diff --git a/go.mod b/go.mod index d636bb2e..dc59373a 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.23.4 toolchain go1.24.1 require ( - github.com/conductorone/baton-sdk v0.3.35 + github.com/conductorone/baton-sdk v0.3.45 github.com/ennyjfrick/ruleguard-logfatal v0.0.2 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/quasilyte/go-ruleguard/dsl v0.3.22 diff --git a/go.sum b/go.sum index c5e6bd46..d2f6ed96 100644 --- a/go.sum +++ b/go.sum @@ -58,8 +58,8 @@ github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyY github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/conductorone/baton-sdk v0.3.35 h1:8yzc1e/Dsmw5/a7zZcJklMeetjA7hRfD33zdD7WMHAs= -github.com/conductorone/baton-sdk v0.3.35/go.mod h1:L55WO3ERMx1mfpjDgwK3jWNRGRF2E76WrQHmW6ev8VY= +github.com/conductorone/baton-sdk v0.3.45 h1:zlvXx9nwa/lJmgSj2kZ5a/fBBqTfJii/8bNOgiC1moE= +github.com/conductorone/baton-sdk v0.3.45/go.mod h1:L55WO3ERMx1mfpjDgwK3jWNRGRF2E76WrQHmW6ev8VY= github.com/conductorone/dpop v0.2.3 h1:s91U3845GHQ6P6FWrdNr2SEOy1ES/jcFs1JtKSl2S+o= github.com/conductorone/dpop v0.2.3/go.mod h1:gyo8TtzB9SCFCsjsICH4IaLZ7y64CcrDXMOPBwfq/3s= github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3 h1:kLMCNIh0Mo2vbvvkCmJ3ixsPbXEJ6HPcW53Ku9yje3s= diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.go index 75d893a7..61612ece 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.go @@ -101,6 +101,42 @@ func (*SkipEntitlementsAndGrants) Descriptor() ([]byte, []int) { return file_c1_connector_v2_annotation_resource_tree_proto_rawDescGZIP(), []int{1} } +type SkipGrants struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *SkipGrants) Reset() { + *x = SkipGrants{} + mi := &file_c1_connector_v2_annotation_resource_tree_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SkipGrants) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SkipGrants) ProtoMessage() {} + +func (x *SkipGrants) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_annotation_resource_tree_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SkipGrants.ProtoReflect.Descriptor instead. +func (*SkipGrants) Descriptor() ([]byte, []int) { + return file_c1_connector_v2_annotation_resource_tree_proto_rawDescGZIP(), []int{2} +} + var File_c1_connector_v2_annotation_resource_tree_proto protoreflect.FileDescriptor var file_c1_connector_v2_annotation_resource_tree_proto_rawDesc = string([]byte{ @@ -113,11 +149,12 @@ var file_c1_connector_v2_annotation_resource_tree_proto_rawDesc = string([]byte{ 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x49, 0x64, 0x22, 0x1b, 0x0a, 0x19, 0x53, 0x6b, 0x69, 0x70, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x6d, - 0x65, 0x6e, 0x74, 0x73, 0x41, 0x6e, 0x64, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x42, 0x36, 0x5a, - 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, - 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, - 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, - 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x6e, 0x74, 0x73, 0x41, 0x6e, 0x64, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x22, 0x0c, 0x0a, + 0x0a, 0x53, 0x6b, 0x69, 0x70, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x42, 0x36, 0x5a, 0x34, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, 0x75, 0x63, + 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, 0x64, 0x6b, + 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( @@ -132,10 +169,11 @@ func file_c1_connector_v2_annotation_resource_tree_proto_rawDescGZIP() []byte { return file_c1_connector_v2_annotation_resource_tree_proto_rawDescData } -var file_c1_connector_v2_annotation_resource_tree_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_c1_connector_v2_annotation_resource_tree_proto_msgTypes = make([]protoimpl.MessageInfo, 3) var file_c1_connector_v2_annotation_resource_tree_proto_goTypes = []any{ (*ChildResourceType)(nil), // 0: c1.connector.v2.ChildResourceType (*SkipEntitlementsAndGrants)(nil), // 1: c1.connector.v2.SkipEntitlementsAndGrants + (*SkipGrants)(nil), // 2: c1.connector.v2.SkipGrants } var file_c1_connector_v2_annotation_resource_tree_proto_depIdxs = []int32{ 0, // [0:0] is the sub-list for method output_type @@ -156,7 +194,7 @@ func file_c1_connector_v2_annotation_resource_tree_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_annotation_resource_tree_proto_rawDesc), len(file_c1_connector_v2_annotation_resource_tree_proto_rawDesc)), NumEnums: 0, - NumMessages: 2, + NumMessages: 3, NumExtensions: 0, NumServices: 0, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.validate.go index 4a36fde5..36e768bd 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/annotation_resource_tree.pb.validate.go @@ -240,3 +240,102 @@ var _ interface { Cause() error ErrorName() string } = SkipEntitlementsAndGrantsValidationError{} + +// Validate checks the field values on SkipGrants with the rules defined in the +// proto definition for this message. If any rules are violated, the first +// error encountered is returned, or nil if there are no violations. +func (m *SkipGrants) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on SkipGrants with the rules defined in +// the proto definition for this message. If any rules are violated, the +// result is a list of violation errors wrapped in SkipGrantsMultiError, or +// nil if none found. +func (m *SkipGrants) ValidateAll() error { + return m.validate(true) +} + +func (m *SkipGrants) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if len(errors) > 0 { + return SkipGrantsMultiError(errors) + } + + return nil +} + +// SkipGrantsMultiError is an error wrapping multiple validation errors +// returned by SkipGrants.ValidateAll() if the designated constraints aren't met. +type SkipGrantsMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m SkipGrantsMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m SkipGrantsMultiError) AllErrors() []error { return m } + +// SkipGrantsValidationError is the validation error returned by +// SkipGrants.Validate if the designated constraints aren't met. +type SkipGrantsValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e SkipGrantsValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e SkipGrantsValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e SkipGrantsValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e SkipGrantsValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e SkipGrantsValidationError) ErrorName() string { return "SkipGrantsValidationError" } + +// Error satisfies the builtin error interface +func (e SkipGrantsValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sSkipGrants.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = SkipGrantsValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = SkipGrantsValidationError{} diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.go index 0da9efb1..c73a457d 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.go @@ -30,6 +30,7 @@ const ( EventType_EVENT_TYPE_UNSPECIFIED EventType = 0 EventType_EVENT_TYPE_USAGE EventType = 1 EventType_EVENT_TYPE_RESOURCE_CHANGE EventType = 4 + EventType_EVENT_TYPE_CREATE_GRANT EventType = 5 ) // Enum value maps for EventType. @@ -38,11 +39,13 @@ var ( 0: "EVENT_TYPE_UNSPECIFIED", 1: "EVENT_TYPE_USAGE", 4: "EVENT_TYPE_RESOURCE_CHANGE", + 5: "EVENT_TYPE_CREATE_GRANT", } EventType_value = map[string]int32{ "EVENT_TYPE_UNSPECIFIED": 0, "EVENT_TYPE_USAGE": 1, "EVENT_TYPE_RESOURCE_CHANGE": 4, + "EVENT_TYPE_CREATE_GRANT": 5, } ) @@ -329,6 +332,7 @@ type Event struct { // *Event_GrantEvent // *Event_RevokeEvent // *Event_ResourceChangeEvent + // *Event_CreateGrantEvent Event isEvent_Event `protobuf_oneof:"event"` // May contain resources for targets, actor, or items referenced in events Annotations []*anypb.Any `protobuf:"bytes,3,rep,name=annotations,proto3" json:"annotations,omitempty"` @@ -423,6 +427,15 @@ func (x *Event) GetResourceChangeEvent() *ResourceChangeEvent { return nil } +func (x *Event) GetCreateGrantEvent() *CreateGrantEvent { + if x != nil { + if x, ok := x.Event.