| // Code generated by protoc-gen-go. DO NOT EDIT. |
| // source: go.chromium.org/luci/swarming/proto/config/bots.proto |
| |
| package configpb |
| |
| import ( |
| fmt "fmt" |
| proto "github.com/golang/protobuf/proto" |
| math "math" |
| ) |
| |
| // Reference imports to suppress errors if they are not otherwise used. |
| var _ = proto.Marshal |
| var _ = fmt.Errorf |
| var _ = math.Inf |
| |
| // This is a compile-time assertion to ensure that this generated file |
| // is compatible with the proto package it is being compiled against. |
| // A compilation error at this line likely means your copy of the |
| // proto package needs to be updated. |
| const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package |
| |
| // Schema for bots.cfg service config file in luci-config. |
| // |
| // It defines a function bot_id => (required credentials, trusted_dimensions, |
| // config), where |
| // * "bot_id" is identifier of a bot as sent by the bot itself (usually |
| // machine hostname, short one, not FQDN) |
| // * "required credentials" describes how server should authenticate calls |
| // from the bot. |
| // * "trusted_dimensions" is a set of dimension set by the server itself. |
| // Such dimensions can't be spoofed by the bot. |
| // * "config" is any additional bot configuration. |
| // |
| // Connections from bots that do not appear in this config are rejected. |
| // |
| // The default config (used if bots.cfg is missing) represents IP-whitelist only |
| // authentication, as was used before bots.cfg was implemented: |
| // |
| // bot_group { |
| // auth { |
| // ip_whitelist: "<swarming-app-id>-bots" |
| // } |
| // } |
| type BotsCfg struct { |
| // List of dimension names that are provided by the server. |
| // |
| // If bot attempts to set such dimension, it'll be ignored. Trusted dimensions |
| // are defined through bot_group configs below. Swarming users can trust such |
| // dimensions, since they are set by the server based on validated credentials |
| // (unlike other dimensions that can be arbitrary defined by the bot itself). |
| TrustedDimensions []string `protobuf:"bytes,1,rep,name=trusted_dimensions,json=trustedDimensions,proto3" json:"trusted_dimensions,omitempty"` |
| // A list of groups of bots. Each group defines a bunch of bots that all |
| // have same dimensions and authenticate in the same way. |
| // |
| // The order of entries here is irrelevant. The server uses the following |
| // search algorithm when trying to pick a group for a bot with some bot_id: |
| // 1) First it tries to find a direct match: a group that lists the bot in |
| // bot_id field. |
| // 2) Next it tries to find a group with matching bot_id_prefix. The config |
| // validation process makes sure prefixes do not "intersect", so there |
| // will be at most one matching group. |
| // 3) Finally, if there's a group with no defined bot_id or bot_id_prefix |
| // fields (the "default" group), the bot is categorized to that group. |
| // If there's no such group, the connection from the bot is rejected. |
| // Config validation process ensures there can be only one such group. |
| BotGroup []*BotGroup `protobuf:"bytes,2,rep,name=bot_group,json=botGroup,proto3" json:"bot_group,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *BotsCfg) Reset() { *m = BotsCfg{} } |
| func (m *BotsCfg) String() string { return proto.CompactTextString(m) } |
| func (*BotsCfg) ProtoMessage() {} |
| func (*BotsCfg) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{0} |
| } |
| |
| func (m *BotsCfg) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_BotsCfg.Unmarshal(m, b) |
| } |
| func (m *BotsCfg) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_BotsCfg.Marshal(b, m, deterministic) |
| } |
| func (m *BotsCfg) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_BotsCfg.Merge(m, src) |
| } |
| func (m *BotsCfg) XXX_Size() int { |
| return xxx_messageInfo_BotsCfg.Size(m) |
| } |
| func (m *BotsCfg) XXX_DiscardUnknown() { |
| xxx_messageInfo_BotsCfg.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_BotsCfg proto.InternalMessageInfo |
| |
