snooperpb

package
v0.0.0-...-16534be Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package snooperpb contains LUCI's self-reporting local gRPC server API definitions.

This defines APIs for self-reporting events via a local process inspection tool (Snooper) and used for attaching provenance metadata to built artifacts.

Index

Constants

View Source
const (
	SelfReport_ReportCipd_FullMethodName           = "/provenance.snooperpb.SelfReport/ReportCipd"
	SelfReport_ReportGit_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportGit"
	SelfReport_ReportGcs_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportGcs"
	SelfReport_ReportTaskStage_FullMethodName      = "/provenance.snooperpb.SelfReport/ReportTaskStage"
	SelfReport_ReportPID_FullMethodName            = "/provenance.snooperpb.SelfReport/ReportPID"
	SelfReport_ReportArtifactDigest_FullMethodName = "/provenance.snooperpb.SelfReport/ReportArtifactDigest"
)

Variables

View Source
var (
	TaskStage_name = map[int32]string{
		0: "STAGE_UNSPECIFIED",
		1: "STARTED",
		2: "FETCH",
		3: "COMPILE",
		4: "UPLOAD",
		5: "UPLOAD_COMPLETE",
		6: "TEST",
		7: "COMPLETE",
	}
	TaskStage_value = map[string]int32{
		"STAGE_UNSPECIFIED": 0,
		"STARTED":           1,
		"FETCH":             2,
		"COMPILE":           3,
		"UPLOAD":            4,
		"UPLOAD_COMPLETE":   5,
		"TEST":              6,
		"COMPLETE":          7,
	}
)

Enum value maps for TaskStage.

View Source
var File_go_chromium_org_luci_provenance_api_snooperpb_v1_report_proto protoreflect.FileDescriptor
View Source
var SelfReport_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "provenance.snooperpb.SelfReport",
	HandlerType: (*SelfReportServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ReportCipd",
			Handler:    _SelfReport_ReportCipd_Handler,
		},
		{
			MethodName: "ReportGit",
			Handler:    _SelfReport_ReportGit_Handler,
		},
		{
			MethodName: "ReportGcs",
			Handler:    _SelfReport_ReportGcs_Handler,
		},
		{
			MethodName: "ReportTaskStage",
			Handler:    _SelfReport_ReportTaskStage_Handler,
		},
		{
			MethodName: "ReportPID",
			Handler:    _SelfReport_ReportPID_Handler,
		},
		{
			MethodName: "ReportArtifactDigest",
			Handler:    _SelfReport_ReportArtifactDigest_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "go.chromium.org/luci/provenance/api/snooperpb/v1/report.proto",
}

SelfReport_ServiceDesc is the grpc.ServiceDesc for SelfReport service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func FileDescriptorSet

func FileDescriptorSet() *descriptorpb.FileDescriptorSet

FileDescriptorSet returns a descriptor set for this proto package, which includes all defined services, and all transitive dependencies.

Will not return nil.

Do NOT modify the returned descriptor.

func RegisterSelfReportServer

func RegisterSelfReportServer(s grpc.ServiceRegistrar, srv SelfReportServer)

Types

type Artifact

type Artifact struct {

	// Types that are assignable to Kind:
	//
	//	*Artifact_Gcs
	//	*Artifact_Cipd
	Kind isArtifact_Kind `protobuf_oneof:"kind"`
	// contains filtered or unexported fields
}

Identifies storage location of a particular artifact. This will be used to attach provenance:

  • GCS: provenance will be uploaded alongside the artifact.
  • CIPD: provenance will be added to package metadata.

Currently we support provenance for two types of artifacts (gcs, cipd).

func (*Artifact) Descriptor deprecated

func (*Artifact) Descriptor() ([]byte, []int)

Deprecated: Use Artifact.ProtoReflect.Descriptor instead.

func (*Artifact) GetCipd

func (x *Artifact) GetCipd() *Artifact_CIPD

func (*Artifact) GetGcs

func (x *Artifact) GetGcs() string

func (*Artifact) GetKind

func (m *Artifact) GetKind() isArtifact_Kind

func (*Artifact) ProtoMessage

func (*Artifact) ProtoMessage()

func (*Artifact) ProtoReflect

func (x *Artifact) ProtoReflect() protoreflect.Message

func (*Artifact) Reset

func (x *Artifact) Reset()

func (*Artifact) String

func (x *Artifact) String() string

type Artifact_CIPD

type Artifact_CIPD struct {

	// Identifies a hierarchical package. This will be the absolute name
	// of a package (including path).
	PackageName string `protobuf:"bytes,1,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
	// Unique identifier of an instance of a package.
	InstanceId string `protobuf:"bytes,2,opt,name=instance_id,json=instanceId,proto3" json:"instance_id,omitempty"`
	// CIPD backend host (dev/prod) where the artifact is stored.
	// If not provided, default is CIPD prod host.
	Host string `protobuf:"bytes,3,opt,name=host,proto3" json:"host,omitempty"`
	// contains filtered or unexported fields
}