(*Event_CreateGrantEvent); ok { + return x.CreateGrantEvent + } + } + return nil +} + func (x *Event) GetAnnotations() []*anypb.Any { if x != nil { return x.Annotations @@ -450,6 +463,10 @@ type Event_ResourceChangeEvent struct { ResourceChangeEvent *ResourceChangeEvent `protobuf:"bytes,103,opt,name=resource_change_event,json=resourceChangeEvent,proto3,oneof"` } +type Event_CreateGrantEvent struct { + CreateGrantEvent *CreateGrantEvent `protobuf:"bytes,104,opt,name=create_grant_event,json=createGrantEvent,proto3,oneof"` +} + func (*Event_UsageEvent) isEvent_Event() {} func (*Event_GrantEvent) isEvent_Event() {} @@ -458,6 +475,8 @@ func (*Event_RevokeEvent) isEvent_Event() {} func (*Event_ResourceChangeEvent) isEvent_Event() {} +func (*Event_CreateGrantEvent) isEvent_Event() {} + type UsageEvent struct { state protoimpl.MessageState `protogen:"open.v1"` TargetResource *Resource `protobuf:"bytes,1,opt,name=target_resource,json=targetResource,proto3" json:"target_resource,omitempty"` @@ -555,6 +574,66 @@ func (x *GrantEvent) GetGrant() *Grant { return nil } +type CreateGrantEvent struct { + state protoimpl.MessageState `protogen:"open.v1"` + Entitlement *Entitlement `protobuf:"bytes,1,opt,name=entitlement,proto3" json:"entitlement,omitempty"` + Principal *Resource `protobuf:"bytes,2,opt,name=principal,proto3" json:"principal,omitempty"` + Annotations []*anypb.Any `protobuf:"bytes,3,rep,name=annotations,proto3" json:"annotations,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CreateGrantEvent) Reset() { + *x = CreateGrantEvent{} + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CreateGrantEvent) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateGrantEvent) ProtoMessage() {} + +func (x *CreateGrantEvent) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateGrantEvent.ProtoReflect.Descriptor instead. +func (*CreateGrantEvent) Descriptor() ([]byte, []int) { + return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{7} +} + +func (x *CreateGrantEvent) GetEntitlement() *Entitlement { + if x != nil { + return x.Entitlement + } + return nil +} + +func (x *CreateGrantEvent) GetPrincipal() *Resource { + if x != nil { + return x.Principal + } + return nil +} + +func (x *CreateGrantEvent) GetAnnotations() []*anypb.Any { + if x != nil { + return x.Annotations + } + return nil +} + type RevokeEvent struct { state protoimpl.MessageState `protogen:"open.v1"` Entitlement *Entitlement `protobuf:"bytes,1,opt,name=entitlement,proto3" json:"entitlement,omitempty"` @@ -565,7 +644,7 @@ type RevokeEvent struct { func (x *RevokeEvent) Reset() { *x = RevokeEvent{} - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[7] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -577,7 +656,7 @@ func (x *RevokeEvent) String() string { func (*RevokeEvent) ProtoMessage() {} func (x *RevokeEvent) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[7] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[8] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -590,7 +669,7 @@ func (x *RevokeEvent) ProtoReflect() protoreflect.Message { // Deprecated: Use RevokeEvent.ProtoReflect.Descriptor instead. func (*RevokeEvent) Descriptor() ([]byte, []int) { - return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{7} + return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{8} } func (x *RevokeEvent) GetEntitlement() *Entitlement { @@ -618,7 +697,7 @@ type ResourceChangeEvent struct { func (x *ResourceChangeEvent) Reset() { *x = ResourceChangeEvent{} - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[8] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -630,7 +709,7 @@ func (x *ResourceChangeEvent) String() string { func (*ResourceChangeEvent) ProtoMessage() {} func (x *ResourceChangeEvent) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[8] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -643,7 +722,7 @@ func (x *ResourceChangeEvent) ProtoReflect() protoreflect.Message { // Deprecated: Use ResourceChangeEvent.ProtoReflect.Descriptor instead. func (*ResourceChangeEvent) Descriptor() ([]byte, []int) { - return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{8} + return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{9} } func (x *ResourceChangeEvent) GetResourceId() *ResourceId { @@ -671,7 +750,7 @@ type EventFeedMetadata struct { func (x *EventFeedMetadata) Reset() { *x = EventFeedMetadata{} - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[9] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -683,7 +762,7 @@ func (x *EventFeedMetadata) String() string { func (*EventFeedMetadata) ProtoMessage() {} func (x *EventFeedMetadata) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_event_feed_proto_msgTypes[9] + mi := &file_c1_connector_v2_event_feed_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -696,7 +775,7 @@ func (x *EventFeedMetadata) ProtoReflect() protoreflect.Message { // Deprecated: Use EventFeedMetadata.ProtoReflect.Descriptor instead. func (*EventFeedMetadata) Descriptor() ([]byte, []int) { - return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{9} + return file_c1_connector_v2_event_feed_proto_rawDescGZIP(), []int{10} } func (x *EventFeedMetadata) GetId() string { @@ -772,7 +851,7 @@ var file_c1_connector_v2_event_feed_proto_rawDesc = string([]byte{ 0x04, 0x6c, 0x69, 0x73, 0x74, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, - 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xb4, 0x03, + 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x87, 0x04, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x63, 0x63, 0x75, 0x72, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, @@ -796,76 +875,96 @@ var file_c1_connector_v2_event_feed_proto_rawDesc = string([]byte{ 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x13, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x45, 0x76, - 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, - 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x07, 0x0a, 0x05, 0x65, - 0x76, 0x65, 0x6e, 0x74, 0x22, 0x92, 0x01, 0x0a, 0x0a, 0x55, 0x73, 0x61, 0x67, 0x65, 0x45, 0x76, - 0x65, 0x6e, 0x74, 0x12, 0x42, 0x0a, 0x0f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x72, 0x65, - 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, - 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, - 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x52, - 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x40, 0x0a, 0x0e, 0x61, 0x63, 0x74, 0x6f, 0x72, - 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x65, 0x6e, 0x74, 0x12, 0x51, 0x0a, 0x12, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x5f, 0x67, 0x72, + 0x61, 0x6e, 0x74, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x68, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x21, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, + 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x45, 0x76, 0x65, + 0x6e, 0x74, 0x48, 0x00, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x47, 0x72, 0x61, 0x6e, + 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, + 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x07, + 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, 0x92, 0x01, 0x0a, 0x0a, 0x55, 0x73, 0x61, 0x67, + 0x65, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x42, 0x0a, 0x0f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, + 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, - 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0d, 0x61, 0x63, 0x74, 0x6f, - 0x72, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22, 0x3a, 0x0a, 0x0a, 0x47, 0x72, 0x61, - 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x05, 0x67, 0x72, 0x61, 0x6e, 0x74, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, - 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x52, 0x05, - 0x67, 0x72, 0x61, 0x6e, 0x74, 0x22, 0x86, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x3e, 0x0a, 0x0b, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, - 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x63, 0x31, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x74, - 0x69, 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0b, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x6c, - 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, - 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, - 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, - 0x72, 0x63, 0x65, 0x52, 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x22, 0xa8, - 0x01, 0x0a, 0x13, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x68, 0x61, 0x6e, 0x67, - 0x65, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x46, 0x0a, 0x0b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x63, 0x31, - 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, - 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, - 0x10, 0x01, 0x52, 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x12, 0x49, - 0x0a, 0x12, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x63, 0x31, 0x2e, + 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0e, 0x74, 0x61, 0x72, 0x67, + 0x65, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x40, 0x0a, 0x0e, 0x61, 0x63, + 0x74, 0x6f, 0x72, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, + 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x0d, 0x61, + 0x63, 0x74, 0x6f, 0x72, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x22, 0x3a, 0x0a, 0x0a, + 0x47, 0x72, 0x61, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x05, 0x67, 0x72, + 0x61, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x63, 0x31, 0x2e, 0x63, + 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x47, 0x72, 0x61, 0x6e, + 0x74, 0x52, 0x05, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x22, 0xd7, 0x01, 0x0a, 0x10, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x48, 0x0a, + 0x0b, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, + 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, + 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0b, 0x65, 0x6e, 0x74, 0x69, + 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x41, 0x0a, 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, + 0x69, 0x70, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, - 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x52, 0x10, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x52, - 