message TaskIO { + string stdin = 1; + string stdout = 2; + string stderr = 3; + bool terminal = 4; +} + +message TaskExit { + string container_id = 1; + string id = 2; + uint32 pid = 3; + uint32 exit_status = 4; + google.protobuf.Timestamp exited_at = 5; +} + +message TaskOOM { + string container_id = 1; +} + +message TaskExecAdded { + string container_id = 1; + string exec_id = 2; +} + +message TaskExecStarted { + string container_id = 1; + string exec_id = 2; + uint32 pid = 3; +} + +message TaskPaused { + string container_id = 1; +} + +message TaskResumed { + string container_id = 1; +} + +message TaskCheckpointed { + string container_id = 1; + string checkpoint = 2; +} diff --git a/wfe-containerd-protos/proto/api/runtime/sandbox/v1/sandbox.proto b/wfe-containerd-protos/proto/api/runtime/sandbox/v1/sandbox.proto new file mode 100644 index 0000000..9130c75 --- /dev/null +++ b/wfe-containerd-protos/proto/api/runtime/sandbox/v1/sandbox.proto @@ -0,0 +1,149 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.runtime.sandbox.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; +import "types/metrics.proto"; +import "types/mount.proto"; +import "types/platform.proto"; + +option go_package = "github.com/containerd/containerd/api/runtime/sandbox/v1;sandbox"; + +// Sandbox is an optional interface that shim may implement to support sandboxes environments. +// A typical example of sandbox is microVM or pause container - an entity that groups containers and/or +// holds resources relevant for this group. +service Sandbox { + // CreateSandbox will be called right after sandbox shim instance launched. + // It is a good place to initialize sandbox environment. + rpc CreateSandbox(CreateSandboxRequest) returns (CreateSandboxResponse); + + // StartSandbox will start a previously created sandbox. + rpc StartSandbox(StartSandboxRequest) returns (StartSandboxResponse); + + // Platform queries the platform the sandbox is going to run containers on. + // containerd will use this to generate a proper OCI spec. + rpc Platform(PlatformRequest) returns (PlatformResponse); + + // StopSandbox will stop existing sandbox instance + rpc StopSandbox(StopSandboxRequest) returns (StopSandboxResponse); + + // WaitSandbox blocks until sandbox exits. + rpc WaitSandbox(WaitSandboxRequest) returns (WaitSandboxResponse); + + // SandboxStatus will return current status of the running sandbox instance + rpc SandboxStatus(SandboxStatusRequest) returns (SandboxStatusResponse); + + // PingSandbox is a lightweight API call to check whether sandbox alive. + rpc PingSandbox(PingRequest) returns (PingResponse); + + // ShutdownSandbox must shutdown shim instance. + rpc ShutdownSandbox(ShutdownSandboxRequest) returns (ShutdownSandboxResponse); + + // SandboxMetrics retrieves metrics about a sandbox instance. + rpc SandboxMetrics(SandboxMetricsRequest) returns (SandboxMetricsResponse); +} + +message CreateSandboxRequest { + string sandbox_id = 1; + string bundle_path = 2; + repeated containerd.types.Mount rootfs = 3; + google.protobuf.Any options = 4; + string netns_path = 5; + map annotations = 6; +} + +message CreateSandboxResponse {} + +message StartSandboxRequest { + string sandbox_id = 1; +} + +message StartSandboxResponse { + uint32 pid = 1; + google.protobuf.Timestamp created_at = 2; + google.protobuf.Any spec = 3; +} + +message PlatformRequest { + string sandbox_id = 1; +} + +message PlatformResponse { + containerd.types.Platform platform = 1; +} + +message StopSandboxRequest { + string sandbox_id = 1; + uint32 timeout_secs = 2; +} + +message StopSandboxResponse {} + +message UpdateSandboxRequest { + string sandbox_id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message WaitSandboxRequest { + string sandbox_id = 1; +} + +message WaitSandboxResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message UpdateSandboxResponse {} + +message SandboxStatusRequest { + string sandbox_id = 1; + bool verbose = 2; +} + +message SandboxStatusResponse { + string sandbox_id = 1; + uint32 pid = 2; + string state = 3; + map info = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp exited_at = 6; + google.protobuf.Any extra = 7; +} + +message PingRequest { + string sandbox_id = 1; +} + +message PingResponse {} + +message ShutdownSandboxRequest { + string sandbox_id = 1; +} + +message ShutdownSandboxResponse {} + +message SandboxMetricsRequest { + string sandbox_id = 1; +} + +message SandboxMetricsResponse { + containerd.types.Metric metrics = 1; +} diff --git a/wfe-containerd-protos/proto/api/runtime/task/v2/shim.proto b/wfe-containerd-protos/proto/api/runtime/task/v2/shim.proto new file mode 100644 index 0000000..6d9c36e --- /dev/null +++ b/wfe-containerd-protos/proto/api/runtime/task/v2/shim.proto @@ -0,0 +1,200 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.task.v2; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; +import "types/mount.proto"; +import "types/task/task.proto"; + +option go_package = "github.com/containerd/containerd/api/runtime/task/v2;task"; + +// Shim service is launched for each container and is responsible for owning the IO +// for the container and its additional processes. The shim is also the parent of +// each container and allows reattaching to the IO and receiving the exit status +// for the container processes. +service Task { + rpc State(StateRequest) returns (StateResponse); + rpc Create(CreateTaskRequest) returns (CreateTaskResponse); + rpc Start(StartRequest) returns (StartResponse); + rpc Delete(DeleteRequest) returns (DeleteResponse); + rpc Pids(PidsRequest) returns (PidsResponse); + rpc Pause(PauseRequest) returns (google.protobuf.Empty); + rpc Resume(ResumeRequest) returns (google.protobuf.Empty); + rpc Checkpoint(CheckpointTaskRequest) returns (google.protobuf.Empty); + rpc Kill(KillRequest) returns (google.protobuf.Empty); + rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); + rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); + rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); + rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); + rpc Wait(WaitRequest) returns (WaitResponse); + rpc Stats(StatsRequest) returns (StatsResponse); + rpc Connect(ConnectRequest) returns (ConnectResponse); + rpc Shutdown(ShutdownRequest) returns (google.protobuf.Empty); +} + +message CreateTaskRequest { + string id = 1; + string bundle = 2; + repeated containerd.types.Mount rootfs = 3; + bool terminal = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + string checkpoint = 8; + string parent_checkpoint = 9; + google.protobuf.Any options = 10; +} + +message CreateTaskResponse { + uint32 pid = 1; +} + +message DeleteRequest { + string id = 1; + string exec_id = 2; +} + +message DeleteResponse { + uint32 pid = 1; + uint32 exit_status = 2; + google.protobuf.Timestamp exited_at = 3; +} + +message ExecProcessRequest { + string id = 1; + string exec_id = 2; + bool terminal = 3; + string stdin = 4; + string stdout = 5; + string stderr = 6; + google.protobuf.Any spec = 7; +} + +message ExecProcessResponse {} + +message ResizePtyRequest { + string id = 1; + string exec_id = 2; + uint32 width = 3; + uint32 height = 4; +} + +message StateRequest { + string id = 1; + string exec_id = 2; +} + +message StateResponse { + string id = 1; + string bundle = 2; + uint32 pid = 3; + containerd.v1.types.Status status = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + bool terminal = 8; + uint32 exit_status = 9; + google.protobuf.Timestamp exited_at = 10; + string exec_id = 11; +} + +message KillRequest { + string id = 1; + string exec_id = 2; + uint32 signal = 3; + bool all = 4; +} + +message CloseIORequest { + string id = 1; + string exec_id = 2; + bool stdin = 3; +} + +message PidsRequest { + string id = 1; +} + +message PidsResponse { + repeated containerd.v1.types.ProcessInfo processes = 1; +} + +message CheckpointTaskRequest { + string id = 1; + string path = 2; + google.protobuf.Any options = 3; +} + +message UpdateTaskRequest { + string id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message StartRequest { + string id = 1; + string exec_id = 2; +} + +message StartResponse { + uint32 pid = 1; +} + +message WaitRequest { + string id = 1; + string exec_id = 2; +} + +message WaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message StatsRequest { + string id = 1; +} + +message StatsResponse { + google.protobuf.Any stats = 1; +} + +message ConnectRequest { + string id = 1; +} + +message ConnectResponse { + uint32 shim_pid = 1; + uint32 task_pid = 2; + string version = 3; +} + +message ShutdownRequest { + string id = 1; + bool now = 2; +} + +message PauseRequest { + string id = 1; +} + +message ResumeRequest { + string id = 1; +} diff --git a/wfe-containerd-protos/proto/api/runtime/task/v3/shim.proto b/wfe-containerd-protos/proto/api/runtime/task/v3/shim.proto new file mode 100644 index 0000000..2dffd52 --- /dev/null +++ b/wfe-containerd-protos/proto/api/runtime/task/v3/shim.proto @@ -0,0 +1,200 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.task.v3; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; +import "types/mount.proto"; +import "types/task/task.proto"; + +option go_package = "github.com/containerd/containerd/api/runtime/task/v3;task"; + +// Shim service is launched for each container and is responsible for owning the IO +// for the container and its additional processes. The shim is also the parent of +// each container and allows reattaching to the IO and receiving the exit status +// for the container processes. +service Task { + rpc State(StateRequest) returns (StateResponse); + rpc Create(CreateTaskRequest) returns (CreateTaskResponse); + rpc Start(StartRequest) returns (StartResponse); + rpc Delete(DeleteRequest) returns (DeleteResponse); + rpc Pids(PidsRequest) returns (PidsResponse); + rpc Pause(PauseRequest) returns (google.protobuf.Empty); + rpc Resume(ResumeRequest) returns (google.protobuf.Empty); + rpc Checkpoint(CheckpointTaskRequest) returns (google.protobuf.Empty); + rpc Kill(KillRequest) returns (google.protobuf.Empty); + rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); + rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); + rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); + rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); + rpc