Artifacts stored on CIPD. This defaults to prod instance of CIPD.

func (*Artifact_CIPD) Descriptor deprecated

func (*Artifact_CIPD) Descriptor() ([]byte, []int)

Deprecated: Use Artifact_CIPD.ProtoReflect.Descriptor instead.

func (*Artifact_CIPD) GetHost

func (x *Artifact_CIPD) GetHost() string

func (*Artifact_CIPD) GetInstanceId

func (x *Artifact_CIPD) GetInstanceId() string

func (*Artifact_CIPD) GetPackageName

func (x *Artifact_CIPD) GetPackageName() string

func (*Artifact_CIPD) ProtoMessage

func (*Artifact_CIPD) ProtoMessage()

func (*Artifact_CIPD) ProtoReflect

func (x *Artifact_CIPD) ProtoReflect() protoreflect.Message

func (*Artifact_CIPD) Reset

func (x *Artifact_CIPD) Reset()

func (*Artifact_CIPD) String

func (x *Artifact_CIPD) String() string

type Artifact_Cipd

type Artifact_Cipd struct {
	Cipd *Artifact_CIPD `protobuf:"bytes,2,opt,name=cipd,proto3,oneof"`
}

type Artifact_Gcs

type Artifact_Gcs struct {
	// Artifacts stored on Google Cloud Storage, e.g. Chrome binaries.
	// Identifier of artifact's storage location, e.g.
	// gs://example-bucket/app/1.2.3.4/mac64/bin.dmg
	Gcs string `protobuf:"bytes,1,opt,name=gcs,proto3,oneof"`
}

type CipdReport

type CipdReport struct {

	// An identifier to map multiple reports to a machine/task. This is
	// going to be the hash(access_token) used by bots to make requests
	// to luci services.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// CIPD package name requested/installed on the machine.
	PackageName string `protobuf:"bytes,2,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
	// Unique identifier of the package instance, a.k.a. instance_id.
	Iid string `protobuf:"bytes,3,opt,name=iid,proto3" json:"iid,omitempty"`
	// CIPD tags attached to the deployed package.
	Tags []*v1.Tag `protobuf:"bytes,4,rep,name=tags,proto3" json:"tags,omitempty"`
	// CIPD refs attached to the deployed package.
	Refs []*v1.Ref `protobuf:"bytes,5,rep,name=refs,proto3" json:"refs,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*CipdReport) Descriptor deprecated

func (*CipdReport) Descriptor() ([]byte, []int)

Deprecated: Use CipdReport.ProtoReflect.Descriptor instead.

func (*CipdReport) GetEventTs

func (x *CipdReport) GetEventTs() *timestamppb.Timestamp

func (*CipdReport) GetIid

func (x *CipdReport) GetIid() string

func (*CipdReport) GetPackageName

func (x *CipdReport) GetPackageName() string

func (*CipdReport) GetRefs

func (x *CipdReport) GetRefs() []*v1.Ref

func (*CipdReport) GetRequestorId

func (x *CipdReport) GetRequestorId() string

func (*CipdReport) GetTags

func (x *CipdReport) GetTags() []*v1.Tag

func (*CipdReport) ProtoMessage

func (*CipdReport) ProtoMessage()

func (*CipdReport) ProtoReflect

func (x *CipdReport) ProtoReflect() protoreflect.Message

func (*CipdReport) Reset

func (x *CipdReport) Reset()

func (*CipdReport) String

func (x *CipdReport) String() string

type GcsReport

type GcsReport struct {

	// An identifier to map multiple reports to a machine/task. This is
	// going to be a build identifier.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// GCS URI for the artifact downloaded on the machine.
	GcsUri string `protobuf:"bytes,2,opt,name=gcs_uri,json=gcsUri,proto3" json:"gcs_uri,omitempty"`
	// Digest of the downloaded artifact.
	Digest string `protobuf:"bytes,3,opt,name=digest,proto3" json:"digest,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*GcsReport) Descriptor deprecated

func (*GcsReport) Descriptor() ([]byte, []int)

