gravitational · codingllama · Aug 30, 2022 · Aug 26, 2022 · Aug 26, 2022 · Aug 26, 2022
diff --git a/Makefile b/Makefile
@@ -916,10 +916,7 @@ grpc-teleterm:
 # Unlike grpc-teleterm, this target runs locally.
 .PHONY: grpc-teleterm/host
 grpc-teleterm/host:
-	$(CLANG_FORMAT) -i -style=$(CLANG_FORMAT_STYLE) \
-		lib/teleterm/api/proto/**/*.proto
-
-	cd lib/teleterm && buf generate
+	cd lib/teleterm && buf build && buf lint && buf format -w && buf generate
 
 .PHONY: goinstall
 goinstall:

diff --git a/build.assets/Dockerfile-teleterm b/build.assets/Dockerfile-teleterm
@@ -5,16 +5,6 @@ FROM quay.io/gravitational/teleport-buildbox:$BUILDBOX_VERSION as base
 
 ARG BUILDARCH
 
-# TODO(codingllama): Have teleterm use Buf from the base image.
-# Install buf
-RUN BIN="/usr/local/bin" && \
-    VERSION="1.0.0-rc1" && \
-    BINARY_NAME="buf" && \
-    curl -sSL \
-     "https://github.com/bufbuild/buf/releases/download/v${VERSION}/${BINARY_NAME}-$(uname -s)-$(uname -m)" \
-    -o "${BIN}/${BINARY_NAME}" && \
-    chmod +x "${BIN}/${BINARY_NAME}"
-
 # Install node
 ARG NODE_VERSION
 ENV NODE_URL="https://nodejs.org/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-linux-${BUILDARCH}.tar.xz"

diff --git a/lib/teleterm/api/proto/buf.yaml b/lib/teleterm/api/proto/buf.yaml
@@ -4,6 +4,10 @@ lint:
     - DEFAULT
   except:
     - RPC_RESPONSE_STANDARD_NAME
+    - RPC_REQUEST_RESPONSE_UNIQUE
+    # TODO(ravicious): Fix protos and re-enable linters below.
+    - PACKAGE_DIRECTORY_MATCH
+    - RPC_REQUEST_STANDARD_NAME
 breaking:
   use:
     - FILE
diff --git a/lib/teleterm/api/proto/v1/app.proto b/lib/teleterm/api/proto/v1/app.proto
@@ -16,35 +16,35 @@ syntax = "proto3";
 
 package teleport.terminal.v1;
 
-option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
-
 import "v1/label.proto";
 
+option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
+
 // App describes connected Application
 message App {
-    // uri is the app resource URI
-    string uri = 1;
-    // name is the app name
-    string name = 2;
-    // description is the app description.
-    string description = 3;
-    // uri is the internal address the application is available at.
-    string app_uri = 4;
-    // public_addr is the public address the application is accessible at.
-    string public_addr = 5;
-    // fqdn is a fully qualified domain name of the application (app.example.com)
-    string fqdn = 6;
-    // labels is a map of static labels associated with an application.
-    repeated Label labels = 7;
-    // aws_console if true, indicates that the app represents AWS management console.
-    bool aws_console = 8;
-    // aws_roles is a list of AWS IAM roles for the application representing AWS console.
-    repeated AWSRole aws_roles = 9;
+  // uri is the app resource URI
+  string uri = 1;
+  // name is the app name
+  string name = 2;
+  // description is the app description.
+  string description = 3;
+  // uri is the internal address the application is available at.
+  string app_uri = 4;
+  // public_addr is the public address the application is accessible at.
+  string public_addr = 5;
+  // fqdn is a fully qualified domain name of the application (app.example.com)
+  string fqdn = 6;
+  // labels is a map of static labels associated with an application.
+  repeated Label labels = 7;
+  // aws_console if true, indicates that the app represents AWS management console.
+  bool aws_console = 8;
+  // aws_roles is a list of AWS IAM roles for the application representing AWS console.
+  repeated AWSRole aws_roles = 9;
 
-    message AWSRole {
-        // display is the role display name.
-        string display = 1;
-        // arn is the full role ARN.
-        string arn = 2;
-    }
+  message AWSRole {
+    // display is the role display name.
+    string display = 1;
+    // arn is the full role ARN.
+    string arn = 2;
+  }
 }
diff --git a/lib/teleterm/api/proto/v1/auth_settings.proto b/lib/teleterm/api/proto/v1/auth_settings.proto
@@ -20,33 +20,33 @@ option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
 