| func (m *BotsCfg) GetTrustedDimensions() []string { |
| if m != nil { |
| return m.TrustedDimensions |
| } |
| return nil |
| } |
| |
| func (m *BotsCfg) GetBotGroup() []*BotGroup { |
| if m != nil { |
| return m.BotGroup |
| } |
| return nil |
| } |
| |
| // A daily schedule for Machine Provider leases. |
| // |
| // Allows a MachineType to be resized during specific UTC hours. |
| type DailySchedule struct { |
| // UTC time to resize the MachineType. |
| // |
| // Formatted as "<hour>:<minute>". |
| Start string `protobuf:"bytes,1,opt,name=start,proto3" json:"start,omitempty"` |
| // UTC time to resize the MachineType. |
| // |
| // Formatted as "<hour>:<minute>". Must be strictly later than start. |
| End string `protobuf:"bytes,2,opt,name=end,proto3" json:"end,omitempty"` |
| // Days of the week to resize the MachineType. |
| // |
| // 0 - 6 (Mon - Sun). |
| DaysOfTheWeek []int32 `protobuf:"varint,3,rep,packed,name=days_of_the_week,json=daysOfTheWeek,proto3" json:"days_of_the_week,omitempty"` |
| // Target size to set this MachineType to. |
| // |
| // If omitted, defaults to zero. |
| TargetSize int32 `protobuf:"varint,4,opt,name=target_size,json=targetSize,proto3" json:"target_size,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *DailySchedule) Reset() { *m = DailySchedule{} } |
| func (m *DailySchedule) String() string { return proto.CompactTextString(m) } |
| func (*DailySchedule) ProtoMessage() {} |
| func (*DailySchedule) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{1} |
| } |
| |
| func (m *DailySchedule) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_DailySchedule.Unmarshal(m, b) |
| } |
| func (m *DailySchedule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_DailySchedule.Marshal(b, m, deterministic) |
| } |
| func (m *DailySchedule) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_DailySchedule.Merge(m, src) |
| } |
| func (m *DailySchedule) XXX_Size() int { |
| return xxx_messageInfo_DailySchedule.Size(m) |
| } |
| func (m *DailySchedule) XXX_DiscardUnknown() { |
| xxx_messageInfo_DailySchedule.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_DailySchedule proto.InternalMessageInfo |
| |
| func (m *DailySchedule) GetStart() string { |
| if m != nil { |
| return m.Start |
| } |
| return "" |
| } |
| |
| func (m *DailySchedule) GetEnd() string { |
| if m != nil { |
| return m.End |
| } |
| return "" |
| } |
| |
| func (m *DailySchedule) GetDaysOfTheWeek() []int32 { |
| if m != nil { |
| return m.DaysOfTheWeek |
| } |
| return nil |
| } |
| |
| func (m *DailySchedule) GetTargetSize() int32 { |
| if m != nil { |
| return m.TargetSize |
| } |
| return 0 |
| } |
| |
| // A load-based schedule for Machine Provider leases. |
| // |
| // Allows a MachineType to be resized according to Swarming bot utilization. |
| type LoadBased struct { |
| // Minimum size the MachineType may be resized to. |
| // |
| // If omitted, defaults to zero. |
| MinimumSize int32 `protobuf:"varint,1,opt,name=minimum_size,json=minimumSize,proto3" json:"minimum_size,omitempty"` |
| // Maximum size the MachineType may be resized to. |
| // |
| // If omitted, defaults to zero. |
| MaximumSize int32 `protobuf:"varint,2,opt,name=maximum_size,json=maximumSize,proto3" json:"maximum_size,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *LoadBased) Reset() { *m = LoadBased{} } |
| func (m *LoadBased) String() string { return proto.CompactTextString(m) } |
| func (*LoadBased) ProtoMessage() {} |
| func (*LoadBased) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{2} |
| } |
| |
| func (m *LoadBased) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_LoadBased.Unmarshal(m, b) |
| } |
| func (m *LoadBased) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_LoadBased.Marshal(b, m, deterministic) |
| } |
| func (m *LoadBased) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_LoadBased.Merge(m, src) |
| } |
| func (m *LoadBased) XXX_Size() int { |
| return xxx_messageInfo_LoadBased.Size(m) |
| } |
| func (m *LoadBased) XXX_DiscardUnknown() { |
| xxx_messageInfo_LoadBased.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_LoadBased proto.InternalMessageInfo |