Wait(WaitRequest) returns (WaitResponse); + rpc Stats(StatsRequest) returns (StatsResponse); + rpc Connect(ConnectRequest) returns (ConnectResponse); + rpc Shutdown(ShutdownRequest) returns (google.protobuf.Empty); +} + +message CreateTaskRequest { + string id = 1; + string bundle = 2; + repeated containerd.types.Mount rootfs = 3; + bool terminal = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + string checkpoint = 8; + string parent_checkpoint = 9; + google.protobuf.Any options = 10; +} + +message CreateTaskResponse { + uint32 pid = 1; +} + +message DeleteRequest { + string id = 1; + string exec_id = 2; +} + +message DeleteResponse { + uint32 pid = 1; + uint32 exit_status = 2; + google.protobuf.Timestamp exited_at = 3; +} + +message ExecProcessRequest { + string id = 1; + string exec_id = 2; + bool terminal = 3; + string stdin = 4; + string stdout = 5; + string stderr = 6; + google.protobuf.Any spec = 7; +} + +message ExecProcessResponse {} + +message ResizePtyRequest { + string id = 1; + string exec_id = 2; + uint32 width = 3; + uint32 height = 4; +} + +message StateRequest { + string id = 1; + string exec_id = 2; +} + +message StateResponse { + string id = 1; + string bundle = 2; + uint32 pid = 3; + containerd.v1.types.Status status = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + bool terminal = 8; + uint32 exit_status = 9; + google.protobuf.Timestamp exited_at = 10; + string exec_id = 11; +} + +message KillRequest { + string id = 1; + string exec_id = 2; + uint32 signal = 3; + bool all = 4; +} + +message CloseIORequest { + string id = 1; + string exec_id = 2; + bool stdin = 3; +} + +message PidsRequest { + string id = 1; +} + +message PidsResponse { + repeated containerd.v1.types.ProcessInfo processes = 1; +} + +message CheckpointTaskRequest { + string id = 1; + string path = 2; + google.protobuf.Any options = 3; +} + +message UpdateTaskRequest { + string id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message StartRequest { + string id = 1; + string exec_id = 2; +} + +message StartResponse { + uint32 pid = 1; +} + +message WaitRequest { + string id = 1; + string exec_id = 2; +} + +message WaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message StatsRequest { + string id = 1; +} + +message StatsResponse { + google.protobuf.Any stats = 1; +} + +message ConnectRequest { + string id = 1; +} + +message ConnectResponse { + uint32 shim_pid = 1; + uint32 task_pid = 2; + string version = 3; +} + +message ShutdownRequest { + string id = 1; + bool now = 2; +} + +message PauseRequest { + string id = 1; +} + +message ResumeRequest { + string id = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/containers/v1/containers.proto b/wfe-containerd-protos/proto/api/services/containers/v1/containers.proto new file mode 100644 index 0000000..d2460bf --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/containers/v1/containers.proto @@ -0,0 +1,181 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.containers.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/containers/v1;containers"; + +// Containers provides metadata storage for containers used in the execution +// service. +// +// The objects here provide an state-independent view of containers for use in +// management and resource pinning. From that perspective, containers do not +// have a "state" but rather this is the set of resources that will be +// considered in use by the container. +// +// From the perspective of the execution service, these objects represent the +// base parameters for creating a container process. +// +// In general, when looking to add fields for this type, first ask yourself +// whether or not the function of the field has to do with runtime execution or +// is invariant of the runtime state of the container. If it has to do with +// runtime, or changes as the "container" is started and stops, it probably +// doesn't belong on this object. +service Containers { + rpc Get(GetContainerRequest) returns (GetContainerResponse); + rpc List(ListContainersRequest) returns (ListContainersResponse); + rpc ListStream(ListContainersRequest) returns (stream ListContainerMessage); + rpc Create(CreateContainerRequest) returns (CreateContainerResponse); + rpc Update(UpdateContainerRequest) returns (UpdateContainerResponse); + rpc Delete(DeleteContainerRequest) returns (google.protobuf.Empty); +} + +message Container { + // ID is the user-specified identifier. + // + // This field may not be updated. + string id = 1; + + // Labels provides an area to include arbitrary data on containers. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + // + // Note that to add a new value to this field, read the existing set and + // include the entire result in the update call. + map labels = 2; + + // Image contains the reference of the image used to build the + // specification and snapshots for running this container. + // + // If this field is updated, the spec and rootfs needed to updated, as well. + string image = 3; + + message Runtime { + // Name is the name of the runtime. + string name = 1; + // Options specify additional runtime initialization options. + google.protobuf.Any options = 2; + } + // Runtime specifies which runtime to use for executing this container. + Runtime runtime = 4; + + // Spec to be used when creating the container. This is runtime specific. + google.protobuf.Any spec = 5; + + // Snapshotter specifies the snapshotter name used for rootfs + string snapshotter = 6; + + // SnapshotKey specifies the snapshot key to use for the container's root + // filesystem. When starting a task from this container, a caller should + // look up the mounts from the snapshot service and include those on the + // task create request. + // + // Snapshots referenced in this field will not be garbage collected. + // + // This field is set to empty when the rootfs is not a snapshot. + // + // This field may be updated. + string snapshot_key = 7; + + // CreatedAt is the time the container was first created. + google.protobuf.Timestamp created_at = 8; + + // UpdatedAt is the last time the container was mutated. + google.protobuf.Timestamp updated_at = 9; + + // Extensions allow clients to provide zero or more blobs that are directly + // associated with the container. One may provide protobuf, json, or other + // encoding formats. The primary use of this is to further decorate the + // container object with fields that may be specific to a client integration. + // + // The key portion of this map should identify a "name" for the extension + // that should be unique against other extensions. When updating extension + // data, one should only update the specified extension using field paths + // to select a specific map key. + map extensions = 10; + + // Sandbox ID this container belongs to. + string sandbox = 11; +} + +message GetContainerRequest { + string id = 1; +} + +message GetContainerResponse { + Container container = 1; +} + +message ListContainersRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, containers that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListContainersResponse { + repeated Container containers = 1; +} + +message CreateContainerRequest { + Container container = 1; +} + +message CreateContainerResponse { + Container container = 1; +} + +// UpdateContainerRequest updates the metadata on one or more container. +// +// The operation should follow semantics described in +// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask, +// unless otherwise qualified. +message UpdateContainerRequest { + // Container provides the target values, as declared by the mask, for the update. + // + // The ID field must be set. + Container container = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateContainerResponse { + Container container = 1; +} + +message DeleteContainerRequest { + string id = 1; +} + +message ListContainerMessage { + Container container = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/content/v1/content.proto b/wfe-containerd-protos/proto/api/services/content/v1/content.proto new file mode 100644 index 0000000..7e11305 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/content/v1/content.proto @@ -0,0 +1,329 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.content.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/content/v1;content"; + +// Content provides access to a content addressable storage system. +service Content { + // Info returns information about a committed object. + // + // This call can be used for getting the size of content and checking for + // existence. + rpc Info(InfoRequest) returns (InfoResponse); + + // Update updates content metadata. + // + // This call can be used to manage the mutable content labels. The + // immutable metadata such as digest, size, and committed at cannot + // be updated. + rpc Update(UpdateRequest) returns (UpdateResponse); + + // List streams the entire set of content as Info objects and closes the + // stream. + // + // Typically, this will yield a large response, chunked into messages. + // Clients should make provisions to ensure they can handle the entire data + // set. + rpc List(ListContentRequest) returns (stream ListContentResponse); + + // Delete will delete the referenced object. + rpc Delete(DeleteContentRequest) returns (google.protobuf.Empty); + + // Read allows one to read an object based on the offset into the content. + // + // The requested data may be returned in one or more messages. + rpc Read(ReadContentRequest) returns (stream ReadContentResponse); + + // Status returns the status for a single reference. + rpc Status(StatusRequest) returns (StatusResponse); + + // ListStatuses returns the status of ongoing object ingestions, started via + // Write. + // + // Only those matching the regular expression will be provided in the + // response. If the provided regular expression is empty, all ingestions + // will be provided. + rpc ListStatuses(ListStatusesRequest) returns (ListStatusesResponse); + + // Write begins or resumes writes to a resource identified by a unique ref. + // Only one active stream may exist at a time for each ref. + // + // Once a write stream has started, it may only write to a single ref, thus + // once a stream is started, the ref may be omitted on subsequent writes. + // + // For