11924f498b
full diff: 616e8db4c3...6068d1894d
a replace rule was needed (similar as in github.com/docker/docker) to fix some
dependency issues;
github.com/docker/cli/cli/trust imports
github.com/theupdateframework/notary/trustpinning tested by
github.com/theupdateframework/notary/trustpinning.test imports
github.com/cloudflare/cfssl/helpers imports
github.com/google/certificate-transparency-go imports
go.etcd.io/etcd/v3 imports
go.etcd.io/etcd/tests/v3/integration imports
go.etcd.io/etcd/server/v3/embed imports
go.opentelemetry.io/otel/semconv: module go.opentelemetry.io/otel@latest found (v1.7.0), but does not contain package go.opentelemetry.io/otel/semconv
github.com/docker/cli/cli/trust imports
github.com/theupdateframework/notary/trustpinning tested by
github.com/theupdateframework/notary/trustpinning.test imports
github.com/cloudflare/cfssl/helpers imports
github.com/google/certificate-transparency-go imports
go.etcd.io/etcd/v3 imports
go.etcd.io/etcd/tests/v3/integration imports
go.etcd.io/etcd/server/v3/embed imports
go.opentelemetry.io/otel/exporters/otlp imports
go.opentelemetry.io/otel/sdk/metric/controller/basic imports
go.opentelemetry.io/otel/metric/registry: module go.opentelemetry.io/otel/metric@latest found (v0.30.0), but does not contain package go.opentelemetry.io/otel/metric/registry
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
73 lines
2.1 KiB
Protocol Buffer
73 lines
2.1 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package docker.swarmkit.v1;
|
|
|
|
import "github.com/docker/swarmkit/api/types.proto";
|
|
import "github.com/docker/swarmkit/api/specs.proto";
|
|
import "gogoproto/gogo.proto";
|
|
import "github.com/docker/swarmkit/protobuf/plugin/plugin.proto";
|
|
|
|
// CA defines the RPC methods for requesting certificates from a CA.
|
|
|
|
service CA {
|
|
rpc GetRootCACertificate(GetRootCACertificateRequest) returns (GetRootCACertificateResponse) {
|
|
option (docker.protobuf.plugin.tls_authorization) = { insecure: true };
|
|
};
|
|
// GetUnlockKey returns the current unlock key for the cluster for the role of the client
|
|
// asking.
|
|
rpc GetUnlockKey(GetUnlockKeyRequest) returns (GetUnlockKeyResponse) {
|
|
option (docker.protobuf.plugin.tls_authorization) = { roles: ["swarm-manager"] };
|
|
};
|
|
}
|
|
|
|
service NodeCA {
|
|
rpc IssueNodeCertificate(IssueNodeCertificateRequest) returns (IssueNodeCertificateResponse) {
|
|
option (docker.protobuf.plugin.tls_authorization) = { insecure: true };
|
|
};
|
|
rpc NodeCertificateStatus(NodeCertificateStatusRequest) returns (NodeCertificateStatusResponse) {
|
|
option (docker.protobuf.plugin.tls_authorization) = { insecure: true };
|
|
};
|
|
}
|
|
|
|
message NodeCertificateStatusRequest {
|
|
string node_id = 1;
|
|
}
|
|
|
|
message NodeCertificateStatusResponse {
|
|
IssuanceStatus status = 1;
|
|
Certificate certificate = 2;
|
|
}
|
|
|
|
message IssueNodeCertificateRequest {
|
|
// DEPRECATED: Role is now selected based on which secret is matched.
|
|
NodeRole role = 1 [deprecated=true];
|
|
|
|
// CSR is the certificate signing request.
|
|
bytes csr = 2 [(gogoproto.customname) = "CSR"];
|
|
|
|
// Token represents a user-provided string that is necessary for new
|
|
// nodes to join the cluster
|
|
string token = 3;
|
|
|
|
// Availability allows a user to control the current scheduling status of a node
|
|
NodeSpec.Availability availability = 4;
|
|
}
|
|
|
|
message IssueNodeCertificateResponse {
|
|
string node_id = 1;
|
|
NodeSpec.Membership node_membership = 2;
|
|
}
|
|
|
|
message GetRootCACertificateRequest {}
|
|
|
|
message GetRootCACertificateResponse {
|
|
bytes certificate = 1;
|
|
}
|
|
|
|
message GetUnlockKeyRequest {}
|
|
|
|
message GetUnlockKeyResponse {
|
|
bytes unlock_key = 1;
|
|
Version version = 2 [(gogoproto.nullable) = false];
|
|
}
|