| |
| func (m *LoadBased) GetMinimumSize() int32 { |
| if m != nil { |
| return m.MinimumSize |
| } |
| return 0 |
| } |
| |
| func (m *LoadBased) GetMaximumSize() int32 { |
| if m != nil { |
| return m.MaximumSize |
| } |
| return 0 |
| } |
| |
| // A schedule for Machine Provider leases. |
| type Schedule struct { |
| // Schedule to repeat every day. |
| Daily []*DailySchedule `protobuf:"bytes,1,rep,name=daily,proto3" json:"daily,omitempty"` |
| // Load-based schedule. |
| LoadBased []*LoadBased `protobuf:"bytes,2,rep,name=load_based,json=loadBased,proto3" json:"load_based,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *Schedule) Reset() { *m = Schedule{} } |
| func (m *Schedule) String() string { return proto.CompactTextString(m) } |
| func (*Schedule) ProtoMessage() {} |
| func (*Schedule) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{3} |
| } |
| |
| func (m *Schedule) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_Schedule.Unmarshal(m, b) |
| } |
| func (m *Schedule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_Schedule.Marshal(b, m, deterministic) |
| } |
| func (m *Schedule) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_Schedule.Merge(m, src) |
| } |
| func (m *Schedule) XXX_Size() int { |
| return xxx_messageInfo_Schedule.Size(m) |
| } |
| func (m *Schedule) XXX_DiscardUnknown() { |
| xxx_messageInfo_Schedule.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_Schedule proto.InternalMessageInfo |
| |
| func (m *Schedule) GetDaily() []*DailySchedule { |
| if m != nil { |
| return m.Daily |
| } |
| return nil |
| } |
| |
| func (m *Schedule) GetLoadBased() []*LoadBased { |
| if m != nil { |
| return m.LoadBased |
| } |
| return nil |
| } |
| |
| // A type of machine to lease from the Machine Provider. |
| type MachineType struct { |
| // Name for this type of machine. Must be globally unique. |
| Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` |
| // Human-readable description for this type of machine. |
| Description string `protobuf:"bytes,2,opt,name=description,proto3" json:"description,omitempty"` |
| // Number of seconds ahead of lease_duration_ts to release leases. |
| // |
| // If omitted, defaults to zero. Must not be specified for indefinite leases. |
| EarlyReleaseSecs int32 `protobuf:"varint,3,opt,name=early_release_secs,json=earlyReleaseSecs,proto3" json:"early_release_secs,omitempty"` |
| // Types that are valid to be assigned to LeaseDuration: |
| // *MachineType_LeaseDurationSecs |
| // *MachineType_LeaseIndefinitely |
| LeaseDuration isMachineType_LeaseDuration `protobuf_oneof:"lease_duration"` |
| // Machine Provider dimensions describing this machine. |
| // |
| // Each string should be in the format "<key>:<value>". |
| MpDimensions []string `protobuf:"bytes,5,rep,name=mp_dimensions,json=mpDimensions,proto3" json:"mp_dimensions,omitempty"` |
| // Target number of machines of this type to have leased at once. |
| TargetSize int32 `protobuf:"varint,6,opt,name=target_size,json=targetSize,proto3" json:"target_size,omitempty"` |
| // Schedule for machines of this type. |
| Schedule *Schedule `protobuf:"bytes,7,opt,name=schedule,proto3" json:"schedule,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *MachineType) Reset() { *m = MachineType{} } |
| func (m *MachineType) String() string { return proto.CompactTextString(m) } |
| func (*MachineType) ProtoMessage() {} |
| func (*MachineType) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{4} |
| } |
| |
| func (m *MachineType) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_MachineType.Unmarshal(m, b) |
| } |
| func (m *MachineType) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_MachineType.Marshal(b, m, deterministic) |
| } |
| func (m *MachineType) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_MachineType.Merge(m, src) |
| } |
| func (m *MachineType) XXX_Size() int { |
| return xxx_messageInfo_MachineType.Size(m) |
| } |
| func (m *MachineType) XXX_DiscardUnknown() { |
| xxx_messageInfo_MachineType.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_MachineType proto.InternalMessageInfo |
