snooperpb

package
v0.0.0-...-a70aae3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 14, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package snooperpb contains LUCI's self-reporting local gRPC server API definitions.

This defines APIs for self-reporting events via a local process inspection tool (Snooper) and used for attaching provenance metadata to built artifacts.

Index

Constants

View Source 
const (
	SelfReport_ReportCipd_FullMethodName           = "/provenance.snooperpb.SelfReport/ReportCipd"
	SelfReport_ReportGit_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportGit"
	SelfReport_ReportGcs_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportGcs"
	SelfReport_ReportTaskStage_FullMethodName      = "/provenance.snooperpb.SelfReport/ReportTaskStage"
	SelfReport_ReportPID_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportPID"
	SelfReport_ReportArtifactDigest_FullMethodName = "/provenance.snooperpb.SelfReport/ReportArtifactDigest"
)

Variables

View Source 
var (
	TaskStage_name = map[int32]string{
		0: "STAGE_UNSPECIFIED",
		1: "STARTED",
		2: "FETCH",
		3: "COMPILE",
		4: "UPLOAD",
		5: "UPLOAD_COMPLETE",
		6: "TEST",
		7: "COMPLETE",
	}
	TaskStage_value = map[string]int32{
		"STAGE_UNSPECIFIED": 0,
		"STARTED":           1,
		"FETCH":             2,
		"COMPILE":           3,
		"UPLOAD":            4,
		"UPLOAD_COMPLETE":   5,
		"TEST":              6,
		"COMPLETE":          7,
	}
)

Enum value maps for TaskStage.

View Source 
var File_go_chromium_org_luci_provenance_api_snooperpb_v1_report_proto protoreflect.FileDescriptor
View Source 
var SelfReport_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "provenance.snooperpb.SelfReport",
	HandlerType: (*SelfReportServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ReportCipd",
			Handler:    _SelfReport_ReportCipd_Handler,
		},
		{
			MethodName: "ReportGit",
			Handler:    _SelfReport_ReportGit_Handler,
		},
		{
			MethodName: "ReportGcs",
			Handler:    _SelfReport_ReportGcs_Handler,
		},
		{
			MethodName: "ReportTaskStage",
			Handler:    _SelfReport_ReportTaskStage_Handler,
		},
		{
			MethodName: "ReportPID",
			Handler:    _SelfReport_ReportPID_Handler,
		},
		{
			MethodName: "ReportArtifactDigest",
			Handler:    _SelfReport_ReportArtifactDigest_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "go.chromium.org/luci/provenance/api/snooperpb/v1/report.proto",
}

SelfReport_ServiceDesc is the grpc.ServiceDesc for SelfReport service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func FileDescriptorSet 

func FileDescriptorSet() *descriptorpb.FileDescriptorSet

FileDescriptorSet returns a descriptor set for this proto package, which includes all defined services, and all transitive dependencies.

Will not return nil.

Do NOT modify the returned descriptor.

func RegisterSelfReportServer 

func RegisterSelfReportServer(s grpc.ServiceRegistrar, srv SelfReportServer)

Types

type Artifact 

type Artifact struct {

	// Types that are assignable to Kind:
	//
	//	*Artifact_Gcs
	//	*Artifact_Cipd
	Kind isArtifact_Kind `protobuf_oneof:"kind"`
	// contains filtered or unexported fields
}

Identifies storage location of a particular artifact. This will be used to attach provenance:

  • GCS: provenance will be uploaded alongside the artifact.
  • CIPD: provenance will be added to package metadata.