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x22, 0x90, 0x01, 0x0a, 0x11, 0x45, 0x76, - 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, 0x64, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, - 0x1a, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xfa, 0x42, 0x07, - 0x72, 0x05, 0x20, 0x01, 0x28, 0x80, 0x08, 0x52, 0x02, 0x69, 0x64, 0x12, 0x5f, 0x0a, 0x15, 0x73, - 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x74, - 0x79, 0x70, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x63, 0x31, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x76, 0x65, - 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x92, 0x01, 0x09, 0x18, 0x01, - 0x22, 0x05, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, - 0x65, 0x64, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x73, 0x2a, 0x69, 0x0a, 0x09, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1a, 0x0a, 0x16, 0x45, 0x56, 0x45, - 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, - 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, - 0x59, 0x50, 0x45, 0x5f, 0x55, 0x53, 0x41, 0x47, 0x45, 0x10, 0x01, 0x12, 0x1e, 0x0a, 0x1a, 0x45, - 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x52, 0x45, 0x53, 0x4f, 0x55, 0x52, - 0x43, 0x45, 0x5f, 0x43, 0x48, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x04, 0x22, 0x04, 0x08, 0x02, 0x10, - 0x02, 0x22, 0x04, 0x08, 0x03, 0x10, 0x03, 0x32, 0xc8, 0x01, 0x0a, 0x0c, 0x45, 0x76, 0x65, 0x6e, - 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x55, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x22, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, - 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, - 0x6e, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x63, 0x31, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, - 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, - 0x61, 0x0a, 0x0e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, 0x64, - 0x73, 0x12, 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, - 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, - 0x64, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, 0x63, - 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, 0x64, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x42, 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x63, 0x6f, 0x6e, 0x64, 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, - 0x74, 0x6f, 0x6e, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, - 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, + 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, + 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x22, 0x86, 0x01, 0x0a, 0x0b, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x45, 0x76, 0x65, + 0x6e, 0x74, 0x12, 0x3e, 0x0a, 0x0b, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, + 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x6c, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0b, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x6d, 0x65, + 0x6e, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, + 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, + 0x52, 0x09, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x22, 0xa8, 0x01, 0x0a, 0x13, + 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x45, 0x76, + 0x65, 0x6e, 0x74, 0x12, 0x46, 0x0a, 0x0b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, + 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x49, 0x64, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x01, 0x52, + 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x12, 0x49, 0x0a, 0x12, 0x70, + 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, + 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, + 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x49, 0x64, 0x52, 0x10, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x22, 0x90, 0x01, 0x0a, 0x11, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x46, 0x65, 0x65, 0x64, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x1a, 0x0a, 0x02, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xfa, 0x42, 0x07, 0x72, 0x05, 0x20, + 0x01, 0x28, 0x80, 0x08, 0x52, 0x02, 0x69, 0x64, 0x12, 0x5f, 0x0a, 0x15, 0x73, 0x75, 0x70, 0x70, + 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, + 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, + 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, + 0x79, 0x70, 0x65, 0x42, 0x0f, 0xfa, 0x42, 0x0c, 0x92, 0x01, 0x09, 0x18, 0x01, 0x22, 0x05, 0x82, + 0x01, 0x02, 0x10, 0x01, 0x52, 0x13, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x45, + 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x73, 0x2a, 0x86, 0x01, 0x0a, 0x09, 0x45, 0x76, + 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1a, 0x0a, 0x16, 0x45, 0x56, 0x45, 0x4e, 0x54, + 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, + 0x44, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, + 0x45, 0x5f, 0x55, 0x53, 0x41, 0x47, 0x45, 0x10, 0x01, 0x12, 0x1e, 0x0a, 0x1a, 0x45, 0x56, 0x45, + 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x52, 0x45, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, + 0x5f, 0x43, 0x48, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x04, 0x12, 0x1b, 0x0a, 0x17, 0x45, 0x56, 0x45, + 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x43, 0x52, 0x45, 0x41, 0x54, 0x45, 0x5f, 0x47, + 0x52, 0x41, 0x4e, 0x54, 0x10, 0x05, 0x22, 0x04, 0x08, 0x02, 0x10, 0x02, 0x22, 0x04, 0x08, 0x03, + 0x10, 0x03, 0x32, 0xc8, 0x01, 0x0a, 0x0c, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x55, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x73, 0x12, 0x22, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, + 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, + 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x61, 0x0a, 0x0e, 0x4c, 0x69, + 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, 0x64, 0x73, 0x12, 0x26, 0x2e, 0x63, + 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, + 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x46, 0x65, 0x65, 0x64, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x46, 0x65, 0x65, 0x64, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x36, 0x5a, + 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, + 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, + 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, + 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( @@ -881,7 +980,7 @@ func file_c1_connector_v2_event_feed_proto_rawDescGZIP() []byte { } var file_c1_connector_v2_event_feed_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_c1_connector_v2_event_feed_proto_msgTypes = make([]protoimpl.MessageInfo, 10) +var file_c1_connector_v2_event_feed_proto_msgTypes = make([]protoimpl.MessageInfo, 11) var file_c1_connector_v2_event_feed_proto_goTypes = []any{ (EventType)(0), // 0: c1.connector.v2.EventType (*ListEventsRequest)(nil), // 1: c1.connector.v2.ListEventsRequest @@ -891,47 +990,52 @@ var file_c1_connector_v2_event_feed_proto_goTypes = []any{ (*Event)(nil), // 5: c1.connector.v2.Event (*UsageEvent)(nil), // 6: c1.connector.v2.UsageEvent (*GrantEvent)(nil), // 7: c1.connector.v2.GrantEvent - (*RevokeEvent)(nil), // 8: c1.connector.v2.RevokeEvent - (*ResourceChangeEvent)(nil), // 9: c1.connector.v2.ResourceChangeEvent - (*EventFeedMetadata)(nil), // 10: c1.connector.v2.EventFeedMetadata - (*timestamppb.Timestamp)(nil), // 11: google.protobuf.Timestamp - (*anypb.Any)(nil), // 12: google.protobuf.Any - (*Resource)(nil), // 13: c1.connector.v2.Resource - (*Grant)(nil), // 14: c1.connector.v2.Grant - (*Entitlement)(nil), // 15: c1.connector.v2.Entitlement - (*ResourceId)(nil), // 16: c1.connector.v2.ResourceId + (*CreateGrantEvent)(nil), // 8: c1.connector.v2.CreateGrantEvent + (*RevokeEvent)(nil), // 9: c1.connector.v2.RevokeEvent + (*ResourceChangeEvent)(nil), // 10: c1.connector.v2.ResourceChangeEvent + (*EventFeedMetadata)(nil), // 11: c1.connector.v2.EventFeedMetadata + (*timestamppb.Timestamp)(nil), // 12: google.protobuf.Timestamp + (*anypb.Any)(nil), // 13: google.protobuf.Any + (*Resource)(nil), // 14: c1.connector.v2.Resource + (*Grant)(nil), // 15: c1.connector.v2.Grant + (*Entitlement)(nil), // 16: c1.connector.v2.Entitlement + (*ResourceId)(nil), // 17: c1.connector.v2.ResourceId } var file_c1_connector_v2_event_feed_proto_depIdxs = []int32{ - 11, // 0: c1.connector.v2.ListEventsRequest.start_at:type_name -> google.protobuf.Timestamp - 12, // 1: c1.connector.v2.ListEventsRequest.annotations:type_name -> google.protobuf.Any + 12, // 0: c1.connector.v2.ListEventsRequest.start_at:type_name -> google.protobuf.Timestamp + 13, // 1: c1.connector.v2.ListEventsRequest.annotations:type_name -> google.protobuf.Any 5, // 2: c1.connector.v2.ListEventsResponse.events:type_name -> c1.connector.v2.Event - 12, // 3: c1.connector.v2.ListEventsResponse.annotations:type_name -> google.protobuf.Any - 12, // 4: c1.connector.v2.ListEventFeedsRequest.annotations:type_name -> google.protobuf.Any - 10, // 5: c1.connector.v2.ListEventFeedsResponse.list:type_name -> c1.connector.v2.EventFeedMetadata - 12, // 6: c1.connector.v2.ListEventFeedsResponse.annotations:type_name -> google.protobuf.Any - 11, // 7: c1.connector.v2.Event.occurred_at:type_name -> google.protobuf.Timestamp + 13, // 3: c1.connector.v2.ListEventsResponse.annotations:type_name -> google.protobuf.Any + 13, // 4: c1.connector.v2.ListEventFeedsRequest.annotations:type_name -> google.protobuf.Any + 11, // 5: c1.connector.v2.ListEventFeedsResponse.list:type_name -> c1.connector.v2.EventFeedMetadata + 13, // 6: c1.connector.v2.ListEventFeedsResponse.annotations:type_name -> google.protobuf.Any + 12, // 7: c1.connector.v2.Event.occurred_at:type_name -> google.protobuf.Timestamp 6, // 8: c1.connector.v2.Event.usage_event:type_name -> c1.connector.v2.UsageEvent 7, // 9: c1.connector.v2.Event.grant_event:type_name -> c1.connector.v2.GrantEvent - 8, // 10: c1.connector.v2.Event.revoke_event:type_name -> c1.connector.v2.RevokeEvent - 9, // 11: c1.connector.v2.Event.resource_change_event:type_name -> c1.connector.v2.ResourceChangeEvent - 12, // 12: c1.connector.v2.Event.annotations:type_name -> google.protobuf.Any - 13, // 13: c1.connector.v2.UsageEvent.target_resource:type_name -> c1.connector.v2.Resource - 13, // 14: c1.connector.v2.UsageEvent.actor_resource:type_name -> c1.connector.v2.Resource - 14, // 15: c1.connector.v2.GrantEvent.grant:type_name -> c1.connector.v2.Grant - 15, // 16: c1.connector.v2.RevokeEvent.entitlement:type_name -> c1.connector.v2.Entitlement - 13, // 17: c1.connector.v2.RevokeEvent.principal:type_name -> c1.connector.v2.Resource - 16, // 18: c1.connector.v2.ResourceChangeEvent.resource_id:type_name -> c1.connector.v2.ResourceId - 16, // 19: c1.connector.v2.ResourceChangeEvent.parent_resource_id:type_name -> c1.connector.v2.ResourceId - 0, // 20: c1.connector.v2.EventFeedMetadata.supported_event_types:type_name -> c1.connector.v2.EventType - 1, // 21: c1.connector.v2.EventService.ListEvents:input_type -> c1.connector.v2.ListEventsRequest - 3, // 22: c1.connector.v2.EventService.ListEventFeeds:input_type -> c1.connector.v2.ListEventFeedsRequest - 2, // 23: c1.connector.v2.EventService.ListEvents:output_type -> c1.connector.v2.ListEventsResponse - 4, // 24: c1.connector.v2.EventService.ListEventFeeds:output_type -> c1.connector.v2.ListEventFeedsResponse - 23, // [23:25] is the sub-list for method output_type - 21, // [21:23] is the sub-list for method input_type - 21, // [21:21] is the sub-list for extension type_name - 21, // [21:21] is the sub-list for extension extendee - 0, // [0:21] is the sub-list for field type_name + 9, // 10: c1.connector.v2.Event.revoke_event:type_name -> c1.connector.v2.RevokeEvent + 10, // 11: c1.connector.v2.Event.resource_change_event:type_name -> c1.connector.v2.ResourceChangeEvent + 8, // 12: c1.connector.v2.Event.create_grant_event:type_name -> c1.connector.v2.CreateGrantEvent + 13, // 13: c1.connector.v2.Event.annotations:type_name -> google.protobuf.Any + 14, // 14: c1.connector.v2.UsageEvent.target_resource:type_name -> c1.connector.v2.Resource + 14, // 15: c1.connector.v2.UsageEvent.actor_resource:type_name -> c1.connector.v2.Resource + 15, // 16: c1.connector.v2.GrantEvent.grant:type_name -> c1.connector.v2.Grant + 16, // 17: c1.connector.v2.CreateGrantEvent.entitlement:type_name -> c1.connector.v2.Entitlement + 14, // 18: c1.connector.v2.CreateGrantEvent.principal:type_name -> c1.connector.v2.Resource + 13, // 19: c1.connector.v2.CreateGrantEvent.annotations:type_name -> google.protobuf.Any + 16, // 20: c1.connector.v2.RevokeEvent.entitlement:type_name -> c1.connector.v2.Entitlement + 14, // 21: c1.connector.v2.RevokeEvent.principal:type_name -> c1.connector.v2.Resource + 17, // 22: c1.connector.v2.ResourceChangeEvent.resource_id:type_name -> c1.connector.v2.ResourceId + 17, // 23: c1.connector.v2.ResourceChangeEvent.parent_resource_id:type_name -> c1.connector.v2.ResourceId + 0, // 24: c1.connector.v2.EventFeedMetadata.supported_event_types:type_name -> c1.connector.v2.EventType + 1, // 25: c1.connector.v2.EventService.ListEvents:input_type -> c1.connector.v2.ListEventsRequest + 3, // 26: c1.connector.v2.EventService.ListEventFeeds:input_type -> c1.connector.v2.ListEventFeedsRequest + 2, // 27: c1.connector.v2.EventService.ListEvents:output_type -> c1.connector.v2.ListEventsResponse + 4, // 28: c1.connector.v2.EventService.ListEventFeeds:output_type -> c1.connector.v2.ListEventFeedsResponse + 27, // [27:29] is the sub-list for method output_type + 25, // [25:27] is the sub-list for method input_type + 25, // [25:25] is the sub-list for extension type_name + 25, // [25:25] is the sub-list for extension extendee + 0, // [0:25] is the sub-list for field type_name } func init() { file_c1_connector_v2_event_feed_proto_init() } @@ -947,6 +1051,7 @@ func file_c1_connector_v2_event_feed_proto_init() { (*Event_GrantEvent)(nil), (*Event_RevokeEvent)(nil), (*Event_ResourceChangeEvent)(nil), + (*Event_CreateGrantEvent)(nil), } type x struct{} out := protoimpl.TypeBuilder{ @@ -954,7 +1059,7 @@ func file_c1_connector_v2_event_feed_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_event_feed_proto_rawDesc), len(file_c1_connector_v2_event_feed_proto_rawDesc)), NumEnums: 1, - NumMessages: 10, + NumMessages: 11, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.validate.go index bc384bf6..35b63501 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/event_feed.pb.validate.go @@ -989,6 +989,47 @@ func (m *Event) validate(all bool) error { } } + case *Event_CreateGrantEvent: + if v == nil { + err := EventValidationError{ + field: "Event", + reason: "oneof value cannot be a typed-nil", + } + if !all { + return err + } + errors = append(errors, err) + } + + if all { + switch v := interface{}(m.GetCreateGrantEvent()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, EventValidationError{ + field: "CreateGrantEvent", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, EventValidationError{ + field: "CreateGrantEvent", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetCreateGrantEvent()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return EventValidationError{ + field: "CreateGrantEvent", + reason: "embedded message failed validation", + cause: err, + } + } + } + default: _ = v // ensures v is used } @@ -1355,6 +1396,220 @@ var _ interface { ErrorName() string } = GrantEventValidationError{} +// Validate checks the field values on CreateGrantEvent with the rules defined +// in the proto definition for this message. If any rules are violated, the +// first error encountered is returned, or nil if there are no violations. +func (m *CreateGrantEvent) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on CreateGrantEvent with the rules +// defined in the proto definition for this message. If any rules are +// violated, the result is a list of violation errors wrapped in +// CreateGrantEventMultiError, or nil if none found. +func (m *CreateGrantEvent) ValidateAll() error { + return m.validate(true) +} + +func (m *CreateGrantEvent) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if m.GetEntitlement() == nil { + err := CreateGrantEventValidationError{ + field: "Entitlement", + reason: "value is required", + } + if !all { + return err + } + errors = append(errors, err) + } + + if all { + switch v := interface{}(m.GetEntitlement()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: "Entitlement", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: "Entitlement", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetEntitlement()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return CreateGrantEventValidationError{ + field: "Entitlement", + reason: "embedded message failed validation", + cause: err, + } + } + } + + if m.GetPrincipal() == nil { + err := CreateGrantEventValidationError{ + field: "Principal", + reason: "value is required", + } + if !all { + return err + } + errors = append(errors, err) + } + + if all { + switch v := interface{}(m.GetPrincipal()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: "Principal", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: "Principal", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetPrincipal()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return CreateGrantEventValidationError{ + field: "Principal", + reason: "embedded message failed validation", + cause: err, + } + } + } + + for idx, item := range m.GetAnnotations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, CreateGrantEventValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return CreateGrantEventValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return CreateGrantEventMultiError(errors) + } + + return nil +} + +// CreateGrantEventMultiError is an error wrapping multiple validation errors +// returned by CreateGrantEvent.ValidateAll() if the designated constraints +// aren't met. +type CreateGrantEventMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m CreateGrantEventMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m CreateGrantEventMultiError) AllErrors() []error { return m } + +// CreateGrantEventValidationError is the validation error returned by +// CreateGrantEvent.Validate if the designated constraints aren't met. +type CreateGrantEventValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e CreateGrantEventValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e CreateGrantEventValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e CreateGrantEventValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e CreateGrantEventValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e CreateGrantEventValidationError) ErrorName() string { return "CreateGrantEventValidationError" } + +// Error satisfies the builtin error interface +func (e CreateGrantEventValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sCreateGrantEvent.