| |
| func (m *MachineType) GetName() string { |
| if m != nil { |
| return m.Name |
| } |
| return "" |
| } |
| |
| func (m *MachineType) GetDescription() string { |
| if m != nil { |
| return m.Description |
| } |
| return "" |
| } |
| |
| func (m *MachineType) GetEarlyReleaseSecs() int32 { |
| if m != nil { |
| return m.EarlyReleaseSecs |
| } |
| return 0 |
| } |
| |
| type isMachineType_LeaseDuration interface { |
| isMachineType_LeaseDuration() |
| } |
| |
| type MachineType_LeaseDurationSecs struct { |
| LeaseDurationSecs int32 `protobuf:"varint,4,opt,name=lease_duration_secs,json=leaseDurationSecs,proto3,oneof"` |
| } |
| |
| type MachineType_LeaseIndefinitely struct { |
| LeaseIndefinitely bool `protobuf:"varint,8,opt,name=lease_indefinitely,json=leaseIndefinitely,proto3,oneof"` |
| } |
| |
| func (*MachineType_LeaseDurationSecs) isMachineType_LeaseDuration() {} |
| |
| func (*MachineType_LeaseIndefinitely) isMachineType_LeaseDuration() {} |
| |
| func (m *MachineType) GetLeaseDuration() isMachineType_LeaseDuration { |
| if m != nil { |
| return m.LeaseDuration |
| } |
| return nil |
| } |
| |
| func (m *MachineType) GetLeaseDurationSecs() int32 { |
| if x, ok := m.GetLeaseDuration().(*MachineType_LeaseDurationSecs); ok { |
| return x.LeaseDurationSecs |
| } |
| return 0 |
| } |
| |
| func (m *MachineType) GetLeaseIndefinitely() bool { |
| if x, ok := m.GetLeaseDuration().(*MachineType_LeaseIndefinitely); ok { |
| return x.LeaseIndefinitely |
| } |
| return false |
| } |
| |
| func (m *MachineType) GetMpDimensions() []string { |
| if m != nil { |
| return m.MpDimensions |
| } |
| return nil |
| } |
| |
| func (m *MachineType) GetTargetSize() int32 { |
| if m != nil { |
| return m.TargetSize |
| } |
| return 0 |
| } |
| |
| func (m *MachineType) GetSchedule() *Schedule { |
| if m != nil { |
| return m.Schedule |
| } |
| return nil |
| } |
| |
| // XXX_OneofWrappers is for the internal use of the proto package. |
| func (*MachineType) XXX_OneofWrappers() []interface{} { |
| return []interface{}{ |
| (*MachineType_LeaseDurationSecs)(nil), |
| (*MachineType_LeaseIndefinitely)(nil), |
| } |
| } |
| |
| // A group of bots that share authentication method, dimensions and owners. |
| // |
| // Union of bot_id, bot_id_prefix, and machine_type define a set of bots that |
| // belong to this group. The rest of the fields define properties of this group. |
| // |
| // If bot_id, bot_id_prefix, and machine_type are all missing, the group defines |
| // all bots that didn't fit into other groups. There can be only one such |
| // "default" group. |
| // |
| // TODO(vadimsh): Introduce explicit field "use_as_default" instead. |
| type BotGroup struct { |
| // Explicit enumeration of bot IDs belonging to this group. |
| // |
| // It supports subset of bash brace expansion syntax, in particular ranges |
| // and lists. For example: |
| // * vm{1..3}-m1 will expand into vm1-m1, vm2-m1 and vm3-m1. |
| // * vm{100,150,200}-m1 will expand into vm100-m1, vm150-m1 and vm200-m1. |
| // |
| // There can be only one "{...}" section in the string. |
| BotId []string `protobuf:"bytes,1,rep,name=bot_id,json=botId,proto3" json:"bot_id,omitempty"` |
| // A prefix to match against bot ID string. |
| BotIdPrefix []string `protobuf:"bytes,2,rep,name=bot_id_prefix,json=botIdPrefix,proto3" json:"bot_id_prefix,omitempty"` |
| // A type of machine to lease from the Machine Provider. |
| MachineType []*MachineType `protobuf:"bytes,3,rep,name=machine_type,json=machineType,proto3" json:"machine_type,omitempty"` |
| // Defines authentication methods for bots from this group. |
| // |
| // Evaluated sequentially until first match. |
| Auth []*BotAuth `protobuf:"bytes,20,rep,name=auth,proto3" json:"auth,omitempty"` |
| // Emails of owners of these bots. Optional. |
| Owners []string `protobuf:"bytes,21,rep,name=owners,proto3" json:"owners,omitempty"` |
| // List of dimensions to assign to these bots. |
| // |
| // Each dimension is a "<key>:<value>" pair. |
| Dimensions []string `protobuf:"bytes,22,rep,name=dimensions,proto3" json:"dimensions,omitempty"` |