 // AuthSettings contains the form of authentication the auth server supports.
 message AuthSettings {
-    // local_auth_enabled is a flag that enables local authentication
-    bool local_auth_enabled = 1;
-    // second_factor is the type of second factor to use in authentication.
-    string second_factor = 2;
-    // preferred_mfa is the prefered mfa for local logins
-    string preferred_mfa = 3;
-    // auth_providers contains a list of auth providers
-    repeated AuthProvider auth_providers = 4;
-    // has_message_of_the_day is a flag indicating that the cluster has MOTD
-    // banner text that must be retrieved, displayed and acknowledged by
-    // the user.
-    bool has_message_of_the_day = 5;
-    // auth_type is the authentication type e.g. "local", "github", "saml", "oidc"
-    string auth_type = 6;
-    // allow_passwordless is true if passwordless logins are allowed.
-    bool allow_passwordless = 7;
-    // local_connector_name is the name of the local connector.
-    string local_connector_name = 8;
+  // local_auth_enabled is a flag that enables local authentication
+  bool local_auth_enabled = 1;
+  // second_factor is the type of second factor to use in authentication.
+  string second_factor = 2;
+  // preferred_mfa is the prefered mfa for local logins
+  string preferred_mfa = 3;
+  // auth_providers contains a list of auth providers
+  repeated AuthProvider auth_providers = 4;
+  // has_message_of_the_day is a flag indicating that the cluster has MOTD
+  // banner text that must be retrieved, displayed and acknowledged by
+  // the user.
+  bool has_message_of_the_day = 5;
+  // auth_type is the authentication type e.g. "local", "github", "saml", "oidc"
+  string auth_type = 6;
+  // allow_passwordless is true if passwordless logins are allowed.
+  bool allow_passwordless = 7;
+  // local_connector_name is the name of the local connector.
+  string local_connector_name = 8;
 }
 
 // AuthProvider describes a way of authentication that is supported by the server. Auth provider is
 // referred to as "auth connector" on the backend.
 message AuthProvider {
-    // Type is the auth provider type (github|oidc|etc)
-    string type = 1;
-    // Name is the internal name of the connector.
-    string name = 2;
-    // Display is the display name for the connector.
-    string display_name = 3;
+  // Type is the auth provider type (github|oidc|etc)
+  string type = 1;
+  // Name is the internal name of the connector.
+  string name = 2;
+  // Display is the display name for the connector.
+  string display_name = 3;
 }
diff --git a/lib/teleterm/api/proto/v1/cluster.proto b/lib/teleterm/api/proto/v1/cluster.proto
@@ -20,71 +20,71 @@ option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
 
 // Cluster describes cluster fields
 message Cluster {
-    // uri is the cluster resource URI
-    string uri = 1;
-    // name is used throughout the Teleport Connect codebase as the cluster name.
-    string name = 2;
-    // proxy address (only for root clusters)
-    string proxy_host = 3;
-    // connected indicates if connection to the cluster can be established, that is if we have a
-    // cert for the cluster that hasn't expired
-    bool connected = 4;
-    // leaf indicates if this is a leaf cluster
-    bool leaf = 5;
-    // User is the cluster access control list of the logged-in user
-    LoggedInUser logged_in_user = 7;
+  // uri is the cluster resource URI
+  string uri = 1;
+  // name is used throughout the Teleport Connect codebase as the cluster name.
+  string name = 2;
+  // proxy address (only for root clusters)
+  string proxy_host = 3;
+  // connected indicates if connection to the cluster can be established, that is if we have a
+  // cert for the cluster that hasn't expired
+  bool connected = 4;
+  // leaf indicates if this is a leaf cluster
+  bool leaf = 5;
+  // User is the cluster access control list of the logged-in user
+  LoggedInUser logged_in_user = 7;
 }
 
 // LoggedInUser describes a logged-in user
 message LoggedInUser {
-    // name is the user name
-    string name = 1;
-    // roles is the user roles
-    repeated string roles = 2;
-    // ssh_logins is the user ssh logins
-    repeated string ssh_logins = 3;
-    // acl is the user acl
-    ACL acl = 4;
+  // name is the user name
+  string name = 1;
+  // roles is the user roles
+  repeated string roles = 2;
+  // ssh_logins is the user ssh logins
+  repeated string ssh_logins = 3;
+  // acl is the user acl
+  ACL acl = 4;
 }
 
 // ACL is the access control list of the user
 message ACL {
-    // sessions defines access to recorded sessions
-    ResourceAccess sessions = 1;
-    // auth_connectors defines access to auth.connectors
-    ResourceAccess auth_connectors = 2;
-    // Roles defines access to roles
-    ResourceAccess roles = 3;
-    // Users defines access to users.
-    ResourceAccess users = 4;
-    // trusted_clusters defines access to trusted clusters
-    ResourceAccess trusted_clusters = 5;
-    // Events defines access to audit logs
-    ResourceAccess events = 6;
-    // Tokens defines access to tokens.
-    ResourceAccess tokens = 7;
-    // Servers defines access to servers.
-    ResourceAccess servers = 8;
-    // apps defines access to application servers
-    ResourceAccess apps = 9;
-    // dbs defines access to database servers.
-    ResourceAccess dbs = 10;
-    // kubeservers defines access to kubernetes servers.
-    ResourceAccess kubeservers = 11;
-    // access_requests defines access to access requests
-    ResourceAccess access_requests = 12;
+  // sessions defines access to recorded sessions
+  ResourceAccess sessions = 1;
+  // auth_connectors defines access to auth.connectors
+  ResourceAccess auth_connectors = 2;
+  // Roles defines access to roles
+  ResourceAccess roles = 3;
+  // Users defines access to users.
+  ResourceAccess users = 4;
+  // trusted_clusters defines access to trusted clusters
+  ResourceAccess trusted_clusters = 5;
+  // Events defines access to audit logs
+  ResourceAccess events = 6;
+  // Tokens defines access to tokens.
+  ResourceAccess tokens = 7;
+  // Servers defines access to servers.
+  ResourceAccess servers = 8;
+  // apps defines access to application servers
+  ResourceAccess apps = 9;
+  // dbs defines access to database servers.
+  ResourceAccess dbs = 10;
+  // kubeservers defines access to kubernetes servers.
+  ResourceAccess kubeservers = 11;
+  // access_requests defines access to access requests
+  ResourceAccess access_requests = 12;
 }
 