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = CreateGrantEventValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = CreateGrantEventValidationError{} + // Validate checks the field values on RevokeEvent with the rules defined in // the proto definition for this message. If any rules are violated, the first // error encountered is returned, or nil if there are no violations. diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/bid/bid.go b/vendor/github.com/conductorone/baton-sdk/pkg/bid/bid.go index bf639b78..ff1b7890 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/bid/bid.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/bid/bid.go @@ -132,8 +132,11 @@ func resourcePartToStr(r *v2.Resource) (string, error) { } resourceType := escapeParts(rid.GetResourceType()) resource := escapeParts(rid.GetResource()) - if resourceType == "" || resource == "" { - return "", NewBidStringError(r, "resource type or id is empty") + if resourceType == "" { + return "", NewBidStringError(r, "resource type is empty") + } + if resource == "" { + return "", NewBidStringError(r, "resource id is empty") } prid := r.GetParentResourceId() if prid == nil { diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go index a530871e..0e745838 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go @@ -289,6 +289,8 @@ func MakeMainCommand[T field.Configurable]( opts = append(opts, connectorrunner.WithExternalResourceEntitlementFilter(externalResourceEntitlementIdFilter)) } + opts = append(opts, connectorrunner.WithSkipEntitlementsAndGrants(v.GetBool("skip-entitlements-and-grants"))) + t, err := MakeGenericConfiguration[T](v) if err != nil { return fmt.Errorf("failed to make configuration: %w", err) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go index e5ddb37c..313a1ac1 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go @@ -343,6 +343,7 @@ type runnerConfig struct { targetedSyncResourceIDs []string externalResourceC1Z string externalResourceEntitlementIdFilter string + skipEntitlementsAndGrants bool } // WithRateLimiterConfig sets the RateLimiterConfig for a runner. @@ -641,6 +642,13 @@ func WithSyncCompactor(outputPath string, filePaths []string, syncIDs []string) } } +func WithSkipEntitlementsAndGrants(skip bool) Option { + return func(ctx context.Context, cfg *runnerConfig) error { + cfg.skipEntitlementsAndGrants = skip + return nil + } +} + // NewConnectorRunner creates a new connector runner. func NewConnectorRunner(ctx context.Context, c types.ConnectorServer, opts ...Option) (*connectorRunner, error) { runner := &connectorRunner{} @@ -745,6 +753,7 @@ func NewConnectorRunner(ctx context.Context, c types.ConnectorServer, opts ...Op local.WithExternalResourceC1Z(cfg.externalResourceC1Z), local.WithExternalResourceEntitlementIdFilter(cfg.externalResourceEntitlementIdFilter), local.WithTargetedSyncResourceIDs(cfg.targetedSyncResourceIDs), + local.WithSkipEntitlementsAndGrants(cfg.skipEntitlementsAndGrants), ) if err != nil { return nil, err diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/c1file.go b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/c1file.go index b89abccc..a424bfc9 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/c1file.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/c1file.go @@ -3,6 +3,7 @@ package dotc1z import ( "context" "database/sql" + "errors" "fmt" "os" "path/filepath" @@ -149,6 +150,14 @@ func NewC1ZFile(ctx context.Context, outputFilePath string, opts ...C1ZOption) ( return c1File, nil } +func cleanupDbDir(dbFilePath string, err error) error { + cleanupErr := os.RemoveAll(filepath.Dir(dbFilePath)) + if cleanupErr != nil { + err = errors.Join(err, cleanupErr) + } + return err +} + // Close ensures that the sqlite database is flushed to disk, and if any changes were made we update the original database // with our changes. func (c *C1File) Close() error { @@ -157,7 +166,7 @@ func (c *C1File) Close() error { if c.rawDb != nil { err = c.rawDb.Close() if err != nil { - return err + return cleanupDbDir(c.dbFilePath, err) } } c.rawDb = nil @@ -167,17 +176,11 @@ func (c *C1File) Close() error { if c.dbUpdated { err = saveC1z(c.dbFilePath, c.outputFilePath) if err != nil { - return err + return cleanupDbDir(c.dbFilePath, err) } } - // Cleanup the database filepath. This should always be a file within a temp directory, so we remove the entire dir. - err = os.RemoveAll(filepath.Dir(c.dbFilePath)) - if err != nil { - return err - } - - return nil + return cleanupDbDir(c.dbFilePath, err) } // init ensures that the database has all of the required schema. diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go index 44bfc4a9..9d3db37c 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go @@ -69,12 +69,6 @@ func saveC1z(dbFilePath string, outputFilePath string) error { if err != nil { zap.L().Error("failed to close db file", zap.Error(err)) } - - // Cleanup the database filepath. This should always be a file within a temp directory, so we remove the entire dir. - err = os.RemoveAll(filepath.Dir(dbFilePath)) - if err != nil { - zap.L().Error("failed to remove db dir", zap.Error(err)) - } }() outFile, err := os.OpenFile(outputFilePath, os.O_RDWR|os.O_CREATE|syscall.O_TRUNC, 0644) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go index e480f0d8..8e92b832 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go @@ -83,9 +83,14 @@ var ( WithDescription("The timestamp indicating when debug-level logging should expire"), WithPersistent(true), WithExportTarget(ExportTargetOps)) - skipFullSync = BoolField("skip-full-sync", WithDescription("This must be set to skip a full sync"), WithPersistent(true), WithExportTarget(ExportTargetNone)) - targetedSyncResourceIDs = StringSliceField("sync-resources", WithDescription("The resource IDs to sync"), WithPersistent(true), WithExportTarget(ExportTargetNone)) - diffSyncsField = BoolField( + skipFullSync = BoolField("skip-full-sync", WithDescription("This must be set to skip a full sync"), WithPersistent(true), WithExportTarget(ExportTargetNone)) + targetedSyncResourceIDs = StringSliceField("sync-resources", WithDescription("The resource IDs to sync"), WithPersistent(true), WithExportTarget(ExportTargetNone)) + skipEntitlementsAndGrants = BoolField("skip-entitlements-and-grants", + WithDescription("This must be set to skip syncing of entitlements and grants"), + WithPersistent(true), + WithExportTarget(ExportTargetNone), + ) + diffSyncsField = BoolField( "diff-syncs", WithDescription("Create a new partial SyncID from a base and applied sync."), WithHidden(true), @@ -252,6 +257,7 @@ var DefaultFields = []SchemaField{ logLevelDebugExpiresAtField, skipFullSync, targetedSyncResourceIDs, + skipEntitlementsAndGrants, externalResourceC1ZField, externalResourceEntitlementIdFilter, diffSyncsField, diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go index d11ea07f..7c8c8708 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go @@ -1,3 +1,3 @@ package sdk -const Version = "v0.3.34" +const Version = "v0.3.44" diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go b/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go index e8dc6fe6..b1e6964f 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go @@ -31,6 +31,8 @@ type State interface { SetHasExternalResourcesGrants() ShouldFetchRelatedResources() bool SetShouldFetchRelatedResources() + ShouldSkipEntitlementsAndGrants() bool + SetShouldSkipEntitlementsAndGrants() } // ActionOp represents a sync operation. @@ -131,24 +133,26 @@ type Action struct { // state is an object used for tracking the current status of a connector sync. It operates like a stack. type state struct { - mtx sync.RWMutex - actions []Action - currentAction *Action - entitlementGraph *expand.EntitlementGraph - needsExpansion bool - hasExternalResourceGrants bool - shouldFetchRelatedResources bool + mtx sync.RWMutex + actions []Action + currentAction *Action + entitlementGraph *expand.EntitlementGraph + needsExpansion bool + hasExternalResourceGrants bool + shouldFetchRelatedResources bool + shouldSkipEntitlementsAndGrants bool } // serializedToken is used to serialize the token to JSON. This separate object is used to avoid having exported fields // on the object used externally. We should interface this, probably. type serializedToken struct { - Actions []Action `json:"actions"` - CurrentAction *Action `json:"current_action"` - NeedsExpansion bool `json:"needs_expansion"` - EntitlementGraph *expand.EntitlementGraph `json:"entitlement_graph"` - HasExternalResourceGrants bool `json:"has_external_resource_grants"` - ShouldFetchRelatedResources