any write transaction represented by a ref, only a single write may + // be made to a given offset. If overlapping writes occur, it is an error. + // Writes should be sequential and implementations may throw an error if + // this is required. + // + // If expected_digest is set and already part of the content store, the + // write will fail. + // + // When completed, the commit flag should be set to true. If expected size + // or digest is set, the content will be validated against those values. + rpc Write(stream WriteContentRequest) returns (stream WriteContentResponse); + + // Abort cancels the ongoing write named in the request. Any resources + // associated with the write will be collected. + rpc Abort(AbortRequest) returns (google.protobuf.Empty); +} + +message Info { + // Digest is the hash identity of the blob. + string digest = 1; + + // Size is the total number of bytes in the blob. + int64 size = 2; + + // CreatedAt provides the time at which the blob was committed. + google.protobuf.Timestamp created_at = 3; + + // UpdatedAt provides the time the info was last updated. + google.protobuf.Timestamp updated_at = 4; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 5; +} + +message InfoRequest { + string digest = 1; +} + +message InfoResponse { + Info info = 1; +} + +message UpdateRequest { + Info info = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // In info, Digest, Size, and CreatedAt are immutable, + // other field may be updated using this mask. + // If no mask is provided, all mutable field are updated. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateResponse { + Info info = 1; +} + +message ListContentRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, containers that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListContentResponse { + repeated Info info = 1; +} + +message DeleteContentRequest { + // Digest specifies which content to delete. + string digest = 1; +} + +// ReadContentRequest defines the fields that make up a request to read a portion of +// data from a stored object. +message ReadContentRequest { + // Digest is the hash identity to read. + string digest = 1; + + // Offset specifies the number of bytes from the start at which to begin + // the read. If zero or less, the read will be from the start. This uses + // standard zero-indexed semantics. + int64 offset = 2; + + // size is the total size of the read. If zero, the entire blob will be + // returned by the service. + int64 size = 3; +} + +// ReadContentResponse carries byte data for a read request. +message ReadContentResponse { + int64 offset = 1; // offset of the returned data + bytes data = 2; // actual data +} + +message Status { + google.protobuf.Timestamp started_at = 1; + google.protobuf.Timestamp updated_at = 2; + string ref = 3; + int64 offset = 4; + int64 total = 5; + string expected = 6; +} + +message StatusRequest { + string ref = 1; +} + +message StatusResponse { + Status status = 1; +} + +message ListStatusesRequest { + repeated string filters = 1; +} + +message ListStatusesResponse { + repeated Status statuses = 1; +} + +// WriteAction defines the behavior of a WriteRequest. +enum WriteAction { + // WriteActionStat instructs the writer to return the current status while + // holding the lock on the write. + STAT = 0; + + // WriteActionWrite sets the action for the write request to write data. + // + // Any data included will be written at the provided offset. The + // transaction will be left open for further writes. + // + // This is the default. + WRITE = 1; + + // WriteActionCommit will write any outstanding data in the message and + // commit the write, storing it under the digest. + // + // This can be used in a single message to send the data, verify it and + // commit it. + // + // This action will always terminate the write. + COMMIT = 2; +} + +// WriteContentRequest writes data to the request ref at offset. +message WriteContentRequest { + // Action sets the behavior of the write. + // + // When this is a write and the ref is not yet allocated, the ref will be + // allocated and the data will be written at offset. + // + // If the action is write and the ref is allocated, it will accept data to + // an offset that has not yet been written. + // + // If the action is write and there is no data, the current write status + // will be returned. This works differently from status because the stream + // holds a lock. + WriteAction action = 1; + + // Ref identifies the pre-commit object to write to. + string ref = 2; + + // Total can be set to have the service validate the total size of the + // committed content. + // + // The latest value before or with the commit action message will be use to + // validate the content. If the offset overflows total, the service may + // report an error. It is only required on one message for the write. + // + // If the value is zero or less, no validation of the final content will be + // performed. + int64 total = 3; + + // Expected can be set to have the service validate the final content against + // the provided digest. + // + // If the digest is already present in the object store, an AlreadyExists + // error will be returned. + // + // Only the latest version will be used to check the content against the + // digest. It is only required to include it on a single message, before or + // with the commit action message. + string expected = 4; + + // Offset specifies the number of bytes from the start at which to begin + // the write. For most implementations, this means from the start of the + // file. This uses standard, zero-indexed semantics. + // + // If the action is write, the remote may remove all previously written + // data after the offset. Implementations may support arbitrary offsets but + // MUST support reseting this value to zero with a write. If an + // implementation does not support a write at a particular offset, an + // OutOfRange error must be returned. + int64 offset = 5; + + // Data is the actual bytes to be written. + // + // If this is empty and the message is not a commit, a response will be + // returned with the current write state. + bytes data = 6; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 7; +} + +// WriteContentResponse is returned on the culmination of a write call. +message WriteContentResponse { + // Action contains the action for the final message of the stream. A writer + // should confirm that they match the intended result. + WriteAction action = 1; + + // StartedAt provides the time at which the write began. + // + // This must be set for stat and commit write actions. All other write + // actions may omit this. + google.protobuf.Timestamp started_at = 2; + + // UpdatedAt provides the last time of a successful write. + // + // This must be set for stat and commit write actions. All other write + // actions may omit this. + google.protobuf.Timestamp updated_at = 3; + + // Offset is the current committed size for the write. + int64 offset = 4; + + // Total provides the current, expected total size of the write. + // + // We include this to provide consistency with the Status structure on the + // client writer. + // + // This is only valid on the Stat and Commit response. + int64 total = 5; + + // Digest, if present, includes the digest up to the currently committed + // bytes. If action is commit, this field will be set. It is implementation + // defined if this is set for other actions. + string digest = 6; +} + +message AbortRequest { + string ref = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/diff/v1/diff.proto b/wfe-containerd-protos/proto/api/services/diff/v1/diff.proto new file mode 100644 index 0000000..53c6aa2 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/diff/v1/diff.proto @@ -0,0 +1,90 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.diff.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; +import "types/descriptor.proto"; +import "types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/services/diff/v1;diff"; + +// Diff service creates and applies diffs +service Diff { + // Apply applies the content associated with the provided digests onto + // the provided mounts. Archive content will be extracted and + // decompressed if necessary. + rpc Apply(ApplyRequest) returns (ApplyResponse); + + // Diff creates a diff between the given mounts and uploads the result + // to the content store. + rpc Diff(DiffRequest) returns (DiffResponse); +} + +message ApplyRequest { + // Diff is the descriptor of the diff to be extracted + containerd.types.Descriptor diff = 1; + + repeated containerd.types.Mount mounts = 2; + + map payloads = 3; + // SyncFs is to synchronize the underlying filesystem containing files. + bool sync_fs = 4; +} + +message ApplyResponse { + // Applied is the descriptor for the object which was applied. + // If the input was a compressed blob then the result will be + // the descriptor for the uncompressed blob. + containerd.types.Descriptor applied = 1; +} + +message DiffRequest { + // Left are the mounts which represent the older copy + // in which is the base of the computed changes. + repeated containerd.types.Mount left = 1; + + // Right are the mounts which represents the newer copy + // in which changes from the left were made into. + repeated containerd.types.Mount right = 2; + + // MediaType is the media type descriptor for the created diff + // object + string media_type = 3; + + // Ref identifies the pre-commit content store object. This + // reference can be used to get the status from the content store. + string ref = 4; + + // Labels are the labels to apply to the generated content + // on content store commit. + map labels = 5; + + // SourceDateEpoch specifies the timestamp used to provide control for reproducibility. + // See also https://reproducible-builds.org/docs/source-date-epoch/ . + // + // Since containerd v2.0, the whiteout timestamps are set to zero (1970-01-01), + // not to the source date epoch. + google.protobuf.Timestamp source_date_epoch = 6; +} + +message DiffResponse { + // Diff is the descriptor of the diff which can be applied + containerd.types.Descriptor diff = 3; +} diff --git a/wfe-containerd-protos/proto/api/services/events/v1/events.proto b/wfe-containerd-protos/proto/api/services/events/v1/events.proto new file mode 100644 index 0000000..a87da21 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/events/v1/events.proto @@ -0,0 +1,62 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.events.