studio/wfe
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 10 Activity

refactor: remove vendored Go repos, keep only .proto files

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-04-06 19:41:02 +01:00
parent 2f6dba296f
commit ae1cec2998
113 changed files with 9668 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
wfe-buildkit-protos/proto/github.com/moby/buildkit
View File

@@ -1 +0,0 @@
/Users/sienna/Development/sunbeam/wfe/wfe-buildkit-protos/vendor/buildkit

253
wfe-buildkit-protos/proto/github.com/moby/buildkit/api/services/control/control.proto Normal file
View File

@@ -0,0 +1,253 @@
syntax = "proto3";
package moby.buildkit.v1;
option go_package = "github.com/moby/buildkit/api/services/control;moby_buildkit_v1";
// import "github.com/containerd/containerd/api/types/descriptor.proto";
import "github.com/moby/buildkit/api/types/worker.proto";
import "github.com/moby/buildkit/solver/pb/ops.proto";
import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto";
import "google/protobuf/timestamp.proto";
import "google/rpc/status.proto";
service Control {
rpc DiskUsage(DiskUsageRequest) returns (DiskUsageResponse);
rpc Prune(PruneRequest) returns (stream UsageRecord);
rpc Solve(SolveRequest) returns (SolveResponse);
rpc Status(StatusRequest) returns (stream StatusResponse);
rpc Session(stream BytesMessage) returns (stream BytesMessage);
rpc ListWorkers(ListWorkersRequest) returns (ListWorkersResponse);
rpc Info(InfoRequest) returns (InfoResponse);
rpc ListenBuildHistory(BuildHistoryRequest) returns (stream BuildHistoryEvent);
rpc UpdateBuildHistory(UpdateBuildHistoryRequest) returns (UpdateBuildHistoryResponse);
}
message PruneRequest {
repeated string filter = 1;
bool all = 2;
int64 keepDuration = 3;
int64 reservedSpace = 4;
int64 maxUsedSpace = 5;
int64 minFreeSpace = 6;
}
message DiskUsageRequest {
repeated string filter = 1;
int64 ageLimit = 2;
}
message DiskUsageResponse {
repeated UsageRecord record = 1;
}
message UsageRecord {
string ID = 1;
bool Mutable = 2;
bool InUse = 3;
int64 Size = 4;
string Parent = 5 [deprecated=true];
google.protobuf.Timestamp CreatedAt = 6;
google.protobuf.Timestamp LastUsedAt = 7;
int64 UsageCount = 8;
string Description = 9;
string RecordType = 10;
bool Shared = 11;
repeated string Parents = 12;
}
message SolveRequest {
string Ref = 1;
pb.Definition Definition = 2;
// ExporterDeprecated and ExporterAttrsDeprecated are deprecated in favor
// of the new Exporters. If these fields are set, then they will be
// appended to the Exporters field if Exporters was not explicitly set.
string ExporterDeprecated = 3;
map<string, string> ExporterAttrsDeprecated = 4;
string Session = 5;
string Frontend = 6;
map<string, string> FrontendAttrs = 7;
CacheOptions Cache = 8;
repeated string Entitlements = 9;
map<string, pb.Definition> FrontendInputs = 10;
bool Internal = 11; // Internal builds are not recorded in build history
moby.buildkit.v1.sourcepolicy.Policy SourcePolicy = 12;
repeated Exporter Exporters = 13;
bool EnableSessionExporter = 14;
string SourcePolicySession = 15;
}
message CacheOptions {
// ExportRefDeprecated is deprecated in favor or the new Exports since BuildKit v0.4.0.
// When ExportRefDeprecated is set, the solver appends
// {.Type = "registry", .Attrs = ExportAttrs.add("ref", ExportRef)}
// to Exports for compatibility. (planned to be removed)
string ExportRefDeprecated = 1;
// ImportRefsDeprecated is deprecated in favor or the new Imports since BuildKit v0.4.0.
// When ImportRefsDeprecated is set, the solver appends
// {.Type = "registry", .Attrs = {"ref": importRef}}
// for each of the ImportRefs entry to Imports for compatibility. (planned to be removed)
repeated string ImportRefsDeprecated = 2;
// ExportAttrsDeprecated is deprecated since BuildKit v0.4.0.
// See the description of ExportRefDeprecated.
map<string, string> ExportAttrsDeprecated = 3;
// Exports was introduced in BuildKit v0.4.0.
repeated CacheOptionsEntry Exports = 4;
// Imports was introduced in BuildKit v0.4.0.
repeated CacheOptionsEntry Imports = 5;
}
message CacheOptionsEntry {
// Type is like "registry" or "local"
string Type = 1;
// Attrs are like mode=(min,max), ref=example.com:5000/foo/bar .
// See cache importer/exporter implementations' documentation.
map<string, string> Attrs = 2;
}
message SolveResponse {
map<string, string> ExporterResponse = 1;
}
message StatusRequest {
string Ref = 1;
}
message StatusResponse {
repeated Vertex vertexes = 1;
repeated VertexStatus statuses = 2;
repeated VertexLog logs = 3;
repeated VertexWarning warnings = 4;
}
message Vertex {
string digest = 1;
repeated string inputs = 2;
string name = 3;
bool cached = 4;
google.protobuf.Timestamp started = 5;
google.protobuf.Timestamp completed = 6;
string error = 7; // typed errors?
pb.ProgressGroup progressGroup = 8;
}
message VertexStatus {
string ID = 1;
string vertex = 2;
string name = 3;
int64 current = 4;
int64 total = 5;
google.protobuf.Timestamp timestamp = 6;
google.protobuf.Timestamp started = 7;
google.protobuf.Timestamp completed = 8;
}
message VertexLog {
string vertex = 1;
google.protobuf.Timestamp timestamp = 2;
int64 stream = 3;
bytes msg = 4;
}
message VertexWarning {
string vertex = 1;
int64 level = 2;
bytes short = 3;
repeated bytes detail = 4;
string url = 5;
pb.SourceInfo info = 6;
repeated pb.Range ranges = 7;
}
message BytesMessage {
bytes data = 1;
}
message ListWorkersRequest {
repeated string filter = 1; // containerd style
}
message ListWorkersResponse {
repeated moby.buildkit.v1.types.WorkerRecord record = 1;
}
message InfoRequest {}
message InfoResponse {
moby.buildkit.v1.types.BuildkitVersion buildkitVersion = 1;
}
message BuildHistoryRequest {
bool ActiveOnly = 1;
string Ref = 2;
bool EarlyExit = 3;
repeated string Filter = 4;
int32 Limit = 5;
}
enum BuildHistoryEventType {
STARTED = 0;
COMPLETE = 1;
DELETED = 2;
}
message BuildHistoryEvent {
BuildHistoryEventType type = 1;
BuildHistoryRecord record = 2;
}
message BuildHistoryRecord {
string Ref = 1;
string Frontend = 2;
map<string, string> FrontendAttrs = 3;
repeated Exporter Exporters = 4;
google.rpc.Status error = 5;
google.protobuf.Timestamp CreatedAt = 6;
google.protobuf.Timestamp CompletedAt = 7;
Descriptor logs = 8;
map<string, string> ExporterResponse = 9;
BuildResultInfo Result = 10;
map<string, BuildResultInfo> Results = 11;
int32 Generation = 12;
Descriptor trace = 13;
bool pinned = 14;
int32 numCachedSteps = 15;
int32 numTotalSteps = 16;
int32 numCompletedSteps = 17;
Descriptor externalError = 18;
int32 numWarnings = 19;
// TODO: tags
// TODO: unclipped logs
}
message UpdateBuildHistoryRequest {
string Ref = 1;
bool Pinned = 2;
bool Delete = 3;
bool Finalize = 4;
}
message UpdateBuildHistoryResponse {}
message Descriptor {
string media_type = 1;
string digest = 2;
int64 size = 3;
map<string, string> annotations = 5;
}
message BuildResultInfo {
Descriptor ResultDeprecated = 1;
repeated Descriptor Attestations = 2;
map<int64, Descriptor> Results = 3;
}
// Exporter describes the output exporter
message Exporter {
// Type identifies the exporter
string Type = 1;
// Attrs specifies exporter configuration
map<string, string> Attrs = 2;
}