bool `json:"should_fetch_related_resources"` + Actions []Action `json:"actions"` + CurrentAction *Action `json:"current_action"` + NeedsExpansion bool `json:"needs_expansion,omitempty"` + EntitlementGraph *expand.EntitlementGraph `json:"entitlement_graph"` + HasExternalResourceGrants bool `json:"has_external_resource_grants,omitempty"` + ShouldFetchRelatedResources bool `json:"should_fetch_related_resources,omitempty"` + ShouldSkipEntitlementsAndGrants bool `json:"should_skip_entitlements_and_grants,omitempty"` } // push adds a new action to the stack. If there is no current state, the action is directly set to current, else @@ -203,8 +207,8 @@ func (st *state) Current() *Action { // Unmarshal takes an input string and unmarshals it onto the state object. If the input is empty, we set the state to // have an init action. func (st *state) Unmarshal(input string) error { - st.mtx.RLock() - defer st.mtx.RUnlock() + st.mtx.Lock() + defer st.mtx.Unlock() token := serializedToken{} @@ -218,6 +222,8 @@ func (st *state) Unmarshal(input string) error { st.currentAction = token.CurrentAction st.needsExpansion = token.NeedsExpansion st.hasExternalResourceGrants = token.HasExternalResourceGrants + st.shouldSkipEntitlementsAndGrants = token.ShouldSkipEntitlementsAndGrants + st.shouldFetchRelatedResources = token.ShouldFetchRelatedResources } else { st.actions = nil st.entitlementGraph = nil @@ -233,11 +239,13 @@ func (st *state) Marshal() (string, error) { defer st.mtx.RUnlock() data, err := json.Marshal(serializedToken{ - Actions: st.actions, - CurrentAction: st.currentAction, - NeedsExpansion: st.needsExpansion, - EntitlementGraph: st.entitlementGraph, - HasExternalResourceGrants: st.hasExternalResourceGrants, + Actions: st.actions, + CurrentAction: st.currentAction, + NeedsExpansion: st.needsExpansion, + EntitlementGraph: st.entitlementGraph, + HasExternalResourceGrants: st.hasExternalResourceGrants, + ShouldFetchRelatedResources: st.shouldFetchRelatedResources, + ShouldSkipEntitlementsAndGrants: st.shouldSkipEntitlementsAndGrants, }) if err != nil { return "", err @@ -298,6 +306,14 @@ func (st *state) SetShouldFetchRelatedResources() { st.shouldFetchRelatedResources = true } +func (st *state) ShouldSkipEntitlementsAndGrants() bool { + return st.shouldSkipEntitlementsAndGrants +} + +func (st *state) SetShouldSkipEntitlementsAndGrants() { + st.shouldSkipEntitlementsAndGrants = true +} + // PageToken returns the page token for the current action. func (st *state) PageToken(ctx context.Context) string { c := st.Current() diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go b/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go index 5db1f0cf..c047ff45 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go @@ -211,6 +211,8 @@ type syncer struct { onlyExpandGrants bool syncID string skipEGForResourceType map[string]bool + skipEntitlementsAndGrants bool + resourceTypeTraits map[string][]v2.ResourceType_Trait } const minCheckpointInterval = 10 * time.Second @@ -412,6 +414,9 @@ func (s *syncer) Sync(ctx context.Context) error { case InitOp: s.state.FinishAction(ctx) + if s.skipEntitlementsAndGrants { + s.state.SetShouldSkipEntitlementsAndGrants() + } if len(targetedResources) > 0 { for _, r := range targetedResources { s.state.PushAction(ctx, Action{ @@ -434,7 +439,9 @@ func (s *syncer) Sync(ctx context.Context) error { // FIXME(jirwin): Disabling syncing assets for now // s.state.PushAction(ctx, Action{Op: SyncAssetsOp}) - s.state.PushAction(ctx, Action{Op: SyncGrantExpansionOp}) + if !s.state.ShouldSkipEntitlementsAndGrants() { + s.state.PushAction(ctx, Action{Op: SyncGrantExpansionOp}) + } if s.externalResourceReader != nil { s.state.PushAction(ctx, Action{Op: SyncExternalResourcesOp}) } @@ -446,8 +453,10 @@ func (s *syncer) Sync(ctx context.Context) error { } continue } - s.state.PushAction(ctx, Action{Op: SyncGrantsOp}) - s.state.PushAction(ctx, Action{Op: SyncEntitlementsOp}) + if !s.state.ShouldSkipEntitlementsAndGrants() { + s.state.PushAction(ctx, Action{Op: SyncGrantsOp}) + s.state.PushAction(ctx, Action{Op: SyncEntitlementsOp}) + } s.state.PushAction(ctx, Action{Op: SyncResourcesOp}) s.state.PushAction(ctx, Action{Op: SyncResourceTypesOp}) @@ -750,17 +759,30 @@ func (s *syncer) SyncTargetedResource(ctx context.Context) error { // Actions happen in reverse order. We want to sync child resources, then entitlements, then grants - s.state.PushAction(ctx, Action{ - Op: SyncGrantsOp, - ResourceTypeID: resourceTypeID, - ResourceID: resourceID, - }) + shouldSkipGrants, err := s.shouldSkipGrants(ctx, resource) + if err != nil { + return err + } + if !shouldSkipGrants { + s.state.PushAction(ctx, Action{ + Op: SyncGrantsOp, + ResourceTypeID: resourceTypeID, + ResourceID: resourceID, + }) + } - s.state.PushAction(ctx, Action{ - Op: SyncEntitlementsOp, - ResourceTypeID: resourceTypeID, - ResourceID: resourceID, - }) + shouldSkipEnts, err := s.shouldSkipEntitlementsAndGrants(ctx, resource) + if err != nil { + return err + } + + if !shouldSkipEnts { + s.state.PushAction(ctx, Action{ + Op: SyncEntitlementsOp, + ResourceTypeID: resourceTypeID, + ResourceID: resourceID, + }) + } err = s.getSubResources(ctx, resource) if err != nil { @@ -801,7 +823,7 @@ func (s *syncer) SyncResources(ctx context.Context) error { for _, rt := range resp.List { action := Action{Op: SyncResourcesOp, ResourceTypeID: rt.Id} // If this request specified a parent resource, only queue up syncing resources for children of the parent resource - if s.state.Current().ParentResourceTypeID != "" && s.state.Current().ParentResourceID != "" { + if s.state.Current() != nil && s.state.Current().ParentResourceTypeID != "" && s.state.Current().ParentResourceID != "" { action.ParentResourceID = s.state.Current().ParentResourceID action.ParentResourceTypeID = s.state.Current().ParentResourceTypeID } @@ -895,14 +917,19 @@ func (s *syncer) validateResourceTraits(ctx context.Context, r *v2.Resource) err ctx, span := tracer.Start(ctx, "syncer.validateResourceTraits") defer span.End() - resourceTypeResponse, err := s.store.GetResourceType(ctx, &reader_v2.ResourceTypesReaderServiceGetResourceTypeRequest{ - ResourceTypeId: r.Id.ResourceType, - }) - if err != nil { - return err + resourceTypeTraits, ok := s.resourceTypeTraits[r.Id.ResourceType] + if !ok { + resourceTypeResponse, err := s.store.GetResourceType(ctx, &reader_v2.ResourceTypesReaderServiceGetResourceTypeRequest{ + ResourceTypeId: r.Id.ResourceType, + }) + if err != nil { + return err + } + resourceTypeTraits = resourceTypeResponse.ResourceType.Traits + s.resourceTypeTraits[r.Id.ResourceType] = resourceTypeTraits } - for _, t := range resourceTypeResponse.ResourceType.Traits { + for _, t := range resourceTypeTraits { var trait proto.Message switch t { case v2.ResourceType_TRAIT_APP: @@ -941,6 +968,15 @@ func (s *syncer) shouldSkipEntitlementsAndGrants(ctx context.Context, r *v2.Reso ctx, span := tracer.Start(ctx, "syncer.shouldSkipEntitlementsAndGrants") defer span.End() + if s.state.ShouldSkipEntitlementsAndGrants() { + return true, nil + } + + rAnnos := annotations.Annotations(r.GetAnnotations()) + if rAnnos.Contains(&v2.SkipEntitlementsAndGrants{}) { + return true, nil + } + // We've checked this resource type, so we can return what we have cached directly. if skip, ok := s.skipEGForResourceType[r.Id.ResourceType]; ok { return skip, nil @@ -961,6 +997,15 @@ func (s *syncer) shouldSkipEntitlementsAndGrants(ctx context.Context, r *v2.Reso return skipEntitlements, nil } +func (s *syncer) shouldSkipGrants(ctx context.Context, r *v2.Resource) (bool, error) { + annos := annotations.Annotations(r.GetAnnotations()) + if annos.Contains(&v2.SkipGrants{}) { + return true, nil + } + + return s.shouldSkipEntitlementsAndGrants(ctx, r) +} + // SyncEntitlements fetches the entitlements from the connector. It first lists each resource from the datastore, // and pushes an action to fetch the entitlements for each resource. func (s *syncer) SyncEntitlements(ctx context.Context) error { @@ -1240,7 +1285,7 @@ func (s *syncer) SyncGrantExpansion(ctx context.Context) error { return err } } else { - l.Info("Finished loading entitlement graph", zap.Int("edges", len(entitlementGraph.Edges))) + l.Debug("Finished loading grants to expand") entitlementGraph.Loaded = true } @@ -1309,6 +1354,9 @@ func (s *syncer) SyncGrantExpansion(ctx context.Context) error { } } } + if entitlementGraph.Loaded { + l.Info("Finished loading entitlement graph", zap.Int("edges", len(entitlementGraph.Edges))) + } return nil } @@ -1369,7 +1417,7 @@ func (s *syncer) SyncGrants(ctx context.Context) error { } for _, r := range resp.List { - shouldSkip, err := s.shouldSkipEntitlementsAndGrants(ctx, r) + shouldSkip, err := s.shouldSkipGrants(ctx, r) if err != nil { return err } @@ -1600,29 +1648,6 @@ func (s *syncer) syncGrantsForResource(ctx context.Context, resourceID *v2.Resou return err } } - - principalResource := grant.GetPrincipal() - _, err = s.store.GetResource(ctx, &reader_v2.ResourcesReaderServiceGetResourceRequest{ - ResourceId: principalResource.GetId(), - }) - if err != nil { - if !errors.Is(err, sql.ErrNoRows) { - return err - } - - // Principal resource is not in the DB, so try to fetch it from the connector. - resource, err := s.getResourceFromConnector(ctx, principalResource.GetId(), principalResource.GetParentResourceId()) - if err != nil { - l.Error("error fetching principal resource", zap.Error(err)) - return err - } - if resource == nil { - continue - } - if err := s.store.PutResources(ctx, resource); err != nil { - return err - } - } } err = s.store.PutGrants(ctx, grants...) if err != nil { @@ -1761,10 +1786,12 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context } for _, principal := range principals { - skipEnts := skipEGForResourceType[principal.Id.ResourceType] + rAnnos := annotations.Annotations(principal.GetAnnotations()) + skipEnts := skipEGForResourceType[principal.Id.ResourceType] || rAnnos.Contains(&v2.SkipEntitlementsAndGrants{}) if skipEnts { continue } + resourceEnts, err := s.listExternalEntitlementsForResource(ctx, principal) if err != nil { return err @@ -1773,6 +1800,10 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context } for _, ent := range ents { + rAnnos := annotations.Annotations(ent.GetResource().GetAnnotations()) + if rAnnos.Contains(&v2.SkipGrants{}) { + continue + } grantsForEnt, err := s.listExternalGrantsForEntitlement(ctx, ent) if err != nil { return err @@ -1868,6 +1899,11 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error if skipEnts { continue } + rAnnos := annotations.Annotations(principal.GetAnnotations()) + if rAnnos.Contains(&v2.SkipEntitlementsAndGrants{}) { + continue + } + resourceEnts, err := s.listExternalEntitlementsForResource(ctx, principal) if err != nil { return err @@ -1876,6 +1912,10 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error } for _, ent := range ents { + rAnnos := annotations.Annotations(ent.GetResource().GetAnnotations()) + if rAnnos.Contains(&v2.SkipGrants{}) { + continue + } grantsForEnt, err := s.listExternalGrantsForEntitlement(ctx, ent) if err != nil { return err @@ -2730,11 +2770,18 @@ func WithSyncID(syncID string) SyncOpt { } } +func WithSkipEntitlementsAndGrants(skip bool) SyncOpt { + return func(s *syncer) { + s.skipEntitlementsAndGrants = skip + } +} + // NewSyncer returns a new syncer object. func NewSyncer(ctx context.Context, c types.ConnectorClient, opts ...SyncOpt) (Syncer, error) { s := &syncer{ connector: c, skipEGForResourceType: make(map[string]bool), + resourceTypeTraits: make(map[string][]v2.ResourceType_Trait), counts: NewProgressCounts(), } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go index ab35c8cb..702c01b3 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go @@ -15,6 +15,7 @@ import ( "github.com/conductorone/baton-sdk/pkg/sdk" "github.com/conductorone/baton-sdk/pkg/sync" "github.com/conductorone/baton-sdk/pkg/synccompactor/attached" + "github.com/conductorone/baton-sdk/pkg/synccompactor/naive" "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" "go.opentelemetry.io/otel" "go.uber.org/zap" @@ -22,8 +23,16 @@ import ( var tracer = otel.Tracer("baton-sdk/pkg.synccompactor") +type CompactorType string + +const ( + CompactorTypeNaive CompactorType = "naive" + CompactorTypeAttached CompactorType = "attached" +) + type Compactor struct { - entries []*CompactableSync + compactorType CompactorType + entries []*CompactableSync tmpDir string destDir string @@ -46,12 +55,22 @@ func WithTmpDir(tempDir string) Option { } } +func WithCompactorType(compactorType CompactorType) Option { + return func(c *Compactor) { + c.compactorType = compactorType + } +} + func NewCompactor(ctx context.Context, outputDir string, compactableSyncs []*CompactableSync, opts ...Option) (*Compactor, func() error, error) { if len(compactableSyncs) < 2 { return nil, nil, ErrNotEnoughFilesToCompact } - c := &Compactor{entries: compactableSyncs, destDir: outputDir} + c := &Compactor{ + entries: compactableSyncs, + destDir: outputDir, + compactorType: CompactorTypeAttached, + } for _, opt := range opts { opt(c) } @@ -83,28 +102,16 @@ func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { return nil, nil } - base := c.entries[0] - incrementals := c.entries[1:] - - // Lets compact all the incrementals together first. - compactedIncrementals := incrementals[0] - if len(incrementals) > 1 { - for i := 1; i < len(incrementals); i++ { - nextEntry := incrementals[i] - compacted, err := c.doOneCompaction(ctx, compactedIncrementals, nextEntry) - if err != nil { - return nil, err - } - compactedIncrementals = compacted + var err error + // Base sync is c.entries[0], so compact all incrementals first, then apply that onto the base. + applied := c.entries[len(c.entries)-1] + for i := len(c.entries) - 2; i >= 0; i-- { + applied, err = c.doOneCompaction(ctx, c.entries[i], applied) + if err != nil { + return nil, err } } - // Then apply that onto our base. - base, err := c.doOneCompaction(ctx, base, compactedIncrementals) - if err != nil { - return nil, err - } - l := ctxzap.Extract(ctx) // Grant expansion doesn't use the connector interface at all, so giving syncer an empty connector is safe... for now. // If that ever changes, we should implement a file connector that is a wrapper around the reader. @@ -119,8 +126,8 @@ func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { syncer, err := sync.NewSyncer( ctx, emptyConnector, - sync.WithC1ZPath(base.FilePath), - sync.WithSyncID(base.SyncID), + sync.WithC1ZPath(applied.FilePath), + sync.WithSyncID(applied.SyncID), sync.WithOnlyExpandGrants(), ) if err != nil { @@ -138,8 +145,8 @@ func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { } // Move last compacted file to the destination dir - finalPath := path.Join(c.destDir, fmt.Sprintf("compacted-%s.c1z", base.SyncID)) - if err := cpFile(base.FilePath, finalPath); err != nil { + finalPath := path.Join(c.destDir, fmt.Sprintf("compacted-%s.c1z", applied.SyncID)) + if err := cpFile(applied.FilePath, finalPath); err != nil { return nil, err } @@ -150,7 +157,7 @@ func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { } finalPath = abs } - return &CompactableSync{FilePath: finalPath, SyncID: base.SyncID}, nil + return &CompactableSync{FilePath: finalPath, SyncID: applied.SyncID}, nil } func cpFile(sourcePath string, destPath string) error { @@ -174,13 +181,14 @@ func cpFile(sourcePath string, destPath string) error { return nil } -func getLatestObjects(ctx context.Context, info *CompactableSync) (*reader_v2.SyncRun, *dotc1z.C1File, c1zmanager.Manager, func(), error) { - baseC1Z, err := c1zmanager.New(ctx, info.FilePath) +func (c *Compactor) getLatestObjects(ctx context.Context, info *CompactableSync) (*reader_v2.SyncRun, *dotc1z.C1File, c1zmanager.Manager, func(), error) { + cleanup := func() {} + baseC1Z, err := c1zmanager.New(ctx, info.FilePath, c1zmanager.WithTmpDir(c.tmpDir)) if err != nil { - return nil, nil, nil, nil, err + return nil, nil, nil, cleanup, err } - cleanup := func() { + cleanup = func() { _ = baseC1Z.Close(ctx) } @@ -231,28 +239,39 @@ func (c *Compactor) doOneCompaction(ctx context.Context, base *CompactableSync, } defer func() { _ = newFile.Close() }() - newSync, err := newFile.StartNewSyncV2(ctx, string(dotc1z.SyncTypeFull), "") + newSyncId, err := newFile.StartNewSyncV2(ctx, string(dotc1z.SyncTypeFull), "") if err != nil { return nil, err } - _, baseFile, _, cleanupBase, err := getLatestObjects(ctx, base) + _, baseFile, _, cleanupBase, err := c.getLatestObjects(ctx, base) defer cleanupBase() if err != nil { return nil, err } - _, appliedFile, _, cleanupApplied, err := getLatestObjects(ctx, applied) + _, appliedFile, _, cleanupApplied, err := c.getLatestObjects(ctx, applied) defer cleanupApplied() if err != nil { return nil, err } - // runner := naive.NewNaiveCompactor(baseFile, appliedFile, newFile) - runner := attached.NewAttachedCompactor(baseFile, appliedFile, newFile) - if err := runner.CompactWithSyncID(ctx, newSync); err != nil { - l.Error("error running compaction", zap.Error(err)) - return nil, err + switch c.compactorType { + case CompactorTypeNaive: + runner := naive.NewNaiveCompactor(baseFile, appliedFile, newFile) + if err := runner.Compact(ctx); err != nil { + l.Error("error running compaction", zap.Error(err)) + return nil, err + } + case CompactorTypeAttached: + runner := attached.NewAttachedCompactor(baseFile, appliedFile, newFile) + if err := runner.CompactWithSyncID(ctx, newSyncId); err != nil { + l.Error("error running compaction", zap.Error(err)) + return nil, err + } + default: + // c.compactorType defaults to attached, so this should never happen. + return nil, fmt.Errorf("invalid compactor type: %s", c.compactorType) } if err := newFile.EndSync(ctx); err != nil { @@ -266,6 +285,6 @@ func (c *Compactor) doOneCompaction(ctx context.Context, base *CompactableSync, return &CompactableSync{ FilePath: outputFilepath, - SyncID: newSync, + SyncID: newSyncId, }, nil } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive.go b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive.go new file mode 100644 index 00000000..7e4ae6e9 --- /dev/null +++ b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive.go @@ -0,0 +1,88 @@ +package naive + +import ( + "context" + + "github.com/conductorone/baton-sdk/pkg/dotc1z" + "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "go.uber.org/zap" + "google.golang.org/protobuf/proto" +) + +func NewNaiveCompactor(base *dotc1z.C1File, applied *dotc1z.C1File, dest *dotc1z.C1File) *Compactor { + return &Compactor{ + base: base, + applied: applied, + dest: dest, + } +} + +type Compactor struct { + base *dotc1z.C1File + applied *dotc1z.C1File + dest *dotc1z.C1File +} + +func (n *Compactor) Compact(ctx context.Context) error { + if err := n.processResourceTypes(ctx); err != nil { + return err + } + if err := n.processResources(ctx); err != nil { + return err + } + if err := n.processEntitlements(ctx); err != nil { + return err + } + if err := n.processGrants(ctx); err != nil { + return err + } + return nil +} + +func naiveCompact[T proto.Message, REQ listRequest, RESP listResponse[T]]( + ctx context.Context, + base listFunc[T, REQ, RESP], + applied listFunc[T, REQ, RESP], + save func(context.Context, ...T) error, +) error { + var t T + l := ctxzap.Extract(ctx) + l.Info("naive compaction: compacting objects", zap.String("object_type", string(t.ProtoReflect().Descriptor().FullName()))) + // List all objects from the base file and save them in the destination file + if err := listAllObjects(ctx, base, func(items []T) (bool, error) { + if err := save(ctx, items...); err != nil { + return false, err + } + return true, nil + }); err != nil { + return err + } + + // Then list all objects from the applied file and save them in the destination file, overwriting ones with the same external_id + if err := listAllObjects(ctx, applied, func(items []T) (bool, error) { + if err := save(ctx, items...); err != nil { + return false, err + } + return true, nil + }); err != nil { + return err + } + + return nil +} + +func (n *Compactor) processResourceTypes(ctx context.Context) error { + return naiveCompact(ctx, n.base.ListResourceTypes, n.applied.ListResourceTypes, n.dest.PutResourceTypesIfNewer) +} + +func (n *Compactor) processResources(ctx context.Context) error { + return naiveCompact(ctx, n.base.ListResources, n.applied.ListResources, n.dest.PutResourcesIfNewer) +} + +func (n *Compactor) processGrants(ctx context.Context) error { + return naiveCompact(ctx, n.base.ListGrants, n.applied.ListGrants, n.dest.PutGrantsIfNewer) +} + +func (n *Compactor) processEntitlements(ctx context.Context) error { + return naiveCompact(ctx, n.base.ListEntitlements, n.applied.ListEntitlements, n.dest.PutEntitlementsIfNewer) +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive_unroll.go b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive_unroll.go new file mode 100644 index 00000000..cc4f8064 --- /dev/null +++ b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/naive/naive_unroll.go @@ -0,0 +1,98 @@ +package naive + +import ( + "context" + "reflect" + + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/types/known/anypb" +) + +type listRequest interface { + proto.Message + GetPageSize() uint32 + GetPageToken() string + GetAnnotations() []*anypb.Any +} + +type listResponse[T proto.Message] interface { + GetNextPageToken() string + GetAnnotations() []*anypb.Any + GetList() []T +} + +// createRequest creates a new request object of type REQ using reflection. +func createRequest[REQ listRequest]() REQ { + var r REQ + baseType := reflect.TypeOf(r).Elem() + pointerToInitializedVal := reflect.New(baseType) + return pointerToInitializedVal.Interface().(REQ) +} + +// setFieldIfValid sets a field in a struct if it exists and can be set. +func setFieldIfValid(obj interface{}, fieldName string, setValue func(reflect.Value)) { + val := reflect.ValueOf(obj) + if val.Kind() != reflect.Ptr || val.IsNil() { + return + } + + field := val.Elem().FieldByName(fieldName) + if field.IsValid() && field.CanSet() { + setValue(field) + } +} + +// setPageSize sets the PageSize field in a request to the specified value. +func setPageSize(req listRequest, size uint64) { + setFieldIfValid(req, "PageSize", func(field reflect.Value) { + field.SetUint(size) + }) +} + +// setPageToken sets the PageToken field in a request to the specified token. +func setPageToken(req listRequest, token string) { + setFieldIfValid(req, "PageToken", func(field reflect.Value) { + field.SetString(token) + }) +} + +type listFunc[T proto.Message, REQ listRequest, RESP listResponse[T]] func(context.Context, REQ) (RESP, error) + +func listAllObjects[T proto.Message, REQ listRequest, RESP listResponse[T]](ctx context.Context, list listFunc[T, REQ, RESP], cb func(items []T) (bool, error)) error { + // Create a new request using reflection + req := createRequest[REQ]() + + // Set initial page size + setPageSize(req, 100) // Set a reasonable default page size + + var nextPageToken string + for { + // Set the page token for the current request if needed + if nextPageToken != "" { + setPageToken(req, nextPageToken) + } + + // Call the list function with the current request + resp, err := list(ctx, req) + if err != nil { + return err + } + + // Collect the results + shouldContinue, err := cb(resp.GetList()) + if err != nil { + return err + } + if !shouldContinue { + return nil + } + + // Check if there are more pages + nextPageToken = resp.GetNextPageToken() + if nextPageToken == "" || len(resp.GetList()) == 0 { + break // No more pages + } + } + + return nil +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/tasks/local/syncer.go b/vendor/github.com/conductorone/baton-sdk/pkg/tasks/local/syncer.go index d02a6d9a..86084448 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/tasks/local/syncer.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/tasks/local/syncer.go @@ -21,6 +21,7 @@ type localSyncer struct { externalResourceC1Z string externalResourceEntitlementIdFilter string targetedSyncResourceIDs []string + skipEntitlementsAndGrants bool } type Option func(*localSyncer) @@ -49,6 +50,12 @@ func WithTargetedSyncResourceIDs(resourceIDs []string) Option { } } +func WithSkipEntitlementsAndGrants(skip bool) Option { + return func(m *localSyncer) { + m.skipEntitlementsAndGrants = skip + } +} + func (m *localSyncer) GetTempDir() string { return "" } @@ -77,6 +84,7 @@ func (m *localSyncer) Process(ctx context.Context, task *v1.Task, cc types.Conne sdkSync.WithExternalResourceC1ZPath(m.externalResourceC1Z), sdkSync.WithExternalResourceEntitlementIdFilter(m.externalResourceEntitlementIdFilter), sdkSync.WithTargetedSyncResourceIDs(m.targetedSyncResourceIDs), + sdkSync.WithSkipEntitlementsAndGrants(m.skipEntitlementsAndGrants), ) if err != nil { return err diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/uhttp/wrapper.go b/vendor/github.com/conductorone/baton-sdk/pkg/uhttp/wrapper.go index 3d3075e0..c479c2e3 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/uhttp/wrapper.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/uhttp/wrapper.go @@ -353,7 +353,7 @@ func (c *BaseHttpClient) Do(req *http.Request, options ...DoOption) (*http.Respo c.rateLimiter.Take() } - if req.Method == http.MethodGet { + if req.Method == http.MethodGet && req.Header.Get("Cache-Control") != "no-cache" { resp, err = c.baseHttpCache.Get(req) if err != nil { return nil, err @@ -437,7 +437,7 @@ func (c *BaseHttpClient) Do(req *http.Request, options ...DoOption) (*http.Respo switch resp.StatusCode { case http.StatusRequestTimeout: return resp, WrapErrorsWithRateLimitInfo(codes.DeadlineExceeded, resp, optErrs...) - case http.StatusTooManyRequests, http.StatusBadGateway, http.StatusServiceUnavailable: + case http.StatusTooManyRequests, http.StatusBadGateway, http.StatusServiceUnavailable, http.StatusGatewayTimeout: return resp, WrapErrorsWithRateLimitInfo(codes.Unavailable, resp, optErrs...) case http.StatusNotFound: return resp, WrapErrorsWithRateLimitInfo(codes.NotFound, resp, optErrs...) @@ -490,6 +490,14 @@ func WithHeader(key, value string) RequestOption { } } +func WithNoCache() RequestOption { + return func() (io.ReadWriter, map[string]string, error) { + return nil, map[string]string{ + "Cache-Control": "no-cache", + }, nil + } +} + func WithBody(body []byte) RequestOption { return func() (io.ReadWriter, map[string]string, error) { return bytes.NewBuffer(body), nil, nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 5d52161a..0029238e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -156,7 +156,7 @@ github.com/benbjohnson/clock # github.com/cenkalti/backoff/v4 v4.3.0 ## explicit; go 1.18 github.com/cenkalti/backoff/v4 -# github.com/conductorone/baton-sdk v0.3.35 +# github.com/conductorone/baton-sdk v0.3.45 ## explicit; go 1.23.4 github.com/conductorone/baton-sdk/internal/connector github.com/conductorone/baton-sdk/pb/c1/c1z/v1 @@ -198,6 +198,7 @@ github.com/conductorone/baton-sdk/pkg/sync github.com/conductorone/baton-sdk/pkg/sync/expand github.com/conductorone/baton-sdk/pkg/synccompactor github.com/conductorone/baton-sdk/pkg/synccompactor/attached +github.com/conductorone/baton-sdk/pkg/synccompactor/naive github.com/conductorone/baton-sdk/pkg/tasks github.com/conductorone/baton-sdk/pkg/tasks/c1api github.com/conductorone/baton-sdk/pkg/tasks/local