diff --git a/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision.pb.go b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision.pb.go new file mode 100644 index 0000000000000..7e5b62a98227c --- /dev/null +++ b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision.pb.go @@ -0,0 +1,1380 @@ +// Copyright 2024 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.2 +// protoc (unknown) +// source: teleport/kubeprovision/v1/kubeprovision.proto + +package kubeprovisionv1 + +import ( + v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// KubeProvision represents a Kubernetes resources that can be provisioned on the Kubernetes clusters. +// This includes roles/role bindings and cluster roles/cluster role bindings. +// For rationale behind this type, see the RFD 174. +type KubeProvision struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Kind of resource represented. + Kind string `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"` + // SubKind is not populated for this resource type. + SubKind string `protobuf:"bytes,2,opt,name=sub_kind,json=subKind,proto3" json:"sub_kind,omitempty"` + // Version of the resource being represented. + Version string `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"` + // Metadata is common metadata that all resources share. + Metadata *v1.Metadata `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"` + // Spec determines the specific properties of kube provision. + Spec *KubeProvisionSpec `protobuf:"bytes,5,opt,name=spec,proto3" json:"spec,omitempty"` +} + +func (x *KubeProvision) Reset() { + *x = KubeProvision{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *KubeProvision) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*KubeProvision) ProtoMessage() {} + +func (x *KubeProvision) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use KubeProvision.ProtoReflect.Descriptor instead. +func (*KubeProvision) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{0} +} + +func (x *KubeProvision) GetKind() string { + if x != nil { + return x.Kind + } + return "" +} + +func (x *KubeProvision) GetSubKind() string { + if x != nil { + return x.SubKind + } + return "" +} + +func (x *KubeProvision) GetVersion() string { + if x != nil { + return x.Version + } + return "" +} + +func (x *KubeProvision) GetMetadata() *v1.Metadata { + if x != nil { + return x.Metadata + } + return nil +} + +func (x *KubeProvision) GetSpec() *KubeProvisionSpec { + if x != nil { + return x.Spec + } + return nil +} + +// KubeProvisionSpec is the spec for the kube provision message. +type KubeProvisionSpec struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // ClusterRoles is a list of Kubernetes ClusterRoles resources to provision. + ClusterRoles []*ClusterRole `protobuf:"bytes,1,rep,name=cluster_roles,json=clusterRoles,proto3" json:"cluster_roles,omitempty"` + // ClusterRolesBinding is a list of Kubernetes ClusterRoleBinding resources to provision. + ClusterRoleBindings []*ClusterRoleBinding `protobuf:"bytes,2,rep,name=cluster_role_bindings,json=clusterRoleBindings,proto3" json:"cluster_role_bindings,omitempty"` + // Roles is a list of Kubernetes Role resources to provision. + Roles []*Role `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` + // RoleBindings is a list of Kubernetes RoleBinding resources to provision. + RoleBindings []*RoleBinding `protobuf:"bytes,4,rep,name=role_bindings,json=roleBindings,proto3" json:"role_bindings,omitempty"` +} + +func (x *KubeProvisionSpec) Reset() { + *x = KubeProvisionSpec{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *KubeProvisionSpec) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*KubeProvisionSpec) ProtoMessage() {} + +func (x *KubeProvisionSpec) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use KubeProvisionSpec.ProtoReflect.Descriptor instead. +func (*KubeProvisionSpec) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{1} +} + +func (x *KubeProvisionSpec) GetClusterRoles() []*ClusterRole { + if x != nil { + return x.ClusterRoles + } + return nil +} + +func (x *KubeProvisionSpec) GetClusterRoleBindings() []*ClusterRoleBinding { + if x != nil { + return x.ClusterRoleBindings + } + return nil +} + +func (x *KubeProvisionSpec) GetRoles() []*Role { + if x != nil { + return x.Roles + } + return nil +} + +func (x *KubeProvisionSpec) GetRoleBindings() []*RoleBinding { + if x != nil { + return x.RoleBindings + } + return nil +} + +// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. +type ClusterRole struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Metadata is standard object's metadata. + Metadata *KubeObjectMeta `protobuf:"bytes,1,opt,name=metadata,proto3" json:"metadata,omitempty"` + // Rules holds all the PolicyRules for this ClusterRole + Rules []*PolicyRule `protobuf:"bytes,2,rep,name=rules,proto3" json:"rules,omitempty"` + // AggregationRule describes how to build the Rules for this ClusterRole. + // If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be + // stomped by the controller. + AggregationRule *AggregationRule `protobuf:"bytes,3,opt,name=aggregation_rule,json=aggregationRule,proto3" json:"aggregation_rule,omitempty"` +} + +func (x *ClusterRole) Reset() { + *x = ClusterRole{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ClusterRole) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ClusterRole) ProtoMessage() {} + +func (x *ClusterRole) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ClusterRole.ProtoReflect.Descriptor instead. +func (*ClusterRole) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{2} +} + +func (x *ClusterRole) GetMetadata() *KubeObjectMeta { + if x != nil { + return x.Metadata + } + return nil +} + +func (x *ClusterRole) GetRules() []*PolicyRule { + if x != nil { + return x.Rules + } + return nil +} + +func (x *ClusterRole) GetAggregationRule() *AggregationRule { + if x != nil { + return x.AggregationRule + } + return nil +} + +// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, +// and adds who information via Subject. +type ClusterRoleBinding struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Metadata is standard object's metadata. + Metadata *KubeObjectMeta `protobuf:"bytes,1,opt,name=metadata,proto3" json:"metadata,omitempty"` + // Subjects holds references to the objects the role applies to. + Subjects []*Subject `protobuf:"bytes,2,rep,name=subjects,proto3" json:"subjects,omitempty"` + // RoleRef references a ClusterRole in the global namespace. + RoleRef *RoleRef `protobuf:"bytes,3,opt,name=role_ref,json=roleRef,proto3" json:"role_ref,omitempty"` +} + +func (x *ClusterRoleBinding) Reset() { + *x = ClusterRoleBinding{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ClusterRoleBinding) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ClusterRoleBinding) ProtoMessage() {} + +func (x *ClusterRoleBinding) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ClusterRoleBinding.ProtoReflect.Descriptor instead. +func (*ClusterRoleBinding) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{3} +} + +func (x *ClusterRoleBinding) GetMetadata() *KubeObjectMeta { + if x != nil { + return x.Metadata + } + return nil +} + +func (x *ClusterRoleBinding) GetSubjects() []*Subject { + if x != nil { + return x.Subjects + } + return nil +} + +func (x *ClusterRoleBinding) GetRoleRef() *RoleRef { + if x != nil { + return x.RoleRef + } + return nil +} + +// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. +type Role struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Metadata is standard object's metadata. + Metadata *KubeObjectMeta `protobuf:"bytes,1,opt,name=metadata,proto3" json:"metadata,omitempty"` + // Rules holds all the PolicyRules for this Role + Rules []*PolicyRule `protobuf:"bytes,2,rep,name=rules,proto3" json:"rules,omitempty"` +} + +func (x *Role) Reset() { + *x = Role{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Role) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Role) ProtoMessage() {} + +func (x *Role) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Role.ProtoReflect.Descriptor instead. +func (*Role) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{4} +} + +func (x *Role) GetMetadata() *KubeObjectMeta { + if x != nil { + return x.Metadata + } + return nil +} + +func (x *Role) GetRules() []*PolicyRule { + if x != nil { + return x.Rules + } + return nil +} + +// RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. +// It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given +// namespace only have effect in that namespace. +type RoleBinding struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Metadata is standard object's metadata. + Metadata *KubeObjectMeta `protobuf:"bytes,1,opt,name=metadata,proto3" json:"metadata,omitempty"` + // Subjects holds references to the objects the role applies to. + Subjects []*Subject `protobuf:"bytes,2,rep,name=subjects,proto3" json:"subjects,omitempty"` + // RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. + RoleRef *RoleRef `protobuf:"bytes,3,opt,name=role_ref,json=roleRef,proto3" json:"role_ref,omitempty"` +} + +func (x *RoleBinding) Reset() { + *x = RoleBinding{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RoleBinding) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RoleBinding) ProtoMessage() {} + +func (x *RoleBinding) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RoleBinding.ProtoReflect.Descriptor instead. +func (*RoleBinding) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{5} +} + +func (x *RoleBinding) GetMetadata() *KubeObjectMeta { + if x != nil { + return x.Metadata + } + return nil +} + +func (x *RoleBinding) GetSubjects() []*Subject { + if x != nil { + return x.Subjects + } + return nil +} + +func (x *RoleBinding) GetRoleRef() *RoleRef { + if x != nil { + return x.RoleRef + } + return nil +} + +// KubeObjectMeta is metadata for Kubernetes RBAC resources. +type KubeObjectMeta struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Name is a unique resource name within a namespace. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Labels are a map of string keys and values that can be used to organize and categorize + // (scope and select) objects. + Labels map[string]string `protobuf:"bytes,2,rep,name=labels,proto3" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // Namespace defines the space within which each name must be unique. + Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace,omitempty"` + // Annotations is an unstructured key value map stored with a resource that may be + // set by external tools to store and retrieve arbitrary metadata. + Annotations map[string]string `protobuf:"bytes,4,rep,name=annotations,proto3" json:"annotations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` +} + +func (x *KubeObjectMeta) Reset() { + *x = KubeObjectMeta{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *KubeObjectMeta) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*KubeObjectMeta) ProtoMessage() {} + +func (x *KubeObjectMeta) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use KubeObjectMeta.ProtoReflect.Descriptor instead. +func (*KubeObjectMeta) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{6} +} + +func (x *KubeObjectMeta) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *KubeObjectMeta) GetLabels() map[string]string { + if x != nil { + return x.Labels + } + return nil +} + +func (x *KubeObjectMeta) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +func (x *KubeObjectMeta) GetAnnotations() map[string]string { + if x != nil { + return x.Annotations + } + return nil +} + +// LabelSelector is labels selector. +type LabelSelector struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + // map is equivalent to an element of matchExpressions, whose key field is "key", the + // operator is "In", and the values array contains only "value". The requirements are ANDed. + MatchLabels map[string]string `protobuf:"bytes,1,rep,name=match_labels,json=matchLabels,proto3" json:"match_labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // MatchExpressions is a list of label selector requirements. The requirements are ANDed. + MatchExpressions []*LabelSelectorRequirement `protobuf:"bytes,2,rep,name=match_expressions,json=matchExpressions,proto3" json:"match_expressions,omitempty"` +} + +func (x *LabelSelector) Reset() { + *x = LabelSelector{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LabelSelector) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LabelSelector) ProtoMessage() {} + +func (x *LabelSelector) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LabelSelector.ProtoReflect.Descriptor instead. +func (*LabelSelector) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{7} +} + +func (x *LabelSelector) GetMatchLabels() map[string]string { + if x != nil { + return x.MatchLabels + } + return nil +} + +func (x *LabelSelector) GetMatchExpressions() []*LabelSelectorRequirement { + if x != nil { + return x.MatchExpressions + } + return nil +} + +// A label selector requirement is a selector that contains values, a key, and an operator that +// relates the key and values. +type LabelSelectorRequirement struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // key is the label key that the selector applies to. + Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` + // operator represents a key's relationship to a set of values. + // Valid operators are In, NotIn, Exists and DoesNotExist. + Operator string `protobuf:"bytes,2,opt,name=operator,proto3" json:"operator,omitempty"` + // values is an array of string values. If the operator is In or NotIn, + // the values array must be non-empty. If the operator is Exists or DoesNotExist, + // the values array must be empty. + Values []string `protobuf:"bytes,3,rep,name=values,proto3" json:"values,omitempty"` +} + +func (x *LabelSelectorRequirement) Reset() { + *x = LabelSelectorRequirement{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LabelSelectorRequirement) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LabelSelectorRequirement) ProtoMessage() {} + +func (x *LabelSelectorRequirement) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LabelSelectorRequirement.ProtoReflect.Descriptor instead. +func (*LabelSelectorRequirement) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{8} +} + +func (x *LabelSelectorRequirement) GetKey() string { + if x != nil { + return x.Key + } + return "" +} + +func (x *LabelSelectorRequirement) GetOperator() string { + if x != nil { + return x.Operator + } + return "" +} + +func (x *LabelSelectorRequirement) GetValues() []string { + if x != nil { + return x.Values + } + return nil +} + +// AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole +type AggregationRule struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. + // If any of the selectors match, then the ClusterRole's permissions will be added + ClusterRoleSelectors []*LabelSelector `protobuf:"bytes,1,rep,name=cluster_role_selectors,json=clusterRoleSelectors,proto3" json:"cluster_role_selectors,omitempty"` +} + +func (x *AggregationRule) Reset() { + *x = AggregationRule{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *AggregationRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AggregationRule) ProtoMessage() {} + +func (x *AggregationRule) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AggregationRule.ProtoReflect.Descriptor instead. +func (*AggregationRule) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{9} +} + +func (x *AggregationRule) GetClusterRoleSelectors() []*LabelSelector { + if x != nil { + return x.ClusterRoleSelectors + } + return nil +} + +// PolicyRule holds information that describes a policy rule, but does not contain information +// about who the rule applies to or which namespace the rule applies to. +type PolicyRule struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. + Verbs []string `protobuf:"bytes,1,rep,name=verbs,proto3" json:"verbs,omitempty"` + // APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + // the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + ApiGroups []string `protobuf:"bytes,2,rep,name=api_groups,json=apiGroups,proto3" json:"api_groups,omitempty"` + // Resources is a list of resources this rule applies to. '*' represents all resources. + Resources []string `protobuf:"bytes,3,rep,name=resources,proto3" json:"resources,omitempty"` + // ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. + ResourceNames []string `protobuf:"bytes,4,rep,name=resource_names,json=resourceNames,proto3" json:"resource_names,omitempty"` + // NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + // Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + // Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + NonResourceUrls []string `protobuf:"bytes,5,rep,name=non_resource_urls,json=nonResourceUrls,proto3" json:"non_resource_urls,omitempty"` +} + +func (x *PolicyRule) Reset() { + *x = PolicyRule{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PolicyRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PolicyRule) ProtoMessage() {} + +func (x *PolicyRule) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PolicyRule.ProtoReflect.Descriptor instead. +func (*PolicyRule) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{10} +} + +func (x *PolicyRule) GetVerbs() []string { + if x != nil { + return x.Verbs + } + return nil +} + +func (x *PolicyRule) GetApiGroups() []string { + if x != nil { + return x.ApiGroups + } + return nil +} + +func (x *PolicyRule) GetResources() []string { + if x != nil { + return x.Resources + } + return nil +} + +func (x *PolicyRule) GetResourceNames() []string { + if x != nil { + return x.ResourceNames + } + return nil +} + +func (x *PolicyRule) GetNonResourceUrls() []string { + if x != nil { + return x.NonResourceUrls + } + return nil +} + +// RoleRef contains information that points to the role being used +type RoleRef struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Kind is the type of resource being referenced + Kind string `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"` + // APIGroup is the group for the resource being referenced + ApiGroup string `protobuf:"bytes,2,opt,name=api_group,json=apiGroup,proto3" json:"api_group,omitempty"` + // Name is the name of resource being referenced + Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` +} + +func (x *RoleRef) Reset() { + *x = RoleRef{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RoleRef) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RoleRef) ProtoMessage() {} + +func (x *RoleRef) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RoleRef.ProtoReflect.Descriptor instead. +func (*RoleRef) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{11} +} + +func (x *RoleRef) GetKind() string { + if x != nil { + return x.Kind + } + return "" +} + +func (x *RoleRef) GetApiGroup() string { + if x != nil { + return x.ApiGroup + } + return "" +} + +func (x *RoleRef) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, +// or a value for non-objects such as user and group names. +type Subject struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". + Kind string `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"` + // APIGroup holds the API group of the referenced subject. + ApiGroup string `protobuf:"bytes,2,opt,name=api_group,json=apiGroup,proto3" json:"api_group,omitempty"` + // Name of the object being referenced. + Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` + // Namespace of the referenced object. + Namespace string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"` +} + +func (x *Subject) Reset() { + *x = Subject{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Subject) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Subject) ProtoMessage() {} + +func (x *Subject) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[12] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Subject.ProtoReflect.Descriptor instead. +func (*Subject) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP(), []int{12} +} + +func (x *Subject) GetKind() string { + if x != nil { + return x.Kind + } + return "" +} + +func (x *Subject) GetApiGroup() string { + if x != nil { + return x.ApiGroup + } + return "" +} + +func (x *Subject) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *Subject) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +var File_teleport_kubeprovision_v1_kubeprovision_proto protoreflect.FileDescriptor + +var file_teleport_kubeprovision_v1_kubeprovision_proto_rawDesc = []byte{ + 0x0a, 0x2d, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6b, 0x75, 0x62, 0x65, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0x2f, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, + 0x19, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, + 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x1a, 0x21, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x6d, + 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd4, 0x01, + 0x0a, 0x0d, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, + 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, + 0x69, 0x6e, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x75, 0x62, 0x5f, 0x6b, 0x69, 0x6e, 0x64, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x18, + 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, + 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, + 0x74, 0x61, 0x12, 0x40, 0x0a, 0x04, 0x73, 0x70, 0x65, 0x63, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x2c, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, + 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x52, 0x04, + 0x73, 0x70, 0x65, 0x63, 0x22, 0xc7, 0x02, 0x0a, 0x11, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x4b, 0x0a, 0x0d, 0x63, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x26, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, + 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x61, 0x0a, 0x15, 0x63, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x62, 0x69, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x73, + 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, + 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, + 0x76, 0x31, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x42, 0x69, + 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x13, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, + 0x6c, 0x65, 0x42, 0x69, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x35, 0x0a, 0x05, 0x72, 0x6f, + 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, + 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, + 0x73, 0x12, 0x4b, 0x0a, 0x0d, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x62, 0x69, 0x6e, 0x64, 0x69, 0x6e, + 0x67, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, + 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x42, 0x69, 0x6e, 0x64, 0x69, 0x6e, 0x67, + 0x52, 0x0c, 0x72, 0x6f, 0x6c, 0x65, 0x42, 0x69, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x73, 0x22, 0xe8, + 0x01, 0x0a, 0x0b, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x45, + 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x29, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, + 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, + 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3b, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x02, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x75, 0x6c, + 0x65, 0x73, 0x12, 0x55, 0x0a, 0x10, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6c, 0x65, 0x22, 0xda, 0x01, 0x0a, 0x12, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x42, 0x69, 0x6e, 0x64, 0x69, 0x6e, 0x67, + 0x12, 0x45, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, + 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, + 0x75, 0x62, 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x08, 0x6d, + 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3e, 0x0a, 0x08, 0x73, 0x75, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, + 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x08, 0x73, + 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x3d, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, + 0x72, 0x65, 0x66, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, + 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x52, 0x07, 0x72, + 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x22, 0x8a, 0x01, 0x0a, 0x04, 0x52, 0x6f, 0x6c, 0x65, 0x12, + 0x45, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x29, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, + 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, + 0x62, 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, + 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3b, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, + 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, + 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x75, + 0x6c, 0x65, 0x73, 0x22, 0xd3, 0x01, 0x0a, 0x0b, 0x52, 0x6f, 0x6c, 0x65, 0x42, 0x69, 0x6e, 0x64, + 0x69, 0x6e, 0x67, 0x12, 0x45, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, + 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, + 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3e, 0x0a, 0x08, 0x73, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x52, 0x08, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x3d, 0x0a, 0x08, 0x72, 0x6f, + 0x6c, 0x65, 0x5f, 0x72, 0x65, 0x66, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x66, + 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x22, 0xea, 0x02, 0x0a, 0x0e, 0x4b, 0x75, + 0x62, 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x12, 0x0a, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x4d, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, + 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x2e, 0x4c, 0x61, 0x62, 0x65, + 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x12, + 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x5c, 0x0a, + 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, + 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, + 0x75, 0x62, 0x65, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x2e, 0x41, 0x6e, + 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0b, + 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x4c, + 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, + 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, + 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x8f, 0x02, 0x0a, 0x0d, 0x4c, 0x61, 0x62, 0x65, 0x6c, + 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x5c, 0x0a, 0x0c, 0x6d, 0x61, 0x74, 0x63, + 0x68, 0x5f, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, + 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, + 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, + 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x4c, 0x61, + 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, + 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x12, 0x60, 0x0a, 0x11, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, + 0x65, 0x78, 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x33, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, + 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x61, + 0x62, 0x65, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x65, 0x71, 0x75, 0x69, + 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x10, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x45, 0x78, 0x70, + 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x3e, 0x0a, 0x10, 0x4d, 0x61, 0x74, 0x63, + 0x68, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, + 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, + 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x60, 0x0a, 0x18, 0x4c, 0x61, 0x62, 0x65, + 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, + 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, + 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, + 0x6f, 0x72, 0x12, 0x16, 0x0a, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, + 0x28, 0x09, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x22, 0x71, 0x0a, 0x0f, 0x41, 0x67, + 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x5e, 0x0a, + 0x16, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x73, 0x65, + 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x53, + 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x14, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x52, 0x6f, 0x6c, 0x65, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x22, 0xb2, 0x01, + 0x0a, 0x0a, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x65, 0x72, 0x62, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x76, 0x65, 0x72, + 0x62, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x70, 0x69, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, + 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x09, 0x61, 0x70, 0x69, 0x47, 0x72, 0x6f, 0x75, 0x70, + 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x03, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, + 