Currently we support provenance for two types of artifacts (gcs, cipd).

func (*Artifact) Descriptor deprecated 

func (*Artifact) Descriptor() ([]byte, []int)

Deprecated: Use Artifact.ProtoReflect.Descriptor instead.

func (*Artifact) GetCipd 

func (x *Artifact) GetCipd() *Artifact_CIPD

func (*Artifact) GetGcs 

func (x *Artifact) GetGcs() string

func (*Artifact) GetKind 

func (m *Artifact) GetKind() isArtifact_Kind

func (*Artifact) ProtoMessage 

func (*Artifact) ProtoMessage()

func (*Artifact) ProtoReflect 

func (x *Artifact) ProtoReflect() protoreflect.Message

func (*Artifact) Reset 

func (x *Artifact) Reset()

func (*Artifact) String 

func (x *Artifact) String() string

type Artifact_CIPD 

type Artifact_CIPD struct {

	// Identifies a hierarchical package. This will be the absolute name
	// of a package (including path).
	PackageName string `protobuf:"bytes,1,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
	// Unique identifier of an instance of a package.
	InstanceId string `protobuf:"bytes,2,opt,name=instance_id,json=instanceId,proto3" json:"instance_id,omitempty"`
	// CIPD backend host (dev/prod) where the artifact is stored.
	// If not provided, default is CIPD prod host.
	Host string `protobuf:"bytes,3,opt,name=host,proto3" json:"host,omitempty"`
	// contains filtered or unexported fields
}

Artifacts stored on CIPD. This defaults to prod instance of CIPD.

func (*Artifact_CIPD) Descriptor deprecated 

func (*Artifact_CIPD) Descriptor() ([]byte, []int)

Deprecated: Use Artifact_CIPD.ProtoReflect.Descriptor instead.

func (*Artifact_CIPD) GetHost 

func (x *Artifact_CIPD) GetHost() string

func (*Artifact_CIPD) GetInstanceId 

func (x *Artifact_CIPD) GetInstanceId() string

func (*Artifact_CIPD) GetPackageName 

func (x *Artifact_CIPD) GetPackageName() string

func (*Artifact_CIPD) ProtoMessage 

func (*Artifact_CIPD) ProtoMessage()

func (*Artifact_CIPD) ProtoReflect 

func (x *Artifact_CIPD) ProtoReflect() protoreflect.Message

func (*Artifact_CIPD) Reset 

func (x *Artifact_CIPD) Reset()

func (*Artifact_CIPD) String 

func (x *Artifact_CIPD) String() string

type Artifact_Cipd 

type Artifact_Cipd struct {
	Cipd *Artifact_CIPD `protobuf:"bytes,2,opt,name=cipd,proto3,oneof"`
}

type Artifact_Gcs 

type Artifact_Gcs struct {
	// Artifacts stored on Google Cloud Storage, e.g. Chrome binaries.
	// Identifier of artifact's storage location, e.g.
	// gs://example-bucket/app/1.2.3.4/mac64/bin.dmg
	Gcs string `protobuf:"bytes,1,opt,name=gcs,proto3,oneof"`
}

type CipdReport 

type CipdReport struct {

	// An identifier to map multiple reports to a machine/task. This is
	// going to be the hash(access_token) used by bots to make requests
	// to luci services.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// CIPD package name requested/installed on the machine.
	PackageName string `protobuf:"bytes,2,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
	// Unique identifier of the package instance, a.k.a. instance_id.
	Iid string `protobuf:"bytes,3,opt,name=iid,proto3" json:"iid,omitempty"`
	// CIPD tags attached to the deployed package.
	Tags []*v1.Tag `protobuf:"bytes,4,rep,name=tags,proto3" json:"tags,omitempty"`
	// CIPD refs attached to the deployed package.
	Refs []*v1.Ref `protobuf:"bytes,5,rep,name=refs,proto3" json:"refs,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*CipdReport) Descriptor deprecated 

func (*CipdReport) Descriptor() ([]byte, []int)

Deprecated: Use CipdReport.ProtoReflect.Descriptor instead.