| // Path to an additional config script to inject into the swarming bot upon |
| // handshake. |
| // |
| // The path is relative to 'scripts/' directory in the service config repo. |
| BotConfigScript string `protobuf:"bytes,23,opt,name=bot_config_script,json=botConfigScript,proto3" json:"bot_config_script,omitempty"` |
| // The actual body of the config script to inject into the swarming bot upon |
| // handshake (in whatever encoding it happened to be in the config repo). |
| // |
| // For internal use (unless you fancy writing python scripts as single line |
| // escaped text proto string). If present, overrides 'bot_config_script'. |
| BotConfigScriptContent []byte `protobuf:"bytes,25,opt,name=bot_config_script_content,json=botConfigScriptContent,proto3" json:"bot_config_script_content,omitempty"` |
| // A service account to use on bots when authenticating calls to various |
| // system-level services (like Isolate and CIPD), required for correct |
| // operation of the bot. |
| // |
| // Tasks will be able to access this account too, but it is not recommended |
| // and should be used extremely rare. |
| // |
| // If set to a service account email (*@*.iam.gserviceaccount.com), bots will |
| // use this account, generating access token through Swarming server. For this |
| // to work, the server account (<app-id>@appspot.gserviceaccount.com) must |
| // have "serviceAccountActor" IAM role set on the account. |
| // |
| // If set to a special string "bot", bots will use exact same token they use |
| // when authenticating calls to Swarming server itself. This works only if |
| // bots use OAuth for authentication (see 'require_service_account' in |
| // BotAuth). This mode exists for cases when proliferation of various service |
| // accounts is undesirable. Note that in this mode Swarming processes won't be |
| // able to request a system account token with some new scopes: they get exact |
| // same token as returned by get_authentication_headers bot_config.py hook. |
| // |
| // If not set, bots will not use authentication at all. |
| SystemServiceAccount string `protobuf:"bytes,24,opt,name=system_service_account,json=systemServiceAccount,proto3" json:"system_service_account,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *BotGroup) Reset() { *m = BotGroup{} } |
| func (m *BotGroup) String() string { return proto.CompactTextString(m) } |
| func (*BotGroup) ProtoMessage() {} |
| func (*BotGroup) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{5} |
| } |
| |
| func (m *BotGroup) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_BotGroup.Unmarshal(m, b) |
| } |
| func (m *BotGroup) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_BotGroup.Marshal(b, m, deterministic) |
| } |
| func (m *BotGroup) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_BotGroup.Merge(m, src) |
| } |
| func (m *BotGroup) XXX_Size() int { |
| return xxx_messageInfo_BotGroup.Size(m) |
| } |
| func (m *BotGroup) XXX_DiscardUnknown() { |
| xxx_messageInfo_BotGroup.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_BotGroup proto.InternalMessageInfo |
| |
| func (m *BotGroup) GetBotId() []string { |
| if m != nil { |
| return m.BotId |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetBotIdPrefix() []string { |
| if m != nil { |
| return m.BotIdPrefix |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetMachineType() []*MachineType { |
| if m != nil { |
| return m.MachineType |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetAuth() []*BotAuth { |
| if m != nil { |
| return m.Auth |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetOwners() []string { |
| if m != nil { |
| return m.Owners |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetDimensions() []string { |
| if m != nil { |
| return m.Dimensions |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetBotConfigScript() string { |
| if m != nil { |
| return m.BotConfigScript |
| } |
| return "" |
| } |
| |
| func (m *BotGroup) GetBotConfigScriptContent() []byte { |
| if m != nil { |
| return m.BotConfigScriptContent |
| } |
| return nil |
| } |
| |