Deprecated: Use GcsReport.ProtoReflect.Descriptor instead.

func (*GcsReport) GetDigest

func (x *GcsReport) GetDigest() string

func (*GcsReport) GetEventTs

func (x *GcsReport) GetEventTs() *timestamppb.Timestamp

func (*GcsReport) GetGcsUri

func (x *GcsReport) GetGcsUri() string

func (*GcsReport) GetRequestorId

func (x *GcsReport) GetRequestorId() string

func (*GcsReport) ProtoMessage

func (*GcsReport) ProtoMessage()

func (*GcsReport) ProtoReflect

func (x *GcsReport) ProtoReflect() protoreflect.Message

func (*GcsReport) Reset

func (x *GcsReport) Reset()

func (*GcsReport) String

func (x *GcsReport) String() string

type GitReport

type GitReport struct {

	// An identifier to map multiple reports to a machine/task. Reporter do not
	// need to set this. It is used by the server to group reports together and
	// bind them to a single task.
	RequestorId string `protobuf:"bytes,1,opt,name=requestor_id,json=requestorId,proto3" json:"requestor_id,omitempty"`
	// Git repository URL.
	Repo string `protobuf:"bytes,2,opt,name=repo,proto3" json:"repo,omitempty"`
	// Commit that was fetched for this repo.
	Commit string `protobuf:"bytes,3,opt,name=commit,proto3" json:"commit,omitempty"`
	// This is coming from an upstream dependency, although a checkout can be
	// uniquely attributed by a repo and a commit, they don't often produce
	// measurable inputs for security policy.
	// For example, a git repo may have multiple refs/branches and only some of
	// them may have `Code Review` required.
	//
	// To make a security policy decision about a particular commit, sometimes
	// it is useful to know which branch/ref the commit is associated with, note
	// a single commit can be associated with multiple branches, but the highest
	// security policy will always be enforced.
	// Scenario:
	// Git repo: "http://repo.git"
	// Commit  : "deadbeef"
	// Refs    : ["refs/heads/main", "refs/feature/experimental"]
	// In this example, the particular commit belongs to two branches, one does
	// not have mandatory code review (experimental) but the other does.
	//
	// Irrespective of the order of where the commit belonged first, it is
	// certain that the change was reviewed as this was merged to main branch.
	Refs string `protobuf:"bytes,4,opt,name=refs,proto3" json:"refs,omitempty"`
	// Event timestamp. This is local to the service, not necessarily same as
	// the reflected recorded timestamp on the logs.
	EventTs *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=event_ts,json=eventTs,proto3" json:"event_ts,omitempty"`
	// contains filtered or unexported fields
}

func (*GitReport) Descriptor deprecated

func (*GitReport) Descriptor() ([]byte, []int)

Deprecated: Use GitReport.ProtoReflect.Descriptor instead.

func (*GitReport) GetCommit

func (x *GitReport) GetCommit() string

func (*GitReport) GetEventTs

func (x *GitReport) GetEventTs() *timestamppb.Timestamp

func (*GitReport) GetRefs

func (x *GitReport) GetRefs() string

func (*GitReport) GetRepo

func (x *GitReport) GetRepo() string

func (*GitReport) GetRequestorId

func (x *GitReport) GetRequestorId() string

func (*GitReport) ProtoMessage

func (*GitReport) ProtoMessage()

func (*GitReport) ProtoReflect

func (x *GitReport) ProtoReflect() protoreflect.Message

func (*GitReport) Reset

func (x *GitReport) Reset()

func (*GitReport) String

func (x *GitReport) String() string

type ReportArtifactDigestRequest

type ReportArtifactDigestRequest struct {

	// SHA256 digest of artifact.
	Digest string `protobuf:"bytes,1,opt,name=digest,proto3" json:"digest,omitempty"`
	// Identifies storage location of a particular artifact. This is used
	// by Spike to attach provenance:
	//   - GCS: provenance will be uploaded alongside the artifact.
	//   - CIPD: provenance will be added to package metadata.
	Artifact *Artifact `protobuf:"bytes,2,opt,name=artifact,proto3" json:"artifact,omitempty"`
	// If set, identifies that the artifact is an SBOM for other artifacts,
	// identified by SHA256 digest.
	SbomSubjects []string `protobuf:"bytes,3,rep,name=sbom_subjects,json=sbomSubjects,proto3" json:"sbom_subjects,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportArtifactDigestRequest) Descriptor deprecated

func (*ReportArtifactDigestRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportArtifactDigestRequest.ProtoReflect.Descriptor instead.