func (*CipdReport) GetEventTs 

func (x *CipdReport) GetEventTs() *timestamppb.Timestamp

func (*CipdReport) GetIid 

func (x *CipdReport) GetIid() string

func (*CipdReport) GetPackageName 

func (x *CipdReport) GetPackageName() string

func (*CipdReport) GetRefs 

func (x *CipdReport) GetRefs() []*v1.Ref

func (*CipdReport) GetRequestorId 

func (x *CipdReport) GetRequestorId() string

func (*CipdReport) GetTags 

func (x *CipdReport) GetTags() []*v1.Tag

func (*CipdReport) ProtoMessage 

func (*CipdReport) ProtoMessage()

func (*CipdReport) ProtoReflect 

func (x *CipdReport) ProtoReflect() protoreflect.Message

func (*CipdReport) Reset 

func (x *CipdReport) Reset()

func (*CipdReport) String 

func (x *CipdReport) String() string

type GcsReport 

type GcsReport struct {

	// An identifier to map multiple reports to a machine/task. This is
	// going to be a build identifier.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// GCS URI for the artifact downloaded on the machine.
	GcsUri string `protobuf:"bytes,2,opt,name=gcs_uri,json=gcsUri,proto3" json:"gcs_uri,omitempty"`
	// Digest of the downloaded artifact.
	Digest string `protobuf:"bytes,3,opt,name=digest,proto3" json:"digest,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*GcsReport) Descriptor deprecated 

func (*GcsReport) Descriptor() ([]byte, []int)

Deprecated: Use GcsReport.ProtoReflect.Descriptor instead.

func (*GcsReport) GetDigest 

func (x *GcsReport) GetDigest() string

func (*GcsReport) GetEventTs 

func (x *GcsReport) GetEventTs() *timestamppb.Timestamp

func (*GcsReport) GetGcsUri 

func (x *GcsReport) GetGcsUri() string

func (*GcsReport) GetRequestorId 

func (x *GcsReport) GetRequestorId() string

func (*GcsReport) ProtoMessage 

func (*GcsReport) ProtoMessage()

func (*GcsReport) ProtoReflect 

func (x *GcsReport) ProtoReflect() protoreflect.Message

func (*GcsReport) Reset 

func (x *GcsReport) Reset()

func (*GcsReport) String 

func (x *GcsReport) String() string

type GitReport 

type GitReport struct {

	// An identifier to map multiple reports to a machine/task. Reporter do not
	// need to set this. It is used by the server to group reports together and
	// bind them to a single task.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// Git repository URL.
	Repo string `protobuf:"bytes,2,opt,name=repo,proto3" json:"repo,omitempty"`
	// Commit that was fetched for this repo.
	Commit string `protobuf:"bytes,3,opt,name=commit,proto3" json:"commit,omitempty"`
	// This is coming from an upstream dependency, although a checkout can be
	// uniquely attributed by a repo and a commit, they don't often produce
	// measurable inputs for security policy.
	// For example, a git repo may have multiple refs/branches and only some of
	// them may have `Code Review` required.
	//
	// To make a security policy decision about a particular commit, sometimes
	// it is useful to know which branch/ref the commit is associated with, note
	// a single commit can be associated with multiple branches, but the highest
	// security policy will always be enforced.
	// Scenario:
	// Git repo: "http://repo.git"
	// Commit  : "deadbeef"
	// Refs    : ["refs/heads/main", "refs/feature/experimental"]
	// In this example, the particular commit belongs to two branches, one does
	// not have mandatory code review (experimental) but the other does.
	//
	// Irrespective of the order of where the commit belonged first, it is
	// certain that the change was reviewed as this was merged to main branch.
	Refs string `protobuf:"bytes,4,opt,name=refs,proto3" json:"refs,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*GitReport) Descriptor deprecated 

func (*GitReport) Descriptor() ([]byte, []int)

Deprecated: Use GitReport.ProtoReflect.Descriptor instead.

