feat: manager decide whether to enable encryption

Signed-off-by: chohee <[email protected]>

Author: ChoHee15

pkg/apis/manager/v2/manager.pb.go

@@ -312,10 +312,20 @@ message RequestEncryptionKeyRequest {
   string ip = 3 [(validate.rules).string.ip = true];  
 }  
 
+// Encryption status enumeration.
+enum EncryptionStatus {
+  // Encryption is not enabled.
+  ENCRYPTION_DISABLED = 0;
+  // Encryption is enabled and key is provided.
+  ENCRYPTION_ENABLED = 1;
+}
+
 // RequestEncryptionKeyResponse represents response of RequestEncryptionKey.
 message RequestEncryptionKeyResponse {
-  // Encryption key provided by manager.
-  bytes encryption_key = 1;
+  // Encryption status.
+  EncryptionStatus status = 1 [(validate.rules).enum.defined_only = true];
+  // Encryption key provided by manager (only present when status is ENCRYPTION_ENABLED).
+  optional bytes encryption_key = 2 [(validate.rules).bytes = {min_len: 32, max_len: 1024}];
 }
 
 // Manager RPC Service.

pkg/apis/manager/v2/manager.pb.validate.go

@@ -309,10 +309,20 @@ message RequestEncryptionKeyRequest {
   string ip = 3;
 }
 
+// Encryption status enumeration.
+enum EncryptionStatus {
+  // Encryption is not enabled.
+  ENCRYPTION_DISABLED = 0;
+  // Encryption is enabled and key is provided.
+  ENCRYPTION_ENABLED = 1;
+}
+
 // RequestEncryptionKeyResponse represents response of RequestEncryptionKey.
 message RequestEncryptionKeyResponse {
-  // Encryption key provided by manager.
-  bytes encryption_key = 1;
+  // Encryption status.
+  EncryptionStatus status = 1;
+  // Encryption key provided by manager (only present when status is ENCRYPTION_ENABLED).
+  optional bytes encryption_key = 2;
 }
 
 // Manager RPC Service.

pkg/apis/manager/v2/manager.proto

@@ -418,9 +418,12 @@ pub struct RequestEncryptionKeyRequest {
 #[allow(clippy::derive_partial_eq_without_eq)]
 #[derive(Clone, PartialEq, ::prost::Message)]
 pub struct RequestEncryptionKeyResponse {
-    /// Encryption key provided by manager.
-    #[prost(bytes = "vec", tag = "1")]
-    pub encryption_key: ::prost::alloc::vec::Vec<u8>,
+    /// Encryption status.
+    #[prost(enumeration = "EncryptionStatus", tag = "1")]
+    pub status: i32,
+    /// Encryption key provided by manager (only present when status is ENCRYPTION_ENABLED).
+    #[prost(bytes = "vec", optional, tag = "2")]
+    pub encryption_key: ::core::option::Option<::prost::alloc::vec::Vec<u8>>,
 }
 /// Request source type.
 #[derive(serde::Serialize, serde::Deserialize)]
@@ -456,6 +459,36 @@ impl SourceType {
         }
     }
 }
+/// Encryption status enumeration.
+#[derive(serde::Serialize, serde::Deserialize)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
+#[repr(i32)]
+pub enum EncryptionStatus {
+    /// Encryption is not enabled.
+    EncryptionDisabled = 0,
+    /// Encryption is enabled and key is provided.
+    EncryptionEnabled = 1,
+}
+impl EncryptionStatus {
+    /// String value of the enum field names used in the ProtoBuf definition.
+    ///
+    /// The values are not transformed in any way and thus are considered stable
+    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
+    pub fn as_str_name(&self) -> &'static str {
+        match self {
+            EncryptionStatus::EncryptionDisabled => "ENCRYPTION_DISABLED",
+            EncryptionStatus::EncryptionEnabled => "ENCRYPTION_ENABLED",
+        }
+    }
+    /// Creates an enum from field names used in the ProtoBuf definition.
+    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
+        match value {
+            "ENCRYPTION_DISABLED" => Some(Self::EncryptionDisabled),
+            "ENCRYPTION_ENABLED" => Some(Self::EncryptionEnabled),
+            _ => None,
+        }
+    }
+}
 /// Generated client implementations.
 pub mod manager_client {
     #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]