40
wfe-buildkit-protos/proto/github.com/moby/buildkit/api/types/worker.proto Normal file
View File

@@ -0,0 +1,40 @@
syntax = "proto3";
package moby.buildkit.v1.types;
option go_package = "github.com/moby/buildkit/api/types;moby_buildkit_v1_types";
import "github.com/moby/buildkit/solver/pb/ops.proto";
message WorkerRecord {
string ID = 1;
map<string, string> Labels = 2;
repeated pb.Platform platforms = 3;
repeated GCPolicy GCPolicy = 4;
BuildkitVersion BuildkitVersion = 5;
repeated CDIDevice CDIDevices = 6;
}
message GCPolicy {
bool all = 1;
int64 keepDuration = 2;
repeated string filters = 4;
// reservedSpace was renamed from freeBytes
int64 reservedSpace = 3;
int64 maxUsedSpace = 5;
int64 minFreeSpace = 6;
}
message BuildkitVersion {
string package = 1;
string version = 2;
string revision = 3;
}
message CDIDevice {
string Name = 1;
bool AutoAllow = 2;
map<string, string> Annotations = 3;
bool OnDemand = 4;
}

27
wfe-buildkit-protos/proto/github.com/moby/buildkit/cache/contenthash/checksum.proto vendored Normal file
View File

@@ -0,0 +1,27 @@
syntax = "proto3";
package contenthash;
option go_package = "github.com/moby/buildkit/cache/contenthash";
enum CacheRecordType {
FILE = 0;
DIR = 1;
DIR_HEADER = 2;
SYMLINK = 3;
}
message CacheRecord {
string digest = 1;
CacheRecordType type = 2;
string linkname = 3;
}
message CacheRecordWithPath {
string path = 1;
CacheRecord record = 2;
}
message CacheRecords {
repeated CacheRecordWithPath paths = 1;
}

407
wfe-buildkit-protos/proto/github.com/moby/buildkit/frontend/gateway/pb/gateway.proto Normal file
View File