func (*GitReport) GetCommit 

func (x *GitReport) GetCommit() string

func (*GitReport) GetEventTs 

func (x *GitReport) GetEventTs() *timestamppb.Timestamp

func (*GitReport) GetRefs 

func (x *GitReport) GetRefs() string

func (*GitReport) GetRepo 

func (x *GitReport) GetRepo() string

func (*GitReport) GetRequestorId 

func (x *GitReport) GetRequestorId() string

func (*GitReport) ProtoMessage 

func (*GitReport) ProtoMessage()

func (*GitReport) ProtoReflect 

func (x *GitReport) ProtoReflect() protoreflect.Message

func (*GitReport) Reset 

func (x *GitReport) Reset()

func (*GitReport) String 

func (x *GitReport) String() string

type ReportArtifactDigestRequest 

type ReportArtifactDigestRequest struct {

	// SHA256 digest of artifact.
	Digest string `protobuf:"bytes,1,opt,name=digest,proto3" json:"digest,omitempty"`
	// Identifies storage location of a particular artifact. This is used
	// by Spike to attach provenance:
	//   - GCS: provenance will be uploaded alongside the artifact.
	//   - CIPD: provenance will be added to package metadata.
	Artifact *Artifact `protobuf:"bytes,2,opt,name=artifact,proto3" json:"artifact,omitempty"`
	// If set, identifies that the artifact is an SBOM for other artifacts,
	// identified by SHA256 digest.
	SbomSubjects []string `protobuf:"bytes,3,rep,name=sbom_subjects,json=sbomSubjects,proto3" json:"sbom_subjects,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportArtifactDigestRequest) Descriptor deprecated 

func (*ReportArtifactDigestRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportArtifactDigestRequest.ProtoReflect.Descriptor instead.

func (*ReportArtifactDigestRequest) GetArtifact 

func (x *ReportArtifactDigestRequest) GetArtifact() *Artifact

func (*ReportArtifactDigestRequest) GetDigest 

func (x *ReportArtifactDigestRequest) GetDigest() string

func (*ReportArtifactDigestRequest) GetSbomSubjects 

func (x *ReportArtifactDigestRequest) GetSbomSubjects() []string

func (*ReportArtifactDigestRequest) ProtoMessage 

func (*ReportArtifactDigestRequest) ProtoMessage()

func (*ReportArtifactDigestRequest) ProtoReflect 

func (x *ReportArtifactDigestRequest) ProtoReflect() protoreflect.Message

func (*ReportArtifactDigestRequest) Reset 

func (x *ReportArtifactDigestRequest) Reset()

func (*ReportArtifactDigestRequest) String 

func (x *ReportArtifactDigestRequest) String() string

type ReportCipdRequest 

type ReportCipdRequest struct {

	// cipd_report will consist of package name, instance_id of a cipd package.
	CipdReport *CipdReport `protobuf:"bytes,1,opt,name=cipd_report,json=cipdReport,proto3" json:"cipd_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportCipdRequest) Descriptor deprecated 

func (*ReportCipdRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportCipdRequest.ProtoReflect.Descriptor instead.

func (*ReportCipdRequest) GetCipdReport 

func (x *ReportCipdRequest) GetCipdReport() *CipdReport

func (*ReportCipdRequest) ProtoMessage 

func (*ReportCipdRequest) ProtoMessage()

func (*ReportCipdRequest) ProtoReflect 

func (x *ReportCipdRequest) ProtoReflect() protoreflect.Message

func (*ReportCipdRequest) Reset 

func (x *ReportCipdRequest) Reset()

func (*ReportCipdRequest) String 

func (x *ReportCipdRequest) String() string

type ReportGcsRequest 

type ReportGcsRequest struct {

	// gcs_report will consist of gcs uri, hash of downloaded artifact.
	GcsReport *GcsReport `protobuf:"bytes,1,opt,name=gcs_report,json=gcsReport,proto3" json:"gcs_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportGcsRequest) Descriptor deprecated 

func (*ReportGcsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportGcsRequest.ProtoReflect.Descriptor instead.