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "types/event.proto"; + +option go_package = "github.com/containerd/containerd/api/services/events/v1;events"; + +service Events { + // Publish an event to a topic. + // + // The event will be packed into a timestamp envelope with the namespace + // introspected from the context. The envelope will then be dispatched. + rpc Publish(PublishRequest) returns (google.protobuf.Empty); + + // Forward sends an event that has already been packaged into an envelope + // with a timestamp and namespace. + // + // This is useful if earlier timestamping is required or when forwarding on + // behalf of another component, namespace or publisher. + rpc Forward(ForwardRequest) returns (google.protobuf.Empty); + + // Subscribe to a stream of events, possibly returning only that match any + // of the provided filters. + // + // Unlike many other methods in containerd, subscribers will get messages + // from all namespaces unless otherwise specified. If this is not desired, + // a filter can be provided in the format 'namespace==' to + // restrict the received events. + rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope); +} + +message PublishRequest { + string topic = 1; + google.protobuf.Any event = 2; +} + +message ForwardRequest { + containerd.types.Envelope envelope = 1; +} + +message SubscribeRequest { + repeated string filters = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/images/v1/images.proto b/wfe-containerd-protos/proto/api/services/images/v1/images.proto new file mode 100644 index 0000000..19d1920 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/images/v1/images.proto @@ -0,0 +1,149 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.images.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "types/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/services/images/v1;images"; + +// Images is a service that allows one to register images with containerd. +// +// In containerd, an image is merely the mapping of a name to a content root, +// described by a descriptor. The behavior and state of image is purely +// dictated by the type of the descriptor. +// +// From the perspective of this service, these references are mostly shallow, +// in that the existence of the required content won't be validated until +// required by consuming services. +// +// As such, this can really be considered a "metadata service". +service Images { + // Get returns an image by name. + rpc Get(GetImageRequest) returns (GetImageResponse); + + // List returns a list of all images known to containerd. + rpc List(ListImagesRequest) returns (ListImagesResponse); + + // Create an image record in the metadata store. + // + // The name of the image must be unique. + rpc Create(CreateImageRequest) returns (CreateImageResponse); + + // Update assigns the name to a given target image based on the provided + // image. + rpc Update(UpdateImageRequest) returns (UpdateImageResponse); + + // Delete deletes the image by name. + rpc Delete(DeleteImageRequest) returns (google.protobuf.Empty); +} + +message Image { + // Name provides a unique name for the image. + // + // Containerd treats this as the primary identifier. + string name = 1; + + // Labels provides free form labels for the image. These are runtime only + // and do not get inherited into the package image in any way. + // + // Labels may be updated using the field mask. + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 2; + + // Target describes the content entry point of the image. + containerd.types.Descriptor target = 3; + + // CreatedAt is the time the image was first created. + google.protobuf.Timestamp created_at = 7; + + // UpdatedAt is the last time the image was mutated. + google.protobuf.Timestamp updated_at = 8; +} + +message GetImageRequest { + string name = 1; +} + +message GetImageResponse { + Image image = 1; +} + +message CreateImageRequest { + Image image = 1; + + google.protobuf.Timestamp source_date_epoch = 2; +} + +message CreateImageResponse { + Image image = 1; +} + +message UpdateImageRequest { + // Image provides a full or partial image for update. + // + // The name field must be set or an error will be returned. + Image image = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + google.protobuf.FieldMask update_mask = 2; + + google.protobuf.Timestamp source_date_epoch = 3; +} + +message UpdateImageResponse { + Image image = 1; +} + +message ListImagesRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, images that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message ListImagesResponse { + repeated Image images = 1; +} + +message DeleteImageRequest { + string name = 1; + + // Sync indicates that the delete and cleanup should be done + // synchronously before returning to the caller + // + // Default is false + bool sync = 2; + + // Target value for image to be deleted + // + // If image descriptor does not match the same digest, + // the delete operation will return "not found" error. + optional containerd.types.Descriptor target = 3; +} diff --git a/wfe-containerd-protos/proto/api/services/introspection/v1/introspection.proto b/wfe-containerd-protos/proto/api/services/introspection/v1/introspection.proto new file mode 100644 index 0000000..a012ac8 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/introspection/v1/introspection.proto @@ -0,0 +1,133 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.introspection.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; +import "google/rpc/status.proto"; +import "types/introspection.proto"; +import "types/platform.proto"; + +option go_package = "github.com/containerd/containerd/api/services/introspection/v1;introspection"; + +service Introspection { + // Plugins returns a list of plugins in containerd. + // + // Clients can use this to detect features and capabilities when using + // containerd. + rpc Plugins(PluginsRequest) returns (PluginsResponse); + // Server returns information about the containerd server + rpc Server(google.protobuf.Empty) returns (ServerResponse); + // PluginInfo returns information directly from a plugin if the plugin supports it + rpc PluginInfo(PluginInfoRequest) returns (PluginInfoResponse); +} + +message Plugin { + // Type defines the type of plugin. + // + // See package plugin for a list of possible values. Non core plugins may + // define their own values during registration. + string type = 1; + + // ID identifies the plugin uniquely in the system. + string id = 2; + + // Requires lists the plugin types required by this plugin. + repeated string requires = 3; + + // Platforms enumerates the platforms this plugin will support. + // + // If values are provided here, the plugin will only be operable under the + // provided platforms. + // + // If this is empty, the plugin will work across all platforms. + // + // If the plugin prefers certain platforms over others, they should be + // listed from most to least preferred. + repeated types.Platform platforms = 4; + + // Exports allows plugins to provide values about state or configuration to + // interested parties. + // + // One example is exposing the configured path of a snapshotter plugin. + map exports = 5; + + // Capabilities allows plugins to communicate feature switches to allow + // clients to detect features that may not be on be default or may be + // different from version to version. + // + // Use this sparingly. + repeated string capabilities = 6; + + // InitErr will be set if the plugin fails initialization. + // + // This means the plugin may have been registered but a non-terminal error + // was encountered during initialization. + // + // Plugins that have this value set cannot be used. + google.rpc.Status init_err = 7; +} + +message PluginsRequest { + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, plugins that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 1; +} + +message PluginsResponse { + repeated Plugin plugins = 1; +} + +message ServerResponse { + string uuid = 1; + uint64 pid = 2; + uint64 pidns = 3; // PID namespace, such as 4026531836 + repeated DeprecationWarning deprecations = 4; +} + +message DeprecationWarning { + string id = 1; + string message = 2; + google.protobuf.Timestamp last_occurrence = 3; +} + +message PluginInfoRequest { + string type = 1; + string id = 2; + + // Options may be used to request extra dynamic information from + // a plugin. + // This object is determined by the plugin and the plugin may return + // NotImplemented or InvalidArgument if it is not supported + google.protobuf.Any options = 3; +} + +message PluginInfoResponse { + Plugin plugin = 1; + google.protobuf.Any extra = 2; +} diff --git a/wfe-containerd-protos/proto/api/services/leases/v1/leases.proto b/wfe-containerd-protos/proto/api/services/leases/v1/leases.proto new file mode 100644 index 0000000..acfdbf3 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/leases/v1/leases.proto @@ -0,0 +1,116 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +syntax = "proto3"; + +package containerd.services.leases.