| func (m *BotGroup) GetSystemServiceAccount() string { |
| if m != nil { |
| return m.SystemServiceAccount |
| } |
| return "" |
| } |
| |
| // Defines what kind of authentication to perform when handling requests from |
| // bots belonging to some bot group. |
| // |
| // The following combinations are valid: |
| // * Either one of require_* alone. |
| // * IP whitelist alone. |
| // * IP + require_luci_machine_token: requires both to pass. |
| // * IP + require_service_account: requires both to pass. |
| // * IP + require_gce_vm_token: requires both to pass. |
| // |
| // Next ID: 6. |
| type BotAuth struct { |
| // If true, log an error (but proceed) if this method didn't succeed. |
| // |
| // This field is totally optional and makes sense only when there are more |
| // than one auth method. Affects only logging levels. |
| // |
| // Doesn't apply to methods that were skipped because some method before them |
| // succeeded. Thus methods that have 'log_if_failed' should be in front of |
| // BotGroup.auth list. |
| // |
| // This is useful when migrating from one auth method to another to verify |
| // the new method is used in 100% of cases, while still keeping a fallback |
| // to an old method. |
| LogIfFailed bool `protobuf:"varint,5,opt,name=log_if_failed,json=logIfFailed,proto3" json:"log_if_failed,omitempty"` |
| // If true, the bot should provide valid X-Luci-Machine-Token header. |
| // |
| // The machine FQDN embedded in the token should have hostname equal to the |
| // bot_id. |
| RequireLuciMachineToken bool `protobuf:"varint,1,opt,name=require_luci_machine_token,json=requireLuciMachineToken,proto3" json:"require_luci_machine_token,omitempty"` |
| // If set, the bot should use OAuth access token belonging to any of these |
| // service accounts. |
| // |
| // The token should have "https://www.googleapis.com/auth/userinfo.email" |
| // scope. |
| RequireServiceAccount []string `protobuf:"bytes,2,rep,name=require_service_account,json=requireServiceAccount,proto3" json:"require_service_account,omitempty"` |
| // If set, the bot should provide valid X-Luci-Gce-Vm-Token header. |
| // |
| // This header should contain JWT with signed VM metadata with the following |
| // expectations: |
| // * Audience matches https://[*-dot-]<app>.appspot.com |
| // * google.compute_engine.project_id field matches the value of 'project'. |
| // * instance_name matches bot_id reported by the bot (case insensitive). |
| RequireGceVmToken *BotAuth_GCE `protobuf:"bytes,4,opt,name=require_gce_vm_token,json=requireGceVmToken,proto3" json:"require_gce_vm_token,omitempty"` |
| // If set, defines an IP whitelist name (in auth_service database) with a set |
| // of IPs allowed to be used by the bots in this group. |
| // |
| // Works in conjunction with other checks, e.g. if require_luci_machine_token |
| // is true, both valid X-Luci-Machine-Token and a whitelisted IP are needed to |
| // successfully authenticate. |
| // |
| // Can also be used on its own (when all other fields are empty). In that case |
| // the IP whitelist is the primary authentication mechanism. Note that in this |
| // case all bots that share the IP whitelist are effectively in a single trust |
| // domain (any bot can pretend to be some other bot). |
| IpWhitelist string `protobuf:"bytes,3,opt,name=ip_whitelist,json=ipWhitelist,proto3" json:"ip_whitelist,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *BotAuth) Reset() { *m = BotAuth{} } |
| func (m *BotAuth) String() string { return proto.CompactTextString(m) } |
| func (*BotAuth) ProtoMessage() {} |
| func (*BotAuth) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{6} |
| } |
| |
| func (m *BotAuth) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_BotAuth.Unmarshal(m, b) |
| } |
| func (m *BotAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_BotAuth.Marshal(b, m, deterministic) |
| } |
| func (m *BotAuth) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_BotAuth.Merge(m, src) |
| } |
| func (m *BotAuth) XXX_Size() int { |
| return xxx_messageInfo_BotAuth.Size(m) |
| } |
| func (m *BotAuth) XXX_DiscardUnknown() { |