func (*ReportArtifactDigestRequest) GetArtifact

func (x *ReportArtifactDigestRequest) GetArtifact() *Artifact

func (*ReportArtifactDigestRequest) GetDigest

func (x *ReportArtifactDigestRequest) GetDigest() string

func (*ReportArtifactDigestRequest) GetSbomSubjects

func (x *ReportArtifactDigestRequest) GetSbomSubjects() []string

func (*ReportArtifactDigestRequest) ProtoMessage

func (*ReportArtifactDigestRequest) ProtoMessage()

func (*ReportArtifactDigestRequest) ProtoReflect

func (*ReportArtifactDigestRequest) Reset

func (x *ReportArtifactDigestRequest) Reset()

func (*ReportArtifactDigestRequest) String

func (x *ReportArtifactDigestRequest) String() string

type ReportCipdRequest

type ReportCipdRequest struct {

	// cipd_report will consist of package name, instance_id of a cipd package.
	CipdReport *CipdReport `protobuf:"bytes,1,opt,name=cipd_report,json=cipdReport,proto3" json:"cipd_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportCipdRequest) Descriptor deprecated

func (*ReportCipdRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportCipdRequest.ProtoReflect.Descriptor instead.

func (*ReportCipdRequest) GetCipdReport

func (x *ReportCipdRequest) GetCipdReport() *CipdReport

func (*ReportCipdRequest) ProtoMessage

func (*ReportCipdRequest) ProtoMessage()

func (*ReportCipdRequest) ProtoReflect

func (x *ReportCipdRequest) ProtoReflect() protoreflect.Message

func (*ReportCipdRequest) Reset

func (x *ReportCipdRequest) Reset()

func (*ReportCipdRequest) String

func (x *ReportCipdRequest) String() string

type ReportGcsRequest

type ReportGcsRequest struct {

	// gcs_report will consist of gcs uri, hash of downloaded artifact.
	GcsReport *GcsReport `protobuf:"bytes,1,opt,name=gcs_report,json=gcsReport,proto3" json:"gcs_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportGcsRequest) Descriptor deprecated

func (*ReportGcsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportGcsRequest.ProtoReflect.Descriptor instead.

func (*ReportGcsRequest) GetGcsReport

func (x *ReportGcsRequest) GetGcsReport() *GcsReport

func (*ReportGcsRequest) ProtoMessage

func (*ReportGcsRequest) ProtoMessage()

func (*ReportGcsRequest) ProtoReflect

func (x *ReportGcsRequest) ProtoReflect() protoreflect.Message

func (*ReportGcsRequest) Reset

func (x *ReportGcsRequest) Reset()

func (*ReportGcsRequest) String

func (x *ReportGcsRequest) String() string

type ReportGitRequest

type ReportGitRequest struct {

	// git_report will consist of repo name, git hash of checked out repo.
	GitReport *GitReport `protobuf:"bytes,1,opt,name=git_report,json=gitReport,proto3" json:"git_report,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportGitRequest) Descriptor deprecated

func (*ReportGitRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportGitRequest.ProtoReflect.Descriptor instead.

func (*ReportGitRequest) GetGitReport

func (x *ReportGitRequest) GetGitReport() *GitReport

func (*ReportGitRequest) ProtoMessage

func (*ReportGitRequest) ProtoMessage()

func (*ReportGitRequest) ProtoReflect

func (x *ReportGitRequest) ProtoReflect() protoreflect.Message

func (*ReportGitRequest) Reset

func (x *ReportGitRequest) Reset()

func (*ReportGitRequest) String

func (x *ReportGitRequest) String() string

type ReportPIDRequest

type ReportPIDRequest struct {

	// Process ID to track execution of a task running. It is used by the
	// server to periodically check health of running task and assert a close
	// approximation of task end time.
	//
	// Accuracy on task end time estimation can vary between implementations, it
	// directly depends on frequency at which provenance server checks status of
	// reported pid.
	Pid int64 `protobuf:"varint,1,opt,name=pid,proto3" json:"pid,omitempty"`
	// Reporter of the pid request. In the client of provenance server, this
	// should be automatically assigned by something similar to Go lang's native
	// os.Executable().
	//
	// This can be used to define an allowlist of reporters for this action.
	Reporter string `protobuf:"bytes,2,opt,name=reporter,proto3" json:"reporter,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportPIDRequest) Descriptor deprecated

func (*ReportPIDRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportPIDRequest.ProtoReflect.Descriptor instead.