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, + 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6e, 0x6f, 0x6e, 0x5f, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x0f, 0x6e, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x55, 0x72, + 0x6c, 0x73, 0x22, 0x4e, 0x0a, 0x07, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x66, 0x12, 0x12, 0x0a, + 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, + 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x61, 0x70, 0x69, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x61, 0x70, 0x69, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x12, + 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x22, 0x6c, 0x0a, 0x07, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x12, 0x0a, + 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, + 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x61, 0x70, 0x69, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x61, 0x70, 0x69, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x12, + 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, + 0x42, 0x5e, 0x5a, 0x5c, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, + 0x72, 0x61, 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, + 0x3b, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x76, 0x31, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescOnce sync.Once + file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescData = file_teleport_kubeprovision_v1_kubeprovision_proto_rawDesc +) + +func file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescGZIP() []byte { + file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescOnce.Do(func() { + file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescData = protoimpl.X.CompressGZIP(file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescData) + }) + return file_teleport_kubeprovision_v1_kubeprovision_proto_rawDescData +} + +var file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes = make([]protoimpl.MessageInfo, 16) +var file_teleport_kubeprovision_v1_kubeprovision_proto_goTypes = []any{ + (*KubeProvision)(nil), // 0: teleport.kubeprovision.v1.KubeProvision + (*KubeProvisionSpec)(nil), // 1: teleport.kubeprovision.v1.KubeProvisionSpec + (*ClusterRole)(nil), // 2: teleport.kubeprovision.v1.ClusterRole + (*ClusterRoleBinding)(nil), // 3: teleport.kubeprovision.v1.ClusterRoleBinding + (*Role)(nil), // 4: teleport.kubeprovision.v1.Role + (*RoleBinding)(nil), // 5: teleport.kubeprovision.v1.RoleBinding + (*KubeObjectMeta)(nil), // 6: teleport.kubeprovision.v1.KubeObjectMeta + (*LabelSelector)(nil), // 7: teleport.kubeprovision.v1.LabelSelector + (*LabelSelectorRequirement)(nil), // 8: teleport.kubeprovision.v1.LabelSelectorRequirement + (*AggregationRule)(nil), // 9: teleport.kubeprovision.v1.AggregationRule + (*PolicyRule)(nil), // 10: teleport.kubeprovision.v1.PolicyRule + (*RoleRef)(nil), // 11: teleport.kubeprovision.v1.RoleRef + (*Subject)(nil), // 12: teleport.kubeprovision.v1.Subject + nil, // 13: teleport.kubeprovision.v1.KubeObjectMeta.LabelsEntry + nil, // 14: teleport.kubeprovision.v1.KubeObjectMeta.AnnotationsEntry + nil, // 15: teleport.kubeprovision.v1.LabelSelector.MatchLabelsEntry + (*v1.Metadata)(nil), // 16: teleport.header.v1.Metadata +} +var file_teleport_kubeprovision_v1_kubeprovision_proto_depIdxs = []int32{ + 16, // 0: teleport.kubeprovision.v1.KubeProvision.metadata:type_name -> teleport.header.v1.Metadata + 1, // 1: teleport.kubeprovision.v1.KubeProvision.spec:type_name -> teleport.kubeprovision.v1.KubeProvisionSpec + 2, // 2: teleport.kubeprovision.v1.KubeProvisionSpec.cluster_roles:type_name -> teleport.kubeprovision.v1.ClusterRole + 3, // 3: teleport.kubeprovision.v1.KubeProvisionSpec.cluster_role_bindings:type_name -> teleport.kubeprovision.v1.ClusterRoleBinding + 4, // 4: teleport.kubeprovision.v1.KubeProvisionSpec.roles:type_name -> teleport.kubeprovision.v1.Role + 5, // 5: teleport.kubeprovision.v1.KubeProvisionSpec.role_bindings:type_name -> teleport.kubeprovision.v1.RoleBinding + 6, // 6: teleport.kubeprovision.v1.ClusterRole.metadata:type_name -> teleport.kubeprovision.v1.KubeObjectMeta + 10, // 7: teleport.kubeprovision.v1.ClusterRole.rules:type_name -> teleport.kubeprovision.v1.PolicyRule + 9, // 8: teleport.kubeprovision.v1.ClusterRole.aggregation_rule:type_name -> teleport.kubeprovision.v1.AggregationRule + 6, // 9: teleport.kubeprovision.v1.ClusterRoleBinding.metadata:type_name -> teleport.kubeprovision.v1.KubeObjectMeta + 12, // 10: teleport.kubeprovision.v1.ClusterRoleBinding.subjects:type_name -> teleport.kubeprovision.v1.Subject + 11, // 11: teleport.kubeprovision.v1.ClusterRoleBinding.role_ref:type_name -> teleport.kubeprovision.v1.RoleRef + 6, // 12: teleport.kubeprovision.v1.Role.metadata:type_name -> teleport.kubeprovision.v1.KubeObjectMeta + 10, // 13: teleport.kubeprovision.v1.Role.rules:type_name -> teleport.kubeprovision.v1.PolicyRule + 6, // 14: teleport.kubeprovision.v1.RoleBinding.metadata:type_name -> teleport.kubeprovision.v1.KubeObjectMeta + 12, // 15: teleport.kubeprovision.v1.RoleBinding.subjects:type_name -> teleport.kubeprovision.v1.Subject + 11, // 16: teleport.kubeprovision.v1.RoleBinding.role_ref:type_name -> teleport.kubeprovision.v1.RoleRef + 13, // 17: teleport.kubeprovision.v1.KubeObjectMeta.labels:type_name -> teleport.kubeprovision.v1.KubeObjectMeta.LabelsEntry + 14, // 18: teleport.kubeprovision.v1.KubeObjectMeta.annotations:type_name -> teleport.kubeprovision.v1.KubeObjectMeta.AnnotationsEntry + 15, // 19: teleport.kubeprovision.v1.LabelSelector.match_labels:type_name -> teleport.kubeprovision.v1.LabelSelector.MatchLabelsEntry + 8, // 20: teleport.kubeprovision.v1.LabelSelector.match_expressions:type_name -> teleport.kubeprovision.v1.LabelSelectorRequirement + 7, // 21: teleport.kubeprovision.v1.AggregationRule.cluster_role_selectors:type_name -> teleport.kubeprovision.v1.LabelSelector + 22, // [22:22] is the sub-list for method output_type + 22, // [22:22] is the sub-list for method input_type + 22, // [22:22] is the sub-list for extension type_name + 22, // [22:22] is the sub-list for extension extendee + 0, // [0:22] is the sub-list for field type_name +} + +func init() { file_teleport_kubeprovision_v1_kubeprovision_proto_init() } +func file_teleport_kubeprovision_v1_kubeprovision_proto_init() { + if File_teleport_kubeprovision_v1_kubeprovision_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[0].Exporter = func(v any, i int) any { + switch v := v.(*KubeProvision); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[1].Exporter = func(v any, i int) any { + switch v := v.(*KubeProvisionSpec); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[2].Exporter = func(v any, i int) any { + switch v := v.(*ClusterRole); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[3].Exporter = func(v any, i int) any { + switch v := v.(*ClusterRoleBinding); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[4].Exporter = func(v any, i int) any { + switch v := v.(*Role); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[5].Exporter = func(v any, i int) any { + switch v := v.(*RoleBinding); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[6].Exporter = func(v any, i int) any { + switch v := v.(*KubeObjectMeta); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[7].Exporter = func(v any, i int) any { + switch v := v.(*LabelSelector); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[8].Exporter = func(v any, i int) any { + switch v := v.(*LabelSelectorRequirement); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[9].Exporter = func(v any, i int) any { + switch v := v.(*AggregationRule); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[10].Exporter = func(v any, i int) any { + switch v := v.(*PolicyRule); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[11].Exporter = func(v any, i int) any { + switch v := v.(*RoleRef); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes[12].Exporter = func(v any, i int) any { + switch v := v.(*Subject); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_teleport_kubeprovision_v1_kubeprovision_proto_rawDesc, + NumEnums: 0, + NumMessages: 16, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_teleport_kubeprovision_v1_kubeprovision_proto_goTypes, + DependencyIndexes: file_teleport_kubeprovision_v1_kubeprovision_proto_depIdxs, + MessageInfos: file_teleport_kubeprovision_v1_kubeprovision_proto_msgTypes, + }.Build() + File_teleport_kubeprovision_v1_kubeprovision_proto = out.File + file_teleport_kubeprovision_v1_kubeprovision_proto_rawDesc = nil + file_teleport_kubeprovision_v1_kubeprovision_proto_goTypes = nil + file_teleport_kubeprovision_v1_kubeprovision_proto_depIdxs = nil +} diff --git a/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service.pb.go b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service.pb.go new file mode 100644 index 0000000000000..2b3932337f4e1 --- /dev/null +++ b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service.pb.go @@ -0,0 +1,669 @@ +// Copyright 2024 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.2 +// protoc (unknown) +// source: teleport/kubeprovision/v1/kubeprovision_service.proto + +package kubeprovisionv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + emptypb "google.golang.org/protobuf/types/known/emptypb" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// KubeProvisionRequest is a request to create a new KubeProvision. +type CreateKubeProvisionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // KubeProvision is the resource to be created. + KubeProvision *KubeProvision `protobuf:"bytes,1,opt,name=kube_provision,json=kubeProvision,proto3" json:"kube_provision,omitempty"` +} + +func (x *CreateKubeProvisionRequest) Reset() { + *x = CreateKubeProvisionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateKubeProvisionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateKubeProvisionRequest) ProtoMessage() {} + +func (x *CreateKubeProvisionRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateKubeProvisionRequest.ProtoReflect.Descriptor instead. +func (*CreateKubeProvisionRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{0} +} + +func (x *CreateKubeProvisionRequest) GetKubeProvision() *KubeProvision { + if x != nil { + return x.KubeProvision + } + return nil +} + +// GetKubeProvisionRequest is a request to get a KubeProvision by name. +type GetKubeProvisionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Name is the name of the KubeProvision to get. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` +} + +func (x *GetKubeProvisionRequest) Reset() { + *x = GetKubeProvisionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetKubeProvisionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetKubeProvisionRequest) ProtoMessage() {} + +func (x *GetKubeProvisionRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetKubeProvisionRequest.ProtoReflect.Descriptor instead. +func (*GetKubeProvisionRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{1} +} + +func (x *GetKubeProvisionRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +// ListKubeProvisionsRequest is a request to get a list of KubeProvisions. +type ListKubeProvisionsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // PageSize is the maximum number of items to return. + // The server may impose a different page size at its discretion. + PageSize int32 `protobuf:"varint,1,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"` + // PageToken is the next_page_token value returned from a previous List request, if any. + PageToken string `protobuf:"bytes,2,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"` +} + +func (x *ListKubeProvisionsRequest) Reset() { + *x = ListKubeProvisionsRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ListKubeProvisionsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListKubeProvisionsRequest) ProtoMessage() {} + +func (x *ListKubeProvisionsRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListKubeProvisionsRequest.ProtoReflect.Descriptor instead. +func (*ListKubeProvisionsRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{2} +} + +func (x *ListKubeProvisionsRequest) GetPageSize() int32 { + if x != nil { + return x.PageSize + } + return 0 +} + +func (x *ListKubeProvisionsRequest) GetPageToken() string { + if x != nil { + return x.PageToken + } + return "" +} + +// ListKubeProvisionsResponse is a response to GetKubeProvisionsRequest. +type ListKubeProvisionsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // KubeProvisions is a list of KubeProvision resources in the page. + KubeProvisions []*KubeProvision `protobuf:"bytes,1,rep,name=kube_provisions,json=kubeProvisions,proto3" json:"kube_provisions,omitempty"` + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"` +} + +func (x *ListKubeProvisionsResponse) Reset() { + *x = ListKubeProvisionsResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ListKubeProvisionsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListKubeProvisionsResponse) ProtoMessage() {} + +func (x *ListKubeProvisionsResponse) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListKubeProvisionsResponse.ProtoReflect.Descriptor instead. +func (*ListKubeProvisionsResponse) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{3} +} + +func (x *ListKubeProvisionsResponse) GetKubeProvisions() []*KubeProvision { + if x != nil { + return x.KubeProvisions + } + return nil +} + +func (x *ListKubeProvisionsResponse) GetNextPageToken() string { + if x != nil { + return x.NextPageToken + } + return "" +} + +// UpdateKubeProvisionRequest is a request to update an existing KubeProvision. +type UpdateKubeProvisionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // KubeProvision is the KubeProvision to be updated. + KubeProvision *KubeProvision `protobuf:"bytes,1,opt,name=kube_provision,json=kubeProvision,proto3" json:"kube_provision,omitempty"` +} + +func (x *UpdateKubeProvisionRequest) Reset() { + *x = UpdateKubeProvisionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateKubeProvisionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateKubeProvisionRequest) ProtoMessage() {} + +func (x *UpdateKubeProvisionRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateKubeProvisionRequest.ProtoReflect.Descriptor instead. +func (*UpdateKubeProvisionRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{4} +} + +func (x *UpdateKubeProvisionRequest) GetKubeProvision() *KubeProvision { + if x != nil { + return x.KubeProvision + } + return nil +} + +// UpsertKubeProvisionRequest is a request to upsert a KubeProvision. +type UpsertKubeProvisionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // KubeProvisions is a list of KubeProvision resources + KubeProvision *KubeProvision `protobuf:"bytes,1,opt,name=kube_provision,json=kubeProvision,proto3" json:"kube_provision,omitempty"` +} + +func (x *UpsertKubeProvisionRequest) Reset() { + *x = UpsertKubeProvisionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpsertKubeProvisionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpsertKubeProvisionRequest) ProtoMessage() {} + +func (x *UpsertKubeProvisionRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpsertKubeProvisionRequest.ProtoReflect.Descriptor instead. +func (*UpsertKubeProvisionRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{5} +} + +func (x *UpsertKubeProvisionRequest) GetKubeProvision() *KubeProvision { + if x != nil { + return x.KubeProvision + } + return nil +} + +// DeleteKubeProvisionRequest is a request to delete a KubeProvision. +type DeleteKubeProvisionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Name is the name of the KubeProvision to delete. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` +} + +func (x *DeleteKubeProvisionRequest) Reset() { + *x = DeleteKubeProvisionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeleteKubeProvisionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteKubeProvisionRequest) ProtoMessage() {} + +func (x *DeleteKubeProvisionRequest) ProtoReflect() protoreflect.Message { + mi := &file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteKubeProvisionRequest.ProtoReflect.Descriptor instead. +func (*DeleteKubeProvisionRequest) Descriptor() ([]byte, []int) { + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP(), []int{6} +} + +func (x *DeleteKubeProvisionRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +var File_teleport_kubeprovision_v1_kubeprovision_service_proto protoreflect.FileDescriptor + +var file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDesc = []byte{ + 0x0a, 0x35, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6b, 0x75, 0x62, 0x65, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0x2f, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x19, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, + 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, + 0x76, 0x31, 0x1a, 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, + 0x2d, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, + 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0x2f, 0x6b, 0x75, 0x62, 0x65, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x6d, + 0x0a, 0x1a, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4f, 0x0a, 0x0e, + 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d, + 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x2d, 0x0a, + 0x17, 0x47, 0x65, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x57, 0x0a, 0x19, + 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, + 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, + 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, + 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x97, 0x01, 0x0a, 0x1a, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x75, + 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x51, 0x0a, 0x0f, 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, + 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0e, 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, + 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, + 0x6d, 0x0a, 0x1a, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4f, 0x0a, + 0x0e, 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, + 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, + 0x0d, 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x6d, + 0x0a, 0x1a, 0x55, 0x70, 0x73, 0x65, 0x72, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4f, 0x0a, 0x0e, + 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d, + 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x30, 0x0a, + 0x1a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, + 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x32, + 0xda, 0x05, 0x0a, 0x14, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x76, 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, + 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, + 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, + 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, + 0x12, 0x70, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, + 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x32, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, + 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x81, 