func (*ReportGcsRequest) GetGcsReport 

func (x *ReportGcsRequest) GetGcsReport() *GcsReport

func (*ReportGcsRequest) ProtoMessage 

func (*ReportGcsRequest) ProtoMessage()

func (*ReportGcsRequest) ProtoReflect 

func (x *ReportGcsRequest) ProtoReflect() protoreflect.Message

func (*ReportGcsRequest) Reset 

func (x *ReportGcsRequest) Reset()

func (*ReportGcsRequest) String 

func (x *ReportGcsRequest) String() string

type ReportGitRequest 

type ReportGitRequest struct {

	// git_report will consist of repo name, git hash of checked out repo.
	GitReport *GitReport `protobuf:"bytes,1,opt,name=git_report,json=gitReport,proto3" json:"git_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportGitRequest) Descriptor deprecated 

func (*ReportGitRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportGitRequest.ProtoReflect.Descriptor instead.

func (*ReportGitRequest) GetGitReport 

func (x *ReportGitRequest) GetGitReport() *GitReport

func (*ReportGitRequest) ProtoMessage 

func (*ReportGitRequest) ProtoMessage()

func (*ReportGitRequest) ProtoReflect 

func (x *ReportGitRequest) ProtoReflect() protoreflect.Message

func (*ReportGitRequest) Reset 

func (x *ReportGitRequest) Reset()

func (*ReportGitRequest) String 

func (x *ReportGitRequest) String() string

type ReportPIDRequest 

type ReportPIDRequest struct {

	// Process ID to track execution of a task running. It is used by the
	// server to periodically check health of running task and assert a close
	// approximation of task end time.
	//
	// Accuracy on task end time estimation can vary between implementations, it
	// directly depends on frequency at which provenance server checks status of
	// reported pid.
	Pid int64 `protobuf:"varint,1,opt,name=pid,proto3" json:"pid,omitempty"`
	// Reporter of the pid request. In the client of provenance server, this
	// should be automatically assigned by something similar to Go lang's native
	// os.Executable().
	//
	// This can be used to define an allowlist of reporters for this action.
	Reporter string `protobuf:"bytes,2,opt,name=reporter,proto3" json:"reporter,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportPIDRequest) Descriptor deprecated 

func (*ReportPIDRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportPIDRequest.ProtoReflect.Descriptor instead.

func (*ReportPIDRequest) GetPid 

func (x *ReportPIDRequest) GetPid() int64

func (*ReportPIDRequest) GetReporter 

func (x *ReportPIDRequest) GetReporter() string

func (*ReportPIDRequest) ProtoMessage 

func (*ReportPIDRequest) ProtoMessage()

func (*ReportPIDRequest) ProtoReflect 

func (x *ReportPIDRequest) ProtoReflect() protoreflect.Message

func (*ReportPIDRequest) Reset 

func (x *ReportPIDRequest) Reset()

func (*ReportPIDRequest) String 

func (x *ReportPIDRequest) String() string

type ReportTaskStageRequest 

type ReportTaskStageRequest struct {
	TaskStage TaskStage              `protobuf:"varint,1,opt,name=task_stage,json=taskStage,proto3,enum=provenance.snooperpb.TaskStage" json:"task_stage,omitempty"`
	Timestamp *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
	// Recipe is essentially the entry point for the given task, it can be a
	// `build_rule` or a custom executable (like `luci recipes`) that dictates
	// workflow of a task.
	//
	// (Required) when reporting a task start.
	Recipe string `protobuf:"bytes,3,opt,name=recipe,proto3" json:"recipe,omitempty"`
	// Process ID of the task that self-reports task stages. It is used by the
	// server to periodically check health of running task and assert a close
	// approximation of task end time.
	//
	// Accuracy on task end time estimation can vary between implementations, it
	// directly depends on frequency at which provenance server checks status of
	// reported pid.
	//
	// (Required) when reported a task start.
	Pid int64 `protobuf:"varint,4,opt,name=pid,proto3" json:"pid,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportTaskStageRequest) Descriptor deprecated 

func (*ReportTaskStageRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportTaskStageRequest.ProtoReflect.Descriptor instead.