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/services/leases/v1;leases"; + +// Leases service manages resources leases within the metadata store. +service Leases { + // Create creates a new lease for managing changes to metadata. A lease + // can be used to protect objects from being removed. + rpc Create(CreateRequest) returns (CreateResponse); + + // Delete deletes the lease and makes any unreferenced objects created + // during the lease eligible for garbage collection if not referenced + // or retained by other resources during the lease. + rpc Delete(DeleteRequest) returns (google.protobuf.Empty); + + // List lists all active leases, returning the full list of + // leases and optionally including the referenced resources. + rpc List(ListRequest) returns (ListResponse); + + // AddResource references the resource by the provided lease. + rpc AddResource(AddResourceRequest) returns (google.protobuf.Empty); + + // DeleteResource dereferences the resource by the provided lease. + rpc DeleteResource(DeleteResourceRequest) returns (google.protobuf.Empty); + + // ListResources lists all the resources referenced by the lease. + rpc ListResources(ListResourcesRequest) returns (ListResourcesResponse); +} + +// Lease is an object which retains resources while it exists. +message Lease { + string id = 1; + + google.protobuf.Timestamp created_at = 2; + + map labels = 3; +} + +message CreateRequest { + // ID is used to identity the lease, when the id is not set the service + // generates a random identifier for the lease. + string id = 1; + + map labels = 3; +} + +message CreateResponse { + Lease lease = 1; +} + +message DeleteRequest { + string id = 1; + + // Sync indicates that the delete and cleanup should be done + // synchronously before returning to the caller + // + // Default is false + bool sync = 2; +} + +message ListRequest { + repeated string filters = 1; +} + +message ListResponse { + repeated Lease leases = 1; +} + +message Resource { + string id = 1; + + // For snapshotter resource, there are many snapshotter types here, like + // overlayfs, devmapper etc. The type will be formatted with type, + // like "snapshotter/overlayfs". + string type = 2; +} + +message AddResourceRequest { + string id = 1; + + Resource resource = 2; +} + +message DeleteResourceRequest { + string id = 1; + + Resource resource = 2; +} + +message ListResourcesRequest { + string id = 1; +} + +message ListResourcesResponse { + repeated Resource resources = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/mounts/v1/mounts.proto b/wfe-containerd-protos/proto/api/services/mounts/v1/mounts.proto new file mode 100644 index 0000000..d731a91 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/mounts/v1/mounts.proto @@ -0,0 +1,77 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +syntax = "proto3"; + +package containerd.services.mounts.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/services/mounts/v1;mounts"; + +// Mounts service manages mounts +service Mounts { + rpc Activate(ActivateRequest) returns (ActivateResponse); + rpc Deactivate(DeactivateRequest) returns (google.protobuf.Empty); + rpc Info(InfoRequest) returns (InfoResponse); + rpc Update(UpdateRequest) returns (UpdateResponse); + rpc List(ListRequest) returns (stream ListMessage); +} + +message ActivateRequest { + string name = 1; + + repeated containerd.types.Mount mounts = 2; + + map labels = 3; + + bool temporary = 4; +} + +message ActivateResponse { + containerd.types.ActivationInfo info = 1; +} + +message DeactivateRequest { + string name = 1; +} + +message InfoRequest { + string name = 1; +} + +message InfoResponse { + containerd.types.ActivationInfo info = 1; +} + +message UpdateRequest { + containerd.types.ActivationInfo info = 1; + + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateResponse { + containerd.types.ActivationInfo info = 1; +} + +message ListRequest { + repeated string filters = 1; +} + +message ListMessage { + containerd.types.ActivationInfo info = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/namespaces/v1/namespace.proto b/wfe-containerd-protos/proto/api/services/namespaces/v1/namespace.proto new file mode 100644 index 0000000..f534875 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/namespaces/v1/namespace.proto @@ -0,0 +1,107 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.namespaces.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; + +option go_package = "github.com/containerd/containerd/api/services/namespaces/v1;namespaces"; + +// Namespaces provides the ability to manipulate containerd namespaces. +// +// All objects in the system are required to be a member of a namespace. If a +// namespace is deleted, all objects, including containers, images and +// snapshots, will be deleted, as well. +// +// Unless otherwise noted, operations in containerd apply only to the namespace +// supplied per request. +// +// I hope this goes without saying, but namespaces are themselves NOT +// namespaced. +service Namespaces { + rpc Get(GetNamespaceRequest) returns (GetNamespaceResponse); + rpc List(ListNamespacesRequest) returns (ListNamespacesResponse); + rpc Create(CreateNamespaceRequest) returns (CreateNamespaceResponse); + rpc Update(UpdateNamespaceRequest) returns (UpdateNamespaceResponse); + rpc Delete(DeleteNamespaceRequest) returns (google.protobuf.Empty); +} + +message Namespace { + string name = 1; + + // Labels provides an area to include arbitrary data on namespaces. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + // + // Note that to add a new value to this field, read the existing set and + // include the entire result in the update call. + map labels = 2; +} + +message GetNamespaceRequest { + string name = 1; +} + +message GetNamespaceResponse { + Namespace namespace = 1; +} + +message ListNamespacesRequest { + string filter = 1; +} + +message ListNamespacesResponse { + repeated Namespace namespaces = 1; +} + +message CreateNamespaceRequest { + Namespace namespace = 1; +} + +message CreateNamespaceResponse { + Namespace namespace = 1; +} + +// UpdateNamespaceRequest updates the metadata for a namespace. +// +// The operation should follow semantics described in +// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask, +// unless otherwise qualified. +message UpdateNamespaceRequest { + // Namespace provides the target value, as declared by the mask, for the update. + // + // The namespace field must be set. + Namespace namespace = 1; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // For the most part, this applies only to selectively updating labels on + // the namespace. While field masks are typically limited to ascii alphas + // and digits, we just take everything after the "labels." as the map key. + google.protobuf.FieldMask update_mask = 2; +} + +message UpdateNamespaceResponse { + Namespace namespace = 1; +} + +message DeleteNamespaceRequest { + string name = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/sandbox/v1/sandbox.proto b/wfe-containerd-protos/proto/api/services/sandbox/v1/sandbox.proto new file mode 100755 index 0000000..9e04bae --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/sandbox/v1/sandbox.proto @@ -0,0 +1,203 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +// Sandbox is a v2 runtime extension that allows more complex execution environments for containers. +// This adds a notion of groups of containers that share same lifecycle and/or resources. +// A few good fits for sandbox can be: +// - A "pause" container in k8s, that acts as a parent process for child containers to hold network namespace. +// - (micro)VMs that launch a VM process and executes containers inside guest OS. +// containerd in this case remains implementation agnostic and delegates sandbox handling to runtimes. +// See proposal and discussion here: https://github.com/containerd/containerd/issues/4131 +package containerd.services.sandbox.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; +import "types/metrics.proto"; +import "types/mount.proto"; +import "types/platform.proto"; +import "types/sandbox.proto"; + +option go_package = "github.com/containerd/containerd/api/services/sandbox/v1;sandbox"; + +// Store provides a metadata storage interface for sandboxes. Similarly to `Containers`, +// sandbox object includes info required to start a new instance, but no runtime state. +// When running a new sandbox instance, store objects are used as base type to create from. +service Store { + rpc Create(StoreCreateRequest) returns (StoreCreateResponse); + rpc Update(StoreUpdateRequest) returns (StoreUpdateResponse); + rpc Delete(StoreDeleteRequest) returns (StoreDeleteResponse); + rpc List(StoreListRequest) returns (StoreListResponse); + rpc Get(StoreGetRequest) returns (StoreGetResponse); +} + +message StoreCreateRequest { + containerd.types.Sandbox sandbox = 1; +} + +message StoreCreateResponse { + containerd.types.Sandbox sandbox = 1; +} + +message StoreUpdateRequest { + containerd.types.Sandbox sandbox = 1; + repeated string fields = 2; +} + +message StoreUpdateResponse { + containerd.types.Sandbox sandbox = 1; +} + +message StoreDeleteRequest { + string sandbox_id = 1; +} + +message StoreDeleteResponse {} + +message StoreListRequest { + repeated string filters = 1; +} + +message StoreListResponse { + repeated containerd.types.Sandbox list = 1; +} + +message StoreGetRequest { + string sandbox_id = 1; +} + +message StoreGetResponse { + containerd.types.Sandbox sandbox = 1; +} + +// Controller is an interface to manage runtime sandbox instances. +service Controller { + rpc Create(ControllerCreateRequest) returns (ControllerCreateResponse); + rpc Start(ControllerStartRequest) returns (ControllerStartResponse); + rpc Platform(ControllerPlatformRequest) returns (ControllerPlatformResponse); + rpc Stop(ControllerStopRequest) returns (ControllerStopResponse); + rpc Wait(ControllerWaitRequest) returns (ControllerWaitResponse); + rpc Status(ControllerStatusRequest) returns (ControllerStatusResponse); + rpc Shutdown(ControllerShutdownRequest) returns (ControllerShutdownResponse); + rpc Metrics(ControllerMetricsRequest) returns (ControllerMetricsResponse); + rpc Update(ControllerUpdateRequest) returns (ControllerUpdateResponse); +} + +message ControllerCreateRequest { + string sandbox_id = 1; + repeated containerd.types.Mount rootfs = 2; + google.protobuf.Any options = 3; + string netns_path = 4; + map annotations = 5; + containerd.types.Sandbox sandbox = 6; + string sandboxer = 10; +} + +message ControllerCreateResponse { + string sandbox_id = 1; +} + +message ControllerStartRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerStartResponse { + string sandbox_id = 1; + uint32 pid = 2; + google.protobuf.Timestamp created_at = 3; + map labels = 4; + // Address of the sandbox for containerd to connect, + // for calling Task or other APIs serving in the sandbox. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string address = 5; + uint32 version = 6; + google.protobuf.Any spec = 7; +} + +message ControllerPlatformRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerPlatformResponse { + containerd.types.Platform platform = 1; +} + +message ControllerStopRequest { + string sandbox_id = 1; + uint32 timeout_secs = 2; + string sandboxer = 10; +} + +message ControllerStopResponse {} + +message ControllerWaitRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerWaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} + +message ControllerStatusRequest { + string sandbox_id = 1; + bool verbose = 2; + string sandboxer = 10; +} + +message ControllerStatusResponse { + string sandbox_id = 1; + uint32 pid = 2; + string state = 3; + map info = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp exited_at = 6; + google.protobuf.Any extra = 7; + // Address of the sandbox for containerd to connect, + // for calling Task or other APIs serving in the sandbox. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string address = 8; + uint32 version = 9; +} + +message ControllerShutdownRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerShutdownResponse {} + +message ControllerMetricsRequest { + string sandbox_id = 1; + string sandboxer = 10; +} + +message ControllerMetricsResponse { + types.Metric metrics = 1; +} + +message ControllerUpdateRequest { + string sandbox_id = 1; + string sandboxer = 2; + containerd.types.Sandbox sandbox = 3; + repeated string fields = 4; +} + +message ControllerUpdateResponse {} diff --git a/wfe-containerd-protos/proto/api/services/snapshots/v1/snapshots.proto b/wfe-containerd-protos/proto/api/services/snapshots/v1/snapshots.proto new file mode 100644 index 0000000..eb8a98f --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/snapshots/v1/snapshots.proto @@ -0,0 +1,181 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.snapshots.v1; + +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "types/mount.proto"; + +option go_package = "github.com/containerd/containerd/api/services/snapshots/v1;snapshots"; + +// Snapshot service manages snapshots +service Snapshots { + rpc Prepare(PrepareSnapshotRequest) returns (PrepareSnapshotResponse); + rpc View(ViewSnapshotRequest) returns (ViewSnapshotResponse); + rpc Mounts(MountsRequest) returns (MountsResponse); + rpc Commit(CommitSnapshotRequest) returns (google.protobuf.Empty); + rpc Remove(RemoveSnapshotRequest) returns (google.protobuf.Empty); + rpc Stat(StatSnapshotRequest) returns (StatSnapshotResponse); + rpc Update(UpdateSnapshotRequest) returns (UpdateSnapshotResponse); + rpc List(ListSnapshotsRequest) returns (stream ListSnapshotsResponse); + rpc Usage(UsageRequest) returns (UsageResponse); + rpc Cleanup(CleanupRequest) returns (google.protobuf.Empty); +} + +message PrepareSnapshotRequest { + string snapshotter = 1; + string key = 2; + string parent = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; +} + +message PrepareSnapshotResponse { + repeated containerd.types.Mount mounts = 1; +} + +message ViewSnapshotRequest { + string snapshotter = 1; + string key = 2; + string parent = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; +} + +message ViewSnapshotResponse { + repeated containerd.types.Mount mounts = 1; +} + +message MountsRequest { + string snapshotter = 1; + string key = 2; +} + +message MountsResponse { + repeated containerd.types.Mount mounts = 1; +} + +message RemoveSnapshotRequest { + string snapshotter = 1; + string key = 2; +} + +message CommitSnapshotRequest { + string snapshotter = 1; + string name = 2; + string key = 3; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 4; + + string parent = 5; +} + +message StatSnapshotRequest { + string snapshotter = 1; + string key = 2; +} + +enum Kind { + UNKNOWN = 0; + VIEW = 1; + ACTIVE = 2; + COMMITTED = 3; +} + +message Info { + string name = 1; + string parent = 2; + Kind kind = 3; + + // CreatedAt provides the time at which the snapshot was created. + google.protobuf.Timestamp created_at = 4; + + // UpdatedAt provides the time the info was last updated. + google.protobuf.Timestamp updated_at = 5; + + // Labels are arbitrary data on snapshots. + // + // The combined size of a key/value pair cannot exceed 4096 bytes. + map labels = 6; +} + +message StatSnapshotResponse { + Info info = 1; +} + +message UpdateSnapshotRequest { + string snapshotter = 1; + Info info = 2; + + // UpdateMask specifies which fields to perform the update on. If empty, + // the operation applies to all fields. + // + // In info, Name, Parent, Kind, Created are immutable, + // other field may be updated using this mask. + // If no mask is provided, all mutable field are updated. + google.protobuf.FieldMask update_mask = 3; +} + +message UpdateSnapshotResponse { + Info info = 1; +} + +message ListSnapshotsRequest { + string snapshotter = 1; + + // Filters contains one or more filters using the syntax defined in the + // containerd filter package. + // + // The returned result will be those that match any of the provided + // filters. Expanded, images that match the following will be + // returned: + // + // filters[0] or filters[1] or ... or filters[n-1] or filters[n] + // + // If filters is zero-length or nil, all items will be returned. + repeated string filters = 2; +} + +message ListSnapshotsResponse { + repeated Info info = 1; +} + +message UsageRequest { + string snapshotter = 1; + string key = 2; +} + +message UsageResponse { + int64 size = 1; + int64 inodes = 2; +} + +message CleanupRequest { + string snapshotter = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/streaming/v1/streaming.proto b/wfe-containerd-protos/proto/api/services/streaming/v1/streaming.proto new file mode 100644 index 0000000..57e1a7c --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/streaming/v1/streaming.proto @@ -0,0 +1,31 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.streaming.v1; + +import "google/protobuf/any.proto"; + +option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming"; + +service Streaming { + rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any); +} + +message StreamInit { + string id = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/tasks/v1/tasks.proto b/wfe-containerd-protos/proto/api/services/tasks/v1/tasks.proto new file mode 100644 index 0000000..4113f45 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/tasks/v1/tasks.proto @@ -0,0 +1,226 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.tasks.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/timestamp.proto"; +import "types/descriptor.proto"; +import "types/metrics.proto"; +import "types/mount.proto"; +import "types/task/task.proto"; + +option go_package = "github.com/containerd/containerd/api/services/tasks/v1;tasks"; + +service Tasks { + // Create a task. + rpc Create(CreateTaskRequest) returns (CreateTaskResponse); + + // Start a process. + rpc Start(StartRequest) returns (StartResponse); + + // Delete a task and on disk state. + rpc Delete(DeleteTaskRequest) returns (DeleteResponse); + + rpc DeleteProcess(DeleteProcessRequest) returns (DeleteResponse); + + rpc Get(GetRequest) returns (GetResponse); + + rpc List(ListTasksRequest) returns (ListTasksResponse); + + // Kill a task or process. + rpc Kill(KillRequest) returns (google.protobuf.Empty); + + rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); + + rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); + + rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); + + rpc Pause(PauseTaskRequest) returns (google.protobuf.Empty); + + rpc Resume(ResumeTaskRequest) returns (google.protobuf.Empty); + + rpc ListPids(ListPidsRequest) returns (ListPidsResponse); + + rpc Checkpoint(CheckpointTaskRequest) returns (CheckpointTaskResponse); + + rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); + + rpc Metrics(MetricsRequest) returns (MetricsResponse); + + rpc Wait(WaitRequest) returns (WaitResponse); +} + +message CreateTaskRequest { + string container_id = 1; + + // RootFS provides the pre-chroot mounts to perform in the shim before + // executing the container task. + // + // These are for mounts that cannot be performed in the user namespace. + // Typically, these mounts should be resolved from snapshots specified on + // the container object. + repeated containerd.types.Mount rootfs = 3; + + string stdin = 4; + string stdout = 5; + string stderr = 6; + bool terminal = 7; + + containerd.types.Descriptor checkpoint = 8; + + google.protobuf.Any options = 9; + + string runtime_path = 10; +} + +message CreateTaskResponse { + string container_id = 1; + uint32 pid = 2; +} + +message StartRequest { + string container_id = 1; + string exec_id = 2; +} + +message StartResponse { + uint32 pid = 1; +} + +message DeleteTaskRequest { + string container_id = 1; +} + +message DeleteResponse { + string id = 1; + uint32 pid = 2; + uint32 exit_status = 3; + google.protobuf.Timestamp exited_at = 4; +} + +message DeleteProcessRequest { + string container_id = 1; + string exec_id = 2; +} + +message GetRequest { + string container_id = 1; + string exec_id = 2; +} + +message GetResponse { + containerd.v1.types.Process process = 1; +} + +message ListTasksRequest { + string filter = 1; +} + +message ListTasksResponse { + repeated containerd.v1.types.Process tasks = 1; +} + +message KillRequest { + string container_id = 1; + string exec_id = 2; + uint32 signal = 3; + bool all = 4; +} + +message ExecProcessRequest { + string container_id = 1; + string stdin = 2; + string stdout = 3; + string stderr = 4; + bool terminal = 5; + // Spec for starting a process in the target container. + // + // For runc, this is a process spec, for example. + google.protobuf.Any spec = 6; + // id of the exec process + string exec_id = 7; +} + +message ExecProcessResponse {} + +message ResizePtyRequest { + string container_id = 1; + string exec_id = 2; + uint32 width = 3; + uint32 height = 4; +} + +message CloseIORequest { + string container_id = 1; + string exec_id = 2; + bool stdin = 3; +} + +message PauseTaskRequest { + string container_id = 1; +} + +message ResumeTaskRequest { + string container_id = 1; +} + +message ListPidsRequest { + string container_id = 1; +} + +message ListPidsResponse { + // Processes includes the process ID and additional process information + repeated containerd.v1.types.ProcessInfo processes = 1; +} + +message CheckpointTaskRequest { + string container_id = 1; + string parent_checkpoint = 2; + google.protobuf.Any options = 3; +} + +message CheckpointTaskResponse { + repeated containerd.types.Descriptor descriptors = 1; +} + +message UpdateTaskRequest { + string container_id = 1; + google.protobuf.Any resources = 2; + map annotations = 3; +} + +message MetricsRequest { + repeated string filters = 1; +} + +message MetricsResponse { + repeated types.Metric metrics = 1; +} + +message WaitRequest { + string container_id = 1; + string exec_id = 2; +} + +message WaitResponse { + uint32 exit_status = 1; + google.protobuf.Timestamp exited_at = 2; +} diff --git a/wfe-containerd-protos/proto/api/services/transfer/v1/transfer.proto b/wfe-containerd-protos/proto/api/services/transfer/v1/transfer.proto new file mode 100644 index 0000000..0ad0ae8 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/transfer/v1/transfer.proto @@ -0,0 +1,39 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.transfer.