0x01, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x34, 0x2e, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, + 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, + 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, + 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x76, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x76, + 0x0a, 0x13, 0x55, 0x70, 0x73, 0x65, 0x72, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, + 0x31, 0x2e, 0x55, 0x70, 0x73, 0x65, 0x72, 0x74, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, 0x76, + 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x64, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6b, 0x75, 0x62, 0x65, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x4b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x5e, 0x5a, 0x5c, + 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, + 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, + 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6b, 0x75, 0x62, 0x65, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0x3b, 0x6b, 0x75, 0x62, + 0x65, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescOnce sync.Once + file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescData = file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDesc +) + +func file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescGZIP() []byte { + file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescOnce.Do(func() { + file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescData) + }) + return file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDescData +} + +var file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes = make([]protoimpl.MessageInfo, 7) +var file_teleport_kubeprovision_v1_kubeprovision_service_proto_goTypes = []any{ + (*CreateKubeProvisionRequest)(nil), // 0: teleport.kubeprovision.v1.CreateKubeProvisionRequest + (*GetKubeProvisionRequest)(nil), // 1: teleport.kubeprovision.v1.GetKubeProvisionRequest + (*ListKubeProvisionsRequest)(nil), // 2: teleport.kubeprovision.v1.ListKubeProvisionsRequest + (*ListKubeProvisionsResponse)(nil), // 3: teleport.kubeprovision.v1.ListKubeProvisionsResponse + (*UpdateKubeProvisionRequest)(nil), // 4: teleport.kubeprovision.v1.UpdateKubeProvisionRequest + (*UpsertKubeProvisionRequest)(nil), // 5: teleport.kubeprovision.v1.UpsertKubeProvisionRequest + (*DeleteKubeProvisionRequest)(nil), // 6: teleport.kubeprovision.v1.DeleteKubeProvisionRequest + (*KubeProvision)(nil), // 7: teleport.kubeprovision.v1.KubeProvision + (*emptypb.Empty)(nil), // 8: google.protobuf.Empty +} +var file_teleport_kubeprovision_v1_kubeprovision_service_proto_depIdxs = []int32{ + 7, // 0: teleport.kubeprovision.v1.CreateKubeProvisionRequest.kube_provision:type_name -> teleport.kubeprovision.v1.KubeProvision + 7, // 1: teleport.kubeprovision.v1.ListKubeProvisionsResponse.kube_provisions:type_name -> teleport.kubeprovision.v1.KubeProvision + 7, // 2: teleport.kubeprovision.v1.UpdateKubeProvisionRequest.kube_provision:type_name -> teleport.kubeprovision.v1.KubeProvision + 7, // 3: teleport.kubeprovision.v1.UpsertKubeProvisionRequest.kube_provision:type_name -> teleport.kubeprovision.v1.KubeProvision + 0, // 4: teleport.kubeprovision.v1.KubeProvisionService.CreateKubeProvision:input_type -> teleport.kubeprovision.v1.CreateKubeProvisionRequest + 1, // 5: teleport.kubeprovision.v1.KubeProvisionService.GetKubeProvision:input_type -> teleport.kubeprovision.v1.GetKubeProvisionRequest + 2, // 6: teleport.kubeprovision.v1.KubeProvisionService.ListKubeProvisions:input_type -> teleport.kubeprovision.v1.ListKubeProvisionsRequest + 4, // 7: teleport.kubeprovision.v1.KubeProvisionService.UpdateKubeProvision:input_type -> teleport.kubeprovision.v1.UpdateKubeProvisionRequest + 5, // 8: teleport.kubeprovision.v1.KubeProvisionService.UpsertKubeProvision:input_type -> teleport.kubeprovision.v1.UpsertKubeProvisionRequest + 6, // 9: teleport.kubeprovision.v1.KubeProvisionService.DeleteKubeProvision:input_type -> teleport.kubeprovision.v1.DeleteKubeProvisionRequest + 7, // 10: teleport.kubeprovision.v1.KubeProvisionService.CreateKubeProvision:output_type -> teleport.kubeprovision.v1.KubeProvision + 7, // 11: teleport.kubeprovision.v1.KubeProvisionService.GetKubeProvision:output_type -> teleport.kubeprovision.v1.KubeProvision + 3, // 12: teleport.kubeprovision.v1.KubeProvisionService.ListKubeProvisions:output_type -> teleport.kubeprovision.v1.ListKubeProvisionsResponse + 7, // 13: teleport.kubeprovision.v1.KubeProvisionService.UpdateKubeProvision:output_type -> teleport.kubeprovision.v1.KubeProvision + 7, // 14: teleport.kubeprovision.v1.KubeProvisionService.UpsertKubeProvision:output_type -> teleport.kubeprovision.v1.KubeProvision + 8, // 15: teleport.kubeprovision.v1.KubeProvisionService.DeleteKubeProvision:output_type -> google.protobuf.Empty + 10, // [10:16] is the sub-list for method output_type + 4, // [4:10] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name +} + +func init() { file_teleport_kubeprovision_v1_kubeprovision_service_proto_init() } +func file_teleport_kubeprovision_v1_kubeprovision_service_proto_init() { + if File_teleport_kubeprovision_v1_kubeprovision_service_proto != nil { + return + } + file_teleport_kubeprovision_v1_kubeprovision_proto_init() + if !protoimpl.UnsafeEnabled { + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[0].Exporter = func(v any, i int) any { + switch v := v.(*CreateKubeProvisionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[1].Exporter = func(v any, i int) any { + switch v := v.(*GetKubeProvisionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[2].Exporter = func(v any, i int) any { + switch v := v.(*ListKubeProvisionsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[3].Exporter = func(v any, i int) any { + switch v := v.(*ListKubeProvisionsResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[4].Exporter = func(v any, i int) any { + switch v := v.(*UpdateKubeProvisionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[5].Exporter = func(v any, i int) any { + switch v := v.(*UpsertKubeProvisionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes[6].Exporter = func(v any, i int) any { + switch v := v.(*DeleteKubeProvisionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDesc, + NumEnums: 0, + NumMessages: 7, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_teleport_kubeprovision_v1_kubeprovision_service_proto_goTypes, + DependencyIndexes: file_teleport_kubeprovision_v1_kubeprovision_service_proto_depIdxs, + MessageInfos: file_teleport_kubeprovision_v1_kubeprovision_service_proto_msgTypes, + }.Build() + File_teleport_kubeprovision_v1_kubeprovision_service_proto = out.File + file_teleport_kubeprovision_v1_kubeprovision_service_proto_rawDesc = nil + file_teleport_kubeprovision_v1_kubeprovision_service_proto_goTypes = nil + file_teleport_kubeprovision_v1_kubeprovision_service_proto_depIdxs = nil +} diff --git a/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service_grpc.pb.go b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service_grpc.pb.go new file mode 100644 index 0000000000000..6ed2cf319c4d0 --- /dev/null +++ b/api/gen/proto/go/teleport/kubeprovision/v1/kubeprovision_service_grpc.pb.go @@ -0,0 +1,331 @@ +// Copyright 2024 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.4.0 +// - protoc (unknown) +// source: teleport/kubeprovision/v1/kubeprovision_service.proto + +package kubeprovisionv1 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" + emptypb "google.golang.org/protobuf/types/known/emptypb" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.62.0 or later. +const _ = grpc.SupportPackageIsVersion8 + +const ( + KubeProvisionService_CreateKubeProvision_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/CreateKubeProvision" + KubeProvisionService_GetKubeProvision_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/GetKubeProvision" + KubeProvisionService_ListKubeProvisions_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/ListKubeProvisions" + KubeProvisionService_UpdateKubeProvision_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/UpdateKubeProvision" + KubeProvisionService_UpsertKubeProvision_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/UpsertKubeProvision" + KubeProvisionService_DeleteKubeProvision_FullMethodName = "/teleport.kubeprovision.v1.KubeProvisionService/DeleteKubeProvision" +) + +// KubeProvisionServiceClient is the client API for KubeProvisionService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +// +// KubeProvisionService is a service that provides methods to manage KubeProvisions. +type KubeProvisionServiceClient interface { + // CreateKubeProvision creates a new KubeProvision. + CreateKubeProvision(ctx context.Context, in *CreateKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) + // GetKubeProvision gets a KubeProvision by name. + GetKubeProvision(ctx context.Context, in *GetKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) + // ListKubeProvisions returns a list of KubeProvisions. It supports pagination. + ListKubeProvisions(ctx context.Context, in *ListKubeProvisionsRequest, opts ...grpc.CallOption) (*ListKubeProvisionsResponse, error) + // UpdateKubeProvision updates an existing KubeProvision. + UpdateKubeProvision(ctx context.Context, in *UpdateKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) + // UpsertKubeProvision upserts a KubeProvision. + UpsertKubeProvision(ctx context.Context, in *UpsertKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) + // DeleteKubeProvision deletes a KubeProvision. + DeleteKubeProvision(ctx context.Context, in *DeleteKubeProvisionRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) +} + +type kubeProvisionServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewKubeProvisionServiceClient(cc grpc.ClientConnInterface) KubeProvisionServiceClient { + return &kubeProvisionServiceClient{cc} +} + +func (c *kubeProvisionServiceClient) CreateKubeProvision(ctx context.Context, in *CreateKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(KubeProvision) + err := c.cc.Invoke(ctx, KubeProvisionService_CreateKubeProvision_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kubeProvisionServiceClient) GetKubeProvision(ctx context.Context, in *GetKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(KubeProvision) + err := c.cc.Invoke(ctx, KubeProvisionService_GetKubeProvision_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kubeProvisionServiceClient) ListKubeProvisions(ctx context.Context, in *ListKubeProvisionsRequest, opts ...grpc.CallOption) (*ListKubeProvisionsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ListKubeProvisionsResponse) + err := c.cc.Invoke(ctx, KubeProvisionService_ListKubeProvisions_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kubeProvisionServiceClient) UpdateKubeProvision(ctx context.Context, in *UpdateKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(KubeProvision) + err := c.cc.Invoke(ctx, KubeProvisionService_UpdateKubeProvision_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kubeProvisionServiceClient) UpsertKubeProvision(ctx context.Context, in *UpsertKubeProvisionRequest, opts ...grpc.CallOption) (*KubeProvision, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(KubeProvision) + err := c.cc.Invoke(ctx, KubeProvisionService_UpsertKubeProvision_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kubeProvisionServiceClient) DeleteKubeProvision(ctx context.Context, in *DeleteKubeProvisionRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, KubeProvisionService_DeleteKubeProvision_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +// KubeProvisionServiceServer is the server API for KubeProvisionService service. +// All implementations must embed UnimplementedKubeProvisionServiceServer +// for forward compatibility +// +// KubeProvisionService is a service that provides methods to manage KubeProvisions. +type KubeProvisionServiceServer interface { + // CreateKubeProvision creates a new KubeProvision. + CreateKubeProvision(context.Context, *CreateKubeProvisionRequest) (*KubeProvision, error) + // GetKubeProvision gets a KubeProvision by name. + GetKubeProvision(context.Context, *GetKubeProvisionRequest) (*KubeProvision, error) + // ListKubeProvisions returns a list of KubeProvisions. It supports pagination. + ListKubeProvisions(context.Context, *ListKubeProvisionsRequest) (*ListKubeProvisionsResponse, error) + // UpdateKubeProvision updates an existing KubeProvision. + UpdateKubeProvision(context.Context, *UpdateKubeProvisionRequest) (*KubeProvision, error) + // UpsertKubeProvision upserts a KubeProvision. + UpsertKubeProvision(context.Context, *UpsertKubeProvisionRequest) (*KubeProvision, error) + // DeleteKubeProvision deletes a KubeProvision. + DeleteKubeProvision(context.Context, *DeleteKubeProvisionRequest) (*emptypb.Empty, error) + mustEmbedUnimplementedKubeProvisionServiceServer() +} + +// UnimplementedKubeProvisionServiceServer must be embedded to have forward compatible implementations. +type UnimplementedKubeProvisionServiceServer struct { +} + +func (UnimplementedKubeProvisionServiceServer) CreateKubeProvision(context.Context, *CreateKubeProvisionRequest) (*KubeProvision, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateKubeProvision not implemented") +} +func (UnimplementedKubeProvisionServiceServer) GetKubeProvision(context.Context, *GetKubeProvisionRequest) (*KubeProvision, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetKubeProvision not implemented") +} +func (UnimplementedKubeProvisionServiceServer) ListKubeProvisions(context.Context, *ListKubeProvisionsRequest) (*ListKubeProvisionsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListKubeProvisions not implemented") +} +func (UnimplementedKubeProvisionServiceServer) UpdateKubeProvision(context.Context, *UpdateKubeProvisionRequest) (*KubeProvision, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateKubeProvision not implemented") +} +func (UnimplementedKubeProvisionServiceServer) UpsertKubeProvision(context.Context, *UpsertKubeProvisionRequest) (*KubeProvision, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpsertKubeProvision not implemented") +} +func (UnimplementedKubeProvisionServiceServer) DeleteKubeProvision(context.Context, *DeleteKubeProvisionRequest) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteKubeProvision not implemented") +} +func (UnimplementedKubeProvisionServiceServer) mustEmbedUnimplementedKubeProvisionServiceServer() {} + +// UnsafeKubeProvisionServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to KubeProvisionServiceServer will +// result in compilation errors. +type UnsafeKubeProvisionServiceServer interface { + mustEmbedUnimplementedKubeProvisionServiceServer() +} + +func RegisterKubeProvisionServiceServer(s grpc.ServiceRegistrar, srv KubeProvisionServiceServer) { + s.RegisterService(&KubeProvisionService_ServiceDesc, srv) +} + +func _KubeProvisionService_CreateKubeProvision_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateKubeProvisionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).CreateKubeProvision(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_CreateKubeProvision_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).CreateKubeProvision(ctx, req.(*CreateKubeProvisionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KubeProvisionService_GetKubeProvision_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetKubeProvisionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).GetKubeProvision(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_GetKubeProvision_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).GetKubeProvision(ctx, req.(*GetKubeProvisionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KubeProvisionService_ListKubeProvisions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ListKubeProvisionsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).ListKubeProvisions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_ListKubeProvisions_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).ListKubeProvisions(ctx, req.(*ListKubeProvisionsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KubeProvisionService_UpdateKubeProvision_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateKubeProvisionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).UpdateKubeProvision(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_UpdateKubeProvision_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).UpdateKubeProvision(ctx, req.(*UpdateKubeProvisionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KubeProvisionService_UpsertKubeProvision_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpsertKubeProvisionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).UpsertKubeProvision(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_UpsertKubeProvision_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).UpsertKubeProvision(ctx, req.(*UpsertKubeProvisionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KubeProvisionService_DeleteKubeProvision_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteKubeProvisionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KubeProvisionServiceServer).DeleteKubeProvision(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KubeProvisionService_DeleteKubeProvision_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KubeProvisionServiceServer).DeleteKubeProvision(ctx, req.(*DeleteKubeProvisionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// KubeProvisionService_ServiceDesc is the grpc.ServiceDesc for KubeProvisionService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var KubeProvisionService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "teleport.kubeprovision.v1.KubeProvisionService", + HandlerType: (*KubeProvisionServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "CreateKubeProvision", + Handler: _KubeProvisionService_CreateKubeProvision_Handler, + }, + { + MethodName: "GetKubeProvision", + Handler: _KubeProvisionService_GetKubeProvision_Handler, + }, + { + MethodName: "ListKubeProvisions", + Handler: _KubeProvisionService_ListKubeProvisions_Handler, + }, + { + MethodName: "UpdateKubeProvision", + Handler: _KubeProvisionService_UpdateKubeProvision_Handler, + }, + { + MethodName: "UpsertKubeProvision", + Handler: _KubeProvisionService_UpsertKubeProvision_Handler, + }, + { + MethodName: "DeleteKubeProvision", + Handler: _KubeProvisionService_DeleteKubeProvision_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "teleport/kubeprovision/v1/kubeprovision_service.proto", +} diff --git a/api/proto/teleport/kubeprovision/v1/kubeprovision.proto b/api/proto/teleport/kubeprovision/v1/kubeprovision.proto new file mode 100644 index 0000000000000..4faf3aa4054c5 --- /dev/null +++ b/api/proto/teleport/kubeprovision/v1/kubeprovision.proto @@ -0,0 +1,203 @@ +// Copyright 2024 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package teleport.kubeprovision.v1; + +import "teleport/header/v1/metadata.proto"; + +option go_package = "github.com/gravitational/teleport/api/gen/proto/go/teleport/kubeprovision/v1;kubeprovisionv1"; + +// KubeProvision represents a Kubernetes resources that can be provisioned on the Kubernetes clusters. +// This includes roles/role bindings and cluster roles/cluster