func (*ReportTaskStageRequest) GetPid 

func (x *ReportTaskStageRequest) GetPid() int64

func (*ReportTaskStageRequest) GetRecipe 

func (x *ReportTaskStageRequest) GetRecipe() string

func (*ReportTaskStageRequest) GetTaskStage 

func (x *ReportTaskStageRequest) GetTaskStage() TaskStage

func (*ReportTaskStageRequest) GetTimestamp 

func (x *ReportTaskStageRequest) GetTimestamp() *timestamppb.Timestamp

func (*ReportTaskStageRequest) ProtoMessage 

func (*ReportTaskStageRequest) ProtoMessage()

func (*ReportTaskStageRequest) ProtoReflect 

func (x *ReportTaskStageRequest) ProtoReflect() protoreflect.Message

func (*ReportTaskStageRequest) Reset 

func (x *ReportTaskStageRequest) Reset()

func (*ReportTaskStageRequest) String 

func (x *ReportTaskStageRequest) String() string

type SelfReportClient 

type SelfReportClient interface {
	// Interface to report cipd packages admitted on the local machine.
	ReportCipd(ctx context.Context, in *ReportCipdRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Interface to report git repos checked out on the local machine.
	ReportGit(ctx context.Context, in *ReportGitRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Interface to report gcs artifacts downloaded on a local machine.
	ReportGcs(ctx context.Context, in *ReportGcsRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports running task's stage. A task is typically a collection of
	// workflows/statements. Some of these statements can be grouped together
	// to define a stage, e.g. when a task is downloading sources/deps, it is
	// known as `FETCH` stage.
	// For details read go/snoopy-design (Google-internal).
	ReportTaskStage(ctx context.Context, in *ReportTaskStageRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports a PID to track execution of the process. When implementing the
	// provenance server ensure safeguards to the end point with strict input
	// validation.
	ReportPID(ctx context.Context, in *ReportPIDRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports digest of produced artifact from a task.
	ReportArtifactDigest(ctx context.Context, in *ReportArtifactDigestRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
}

SelfReportClient is the client API for SelfReport service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewSelfReportClient 

func NewSelfReportClient(cc grpc.ClientConnInterface) SelfReportClient

type SelfReportServer 

type SelfReportServer interface {
	// Interface to report cipd packages admitted on the local machine.
	ReportCipd(context.Context, *ReportCipdRequest) (*emptypb.Empty, error)
	// Interface to report git repos checked out on the local machine.
	ReportGit(context.Context, *ReportGitRequest) (*emptypb.Empty, error)
	// Interface to report gcs artifacts downloaded on a local machine.
	ReportGcs(context.Context, *ReportGcsRequest) (*emptypb.Empty, error)
	// Reports running task's stage. A task is typically a collection of
	// workflows/statements. Some of these statements can be grouped together
	// to define a stage, e.g. when a task is downloading sources/deps, it is
	// known as `FETCH` stage.
	// For details read go/snoopy-design (Google-internal).
	ReportTaskStage(context.Context, *ReportTaskStageRequest) (*emptypb.Empty, error)
	// Reports a PID to track execution of the process. When implementing the
	// provenance server ensure safeguards to the end point with strict input
	// validation.
	ReportPID(context.Context, *ReportPIDRequest) (*emptypb.Empty, error)
	// Reports digest of produced artifact from a task.
	ReportArtifactDigest(context.Context, *ReportArtifactDigestRequest) (*emptypb.Empty, error)
	// contains filtered or unexported methods
}

SelfReportServer is the server API for SelfReport service. All implementations must embed UnimplementedSelfReportServer for forward compatibility.

type TaskStage 

type TaskStage int32

Indicator to task status. This is used to annotate logs when a task starts ends or reaches a certain "interesting" stage.