@@ -0,0 +1,407 @@
syntax = "proto3";
package moby.buildkit.v1.frontend;
option go_package = "github.com/moby/buildkit/frontend/gateway/pb;moby_buildkit_v1_frontend";
import "github.com/moby/buildkit/api/types/worker.proto";
import "github.com/moby/buildkit/solver/pb/ops.proto";
import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto";
import "github.com/moby/buildkit/util/apicaps/pb/caps.proto";
import "github.com/tonistiigi/fsutil/types/stat.proto";
import "google/protobuf/timestamp.proto";
import "google/rpc/status.proto";
service LLBBridge {
// apicaps:CapResolveImage
rpc ResolveImageConfig(ResolveImageConfigRequest) returns (ResolveImageConfigResponse);
// apicaps:CapSourceMetaResolver
rpc ResolveSourceMeta(ResolveSourceMetaRequest) returns (ResolveSourceMetaResponse);
// apicaps:CapSolveBase
rpc Solve(SolveRequest) returns (SolveResponse);
// apicaps:CapReadFile
rpc ReadFile(ReadFileRequest) returns (ReadFileResponse);
// apicaps:CapReadDir
rpc ReadDir(ReadDirRequest) returns (ReadDirResponse);
// apicaps:CapStatFile
rpc StatFile(StatFileRequest) returns (StatFileResponse);
// apicaps:CapGatewayEvaluate
rpc Evaluate(EvaluateRequest) returns (EvaluateResponse);
rpc Ping(PingRequest) returns (PongResponse);
rpc Return(ReturnRequest) returns (ReturnResponse);
// apicaps:CapFrontendInputs
rpc Inputs(InputsRequest) returns (InputsResponse);
rpc NewContainer(NewContainerRequest) returns (NewContainerResponse);
rpc ReleaseContainer(ReleaseContainerRequest) returns (ReleaseContainerResponse);
rpc ExecProcess(stream ExecMessage) returns (stream ExecMessage);
// apicaps:CapGatewayExecFilesystem
rpc ReadFileContainer(ReadFileRequest) returns (ReadFileResponse);
rpc ReadDirContainer(ReadDirRequest) returns (ReadDirResponse);
rpc StatFileContainer(StatFileRequest) returns (StatFileResponse);
// apicaps:CapGatewayWarnings
rpc Warn(WarnRequest) returns (WarnResponse);
}
message Result {
oneof result {
// Deprecated non-array refs.
string refDeprecated = 1;
RefMapDeprecated refsDeprecated = 2;
Ref ref = 3;
RefMap refs = 4;
}
map<string, bytes> metadata = 10;
// 11 was used during development and is reserved for old attestation format
map<string, Attestations> attestations = 12;
}
message RefMapDeprecated {
map<string, string> refs = 1;
}
message Ref {
string id = 1;
pb.Definition def = 2;
}
message RefMap {
map<string, Ref> refs = 1;
}
message Attestations {
repeated Attestation attestation = 1;
}
message Attestation {
AttestationKind kind = 1;
map<string, bytes> metadata = 2;
Ref ref = 3;
string path = 4;
string inTotoPredicateType = 5;
repeated InTotoSubject inTotoSubjects = 6;
}
enum AttestationKind {
InToto = 0;
Bundle = 1;
}
message InTotoSubject {
InTotoSubjectKind kind = 1;
repeated string digest = 2;
string name = 3;
}
enum InTotoSubjectKind {
Self = 0;
Raw = 1;
}
message ReturnRequest {
Result result = 1;
google.rpc.Status error = 2;
}
message ReturnResponse {
}
message InputsRequest {
}
message InputsResponse {
map<string, pb.Definition> Definitions = 1;
}
message ResolveImageConfigRequest {
string Ref = 1;
pb.Platform Platform = 2;
string ResolveMode = 3;
string LogName = 4;
int32 ResolverType = 5;
string SessionID = 6;
string StoreID = 7;
repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 8;
}
message ResolveImageConfigResponse {
string Digest = 1;
bytes Config = 2;
string Ref = 3;
}
message ResolveSourceMetaRequest {
pb.SourceOp Source = 1;
pb.Platform Platform = 2;
string LogName = 3;
string ResolveMode = 4;
ResolveSourceGitRequest Git = 5;
ResolveSourceImageRequest Image = 6;
ResolveSourceHTTPRequest HTTP = 7;
repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 8;
}
message ResolveSourceMetaResponse {
pb.SourceOp Source = 1;
ResolveSourceImageResponse Image = 2;
ResolveSourceGitResponse Git = 3;
ResolveSourceHTTPResponse HTTP = 4;
}
message ResolveSourceImageRequest {
bool NoConfig = 1;
bool AttestationChain = 2;
repeated string ResolveAttestations = 3;
}
message AttestationChain {
string Root = 1;
string ImageManifest = 2;
string AttestationManifest = 3;
repeated string SignatureManifests = 4;
map<string, Blob> Blobs = 5;
}
message ResolveSourceImageResponse {
string Digest = 1;
bytes Config = 2;
AttestationChain AttestationChain = 3;
}
message ResolveSourceGitRequest {
// Return full commit and tag object bytes.
bool ReturnObject = 1;
}
message ResolveSourceGitResponse {
string Checksum = 1;
string Ref = 2;
string CommitChecksum = 3;
bytes CommitObject = 4;
bytes TagObject = 5;
}
message ResolveSourceHTTPResponse {