role bindings. +// For rationale behind this type, see the RFD 174. +message KubeProvision { + // Kind of resource represented. + string kind = 1; + // SubKind is not populated for this resource type. + string sub_kind = 2; + // Version of the resource being represented. + string version = 3; + // Metadata is common metadata that all resources share. + teleport.header.v1.Metadata metadata = 4; + // Spec determines the specific properties of kube provision. + KubeProvisionSpec spec = 5; +} + +// KubeProvisionSpec is the spec for the kube provision message. +message KubeProvisionSpec { + // ClusterRoles is a list of Kubernetes ClusterRoles resources to provision. + repeated ClusterRole cluster_roles = 1; + + // ClusterRolesBinding is a list of Kubernetes ClusterRoleBinding resources to provision. + repeated ClusterRoleBinding cluster_role_bindings = 2; + + // Roles is a list of Kubernetes Role resources to provision. + repeated Role roles = 3; + + // RoleBindings is a list of Kubernetes RoleBinding resources to provision. + repeated RoleBinding role_bindings = 4; +} + +// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. +message ClusterRole { + // Metadata is standard object's metadata. + KubeObjectMeta metadata = 1; + + // Rules holds all the PolicyRules for this ClusterRole + repeated PolicyRule rules = 2; + + // AggregationRule describes how to build the Rules for this ClusterRole. + // If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be + // stomped by the controller. + AggregationRule aggregation_rule = 3; +} + +// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, +// and adds who information via Subject. +message ClusterRoleBinding { + // Metadata is standard object's metadata. + KubeObjectMeta metadata = 1; + + // Subjects holds references to the objects the role applies to. + repeated Subject subjects = 2; + + // RoleRef references a ClusterRole in the global namespace. + RoleRef role_ref = 3; +} + +// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. +message Role { + // Metadata is standard object's metadata. + KubeObjectMeta metadata = 1; + + // Rules holds all the PolicyRules for this Role + repeated PolicyRule rules = 2; +} + +// RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. +// It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given +// namespace only have effect in that namespace. +message RoleBinding { + // Metadata is standard object's metadata. + KubeObjectMeta metadata = 1; + + // Subjects holds references to the objects the role applies to. + repeated Subject subjects = 2; + + // RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. + RoleRef role_ref = 3; +} + +// KubeObjectMeta is metadata for Kubernetes RBAC resources. +message KubeObjectMeta { + // Name is a unique resource name within a namespace. + string name = 1; + + // Labels are a map of string keys and values that can be used to organize and categorize + // (scope and select) objects. + map labels = 2; + + // Namespace defines the space within which each name must be unique. + string namespace = 3; + + // Annotations is an unstructured key value map stored with a resource that may be + // set by external tools to store and retrieve arbitrary metadata. + map annotations = 4; +} + +// LabelSelector is labels selector. +message LabelSelector { + // MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + // map is equivalent to an element of matchExpressions, whose key field is "key", the + // operator is "In", and the values array contains only "value". The requirements are ANDed. + map match_labels = 1; + + // MatchExpressions is a list of label selector requirements. The requirements are ANDed. + repeated LabelSelectorRequirement match_expressions = 2; +} + +// A label selector requirement is a selector that contains values, a key, and an operator that +// relates the key and values. +message LabelSelectorRequirement { + // key is the label key that the selector applies to. + string key = 1; + + // operator represents a key's relationship to a set of values. + // Valid operators are In, NotIn, Exists and DoesNotExist. + string operator = 2; + + // values is an array of string values. If the operator is In or NotIn, + // the values array must be non-empty. If the operator is Exists or DoesNotExist, + // the values array must be empty. + repeated string values = 3; +} + +// AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole +message AggregationRule { + // ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. + // If any of the selectors match, then the ClusterRole's permissions will be added + repeated LabelSelector cluster_role_selectors = 1; +} + +// PolicyRule holds information that describes a policy rule, but does not contain information +// about who the rule applies to or which namespace the rule applies to. +message PolicyRule { + // Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. + repeated string verbs = 1; + + // APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + // the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + repeated string api_groups = 2; + + // Resources is a list of resources this rule applies to. '*' represents all resources. + repeated string resources = 3; + + // ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. + repeated string resource_names = 4; + + // NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + // Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + // Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + repeated string non_resource_urls = 5; +} + +// RoleRef contains information that points to the role being used +message RoleRef { + // Kind is the type of resource being referenced + string kind = 1; + + // APIGroup is the group for the resource being referenced + string api_group = 2; + + // Name is the name of resource being referenced + string name = 3; +} + +// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, +// or a value for non-objects such as user and group names. +message Subject { + // Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". + string kind = 1; + + // APIGroup holds the API group of the referenced subject. + string api_group = 2; + + // Name of the object being referenced. + string name = 3; + + // Namespace of the referenced object. + string namespace = 4; +} diff --git a/api/proto/teleport/kubeprovision/v1/kubeprovision_service.proto b/api/proto/teleport/kubeprovision/v1/kubeprovision_service.proto new file mode 100644 index 0000000000000..9092947dd64d1 --- /dev/null +++ b/api/proto/teleport/kubeprovision/v1/kubeprovision_service.proto @@ -0,0 +1,87 @@ +// Copyright 2024 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package teleport.kubeprovision.v1; + +import "google/protobuf/empty.proto"; +import "teleport/kubeprovision/v1/kubeprovision.proto"; + +option go_package = "github.com/gravitational/teleport/api/gen/proto/go/teleport/kubeprovision/v1;kubeprovisionv1"; + +// KubeProvisionService is a service that provides methods to manage KubeProvisions. +service KubeProvisionService { + // CreateKubeProvision creates a new KubeProvision. + rpc CreateKubeProvision(CreateKubeProvisionRequest) returns (KubeProvision); + // GetKubeProvision gets a KubeProvision by name. + rpc GetKubeProvision(GetKubeProvisionRequest) returns (KubeProvision); + // ListKubeProvisions returns a list of KubeProvisions. It supports pagination. + rpc ListKubeProvisions(ListKubeProvisionsRequest) returns (ListKubeProvisionsResponse); + // UpdateKubeProvision updates an existing KubeProvision. + rpc UpdateKubeProvision(UpdateKubeProvisionRequest) returns (KubeProvision); + // UpsertKubeProvision upserts a KubeProvision. + rpc UpsertKubeProvision(UpsertKubeProvisionRequest) returns (KubeProvision); + // DeleteKubeProvision deletes a KubeProvision. + rpc DeleteKubeProvision(DeleteKubeProvisionRequest) returns (google.protobuf.Empty); +} + +// KubeProvisionRequest is a request to create a new KubeProvision. +message CreateKubeProvisionRequest { + // KubeProvision is the resource to be created. + teleport.kubeprovision.v1.KubeProvision kube_provision = 1; +} + +// GetKubeProvisionRequest is a request to get a KubeProvision by name. +message GetKubeProvisionRequest { + // Name is the name of the KubeProvision to get. + string name = 1; +} + +// ListKubeProvisionsRequest is a request to get a list of KubeProvisions. +message ListKubeProvisionsRequest { + // PageSize is the maximum number of items to return. + // The server may impose a different page size at its discretion. + int32 page_size = 1; + // PageToken is the next_page_token value returned from a previous List request, if any. + string page_token = 2; +} + +// ListKubeProvisionsResponse is a response to GetKubeProvisionsRequest. +message ListKubeProvisionsResponse { + // KubeProvisions is a list of KubeProvision resources in the page. + repeated teleport.kubeprovision.v1.KubeProvision kube_provisions = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// UpdateKubeProvisionRequest is a request to update an existing KubeProvision. +message UpdateKubeProvisionRequest { + // KubeProvision is the KubeProvision to be updated. + teleport.kubeprovision.v1.KubeProvision kube_provision = 1; +} + +// UpsertKubeProvisionRequest is a request to upsert a KubeProvision. +message UpsertKubeProvisionRequest { + // KubeProvisions is a list of KubeProvision resources + teleport.kubeprovision.v1.KubeProvision kube_provision = 1; +} + +// DeleteKubeProvisionRequest is a request to delete a KubeProvision. +message DeleteKubeProvisionRequest { + // Name is the name of the KubeProvision to delete. + string name = 1; +}