This is crucial to enforce security policies based on current state of the task. For example, more restrictive network connections can be applied when a task reaches `compile` stage.

Below is a brief rationale behind each steps:

  • STARTED: provenance of an artifact captures sources that goes into a build. A single compute resource typically outlives a task, in other words, a single machine can run multiple tasks in it's lifetime. Task start indicates the capturing time window began.
  • FETCH: typically a task depends on a bunch of dependencies that are fetched to set up the environment before compiling the artifact. Fetch indicates that the task is currently installing these deps.
  • COMPILE: ideally in compile step, there shouldn't be any new fetching.
  • UPLOAD: after finishing compilation, this step indicates built artifacts are being uploaded to its destination. A single task can have multiple produced artifacts.
  • UPLOAD_COMPLETE: it indicates all produced artifacts have been uploaded. This is crucial to closing the capturing time window for provenance generation.
  • TEST: often a task runs regression tests after an artifact has been produced. Some times requirements around this tests is an open environment which might not be safe for other task phases. To support effective tests, some policies can be lifted at this stage. (Although it is highly encouraged to schedule tests on a separate machine when possible to minimize risks of cross-contamination).
  • COMPLETE: complete indicates whether a task execution finished. This is crucial for server to set as this creates a clear boundary between subsequent tasks on a same machine.
const (
	TaskStage_STAGE_UNSPECIFIED TaskStage = 0
	TaskStage_STARTED           TaskStage = 1
	TaskStage_FETCH             TaskStage = 2
	TaskStage_COMPILE           TaskStage = 3
	TaskStage_UPLOAD            TaskStage = 4
	TaskStage_UPLOAD_COMPLETE   TaskStage = 5
	TaskStage_TEST              TaskStage = 6
	TaskStage_COMPLETE          TaskStage = 7
)

func (TaskStage) Descriptor 

func (TaskStage) Descriptor() protoreflect.EnumDescriptor

func (TaskStage) Enum 

func (x TaskStage) Enum() *TaskStage

func (TaskStage) EnumDescriptor deprecated 

func (TaskStage) EnumDescriptor() ([]byte, []int)

Deprecated: Use TaskStage.Descriptor instead.

func (TaskStage) Number 

func (x TaskStage) Number() protoreflect.EnumNumber

func (TaskStage) String 

func (x TaskStage) String() string

func (TaskStage) Type 

func (TaskStage) Type() protoreflect.EnumType

type UnimplementedSelfReportServer 

type UnimplementedSelfReportServer struct{}

UnimplementedSelfReportServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedSelfReportServer) ReportArtifactDigest 

func (UnimplementedSelfReportServer) ReportArtifactDigest(context.Context, *ReportArtifactDigestRequest) (*emptypb.Empty, error)

func (UnimplementedSelfReportServer) ReportCipd 

func (UnimplementedSelfReportServer) ReportCipd(context.Context, *ReportCipdRequest) (*emptypb.Empty, error)

func (UnimplementedSelfReportServer) ReportGcs 

func (UnimplementedSelfReportServer) ReportGcs(context.Context, *ReportGcsRequest) (*emptypb.Empty, error)

func (UnimplementedSelfReportServer) ReportGit 

func (UnimplementedSelfReportServer) ReportGit(context.Context, *ReportGitRequest) (*emptypb.Empty, error)

func (UnimplementedSelfReportServer) ReportPID 

func (UnimplementedSelfReportServer) ReportPID(context.Context, *ReportPIDRequest) (*emptypb.Empty, error)

func (UnimplementedSelfReportServer) ReportTaskStage 

func (UnimplementedSelfReportServer) ReportTaskStage(context.Context, *ReportTaskStageRequest) (*emptypb.Empty, error)

type UnsafeSelfReportServer 

type UnsafeSelfReportServer interface {
	// contains filtered or unexported methods
}

UnsafeSelfReportServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to SelfReportServer will result in compilation errors.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.