func (*ReportPIDRequest) GetPid

func (x *ReportPIDRequest) GetPid() int64

func (*ReportPIDRequest) GetReporter

func (x *ReportPIDRequest) GetReporter() string

func (*ReportPIDRequest) ProtoMessage

func (*ReportPIDRequest) ProtoMessage()

func (*ReportPIDRequest) ProtoReflect

func (x *ReportPIDRequest) ProtoReflect() protoreflect.Message

func (*ReportPIDRequest) Reset

func (x *ReportPIDRequest) Reset()

func (*ReportPIDRequest) String

func (x *ReportPIDRequest) String() string

type ReportTaskStageRequest

type ReportTaskStageRequest struct {
	TaskStage TaskStage              `protobuf:"varint,1,opt,name=task_stage,json=taskStage,proto3,enum=provenance.snooperpb.TaskStage" json:"task_stage,omitempty"`
	Timestamp *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
	// Recipe is essentially the entry point for the given task, it can be a
	// `build_rule` or a custom executable (like `luci recipes`) that dictates
	// workflow of a task.
	//
	// (Required) when reporting a task start.
	Recipe string `protobuf:"bytes,3,opt,name=recipe,proto3" json:"recipe,omitempty"`
	// Process ID of the task that self-reports task stages. It is used by the
	// server to periodically check health of running task and assert a close
	// approximation of task end time.
	//
	// Accuracy on task end time estimation can vary between implementations, it
	// directly depends on frequency at which provenance server checks status of
	// reported pid.
	//
	// (Required) when reported a task start.
	Pid int64 `protobuf:"varint,4,opt,name=pid,proto3" json:"pid,omitempty"`
	// contains filtered or unexported fields
}

func (*ReportTaskStageRequest) Descriptor deprecated

func (*ReportTaskStageRequest) Descriptor() ([]byte, []int)

Deprecated: Use ReportTaskStageRequest.ProtoReflect.Descriptor instead.

func (*ReportTaskStageRequest) GetPid

func (x *ReportTaskStageRequest) GetPid() int64

func (*ReportTaskStageRequest) GetRecipe

func (x *ReportTaskStageRequest) GetRecipe() string

func (*ReportTaskStageRequest) GetTaskStage

func (x *ReportTaskStageRequest) GetTaskStage() TaskStage

func (*ReportTaskStageRequest) GetTimestamp

func (x *ReportTaskStageRequest) GetTimestamp() *timestamppb.Timestamp

func (*ReportTaskStageRequest) ProtoMessage

func (*ReportTaskStageRequest) ProtoMessage()

func (*ReportTaskStageRequest) ProtoReflect

func (x *ReportTaskStageRequest) ProtoReflect() protoreflect.Message

func (*ReportTaskStageRequest) Reset

func (x *ReportTaskStageRequest) Reset()

func (*ReportTaskStageRequest) String

func (x *ReportTaskStageRequest) String() string

type SelfReportClient

type SelfReportClient interface {
	// Interface to report cipd packages admitted on the local machine.
	ReportCipd(ctx context.Context, in *ReportCipdRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Interface to report git repos checked out on the local machine.
	ReportGit(ctx context.Context, in *ReportGitRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Interface to report gcs artifacts downloaded on a local machine.
	ReportGcs(ctx context.Context, in *ReportGcsRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports running task's stage. A task is typically a collection of
	// workflows/statements. Some of these statements can be grouped together
	// to define a stage, e.g. when a task is downloading sources/deps, it is
	// known as `FETCH` stage.
	// For details read go/snoopy-design (Google-internal).
	ReportTaskStage(ctx context.Context, in *ReportTaskStageRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports a PID to track execution of the process. When implementing the
	// provenance server ensure safeguards to the end point with strict input
	// validation.
	ReportPID(ctx context.Context, in *ReportPIDRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
	// Reports digest of produced artifact from a task.
	ReportArtifactDigest(ctx context.Context, in *ReportArtifactDigestRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
}