| xxx_messageInfo_BotAuth.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_BotAuth proto.InternalMessageInfo |
| |
| func (m *BotAuth) GetLogIfFailed() bool { |
| if m != nil { |
| return m.LogIfFailed |
| } |
| return false |
| } |
| |
| func (m *BotAuth) GetRequireLuciMachineToken() bool { |
| if m != nil { |
| return m.RequireLuciMachineToken |
| } |
| return false |
| } |
| |
| func (m *BotAuth) GetRequireServiceAccount() []string { |
| if m != nil { |
| return m.RequireServiceAccount |
| } |
| return nil |
| } |
| |
| func (m *BotAuth) GetRequireGceVmToken() *BotAuth_GCE { |
| if m != nil { |
| return m.RequireGceVmToken |
| } |
| return nil |
| } |
| |
| func (m *BotAuth) GetIpWhitelist() string { |
| if m != nil { |
| return m.IpWhitelist |
| } |
| return "" |
| } |
| |
| // See require_gce_vm_token below. |
| type BotAuth_GCE struct { |
| Project string `protobuf:"bytes,1,opt,name=project,proto3" json:"project,omitempty"` |
| XXX_NoUnkeyedLiteral struct{} `json:"-"` |
| XXX_unrecognized []byte `json:"-"` |
| XXX_sizecache int32 `json:"-"` |
| } |
| |
| func (m *BotAuth_GCE) Reset() { *m = BotAuth_GCE{} } |
| func (m *BotAuth_GCE) String() string { return proto.CompactTextString(m) } |
| func (*BotAuth_GCE) ProtoMessage() {} |
| func (*BotAuth_GCE) Descriptor() ([]byte, []int) { |
| return fileDescriptor_ecc3522ef1feaf58, []int{6, 0} |
| } |
| |
| func (m *BotAuth_GCE) XXX_Unmarshal(b []byte) error { |
| return xxx_messageInfo_BotAuth_GCE.Unmarshal(m, b) |
| } |
| func (m *BotAuth_GCE) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { |
| return xxx_messageInfo_BotAuth_GCE.Marshal(b, m, deterministic) |
| } |
| func (m *BotAuth_GCE) XXX_Merge(src proto.Message) { |
| xxx_messageInfo_BotAuth_GCE.Merge(m, src) |
| } |
| func (m *BotAuth_GCE) XXX_Size() int { |
| return xxx_messageInfo_BotAuth_GCE.Size(m) |
| } |
| func (m *BotAuth_GCE) XXX_DiscardUnknown() { |
| xxx_messageInfo_BotAuth_GCE.DiscardUnknown(m) |
| } |
| |
| var xxx_messageInfo_BotAuth_GCE proto.InternalMessageInfo |
| |
| func (m *BotAuth_GCE) GetProject() string { |
| if m != nil { |
| return m.Project |
| } |
| return "" |
| } |
| |
| func init() { |
| proto.RegisterType((*BotsCfg)(nil), "swarming.BotsCfg") |
| proto.RegisterType((*DailySchedule)(nil), "swarming.DailySchedule") |
| proto.RegisterType((*LoadBased)(nil), "swarming.LoadBased") |
| proto.RegisterType((*Schedule)(nil), "swarming.Schedule") |
| proto.RegisterType((*MachineType)(nil), "swarming.MachineType") |
| proto.RegisterType((*BotGroup)(nil), "swarming.BotGroup") |
| proto.RegisterType((*BotAuth)(nil), "swarming.BotAuth") |
| proto.RegisterType((*BotAuth_GCE)(nil), "swarming.BotAuth.GCE") |
| } |
| |
| func init() { |
| proto.RegisterFile("go.chromium.org/luci/swarming/proto/config/bots.proto", fileDescriptor_ecc3522ef1feaf58) |
| } |
| |
| var fileDescriptor_ecc3522ef1feaf58 = []byte{ |
| // 846 bytes of a gzipped FileDescriptorProto |
| 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x55, 0x5d, 0x6f, 0xdb, 0x36, |
| 0x14, 0x9d, 0xec, 0x38, 0xb1, 0xaf, 0x92, 0x2d, 0x66, 0xe3, 0x44, 0xed, 0xc3, 0xaa, 0x7a, 0x18, |
| 0x66, 0x0c, 0xab, 0x3d, 0xa4, 0xeb, 0xb0, 0xa1, 0x4f, 0xb5, 0xd3, 0x66, 0x01, 0x3a, 0x6c, 0x93, |
| 0x8b, 0x15, 0xd8, 0x0b, 0x21, 0x4b, 0x57, 0x32, 0x17, 0x49, 0xd4, 0x48, 0xaa, 0xa9, 0xf3, 0xb6, |
| 0x3f, 0xb4, 0x5f, 0xb4, 0x7f, 0xb2, 0x97, 0x81, 0xa4, 0xe4, 0x8f, 0xe4, 0xa5, 0x4f, 0x26, 0xcf, |
| 0x39, 0x57, 0x24, 0xcf, 0x3d, 0xa4, 0xe1, 0x79, 0xca, 0xc7, 0xd1, 0x52, 0xf0, 0x9c, 0x55, 0xf9, |
| 0x98, 0x8b, 0x74, 0x92, 0x55, 0x11, 0x9b, 0xc8, 0x9b, 0x50, 0xe4, 0xac, 0x48, 0x27, 0xa5, 0xe0, |
| 0x8a, 0x4f, 0x22, 0x5e, 0x24, 0x2c, 0x9d, 0x2c, 0xb8, 0x92, 0x63, 0x83, 0x90, 0x6e, 0xa3, 0x18, |
| 0x32, 0x38, 0x98, 0x72, 0x25, 0x67, 0x49, 0x4a, 0x9e, 0x02, 0x51, 0xa2, 0x92, 0x0a, 0x63, 0x1a, |
| 0xb3, 0x1c, 0x0b, 0xc9, 0x78, 0x21, 0x3d, 0xc7, 0x6f, 0x8f, 0x7a, 0x41, 0xbf, 0x66, 0x2e, 0xd6, |
| 0x04, 0x99, 0x40, 0x6f, 0xc1, 0x15, 0x4d, 0x05, 0xaf, 0x4a, 0xaf, 0xe5, 0xb7, 0x47, 0xee, 0x39, |
| 0x19, 0x37, 0xdf, 0x1d, 0x4f, 0xb9, 0xba, 0xd4, 0x4c, 0xd0, 0x5d, 0xd4, 0xa3, 0xe1, 0xdf, 0x0e, |