string Checksum = 1;
string Filename = 2;
google.protobuf.Timestamp LastModified = 3;
ChecksumResponse ChecksumResponse = 4;
}
message ResolveSourceHTTPRequest {
ChecksumRequest ChecksumRequest = 1;
}
message ChecksumRequest {
enum ChecksumAlgo {
CHECKSUM_ALGO_SHA256 = 0;
CHECKSUM_ALGO_SHA384 = 1;
CHECKSUM_ALGO_SHA512 = 2;
}
ChecksumAlgo Algo = 1;
bytes Suffix = 2;
}
message ChecksumResponse {
string Digest = 1;
bytes Suffix = 2;
}
message SolveRequest {
pb.Definition Definition = 1;
string Frontend = 2;
map<string, string> FrontendOpt = 3;
// 4 was removed in BuildKit v0.11.0.
bool allowResultReturn = 5;
bool allowResultArrayRef = 6;
// apicaps.CapSolveInlineReturn deprecated
bool Final = 10;
bytes ExporterAttr = 11;
// CacheImports was added in BuildKit v0.4.0.
// apicaps:CapImportCaches
repeated CacheOptionsEntry CacheImports = 12;
// apicaps:CapFrontendInputs
map<string, pb.Definition> FrontendInputs = 13;
bool Evaluate = 14;
repeated moby.buildkit.v1.sourcepolicy.Policy SourcePolicies = 15;
}
// CacheOptionsEntry corresponds to the control.CacheOptionsEntry
message CacheOptionsEntry {
string Type = 1;
map<string, string> Attrs = 2;
}
message SolveResponse {
// deprecated
string ref = 1; // can be used by readfile request
// deprecated
// bytes ExporterAttr = 2;
// these fields are returned when allowMapReturn was set
Result result = 3;
}
message ReadFileRequest {
string Ref = 1;
string FilePath = 2;
FileRange Range = 3;
int32 MountIndex = 4;
}
message FileRange {
int64 Offset = 1;
int64 Length = 2;
}
message ReadFileResponse {
bytes Data = 1;
}
message ReadDirRequest {
string Ref = 1;
string DirPath = 2;
string IncludePattern = 3;
int32 MountIndex = 4;
}
message ReadDirResponse {
repeated fsutil.types.Stat entries = 1;
}
message StatFileRequest {
string Ref = 1;
string Path = 2;
int32 MountIndex = 3;
}
message StatFileResponse {
fsutil.types.Stat stat = 1;
}
message EvaluateRequest {
string Ref = 1;
}
message EvaluateResponse {
}
message PingRequest{
}
message PongResponse{
repeated moby.buildkit.v1.apicaps.APICap FrontendAPICaps = 1;
repeated moby.buildkit.v1.apicaps.APICap LLBCaps = 2;
repeated moby.buildkit.v1.types.WorkerRecord Workers = 3;
}
message WarnRequest {
string digest = 1;
int64 level = 2;
bytes short = 3;
repeated bytes detail = 4;
string url = 5;
pb.SourceInfo info = 6;
repeated pb.Range ranges = 7;
}
message WarnResponse{}
message NewContainerRequest {
string ContainerID = 1;
// For mount input values we can use random identifiers passed with ref
repeated pb.Mount Mounts = 2;
pb.NetMode Network = 3;
pb.Platform platform = 4;
pb.WorkerConstraints constraints = 5;
repeated pb.HostIP extraHosts = 6;
string hostname = 7;
}
message NewContainerResponse{}
message ReleaseContainerRequest {
string ContainerID = 1;
}
message ReleaseContainerResponse{}
message ExecMessage {
string ProcessID = 1;
oneof Input {
// InitMessage sent from client to server will start a new process in a
// container
InitMessage Init = 2;
// FdMessage used from client to server for input (stdin) and
// from server to client for output (stdout, stderr)
FdMessage File = 3;
// ResizeMessage used from client to server for terminal resize events
ResizeMessage Resize = 4;
// StartedMessage sent from server to client after InitMessage to
// indicate the process has started.
StartedMessage Started = 5;
// ExitMessage sent from server to client will contain the exit code
// when the process ends.
ExitMessage Exit = 6;
// DoneMessage from server to client will be the last message for any
// process. Note that FdMessage might be sent after ExitMessage.
DoneMessage Done = 7;
// SignalMessage is used from client to server to send signal events
SignalMessage Signal = 8;
}
}
message InitMessage{
string ContainerID = 1;
pb.Meta Meta = 2;
repeated uint32 Fds = 3;
bool Tty = 4;
pb.SecurityMode Security = 5;
repeated pb.SecretEnv secretenv = 6;
}
message ExitMessage {
uint32 Code = 1;
google.rpc.Status Error = 2;
}
message StartedMessage{}
message DoneMessage{}
message FdMessage{
uint32 Fd = 1; // what fd the data was from
bool EOF = 2; // true if eof was reached
bytes Data = 3;
}
message ResizeMessage{
uint32 Rows = 1;
uint32 Cols = 2;
}
message SignalMessage {
// we only send name (ie HUP, INT) because the int values
// are platform dependent.
string Name = 1;
}
message Blob {
Descriptor descriptor = 1;
bytes data = 2;
}
message Descriptor {
string media_type = 1;
string digest = 2;
int64 size = 3;
map<string, string> annotations = 5;
}

54
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/auth/auth.proto Normal file
View File

@@ -0,0 +1,54 @@
syntax = "proto3";
package moby.filesync.v1;
option go_package = "github.com/moby/buildkit/session/auth";
service Auth{
rpc Credentials(CredentialsRequest) returns (CredentialsResponse);
rpc FetchToken(FetchTokenRequest) returns (FetchTokenResponse);
rpc GetTokenAuthority(GetTokenAuthorityRequest) returns (GetTokenAuthorityResponse);
rpc VerifyTokenAuthority(VerifyTokenAuthorityRequest) returns (VerifyTokenAuthorityResponse);
}
message CredentialsRequest {
string Host = 1;
}
message CredentialsResponse {
string Username = 1;
string Secret = 2;
}
message FetchTokenRequest {
string ClientID = 1;
string Host = 2;
string Realm = 3;
string Service = 4;
repeated string Scopes = 5;
}
message FetchTokenResponse {
string Token = 1;
int64 ExpiresIn = 2; // seconds
int64 IssuedAt = 3; // timestamp
}
message GetTokenAuthorityRequest {
string Host = 1;
bytes Salt = 2;
}
message GetTokenAuthorityResponse {
bytes PublicKey = 1;
}
message VerifyTokenAuthorityRequest {
string Host = 1;
bytes Payload = 2;
bytes Salt = 3;
}
message VerifyTokenAuthorityResponse {
bytes Signed = 1;
}

23
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/exporter/exporter.proto Normal file
View File

@@ -0,0 +1,23 @@
syntax = "proto3";
package moby.exporter.v1;
option go_package = "github.com/moby/buildkit/session/exporter";
service Exporter {
rpc FindExporters(FindExportersRequest) returns (FindExportersResponse);
}
message FindExportersRequest{
map<string, bytes> metadata = 1;
repeated string refs = 2;
}
message FindExportersResponse {
repeated ExporterRequest exporters = 1;
}
message ExporterRequest {
string Type = 1;
map<string, string> Attrs = 2;
}

23
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/filesync/filesync.proto Normal file
View File

@@ -0,0 +1,23 @@
syntax = "proto3";
package moby.filesync.v1;
option go_package = "github.com/moby/buildkit/session/filesync";
import "github.com/tonistiigi/fsutil/types/wire.proto";
// FileSync exposes local files from the client to the server.
service FileSync{
rpc DiffCopy(stream fsutil.types.Packet) returns (stream fsutil.types.Packet);
rpc TarStream(stream fsutil.types.Packet) returns (stream fsutil.types.Packet);
}
// FileSend allows sending files from the server back to the client.
service FileSend{
rpc DiffCopy(stream BytesMessage) returns (stream BytesMessage);
}
// BytesMessage contains a chunk of byte data
message BytesMessage {
bytes data = 1;
}

19
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/secrets/secrets.proto Normal file
View File

@@ -0,0 +1,19 @@
syntax = "proto3";
package moby.buildkit.secrets.v1;
option go_package = "github.com/moby/buildkit/session/secrets";
service Secrets{
rpc GetSecret(GetSecretRequest) returns (GetSecretResponse);
}
message GetSecretRequest {
string ID = 1;
map<string, string> annotations = 2;
}
message GetSecretResponse {
bytes data = 1;
}

22
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/sshforward/ssh.proto Normal file
View File

@@ -0,0 +1,22 @@
syntax = "proto3";
package moby.sshforward.v1;
option go_package = "github.com/moby/buildkit/session/sshforward";
service SSH {
rpc CheckAgent(CheckAgentRequest) returns (CheckAgentResponse);
rpc ForwardAgent(stream BytesMessage) returns (stream BytesMessage);
}
// BytesMessage contains a chunk of byte data
message BytesMessage{
bytes data = 1;
}
message CheckAgentRequest {
string ID = 1;
}
message CheckAgentResponse {
}

14
wfe-buildkit-protos/proto/github.com/moby/buildkit/session/upload/upload.proto Normal file
View File

@@ -0,0 +1,14 @@
syntax = "proto3";
package moby.upload.v1;
option go_package = "github.com/moby/buildkit/session/upload";
service Upload {
rpc Pull(stream BytesMessage) returns (stream BytesMessage);
}
// BytesMessage contains a chunk of byte data
message BytesMessage{
bytes data = 1;
}

52
wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/errdefs/errdefs.proto Normal file
View File

@@ -0,0 +1,52 @@
syntax = "proto3";
package errdefs;
option go_package = "github.com/moby/buildkit/solver/errdefs";
import "github.com/moby/buildkit/solver/pb/ops.proto";
message Vertex {
string digest = 1;
}
message Source {
pb.SourceInfo info = 1;
repeated pb.Range ranges = 2;
}
message Frontend {
string name = 1; // frontend name e.g. dockerfile.v0 or gateway.v0
string source = 2; // used by the gateway frontend to identify the source, which corresponds to the image name
}
message FrontendCap {
string name = 1;
}
message Subrequest {
string name = 1;
}
message Solve {
repeated string inputIDs = 1;
repeated string mountIDs = 2;
pb.Op op = 3;
oneof subject {
FileAction file = 4;
ContentCache cache = 5;
}
map<string, string> description = 6;
}
message FileAction {
// Index of the file action that failed the exec.
int64 index = 1;
}
message ContentCache {
// Original index of result that failed the slow cache calculation.
int64 index = 1;
}

446
wfe-buildkit-protos/proto/github.com/moby/buildkit/solver/pb/ops.proto Normal file
View File

@@ -0,0 +1,446 @@
syntax = "proto3";
// Package pb provides the protobuf definition of LLB: low-level builder instruction.
// LLB is DAG-structured; Op represents a vertex, and Definition represents a graph.
package pb;
option go_package = "github.com/moby/buildkit/solver/pb";
// Op represents a vertex of the LLB DAG.
message Op {
// changes to this structure must be represented in json.go.
// inputs is a set of input edges.
repeated Input inputs = 1;
oneof op {
ExecOp exec = 2;
SourceOp source = 3;
FileOp file = 4;
BuildOp build = 5;
MergeOp merge = 6;
DiffOp diff = 7;
}
Platform platform = 10;
WorkerConstraints constraints = 11;
}
// Platform is github.com/opencontainers/image-spec/specs-go/v1.Platform
message Platform {
string Architecture = 1;
string OS = 2;
string Variant = 3;
string OSVersion = 4;
repeated string OSFeatures = 5; // unused
}
// Input represents an input edge for an Op.
message Input {
// digest of the marshaled input Op
string digest = 1;
// output index of the input Op
int64 index = 2;
}
// ExecOp executes a command in a container.
message ExecOp {
Meta meta = 1;
repeated Mount mounts = 2;
NetMode network = 3;
SecurityMode security = 4;
repeated SecretEnv secretenv = 5;
repeated CDIDevice cdiDevices = 6;
}
// Meta is a set of arguments for ExecOp.
// Meta is unrelated to LLB metadata.
// FIXME: rename (ExecContext? ExecArgs?)
message Meta {
repeated string args = 1;
repeated string env = 2;
string cwd = 3;
string user = 4;
ProxyEnv proxy_env = 5;
repeated HostIP extraHosts = 6;
string hostname = 7;
repeated Ulimit ulimit = 9;
string cgroupParent = 10;
bool removeMountStubsRecursive = 11;
repeated int32 validExitCodes = 12;
}
message HostIP {
string Host = 1;
string IP = 2;
}
message Ulimit {
string Name = 1;
int64 Soft = 2;
int64 Hard = 3;
}
enum NetMode {
UNSET = 0; // sandbox
HOST = 1;
NONE = 2;
}
enum SecurityMode {
SANDBOX = 0;
INSECURE = 1; // privileged mode
}
// SecretEnv is an environment variable that is backed by a secret.
message SecretEnv {
string ID = 1;
string name = 2;
bool optional = 3;
}
// CDIDevice specifies a CDI device information.
message CDIDevice {
// Fully qualified CDI device name (e.g., vendor.com/gpu=gpudevice1)
// https://github.com/cncf-tags/container-device-interface/blob/main/SPEC.md
string name = 1;
// Optional defines if CDI device is required.
bool optional = 2;
}
// Mount specifies how to mount an input Op as a filesystem.
message Mount {
int64 input = 1;
string selector = 2;
string dest = 3;
int64 output = 4;
bool readonly = 5;
MountType mountType = 6;
TmpfsOpt TmpfsOpt = 19;
CacheOpt cacheOpt = 20;
SecretOpt secretOpt = 21;
SSHOpt SSHOpt = 22;
string resultID = 23;
MountContentCache contentCache = 24;
}
// MountType defines a type of a mount from a supported set
enum MountType {
BIND = 0;
SECRET = 1;
SSH = 2;
CACHE = 3;
TMPFS = 4;
}
// MountContentCache ...
enum MountContentCache {
DEFAULT = 0;
ON = 1;
OFF = 2;
}
// TmpfsOpt defines options describing tpmfs mounts
message TmpfsOpt {
// Specify an upper limit on the size of the filesystem.
int64 size = 1;
}
// CacheOpt defines options specific to cache mounts
message CacheOpt {
// ID is an optional namespace for the mount
string ID = 1;
// Sharing is the sharing mode for the mount
CacheSharingOpt sharing = 2;
}
// CacheSharingOpt defines different sharing modes for cache mount
enum CacheSharingOpt {
// SHARED cache mount can be used concurrently by multiple writers
SHARED = 0;
// PRIVATE creates a new mount if there are multiple writers
PRIVATE = 1;
// LOCKED pauses second writer until first one releases the mount
LOCKED = 2;
}
// SecretOpt defines options describing secret mounts
message SecretOpt {
// ID of secret. Used for quering the value.
string ID = 1;
// UID of secret file
uint32 uid = 2;
// GID of secret file
uint32 gid = 3;
// Mode is the filesystem mode of secret file
uint32 mode = 4;
// Optional defines if secret value is required. Error is produced
// if value is not found and optional is false.
bool optional = 5;
}
// SSHOpt defines options describing ssh mounts
message SSHOpt {
// ID of exposed ssh rule. Used for quering the value.
string ID = 1;
// UID of agent socket
uint32 uid = 2;
// GID of agent socket
uint32 gid = 3;
// Mode is the filesystem mode of agent socket
uint32 mode = 4;
// Optional defines if ssh socket is required. Error is produced
// if client does not expose ssh.
bool optional = 5;
}
// SourceOp specifies a source such as build contexts and images.
message SourceOp {
// TODO: use source type or any type instead of URL protocol.
// identifier e.g. local://, docker-image://, git://, https://...
string identifier = 1;
// attrs are defined in attr.go
map<string, string> attrs = 2;
}
// BuildOp is used for nested build invocation.
// BuildOp is experimental and can break without backwards compatibility
message BuildOp {
int64 builder = 1;
map<string, BuildInput> inputs = 2;
Definition def = 3;
map<string, string> attrs = 4;
// outputs
}
// BuildInput is used for BuildOp.
message BuildInput {
int64 input = 1;
}
// OpMetadata is a per-vertex metadata entry, which can be defined for arbitrary Op vertex and overridable on the run time.
message OpMetadata {
// ignore_cache specifies to ignore the cache for this Op.
bool ignore_cache = 1;
// Description can be used for keeping any text fields that builder doesn't parse
map<string, string> description = 2;