 // ResourceAccess describes access verbs
 message ResourceAccess {
-    // list determines "list" access
-    bool list = 1;
-    // read determines "read" access
-    bool read = 2;
-    // edit determines "edit" access
-    bool edit = 3;
-    // create determines "create" access
-    bool create = 4;
-    // delete determines "delete" access
-    bool delete = 5;
+  // list determines "list" access
+  bool list = 1;
+  // read determines "read" access
+  bool read = 2;
+  // edit determines "edit" access
+  bool edit = 3;
+  // create determines "create" access
+  bool create = 4;
+  // delete determines "delete" access
+  bool delete = 5;
 }
diff --git a/lib/teleterm/api/proto/v1/database.proto b/lib/teleterm/api/proto/v1/database.proto
@@ -16,26 +16,26 @@ syntax = "proto3";
 
 package teleport.terminal.v1;
 
-option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
-
 import "v1/label.proto";
 
+option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
+
 // Database describes a database
 message Database {
-    // uri is the cluster resource URI
-    string uri = 1;
-    // name is the name of the database
-    string name = 2;
-    // desc is the database description
-    string desc = 3;
-    // protocol is the protocol used by the database
-    string protocol = 4;
-    // type is the database type, self-hosted or cloud-hosted.
-    string type = 5;
-    // hostname is this database hostname
-    string hostname = 6;
-    // addr is this database ip address
-    string addr = 7;
-    // labels is a list of labels for this database
-    repeated Label labels = 8;
+  // uri is the cluster resource URI
+  string uri = 1;
+  // name is the name of the database
+  string name = 2;
+  // desc is the database description
+  string desc = 3;
+  // protocol is the protocol used by the database
+  string protocol = 4;
+  // type is the database type, self-hosted or cloud-hosted.
+  string type = 5;
+  // hostname is this database hostname
+  string hostname = 6;
+  // addr is this database ip address
+  string addr = 7;
+  // labels is a list of labels for this database
+  repeated Label labels = 8;
 }
diff --git a/lib/teleterm/api/proto/v1/gateway.proto b/lib/teleterm/api/proto/v1/gateway.proto
@@ -27,28 +27,28 @@ option go_package = "github.com/gravitational/teleport/lib/teleterm/v1";
 //
 // See RFD 39 for more info on ALPN.
 message Gateway {
-    // uri is the gateway uri
-    string uri = 1;
-    // target_name is the target resource name
-    string target_name = 2;
-    // target_uri is the target uri
-    string target_uri = 3;
-    // target_user is the target user
-    string target_user = 4;
-    // local_address is the gateway address on localhost
-    string local_address = 5;
-    // local_port is the gateway address on localhost
-    string local_port = 6;
-    // protocol is the gateway protocol
-    string protocol = 7;
-    // cli_command is a command that the user can execute to connect to the resource within a CLI,
-    // if the given resource has a CLI client.
-    //
-    // Instead of generating those commands in in the frontend code, the tsh daemon returns them.
-    // This means that the Database Access team can add support for a new protocol and Teleterm will
-    // support it right away without any changes to Teleterm's code.
-    string cli_command = 8;
-    // target_subresource_name points at a subresource of the remote resource, for example a
-    // database name on a database server.
-    string target_subresource_name = 9;
+  // uri is the gateway uri
+  string uri = 1;
+  // target_name is the target resource name
+  string target_name = 2;
+  // target_uri is the target uri
+  string target_uri = 3;
+  // target_user is the target user
+  string target_user = 4;
+  // local_address is the gateway address on localhost
+  string local_address = 5;
+  // local_port is the gateway address on localhost
+  string local_port = 6;
+  // protocol is the gateway protocol
+  string protocol = 7;
+  // cli_command is a command that the user can execute to connect to the resource within a CLI,
+  // if the given resource has a CLI client.
+  //
+  // Instead of generating those commands in in the frontend code, the tsh daemon returns them.
+  // This means that the Database Access team can add support for a new protocol and Teleterm will
+  // support it right away without any changes to Teleterm's code.
+  string cli_command = 8;
+  // target_subresource_name points at a subresource of the remote resource, for example a
+  // database name on a database server.
+  string target_subresource_name = 9;
 }