| 0x1c, 0x5d, 0x84, 0x2c, 0x5b, 0xcd, 0xa3, 0x25, 0xc6, 0x55, 0x86, 0xe4, 0x04, 0x3a, 0x52, 0x85, |
| 0x42, 0x79, 0x8e, 0xef, 0x8c, 0x7a, 0x81, 0x9d, 0x90, 0x63, 0x68, 0x63, 0x11, 0x7b, 0x2d, 0x83, |
| 0xe9, 0x21, 0xf9, 0x0a, 0x8e, 0xe3, 0x70, 0x25, 0x29, 0x4f, 0xa8, 0x5a, 0x22, 0xbd, 0x41, 0xbc, |
| 0xf6, 0xda, 0x7e, 0x7b, 0xd4, 0x09, 0x8e, 0x34, 0xfe, 0x4b, 0xf2, 0x76, 0x89, 0xef, 0x10, 0xaf, |
| 0xc9, 0x63, 0x70, 0x55, 0x28, 0x52, 0x54, 0x54, 0xb2, 0x5b, 0xf4, 0xf6, 0x7c, 0x67, 0xd4, 0x09, |
| 0xc0, 0x42, 0x73, 0x76, 0x8b, 0xc3, 0xdf, 0xa0, 0xf7, 0x86, 0x87, 0xf1, 0x34, 0x94, 0x18, 0x93, |
| 0x27, 0x70, 0x98, 0xb3, 0x82, 0xe5, 0x55, 0x6e, 0xe5, 0x8e, 0x91, 0xbb, 0x35, 0xa6, 0xf5, 0x46, |
| 0x12, 0x7e, 0xd8, 0x48, 0x5a, 0xb5, 0xc4, 0x62, 0xe6, 0x93, 0x39, 0x74, 0xd7, 0x07, 0x7a, 0x0a, |
| 0x9d, 0x58, 0x9f, 0xd0, 0xb8, 0xe6, 0x9e, 0x9f, 0x6d, 0xfc, 0xd8, 0x39, 0x78, 0x60, 0x55, 0xe4, |
| 0x1c, 0x20, 0xe3, 0x61, 0x4c, 0x17, 0x7a, 0x3b, 0xb5, 0x87, 0x0f, 0x36, 0x35, 0xeb, 0x9d, 0x06, |
| 0xbd, 0xac, 0x19, 0x0e, 0xff, 0x6d, 0x81, 0xfb, 0x73, 0x18, 0x2d, 0x59, 0x81, 0x6f, 0x57, 0x25, |
| 0x12, 0x02, 0x7b, 0x45, 0x98, 0x63, 0x6d, 0xa1, 0x19, 0x13, 0x1f, 0xdc, 0x18, 0x65, 0x24, 0x58, |
| 0xa9, 0x18, 0x2f, 0x6a, 0x27, 0xb7, 0x21, 0xf2, 0x0d, 0x10, 0x0c, 0x45, 0xb6, 0xa2, 0x02, 0x33, |
| 0x0c, 0x25, 0x52, 0x89, 0x91, 0xf4, 0xda, 0xe6, 0x74, 0xc7, 0x86, 0x09, 0x2c, 0x31, 0xc7, 0x48, |
| 0x92, 0x6f, 0xe1, 0x81, 0x55, 0xc5, 0x95, 0x08, 0x75, 0xbd, 0x95, 0x1b, 0x7b, 0x7f, 0xfa, 0x24, |
| 0xe8, 0x1b, 0xf2, 0xa2, 0xe6, 0x4c, 0xc5, 0x04, 0x88, 0xad, 0x60, 0x45, 0x8c, 0x09, 0x2b, 0x98, |
| 0xc2, 0x6c, 0xe5, 0x75, 0x7d, 0x67, 0xd4, 0x5d, 0x17, 0x5c, 0x6d, 0x51, 0xe4, 0x0b, 0x38, 0xca, |
| 0xcb, 0xed, 0xdc, 0x75, 0x4c, 0xee, 0x0e, 0xf3, 0x72, 0x2b, 0x72, 0x77, 0xda, 0xbb, 0x7f, 0xb7, |
| 0xbd, 0x64, 0x0c, 0x5d, 0x59, 0x7b, 0xec, 0x1d, 0xf8, 0xce, 0x6e, 0x24, 0xd7, 0xee, 0xaf, 0x35, |
| 0xd3, 0x63, 0xf8, 0x74, 0xf7, 0x60, 0xc3, 0xff, 0x5a, 0xd0, 0x6d, 0xb2, 0x4b, 0x06, 0xb0, 0xaf, |
| 0x23, 0xce, 0xe2, 0xfa, 0x16, 0x74, 0x16, 0x5c, 0x5d, 0xc5, 0x64, 0x08, 0x47, 0x16, 0xa6, 0xa5, |
| 0xc0, 0x84, 0x7d, 0x30, 0x9d, 0xeb, 0x05, 0xae, 0x61, 0x7f, 0x35, 0x10, 0xf9, 0x41, 0x07, 0xc7, |
| 0x74, 0x89, 0xaa, 0x55, 0x89, 0x26, 0xae, 0xee, 0xf9, 0x60, 0xb3, 0x9b, 0xad, 0x1e, 0xea, 0x3c, |
| 0x6d, 0x1a, 0xfa, 0x25, 0xec, 0x85, 0x95, 0x5a, 0x7a, 0x27, 0xa6, 0xa2, 0xbf, 0x73, 0xa5, 0x5e, |
| 0x56, 0x6a, 0x19, 0x18, 0x9a, 0x9c, 0xc2, 0x3e, 0xbf, 0x29, 0x50, 0x48, 0x6f, 0x60, 0x56, 0xaf, |
| 0x67, 0xe4, 0x73, 0x80, 0x2d, 0x17, 0x4f, 0x0d, 0xb7, 0x85, 0x90, 0xaf, 0xa1, 0xaf, 0x37, 0x6f, |
| 0xdf, 0x04, 0x6a, 0x13, 0xe1, 0x9d, 0x99, 0x84, 0x7c, 0xb6, 0xe0, 0x6a, 0x66, 0xf0, 0xb9, 0x81, |
| 0xc9, 0x8f, 0xf0, 0xf0, 0x9e, 0x56, 0xcf, 0x14, 0x16, 0xca, 0x7b, 0xe8, 0x3b, 0xa3, 0xc3, 0xe0, |
| 0xf4, 0x4e, 0xcd, 0xcc, 0xb2, 0xe4, 0x3b, 0x38, 0x95, 0x2b, 0xa9, 0x30, 0xa7, 0x12, 0xc5, 0x7b, |
| 0x16, 0x21, 0x0d, 0xa3, 0x88, 0x57, 0x85, 0xf2, 0x3c, 0xb3, 0xd6, 0x89, 0x65, 0xe7, 0x96, 0x7c, |
| 0x69, 0xb9, 0xe1, 0x3f, 0x2d, 0xf3, 0x1c, 0xe9, 0x63, 0x6a, 0x97, 0x33, 0x9e, 0x52, 0x96, 0xd0, |
| 0x24, 0x64, 0x19, 0xc6, 0x5e, 0x47, 0xa7, 0x27, 0x70, 0x33, 0x9e, 0x5e, 0x25, 0xaf, 0x0d, 0x44, |
| 0x5e, 0xc0, 0x23, 0x81, 0x7f, 0x55, 0x4c, 0x20, 0xd5, 0x0f, 0x1f, 0x5d, 0x5b, 0xce, 0xaf, 0xb1, |
| 0x30, 0x57, 0xa2, 0x1b, 0x9c, 0xd5, 0x8a, 0x37, 0x55, 0xc4, 0x1a, 0xd3, 0x35, 0x4d, 0xbe, 0x87, |
| 0x86, 0xba, 0xb7, 0x47, 0xdb, 0xd0, 0x41, 0x4d, 0xef, 0x6e, 0x92, 0xbc, 0x86, 0x93, 0xa6, 0x2e, |
| 0x8d, 0x90, 0xbe, 0xcf, 0xeb, 0xe5, 0xf6, 0x4c, 0xe0, 0x06, 0xf7, 0x1a, 0x36, 0xbe, 0x9c, 0xbd, |
| 0x0a, 0xfa, 0x75, 0xc9, 0x65, 0x84, 0xbf, 0xe7, 0x76, 0xfd, 0x27, 0x70, 0xc8, 0x4a, 0x7a, 0xb3, |
| 0xd4, 0x17, 0x80, 0x49, 0x65, 0x6e, 0x5f, 0x2f, 0x70, 0x59, 0xf9, 0xae, 0x81, 0x1e, 0x3d, 0x86, |
| 0xf6, 0xe5, 0xec, 0x15, 0xf1, 0xe0, 0xa0, 0x14, 0xfc, 0x4f, 0x8c, 0x9a, 0x97, 0xb2, 0x99, 0x4e, |
| 0x9f, 0xff, 0xf1, 0xec, 0xe3, 0xff, 0x01, 0x5e, 0xd8, 0x9f, 0x72, 0xb1, 0xd8, 0x37, 0xf0, 0xb3, |
| 0xff, 0x03, 0x00, 0x00, 0xff, 0xff, 0x28, 0x28, 0x3c, 0x11, 0x3f, 0x06, 0x00, 0x00, |
| } |