// index 3 reserved for WorkerConstraint in previous versions
// WorkerConstraint worker_constraint = 3;
ExportCache export_cache = 4;
map<string, bool> caps = 5;
ProgressGroup progress_group = 6;
}
// Source is a source mapping description for a file
message Source {
map<string, Locations> locations = 1;
repeated SourceInfo infos = 2;
}
// Locations is a list of ranges with a index to its source map.
message Locations {
repeated Location locations = 1;
}
// Source info contains the shared metadata of a source mapping
message SourceInfo {
string filename = 1;
bytes data = 2;
Definition definition = 3;
string language = 4;
}
// Location defines list of areas in to source file
message Location {
int32 sourceIndex = 1;
repeated Range ranges = 2;
}
// Range is an area in the source file
message Range {
Position start = 1;
Position end = 2;
}
// Position is single location in a source file
message Position {
int32 line = 1;
int32 character = 2;
}
message ExportCache {
bool Value = 1;
}
message ProgressGroup {
string id = 1;
string name = 2;
bool weak = 3;
}
message ProxyEnv {
string http_proxy = 1;
string https_proxy = 2;
string ftp_proxy = 3;
string no_proxy = 4;
string all_proxy = 5;
}
// WorkerConstraints defines conditions for the worker
message WorkerConstraints {
repeated string filter = 1; // containerd-style filter
}
// Definition is the LLB definition structure with per-vertex metadata entries
message Definition {
// def is a list of marshaled Op messages
repeated bytes def = 1;
// metadata contains metadata for the each of the Op messages.
// A key must be an LLB op digest string. Currently, empty string is not expected as a key, but it may change in the future.
map<string, OpMetadata> metadata = 2;
// Source contains the source mapping information for the vertexes in the definition
Source Source = 3;
}
message FileOp {
repeated FileAction actions = 2;
}
message FileAction {
// changes to this structure must be represented in json.go.
int64 input = 1; // could be real input or target (target index + max input index)
int64 secondaryInput = 2; // --//--
int64 output = 3;
oneof action {
// FileActionCopy copies files from secondaryInput on top of input
FileActionCopy copy = 4;
// FileActionMkFile creates a new file
FileActionMkFile mkfile = 5;
// FileActionMkDir creates a new directory
FileActionMkDir mkdir = 6;
// FileActionRm removes a file
FileActionRm rm = 7;
// FileActionSymlink creates a symlink
FileActionSymlink symlink = 8;
}
}
message FileActionCopy {
// src is the source path
string src = 1;
// dest path
string dest = 2;
// optional owner override
ChownOpt owner = 3;
// optional permission bits override
int32 mode = 4;
// followSymlink resolves symlinks in src
bool followSymlink = 5;
// dirCopyContents only copies contents if src is a directory
bool dirCopyContents = 6;
// attemptUnpackDockerCompatibility detects if src is an archive to unpack it instead
bool attemptUnpackDockerCompatibility = 7;
// createDestPath creates dest path directories if needed
bool createDestPath = 8;
// allowWildcard allows filepath.Match wildcards in src path
bool allowWildcard = 9;
// allowEmptyWildcard doesn't fail the whole copy if wildcard doesn't resolve to files
bool allowEmptyWildcard = 10;
// optional created time override
int64 timestamp = 11;
// include only files/dirs matching at least one of these patterns
repeated string include_patterns = 12;
// exclude files/dir matching any of these patterns (even if they match an include pattern)
repeated string exclude_patterns = 13;
// alwaysReplaceExistingDestPaths results in an existing dest path that differs in type from the src path being replaced rather than the default of returning an error
bool alwaysReplaceExistingDestPaths = 14;
// mode in non-octal format
string modeStr = 15;
// required paths that must be included in the copy. This is only used when
// include_patterns has at least one pattern.
repeated string required_paths = 16;
}
message FileActionMkFile {
// path for the new file
string path = 1;
// permission bits
int32 mode = 2;
// data is the new file contents
bytes data = 3;
// optional owner for the new file
ChownOpt owner = 4;
// optional created time override
int64 timestamp = 5;
}
message FileActionSymlink {
// destination path for the new file representing the link
string oldpath = 1;
// source path for the link
string newpath = 2;
// optional owner for the new file
ChownOpt owner = 3;
// optional created time override
int64 timestamp = 4;
}
message FileActionMkDir {
// path for the new directory
string path = 1;
// permission bits
int32 mode = 2;
// makeParents creates parent directories as well if needed
bool makeParents = 3;
// optional owner for the new directory
ChownOpt owner = 4;
// optional created time override
int64 timestamp = 5;
}
message FileActionRm {
// path to remove
string path = 1;
// allowNotFound doesn't fail the rm if file is not found
bool allowNotFound = 2;
// allowWildcard allows filepath.Match wildcards in path
bool allowWildcard = 3;
}
message ChownOpt {
UserOpt user = 1;
UserOpt group = 2;
}
message UserOpt {
// changes to this structure must be represented in json.go.
oneof user {
NamedUserOpt byName = 1;
uint32 byID = 2;
}
}
message NamedUserOpt {
string name = 1;
int64 input = 2;
}
message MergeInput {
int64 input = 1;
}
message MergeOp {
repeated MergeInput inputs = 1;
}
message LowerDiffInput {
int64 input = 1;
}
message UpperDiffInput {
int64 input = 1;
}
message DiffOp {
LowerDiffInput lower = 1;
UpperDiffInput upper = 2;
}

66
wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/pb/policy.proto Normal file
View File

@@ -0,0 +1,66 @@
syntax = "proto3";
package moby.buildkit.v1.sourcepolicy;
option go_package = "github.com/moby/buildkit/sourcepolicy/pb;moby_buildkit_v1_sourcepolicy";
// Rule defines the action(s) to take when a source is matched
message Rule {
PolicyAction action = 1;
Selector selector = 2;
Update updates = 3;
}
// Update contains updates to the matched build step after rule is applied
message Update {
string identifier = 1;
map<string, string> attrs = 2;
}
// Selector identifies a source to match a policy to
message Selector {
string identifier = 1;
// MatchType is the type of match to perform on the source identifier
MatchType match_type = 2;
repeated AttrConstraint constraints = 3;
}
// PolicyAction defines the action to take when a source is matched
enum PolicyAction {
ALLOW = 0;
DENY = 1;
CONVERT = 2;
}
// AttrConstraint defines a constraint on a source attribute
message AttrConstraint {
string key = 1;
string value = 2;
AttrMatch condition = 3;
}
// AttrMatch defines the condition to match a source attribute
enum AttrMatch {
EQUAL = 0;
NOTEQUAL = 1;
MATCHES = 2;
}
// Policy is the list of rules the policy engine will perform
message Policy {
int64 version = 1; // Currently 1
repeated Rule rules = 2;
}
// Match type is used to determine how a rule source is matched
enum MatchType {
// WILDCARD is the default matching type.
// It may first attempt to due an exact match but will follow up with a wildcard match
// For something more powerful, use REGEX
WILDCARD = 0;
// EXACT treats the source identifier as a litteral string match
EXACT = 1;
// REGEX treats the source identifier as a regular expression
// With regex matching you can also use match groups to replace values in the destination identifier
REGEX = 2;
}

36
wfe-buildkit-protos/proto/github.com/moby/buildkit/sourcepolicy/policysession/policysession.proto Normal file
View File

@@ -0,0 +1,36 @@
syntax = "proto3";
package moby.buildkit.v1.sourcepolicy.policysession;
option go_package = "github.com/moby/buildkit/sourcepolicy/policysession";
import "github.com/moby/buildkit/frontend/gateway/pb/gateway.proto";
import "github.com/moby/buildkit/solver/pb/ops.proto";
import "github.com/moby/buildkit/sourcepolicy/pb/policy.proto";
service PolicyVerifier {
rpc CheckPolicy(CheckPolicyRequest) returns (CheckPolicyResponse);
}
message CheckPolicyRequest {
pb.Platform Platform = 1;
moby.buildkit.v1.frontend.ResolveSourceMetaResponse Source = 2;
map<string, bool> caps = 3;
}
message CheckPolicyResponse {
oneof result {
DecisionResponse decision = 1;
moby.buildkit.v1.frontend.ResolveSourceMetaRequest request = 2;
}
}
message DecisionResponse {
moby.buildkit.v1.sourcepolicy.PolicyAction action = 1;
repeated DenyMessage denyMessages = 2;
pb.SourceOp update = 3;
}
message DenyMessage {
string message = 1;
}

15
wfe-buildkit-protos/proto/github.com/moby/buildkit/util/apicaps/pb/caps.proto Normal file
View File

@@ -0,0 +1,15 @@
syntax = "proto3";
package moby.buildkit.v1.apicaps;
option go_package = "github.com/moby/buildkit/util/apicaps/pb;moby_buildkit_v1_apicaps";
// APICap defines a capability supported by the service
message APICap {
string ID = 1;
bool Enabled = 2;
bool Deprecated = 3; // Unused. May be used for warnings in the future
string DisabledReason = 4; // Reason key for detection code
string DisabledReasonMsg = 5; // Message to the user
string DisabledAlternative = 6; // Identifier that updated client could catch.
}

19
wfe-buildkit-protos/proto/github.com/moby/buildkit/util/stack/stack.proto Normal file
View File

@@ -0,0 +1,19 @@
syntax = "proto3";
package stack;
option go_package = "github.com/moby/buildkit/util/stack";
message Stack {
repeated Frame frames = 1;
repeated string cmdline = 2;
int32 pid = 3;
string version = 4;
string revision = 5;
}
message Frame {
string Name = 1;
string File = 2;
int32 Line = 3;
}