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/empty.proto"; + +option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer"; + +service Transfer { + rpc Transfer(TransferRequest) returns (google.protobuf.Empty); +} + +message TransferRequest { + google.protobuf.Any source = 1; + google.protobuf.Any destination = 2; + TransferOptions options = 3; +} + +message TransferOptions { + string progress_stream = 1; + // Progress min interval +} diff --git a/wfe-containerd-protos/proto/api/services/ttrpc/events/v1/events.proto b/wfe-containerd-protos/proto/api/services/ttrpc/events/v1/events.proto new file mode 100644 index 0000000..8b55273 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/ttrpc/events/v1/events.proto @@ -0,0 +1,37 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.events.ttrpc.v1; + +import "google/protobuf/empty.proto"; +import "types/event.proto"; + +option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events"; + +service Events { + // Forward sends an event that has already been packaged into an envelope + // with a timestamp and namespace. + // + // This is useful if earlier timestamping is required or when forwarding on + // behalf of another component, namespace or publisher. + rpc Forward(ForwardRequest) returns (google.protobuf.Empty); +} + +message ForwardRequest { + containerd.types.Envelope envelope = 1; +} diff --git a/wfe-containerd-protos/proto/api/services/version/v1/version.proto b/wfe-containerd-protos/proto/api/services/version/v1/version.proto new file mode 100644 index 0000000..c331098 --- /dev/null +++ b/wfe-containerd-protos/proto/api/services/version/v1/version.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.services.version.v1; + +import "google/protobuf/empty.proto"; + +// TODO(stevvooe): Should version service actually be versioned? +option go_package = "github.com/containerd/containerd/api/services/version/v1;version"; + +service Version { + rpc Version(google.protobuf.Empty) returns (VersionResponse); +} + +message VersionResponse { + string version = 1; + string revision = 2; +} diff --git a/wfe-containerd-protos/proto/api/types/descriptor.proto b/wfe-containerd-protos/proto/api/types/descriptor.proto new file mode 100644 index 0000000..9baadad --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/descriptor.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Descriptor describes a blob in a content store. +// +// This descriptor can be used to reference content from an +// oci descriptor found in a manifest. +// See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor +message Descriptor { + string media_type = 1; + string digest = 2; + int64 size = 3; + map annotations = 5; +} diff --git a/wfe-containerd-protos/proto/api/types/event.proto b/wfe-containerd-protos/proto/api/types/event.proto new file mode 100644 index 0000000..0b9c3fb --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/event.proto @@ -0,0 +1,33 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; +import "types/fieldpath.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message Envelope { + option (containerd.types.fieldpath) = true; + google.protobuf.Timestamp timestamp = 1; + string namespace = 2; + string topic = 3; + google.protobuf.Any event = 4; +} diff --git a/wfe-containerd-protos/proto/api/types/fieldpath.proto b/wfe-containerd-protos/proto/api/types/fieldpath.proto new file mode 100644 index 0000000..bb5591d --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/fieldpath.proto @@ -0,0 +1,42 @@ +// Protocol Buffers for Go with Gadgets +// +// Copyright (c) 2013, The GoGo Authors. All rights reserved. +// http://github.com/gogo/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; +package containerd.types; + +import "google/protobuf/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +extend google.protobuf.FileOptions { + optional bool fieldpath_all = 63300; +} + +extend google.protobuf.MessageOptions { + optional bool fieldpath = 64400; +} diff --git a/wfe-containerd-protos/proto/api/types/introspection.proto b/wfe-containerd-protos/proto/api/types/introspection.proto new file mode 100644 index 0000000..5ce83bf --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/introspection.proto @@ -0,0 +1,46 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message RuntimeRequest { + string runtime_path = 1; + // Options correspond to CreateTaskRequest.options. + // This is needed to pass the runc binary path, etc. + google.protobuf.Any options = 2; +} + +message RuntimeVersion { + string version = 1; + string revision = 2; +} + +message RuntimeInfo { + string name = 1; + RuntimeVersion version = 2; + // Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.) + google.protobuf.Any options = 3; + // OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md + google.protobuf.Any features = 4; + // Annotations of the shim. Irrelevant to features.Annotations. + map annotations = 5; +} diff --git a/wfe-containerd-protos/proto/api/types/metrics.proto b/wfe-containerd-protos/proto/api/types/metrics.proto new file mode 100644 index 0000000..d1a7d49 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/metrics.proto @@ -0,0 +1,30 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +message Metric { + google.protobuf.Timestamp timestamp = 1; + string id = 2; + google.protobuf.Any data = 3; +} diff --git a/wfe-containerd-protos/proto/api/types/mount.proto b/wfe-containerd-protos/proto/api/types/mount.proto new file mode 100644 index 0000000..05fd453 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/mount.proto @@ -0,0 +1,65 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Mount describes mounts for a container. +// +// This type is the lingua franca of ContainerD. All services provide mounts +// to be used with the container at creation time. +// +// The Mount type follows the structure of the mount syscall, including a type, +// source, target and options. +message Mount { + // Type defines the nature of the mount. + string type = 1; + + // Source specifies the name of the mount. Depending on mount type, this + // may be a volume name or a host path, or even ignored. + string source = 2; + + // Target path in container + string target = 3; + + // Options specifies zero or more fstab style mount options. + repeated string options = 4; +} + +message ActiveMount { + Mount mount = 1; + + google.protobuf.Timestamp mounted_at = 2; + + string mount_point = 3; + + map data = 4; +} + +message ActivationInfo { + string name = 1; + + repeated ActiveMount active = 2; + + repeated Mount system = 3; + + map labels = 4; +} diff --git a/wfe-containerd-protos/proto/api/types/platform.proto b/wfe-containerd-protos/proto/api/types/platform.proto new file mode 100644 index 0000000..c56b6de --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/platform.proto @@ -0,0 +1,30 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Platform follows the structure of the OCI platform specification, from +// descriptors. +message Platform { + string os = 1; + string architecture = 2; + string variant = 3; + string os_version = 4; +} diff --git a/wfe-containerd-protos/proto/api/types/runc/options/oci.proto b/wfe-containerd-protos/proto/api/types/runc/options/oci.proto new file mode 100644 index 0000000..b186637 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/runc/options/oci.proto @@ -0,0 +1,63 @@ +syntax = "proto3"; + +package containerd.runc.v1; + +option go_package = "github.com/containerd/containerd/api/types/runc/options;options"; + +message Options { + // disable pivot root when creating a container + bool no_pivot_root = 1; + // create a new keyring for the container + bool no_new_keyring = 2; + // place the shim in a cgroup + string shim_cgroup = 3; + // set the I/O's pipes uid + uint32 io_uid = 4; + // set the I/O's pipes gid + uint32 io_gid = 5; + // binary name of the runc binary + string binary_name = 6; + // runc root directory + string root = 7; + // criu binary path. + // + // Removed in containerd v2.0: string criu_path = 8; + reserved 8; + // enable systemd cgroups + bool systemd_cgroup = 9; + // criu image path + string criu_image_path = 10; + // criu work path + string criu_work_path = 11; + // task api address, can be a unix domain socket, or vsock address. + // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. + string task_api_address = 12; + // task api version, currently supported value is 2 and 3. + uint32 task_api_version = 13; +} + +message CheckpointOptions { + // exit the container after a checkpoint + bool exit = 1; + // checkpoint open tcp connections + bool open_tcp = 2; + // checkpoint external unix sockets + bool external_unix_sockets = 3; + // checkpoint terminals (ptys) + bool terminal = 4; + // allow checkpointing of file locks + bool file_locks = 5; + // restore provided namespaces as empty namespaces + repeated string empty_namespaces = 6; + // set the cgroups mode, soft, full, strict + string cgroups_mode = 7; + // checkpoint image path + string image_path = 8; + // checkpoint work path + string work_path = 9; +} + +message ProcessDetails { + // exec process id if the process is managed by a shim + string exec_id = 1; +} diff --git a/wfe-containerd-protos/proto/api/types/runtimeoptions/v1/api.proto b/wfe-containerd-protos/proto/api/types/runtimeoptions/v1/api.proto new file mode 100644 index 0000000..95864dc --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/runtimeoptions/v1/api.proto @@ -0,0 +1,17 @@ +// To regenerate api.pb.go run `make protos` +syntax = "proto3"; + +package runtimeoptions.v1; + +option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions"; + +message Options { + // TypeUrl specifies the type of the content inside the config file. + string type_url = 1; + // ConfigPath specifies the filesystem location of the config file + // used by the runtime. + string config_path = 2; + // Blob specifies an in-memory TOML blob passed from containerd's configuration section + // for this runtime. This will be used if config_path is not specified. + bytes config_body = 3; +} diff --git a/wfe-containerd-protos/proto/api/types/sandbox.proto b/wfe-containerd-protos/proto/api/types/sandbox.proto new file mode 100644 index 0000000..0236441 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/sandbox.proto @@ -0,0 +1,53 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types;types"; + +// Sandbox represents a sandbox metadata object that keeps all info required by controller to +// work with a particular instance. +message Sandbox { + // SandboxID is a unique instance identifier within namespace + string sandbox_id = 1; + message Runtime { + // Name is the name of the runtime. + string name = 1; + // Options specify additional runtime initialization options for the shim (this data will be available in StartShim). + // Typically this data expected to be runtime shim implementation specific. + google.protobuf.Any options = 2; + } + // Runtime specifies which runtime to use for executing this container. + Runtime runtime = 2; + // Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the + // bundle directory (similary to OCI spec). + google.protobuf.Any spec = 3; + // Labels provides an area to include arbitrary data on containers. + map labels = 4; + // CreatedAt is the time the container was first created. + google.protobuf.Timestamp created_at = 5; + // UpdatedAt is the last time the container was mutated. + google.protobuf.Timestamp updated_at = 6; + // Extensions allow clients to provide optional blobs that can be handled by runtime. + map extensions = 7; + // Sandboxer is the name of the sandbox controller who manages the sandbox. + string sandboxer = 10; +} diff --git a/wfe-containerd-protos/proto/api/types/task/task.proto b/wfe-containerd-protos/proto/api/types/task/task.proto new file mode 100644 index 0000000..3a06236 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/task/task.proto @@ -0,0 +1,55 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.v1.types; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types/task"; + +enum Status { + UNKNOWN = 0; + CREATED = 1; + RUNNING = 2; + STOPPED = 3; + PAUSED = 4; + PAUSING = 5; +} + +message Process { + string container_id = 1; + string id = 2; + uint32 pid = 3; + Status status = 4; + string stdin = 5; + string stdout = 6; + string stderr = 7; + bool terminal = 8; + uint32 exit_status = 9; + google.protobuf.Timestamp exited_at = 10; +} + +message ProcessInfo { + // PID is the process ID. + uint32 pid = 1; + // Info contains additional process information. + // + // Info varies by platform. + google.protobuf.Any info = 2; +} diff --git a/wfe-containerd-protos/proto/api/types/transfer/imagestore.proto b/wfe-containerd-protos/proto/api/types/transfer/imagestore.proto new file mode 100644 index 0000000..c3c14c9 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/transfer/imagestore.proto @@ -0,0 +1,82 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "types/platform.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message ImageStore { + string name = 1; + map labels = 2; + + // Content filters + + repeated types.Platform platforms = 3; + bool all_metadata = 4; + uint32 manifest_limit = 5; + + // Import naming + + // extra_references are used to set image names on imports of sub-images from the index + repeated ImageReference extra_references = 6; + + // Unpack Configuration, multiple allowed + + repeated UnpackConfiguration unpacks = 10; +} + +message UnpackConfiguration { + // platform is the platform to unpack for, used for resolving manifest and snapshotter + // if not provided + types.Platform platform = 1; + + // snapshotter to unpack to, if not provided default for platform shoudl be used + string snapshotter = 2; +} + +// ImageReference is used to create or find a reference for an image +message ImageReference { + string name = 1; + + // is_prefix determines whether the Name should be considered + // a prefix (without tag or digest). + // For lookup, this may allow matching multiple tags. + // For store, this must have a tag or digest added. + bool is_prefix = 2; + + // allow_overwrite allows overwriting or ignoring the name if + // another reference is provided (such as through an annotation). + // Only used if IsPrefix is true. + bool allow_overwrite = 3; + + // add_digest adds the manifest digest to the reference. + // For lookup, this allows matching tags with any digest. + // For store, this allows adding the digest to the name. + // Only used if IsPrefix is true. + bool add_digest = 4; + + // skip_named_digest only considers digest references which do not + // have a non-digested named reference. + // For lookup, this will deduplicate digest references when there is a named match. + // For store, this only adds this digest reference when there is no matching full + // name reference from the prefix. + // Only used if IsPrefix is true. + bool skip_named_digest = 5; +} diff --git a/wfe-containerd-protos/proto/api/types/transfer/importexport.proto b/wfe-containerd-protos/proto/api/types/transfer/importexport.proto new file mode 100644 index 0000000..7d6c754 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/transfer/importexport.proto @@ -0,0 +1,52 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "types/platform.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message ImageImportStream { + // Stream is used to identify the binary input stream for the import operation. + // The stream uses the transfer binary stream protocol with the client as the sender. + // The binary data is expected to be a raw tar stream. + string stream = 1; + + string media_type = 2; + + bool force_compress = 3; +} + +message ImageExportStream { + // Stream is used to identify the binary output stream for the export operation. + // The stream uses the transfer binary stream protocol with the server as the sender. + // The binary data is expected to be a raw tar stream. + string stream = 1; + + string media_type = 2; + + // The specified platforms + repeated types.Platform platforms = 3; + // Whether to include all platforms + bool all_platforms = 4; + // Skips the creation of the Docker compatible manifest.json file + bool skip_compatibility_manifest = 5; + // Excludes non-distributable blobs such as Windows base layers. + bool skip_non_distributable = 6; +} diff --git a/wfe-containerd-protos/proto/api/types/transfer/progress.proto b/wfe-containerd-protos/proto/api/types/transfer/progress.proto new file mode 100644 index 0000000..81858db --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/transfer/progress.proto @@ -0,0 +1,32 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "types/descriptor.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message Progress { + string event = 1; + string name = 2; + repeated string parents = 3; + int64 progress = 4; + int64 total = 5; + containerd.types.Descriptor desc = 6; +} diff --git a/wfe-containerd-protos/proto/api/types/transfer/registry.proto b/wfe-containerd-protos/proto/api/types/transfer/registry.proto new file mode 100644 index 0000000..cf614d2 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/transfer/registry.proto @@ -0,0 +1,97 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +import "google/protobuf/timestamp.proto"; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message OCIRegistry { + string reference = 1; + RegistryResolver resolver = 2; +} + +enum HTTPDebug { + DISABLED = 0; + // Enable HTTP debugging + DEBUG = 1; + // Enable HTTP requests tracing + TRACE = 2; + // Enable both HTTP debugging and requests tracing + BOTH = 3; +} + +message RegistryResolver { + // auth_stream is used to refer to a stream which auth callbacks may be + // made on. + string auth_stream = 1; + + // Headers + map headers = 2; + + string host_dir = 3; + + string default_scheme = 4; + // Force skip verify + // CA callback? Client TLS callback? + + // Whether to debug/trace HTTP requests to OCI registry. + HTTPDebug http_debug = 5; + + // Stream ID to use for HTTP logs (when logs are streamed to client). + // When empty, logs are written to containerd logs. + string logs_stream = 6; +} + +// AuthRequest is sent as a callback on a stream +message AuthRequest { + // host is the registry host + string host = 1; + + // reference is the namespace and repository name requested from the registry + string reference = 2; + + // wwwauthenticate is the HTTP WWW-Authenticate header values returned from the registry + repeated string wwwauthenticate = 3; +} + +enum AuthType { + NONE = 0; + + // CREDENTIALS is used to exchange username/password for access token + // using an oauth or "Docker Registry Token" server + CREDENTIALS = 1; + + // REFRESH is used to exchange secret for access token using an oauth + // or "Docker Registry Token" server + REFRESH = 2; + + // HEADER is used to set the HTTP Authorization header to secret + // directly for the registry. + // Value should be ` ` + HEADER = 3; +} + +message AuthResponse { + AuthType authType = 1; + string secret = 2; + string username = 3; + google.protobuf.Timestamp expire_at = 4; + // TODO: Stream error +} diff --git a/wfe-containerd-protos/proto/api/types/transfer/streaming.proto b/wfe-containerd-protos/proto/api/types/transfer/streaming.proto new file mode 100644 index 0000000..e01e703 --- /dev/null +++ b/wfe-containerd-protos/proto/api/types/transfer/streaming.proto @@ -0,0 +1,29 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +syntax = "proto3"; + +package containerd.types.transfer; + +option go_package = "github.com/containerd/containerd/api/types/transfer"; + +message Data { + bytes data = 1; +} + +message WindowUpdate { + int32 update = 1; +} diff --git a/wfe-containerd-protos/vendor/containerd b/wfe-containerd-protos/vendor/containerd deleted file mode 160000 index 546ce38..0000000 --- a/wfe-containerd-protos/vendor/containerd +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 546ce38287edc9fb351747f8fd0866f9f1f22b03