SelfReportClient is the client API for SelfReport service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewSelfReportClient

func NewSelfReportClient(cc grpc.ClientConnInterface) SelfReportClient

type SelfReportServer

type SelfReportServer interface {
	// Interface to report cipd packages admitted on the local machine.
	ReportCipd(context.Context, *ReportCipdRequest) (*emptypb.Empty, error)
	// Interface to report git repos checked out on the local machine.
	ReportGit(context.Context, *ReportGitRequest) (*emptypb.Empty, error)
	// Interface to report gcs artifacts downloaded on a local machine.
	ReportGcs(context.Context, *ReportGcsRequest) (*emptypb.Empty, error)
	// Reports running task's stage. A task is typically a collection of
	// workflows/statements. Some of these statements can be grouped together
	// to define a stage, e.g. when a task is downloading sources/deps, it is
	// known as `FETCH` stage.
	// For details read go/snoopy-design (Google-internal).
	ReportTaskStage(context.Context, *ReportTaskStageRequest) (*emptypb.Empty, error)
	// Reports a PID to track execution of the process. When implementing the
	// provenance server ensure safeguards to the end point with strict input
	// validation.
	ReportPID(context.Context, *ReportPIDRequest) (*emptypb.Empty, error)
	// Reports digest of produced artifact from a task.
	ReportArtifactDigest(context.Context, *ReportArtifactDigestRequest) (*emptypb.Empty, error)
	// contains filtered or unexported methods
}

SelfReportServer is the server API for SelfReport service. All implementations must embed UnimplementedSelfReportServer for forward compatibility.

type TaskStage

type TaskStage int32

Indicator to task status. This is used to annotate logs when a task starts ends or reaches a certain "interesting" stage.

This is crucial to enforce security policies based on current state of the task. For example, more restrictive network connections can be applied when a task reaches `compile` stage.

Below is a brief rationale behind each steps:

  • STARTED: provenance of an artifact captures sources that goes into a build. A single compute resource typically outlives a task, in other words, a single machine can run multiple tasks in it's lifetime. Task start indicates the capturing time window began.
  • FETCH: typically a task depends on a bunch of dependencies that are fetched to set up the environment before compiling the artifact. Fetch indicates that the task is currently installing these deps.
  • COMPILE: ideally in compile step, there shouldn't be any new fetching.
  • UPLOAD: after finishing compilation, this step indicates built artifacts are being uploaded to its destination. A single task can have multiple produced artifacts.
  • UPLOAD_COMPLETE: it indicates all produced artifacts have been uploaded. This is crucial to closing the capturing time window for provenance generation.
  • TEST: often a task runs regression tests after an artifact has been produced. Some times requirements around this tests is an open environment which might not be safe for other task phases. To support effective tests, some policies can be lifted at this stage. (Although it is highly encouraged to schedule tests on a separate machine when possible to minimize risks of cross-contamination).
  • COMPLETE: complete indicates whether a task execution finished. This is crucial for server to set as this creates a clear boundary between subsequent tasks on a same machine.
const (
	TaskStage_STAGE_UNSPECIFIED TaskStage = 0
	TaskStage_STARTED           TaskStage = 1
	TaskStage_FETCH             TaskStage = 2
	TaskStage_COMPILE           TaskStage = 3
	TaskStage_UPLOAD            TaskStage = 4
	TaskStage_UPLOAD_COMPLETE   TaskStage = 5
	TaskStage_TEST              TaskStage = 6
	TaskStage_COMPLETE          TaskStage = 7
)

func (TaskStage) Descriptor

func (TaskStage) Descriptor() protoreflect.EnumDescriptor

func (TaskStage) Enum

func (x TaskStage) Enum() *TaskStage

func (TaskStage) EnumDescriptor deprecated

func (TaskStage) EnumDescriptor() ([]byte, []int)

Deprecated: Use TaskStage.Descriptor instead.

func (TaskStage) Number

func (x TaskStage) Number() protoreflect.EnumNumber

func (TaskStage) String

func (x TaskStage) String() string

func (TaskStage) Type

type UnimplementedSelfReportServer

type UnimplementedSelfReportServer struct{}

UnimplementedSelfReportServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedSelfReportServer) ReportArtifactDigest

func (UnimplementedSelfReportServer) ReportCipd

func (UnimplementedSelfReportServer) ReportGcs

func (UnimplementedSelfReportServer) ReportGit

func (UnimplementedSelfReportServer) ReportPID

func (UnimplementedSelfReportServer) ReportTaskStage

type UnsafeSelfReportServer

type UnsafeSelfReportServer interface {
	// contains filtered or unexported methods
}

UnsafeSelfReportServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to SelfReportServer will result in compilation errors.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL