diff --git a/aks-node-controller/parser/helper.go b/aks-node-controller/parser/helper.go index a3bcf1e4d40..200f7710806 100644 --- a/aks-node-controller/parser/helper.go +++ b/aks-node-controller/parser/helper.go @@ -178,7 +178,7 @@ func getEnableTLSBootstrap(bootstrapConfig *aksnodeconfigv1.TLSBootstrappingConf func getEnableSecureTLSBootstrap(bootstrapConfig *aksnodeconfigv1.TLSBootstrappingConfig) bool { // TODO: Change logic to default to false once Secure TLS Bootstrapping is complete - return bootstrapConfig.GetBootstrappingAuthMethod() == aksnodeconfigv1.BootstrappingAuthMethod_SecureTlsBootstrapping + return bootstrapConfig.GetBootstrappingAuthMethod() == aksnodeconfigv1.TLSBootstrappingConfig_SecureTlsBootstrapping } func getTLSBootstrapToken(bootstrapConfig *aksnodeconfigv1.TLSBootstrappingConfig) string { diff --git a/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.pb.go b/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.pb.go new file mode 100644 index 00000000000..b644761a897 --- /dev/null +++ b/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.pb.go @@ -0,0 +1,337 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.1 +// protoc (unknown) +// source: pkg/proto/aksnodeconfig/v1/bootstrappingconfig.proto + +package aksnodeconfigv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type BootstrappingConfig_BootstrappingAuthMethod int32 + +const ( + // This is the default K8s bootstrap authentication method - a time limited bootstrap token. It's stored as a secret + // with a particular type in the API server. + // + //nolint:gosec // this is a const string to use in switch statements, not hardcoded credentials + BootstrappingConfig_BOOTSTRAP_TOKEN BootstrappingConfig_BootstrappingAuthMethod = 0 + // Secure TLS bootstrapping is a process where the node can use signed metadata from the Azure IMDS service to authenticate + // against the api server + BootstrappingConfig_SECURE_TLS_BOOTSTRAPPING BootstrappingConfig_BootstrappingAuthMethod = 1 + // Nodes running outside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is + // + // using AAD authentication. + BootstrappingConfig_ARC_MSI BootstrappingConfig_BootstrappingAuthMethod = 2 + // Nodes running inside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is + // using AAD authentication. + BootstrappingConfig_AZURE_MSI BootstrappingConfig_BootstrappingAuthMethod = 3 +) + +// Enum value maps for BootstrappingConfig_BootstrappingAuthMethod. +var ( + BootstrappingConfig_BootstrappingAuthMethod_name = map[int32]string{ + 0: "BOOTSTRAP_TOKEN", + 1: "SECURE_TLS_BOOTSTRAPPING", + 2: "ARC_MSI", + 3: "AZURE_MSI", + } + BootstrappingConfig_BootstrappingAuthMethod_value = map[string]int32{ + "BOOTSTRAP_TOKEN": 0, + "SECURE_TLS_BOOTSTRAPPING": 1, + "ARC_MSI": 2, + "AZURE_MSI": 3, + } +) + +func (x BootstrappingConfig_BootstrappingAuthMethod) Enum() *BootstrappingConfig_BootstrappingAuthMethod { + p := new(BootstrappingConfig_BootstrappingAuthMethod) + *p = x + return p +} + +func (x BootstrappingConfig_BootstrappingAuthMethod) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (BootstrappingConfig_BootstrappingAuthMethod) Descriptor() protoreflect.EnumDescriptor { + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes[0].Descriptor() +} + +func (BootstrappingConfig_BootstrappingAuthMethod) Type() protoreflect.EnumType { + return &file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes[0] +} + +func (x BootstrappingConfig_BootstrappingAuthMethod) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use BootstrappingConfig_BootstrappingAuthMethod.Descriptor instead. +func (BootstrappingConfig_BootstrappingAuthMethod) EnumDescriptor() ([]byte, []int) { + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescGZIP(), []int{0, 0} +} + +type BootstrappingConfig_ClusterJoinMethod int32 + +const ( + // The default behaviour is for the node to make a certificate signing request (CSR) and then + // use that CSR for ongoing communication. + BootstrappingConfig_GENERATE_CSR BootstrappingConfig_ClusterJoinMethod = 0 + // In some cases, the node will use the bootstrapping auth to register itself as a node and for ongoing communications. + BootstrappingConfig_USE_BOOTSTRAPPING_AUTH BootstrappingConfig_ClusterJoinMethod = 1 +) + +// Enum value maps for BootstrappingConfig_ClusterJoinMethod. +var ( + BootstrappingConfig_ClusterJoinMethod_name = map[int32]string{ + 0: "GENERATE_CSR", + 1: "USE_BOOTSTRAPPING_AUTH", + } + BootstrappingConfig_ClusterJoinMethod_value = map[string]int32{ + "GENERATE_CSR": 0, + "USE_BOOTSTRAPPING_AUTH": 1, + } +) + +func (x BootstrappingConfig_ClusterJoinMethod) Enum() *BootstrappingConfig_ClusterJoinMethod { + p := new(BootstrappingConfig_ClusterJoinMethod) + *p = x + return p +} + +func (x BootstrappingConfig_ClusterJoinMethod) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (BootstrappingConfig_ClusterJoinMethod) Descriptor() protoreflect.EnumDescriptor { + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes[1].Descriptor() +} + +func (BootstrappingConfig_ClusterJoinMethod) Type() protoreflect.EnumType { + return &file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes[1] +} + +func (x BootstrappingConfig_ClusterJoinMethod) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use BootstrappingConfig_ClusterJoinMethod.Descriptor instead. +func (BootstrappingConfig_ClusterJoinMethod) EnumDescriptor() ([]byte, []int) { + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescGZIP(), []int{0, 1} +} + +type BootstrappingConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Method to authenticate the node to the API server + BootstrappingAuthMethod BootstrappingConfig_BootstrappingAuthMethod `protobuf:"varint,1,opt,name=bootstrapping_auth_method,json=bootstrappingAuthMethod,proto3,enum=aksnodeconfig.v1.BootstrappingConfig_BootstrappingAuthMethod" json:"bootstrapping_auth_method,omitempty"` + // how the node should join and communicate with the API server after authentication + ClusterJoinMethod BootstrappingConfig_ClusterJoinMethod `protobuf:"varint,2,opt,name=cluster_join_method,json=clusterJoinMethod,proto3,enum=aksnodeconfig.v1.BootstrappingConfig_ClusterJoinMethod" json:"cluster_join_method,omitempty"` + // Only required until Secure TLS bootstrapping in place. Would use kubelet identity after that. + TlsBootstrappingToken *string `protobuf:"bytes,3,opt,name=tls_bootstrapping_token,json=tlsBootstrappingToken,proto3,oneof" json:"tls_bootstrapping_token,omitempty"` + // Only used when secure TLS bootstrapping is enabled or one of the Azure/Arc methods. This is the appserver appid that the node will use to bootstrap. + CustomAadResource *string `protobuf:"bytes,4,opt,name=custom_aad_resource,json=customAadResource,proto3,oneof" json:"custom_aad_resource,omitempty"` + // Only used when one of the Azure/Arc methods is enabled. This is the client ID of the MSI that the node will use to bootstrap. + CustomAadClientId *string `protobuf:"bytes,5,opt,name=custom_aad_client_id,json=customAadClientId,proto3,oneof" json:"custom_aad_client_id,omitempty"` +} + +func (x *BootstrappingConfig) Reset() { + *x = BootstrappingConfig{} + mi := &file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *BootstrappingConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BootstrappingConfig) ProtoMessage() {} + +func (x *BootstrappingConfig) ProtoReflect() protoreflect.Message { + mi := &file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BootstrappingConfig.ProtoReflect.Descriptor instead. +func (*BootstrappingConfig) Descriptor() ([]byte, []int) { + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescGZIP(), []int{0} +} + +func (x *BootstrappingConfig) GetBootstrappingAuthMethod() BootstrappingConfig_BootstrappingAuthMethod { + if x != nil { + return x.BootstrappingAuthMethod + } + return BootstrappingConfig_BOOTSTRAP_TOKEN +} + +func (x *BootstrappingConfig) GetClusterJoinMethod() BootstrappingConfig_ClusterJoinMethod { + if x != nil { + return x.ClusterJoinMethod + } + return BootstrappingConfig_GENERATE_CSR +} + +func (x *BootstrappingConfig) GetTlsBootstrappingToken() string { + if x != nil && x.TlsBootstrappingToken != nil { + return *x.TlsBootstrappingToken + } + return "" +} + +func (x *BootstrappingConfig) GetCustomAadResource() string { + if x != nil && x.CustomAadResource != nil { + return *x.CustomAadResource + } + return "" +} + +func (x *BootstrappingConfig) GetCustomAadClientId() string { + if x != nil && x.CustomAadClientId != nil { + return *x.CustomAadClientId + } + return "" +} + +var File_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto protoreflect.FileDescriptor + +var file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDesc = []byte{ + 0x0a, 0x34, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, + 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x62, 0x6f, 0x6f, + 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x10, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x22, 0x9b, 0x05, 0x0a, 0x13, 0x42, 0x6f, 0x6f, + 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x12, 0x79, 0x0a, 0x19, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, + 0x67, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x3d, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, + 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, + 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x52, 0x17, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, + 0x67, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x67, 0x0a, 0x13, 0x63, + 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x37, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, + 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x74, + 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x52, 0x11, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x12, 0x3b, 0x0a, 0x17, 0x74, 0x6c, 0x73, 0x5f, 0x62, 0x6f, 0x6f, 0x74, + 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x15, 0x74, 0x6c, 0x73, 0x42, 0x6f, 0x6f, 0x74, + 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, + 0x01, 0x12, 0x33, 0x0a, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, 0x61, 0x64, 0x5f, + 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, + 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x41, 0x61, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x88, 0x01, 0x01, 0x12, 0x34, 0x0a, 0x14, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, + 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x41, 0x61, + 0x64, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x22, 0x68, 0x0a, 0x17, + 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, + 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x13, 0x0a, 0x0f, 0x42, 0x4f, 0x4f, 0x54, 0x53, + 0x54, 0x52, 0x41, 0x50, 0x5f, 0x54, 0x4f, 0x4b, 0x45, 0x4e, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, + 0x53, 0x45, 0x43, 0x55, 0x52, 0x45, 0x5f, 0x54, 0x4c, 0x53, 0x5f, 0x42, 0x4f, 0x4f, 0x54, 0x53, + 0x54, 0x52, 0x41, 0x50, 0x50, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x41, 0x52, + 0x43, 0x5f, 0x4d, 0x53, 0x49, 0x10, 0x02, 0x12, 0x0d, 0x0a, 0x09, 0x41, 0x5a, 0x55, 0x52, 0x45, + 0x5f, 0x4d, 0x53, 0x49, 0x10, 0x03, 0x22, 0x41, 0x0a, 0x11, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, + 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x10, 0x0a, 0x0c, 0x47, + 0x45, 0x4e, 0x45, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x43, 0x53, 0x52, 0x10, 0x00, 0x12, 0x1a, 0x0a, + 0x16, 0x55, 0x53, 0x45, 0x5f, 0x42, 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x50, 0x49, + 0x4e, 0x47, 0x5f, 0x41, 0x55, 0x54, 0x48, 0x10, 0x01, 0x42, 0x1a, 0x0a, 0x18, 0x5f, 0x74, 0x6c, + 0x73, 0x5f, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, + 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x16, 0x0a, 0x14, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, + 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x17, 0x0a, + 0x15, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x63, 0x6c, 0x69, + 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x42, 0xd9, 0x01, 0x0a, 0x14, 0x63, 0x6f, 0x6d, 0x2e, 0x61, + 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x42, + 0x18, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x46, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x2f, 0x41, 0x67, + 0x65, 0x6e, 0x74, 0x42, 0x61, 0x6b, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, + 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x10, 0x41, + 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, + 0x02, 0x1c, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, + 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, + 0x11, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, + 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescOnce sync.Once + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescData = file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDesc +) + +func file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescGZIP() []byte { + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescOnce.Do(func() { + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescData = protoimpl.X.CompressGZIP(file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescData) + }) + return file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDescData +} + +var file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes = make([]protoimpl.EnumInfo, 2) +var file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_goTypes = []any{ + (BootstrappingConfig_BootstrappingAuthMethod)(0), // 0: aksnodeconfig.v1.BootstrappingConfig.BootstrappingAuthMethod + (BootstrappingConfig_ClusterJoinMethod)(0), // 1: aksnodeconfig.v1.BootstrappingConfig.ClusterJoinMethod + (*BootstrappingConfig)(nil), // 2: aksnodeconfig.v1.BootstrappingConfig +} +var file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_depIdxs = []int32{ + 0, // 0: aksnodeconfig.v1.BootstrappingConfig.bootstrapping_auth_method:type_name -> aksnodeconfig.v1.BootstrappingConfig.BootstrappingAuthMethod + 1, // 1: aksnodeconfig.v1.BootstrappingConfig.cluster_join_method:type_name -> aksnodeconfig.v1.BootstrappingConfig.ClusterJoinMethod + 2, // [2:2] is the sub-list for method output_type + 2, // [2:2] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 2, // [2:2] is the sub-list for extension extendee + 0, // [0:2] is the sub-list for field type_name +} + +func init() { file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_init() } +func file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_init() { + if File_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto != nil { + return + } + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_msgTypes[0].OneofWrappers = []any{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDesc, + NumEnums: 2, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_goTypes, + DependencyIndexes: file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_depIdxs, + EnumInfos: file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_enumTypes, + MessageInfos: file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_msgTypes, + }.Build() + File_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto = out.File + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_rawDesc = nil + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_goTypes = nil + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_depIdxs = nil +} diff --git a/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.proto b/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.proto new file mode 100644 index 00000000000..0327c072676 --- /dev/null +++ b/pkg/proto/aksnodeconfig/v1/bootstrappingconfig.proto @@ -0,0 +1,43 @@ +syntax = "proto3"; +package aksnodeconfig.v1; + +message BootstrappingConfig { + // Method to authenticate the node to the API server + BootstrappingAuthMethod bootstrapping_auth_method = 1; + + // how the node should join and communicate with the API server after authentication + ClusterJoinMethod cluster_join_method = 2; + + // Only required until Secure TLS bootstrapping in place. Would use kubelet identity after that. + optional string tls_bootstrapping_token = 3; + + // Only used when secure TLS bootstrapping is enabled or one of the Azure/Arc methods. This is the appserver appid that the node will use to bootstrap. + optional string custom_aad_resource = 4; + + // Only used when one of the Azure/Arc methods is enabled. This is the client ID of the MSI that the node will use to bootstrap. + optional string custom_aad_client_id = 5; + + enum BootstrappingAuthMethod { + // This is the default K8s bootstrap authentication method - a time limited bootstrap token. It's stored as a secret + // with a particular type in the API server. + //nolint:gosec // this is a const string to use in switch statements, not hardcoded credentials + BOOTSTRAP_TOKEN = 0; + // Secure TLS bootstrapping is a process where the node can use signed metadata from the Azure IMDS service to authenticate + // against the api server + SECURE_TLS_BOOTSTRAPPING = 1; + // Nodes running outside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is + // using AAD authentication. + ARC_MSI = 2; + // Nodes running inside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is + // using AAD authentication. + AZURE_MSI = 3; + } + + enum ClusterJoinMethod { + // The default behaviour is for the node to make a certificate signing request (CSR) and then + // use that CSR for ongoing communication. + GENERATE_CSR = 0; + // In some cases, the node will use the bootstrapping auth to register itself as a node and for ongoing communications. + USE_BOOTSTRAPPING_AUTH = 1; + } +} \ No newline at end of file diff --git a/pkg/proto/aksnodeconfig/v1/config.pb.go b/pkg/proto/aksnodeconfig/v1/config.pb.go index 37f63aac559..af4b4b26eff 100644 --- a/pkg/proto/aksnodeconfig/v1/config.pb.go +++ b/pkg/proto/aksnodeconfig/v1/config.pb.go @@ -85,7 +85,7 @@ type Configuration struct { // Various Kubernetes cluster level configuration ClusterConfig *ClusterConfig `protobuf:"bytes,5,opt,name=cluster_config,json=clusterConfig,proto3" json:"cluster_config,omitempty"` // TLS bootstrap config - TlsBootstrappingConfig *TLSBootstrappingConfig `protobuf:"bytes,6,opt,name=tls_bootstrapping_config,json=tlsBootstrappingConfig,proto3" json:"tls_bootstrapping_config,omitempty"` + BootstrappingConfig *BootstrappingConfig `protobuf:"bytes,6,opt,name=bootstrapping_config,json=bootstrappingConfig,proto3" json:"bootstrapping_config,omitempty"` // Authentication configuration AuthConfig *AuthConfig `protobuf:"bytes,7,opt,name=auth_config,json=authConfig,proto3" json:"auth_config,omitempty"` // The CLI tool runc configuration @@ -225,9 +225,9 @@ func (x *Configuration) GetClusterConfig() *ClusterConfig { return nil } -func (x *Configuration) GetTlsBootstrappingConfig() *TLSBootstrappingConfig { +func (x *Configuration) GetBootstrappingConfig() *BootstrappingConfig { if x != nil { - return x.TlsBootstrappingConfig + return x.BootstrappingConfig } return nil } @@ -507,192 +507,191 @@ var file_pkg_proto_aksnodeconfig_v1_config_proto_rawDesc = []byte{ 0x30, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x1a, 0x37, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, - 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x6c, - 0x73, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2e, 0x70, 0x6b, 0x67, 0x2f, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2e, 0x70, 0x6b, 0x67, 0x2f, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x70, 0x6b, 0x67, 0x2f, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x69, 0x6d, 0x64, 0x73, 0x72, 0x65, 0x73, 0x74, 0x72, - 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x22, 0x9d, 0x13, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x50, - 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x5f, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x61, 0x6b, 0x73, - 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, - 0x62, 0x65, 0x42, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, - 0x6b, 0x75, 0x62, 0x65, 0x42, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x12, 0x53, 0x0a, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, - 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, + 0x6f, 0x1a, 0x34, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, + 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x62, 0x6f, + 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2e, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2e, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2f, 0x76, 0x31, 0x2f, 0x69, 0x6d, 0x64, 0x73, 0x72, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, + 0x69, 0x6f, 0x6e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, + 0x93, 0x13, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x50, 0x0a, 0x12, 0x6b, + 0x75, 0x62, 0x65, 0x5f, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, + 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x42, + 0x69, 0x6e, 0x61, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x6b, 0x75, 0x62, + 0x65, 0x42, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x53, 0x0a, + 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x5f, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x61, 0x6b, 0x73, + 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x75, + 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, + 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x12, 0x4d, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, - 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x43, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4d, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x5f, 0x73, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x21, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x69, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x52, 0x0f, 0x61, 0x70, 0x69, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x12, 0x46, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, + 0x2e, 0x41, 0x70, 0x69, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x52, 0x0f, 0x61, 0x70, 0x69, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x12, 0x46, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x6b, 0x73, 0x6e, + 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x63, 0x6c, 0x75, 0x73, + 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x58, 0x0a, 0x14, 0x62, 0x6f, 0x6f, + 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, + 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, + 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x13, + 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, + 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x63, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, + 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x75, 0x6e, 0x63, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x12, 0x4f, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x5f, + 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, - 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x63, - 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x62, 0x0a, 0x18, - 0x74, 0x6c, 0x73, 0x5f, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, - 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, + 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x52, 0x10, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x12, 0x49, 0x0a, 0x0f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x6b, + 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x54, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x46, 0x0a, + 0x0e, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, + 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x69, 0x0a, 0x1b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, + 0x73, 0x65, 0x61, 0x72, 0x63, 0x68, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x61, 0x6b, 0x73, + 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x75, + 0x73, 0x74, 0x6f, 0x6d, 0x53, 0x65, 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x18, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x53, 0x65, + 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x12, 0x5a, 0x0a, 0x16, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6c, 0x69, 0x6e, 0x75, 0x78, + 0x5f, 0x6f, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x25, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4c, 0x69, 0x6e, 0x75, 0x78, 0x4f, + 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4c, + 0x69, 0x6e, 0x75, 0x78, 0x4f, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4d, 0x0a, 0x11, + 0x68, 0x74, 0x74, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, + 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x50, + 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0f, 0x68, 0x74, 0x74, 0x70, + 0x50, 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3a, 0x0a, 0x0a, 0x67, + 0x70, 0x75, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1b, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x76, 0x31, 0x2e, 0x47, 0x50, 0x55, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, 0x67, 0x70, + 0x75, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x46, 0x0a, 0x0e, 0x6e, 0x65, 0x74, 0x77, 0x6f, + 0x72, 0x6b, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1f, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x76, 0x31, 0x2e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x52, 0x0d, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, + 0x2c, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x63, 0x61, + 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6b, 0x75, 0x62, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x43, 0x61, 0x43, 0x65, 0x72, 0x74, 0x12, 0x2d, 0x0a, + 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, + 0x69, 0x6f, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x0e, + 0x6b, 0x75, 0x62, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x13, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x55, + 0x72, 0x6c, 0x12, 0x17, 0x0a, 0x07, 0x76, 0x6d, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x14, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x06, 0x76, 0x6d, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6c, + 0x69, 0x6e, 0x75, 0x78, 0x5f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x69, 0x6e, 0x75, 0x78, + 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x55, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, + 0x06, 0x69, 0x73, 0x5f, 0x76, 0x68, 0x64, 0x18, 0x16, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, + 0x05, 0x69, 0x73, 0x56, 0x68, 0x64, 0x88, 0x01, 0x01, 0x12, 0x22, 0x0a, 0x0a, 0x65, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x73, 0x68, 0x18, 0x17, 0x20, 0x01, 0x28, 0x08, 0x48, 0x01, 0x52, + 0x09, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x73, 0x68, 0x88, 0x01, 0x01, 0x12, 0x3a, 0x0a, + 0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x6e, 0x61, 0x74, 0x74, 0x65, 0x6e, 0x64, + 0x65, 0x64, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x18, 0x18, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x17, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x55, 0x6e, 0x61, 0x74, 0x74, 0x65, 0x6e, 0x64, + 0x65, 0x64, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x12, 0x2b, 0x0a, 0x12, 0x6d, 0x65, 0x73, + 0x73, 0x61, 0x67, 0x65, 0x5f, 0x6f, 0x66, 0x5f, 0x74, 0x68, 0x65, 0x5f, 0x64, 0x61, 0x79, 0x18, + 0x19, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x66, + 0x54, 0x68, 0x65, 0x44, 0x61, 0x79, 0x12, 0x39, 0x0a, 0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, + 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x61, 0x67, + 0x65, 0x6e, 0x74, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x65, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x48, 0x6f, 0x73, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x67, 0x65, 0x6e, + 0x74, 0x12, 0x26, 0x0a, 0x0f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x61, 0x5f, 0x63, + 0x65, 0x72, 0x74, 0x73, 0x18, 0x1b, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x75, 0x73, 0x74, + 0x6f, 0x6d, 0x43, 0x61, 0x43, 0x65, 0x72, 0x74, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x18, 0x1c, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x4f, 0x75, + 0x74, 0x70, 0x75, 0x74, 0x12, 0x4c, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, + 0x5f, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, - 0x31, 0x2e, 0x54, 0x4c, 0x53, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, - 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x16, 0x74, 0x6c, 0x73, 0x42, 0x6f, 0x6f, - 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x12, 0x3d, 0x0a, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, - 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x52, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, - 0x3d, 0x0a, 0x0b, 0x72, 0x75, 0x6e, 0x63, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x08, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x75, 0x6e, 0x63, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x52, 0x0a, 0x72, 0x75, 0x6e, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4f, - 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x5f, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x61, 0x6b, 0x73, 0x6e, - 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x10, 0x63, - 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, - 0x49, 0x0a, 0x0f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, - 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x6c, 0x65, - 0x70, 0x6f, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x74, 0x65, 0x6c, 0x65, - 0x70, 0x6f, 0x72, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x46, 0x0a, 0x0e, 0x6b, 0x75, - 0x62, 0x65, 0x6c, 0x65, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0b, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x52, 0x0d, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x12, 0x69, 0x0a, 0x1b, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x73, 0x65, 0x61, - 0x72, 0x63, 0x68, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, - 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, - 0x6d, 0x53, 0x65, 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x52, 0x18, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x53, 0x65, 0x61, 0x72, 0x63, - 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x5a, 0x0a, - 0x16, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6c, 0x69, 0x6e, 0x75, 0x78, 0x5f, 0x6f, 0x73, - 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, - 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, - 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4c, 0x69, 0x6e, 0x75, 0x78, 0x4f, 0x53, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x52, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4c, 0x69, 0x6e, 0x75, - 0x78, 0x4f, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4d, 0x0a, 0x11, 0x68, 0x74, 0x74, - 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0e, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x50, 0x72, 0x6f, 0x78, - 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0f, 0x68, 0x74, 0x74, 0x70, 0x50, 0x72, 0x6f, - 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3a, 0x0a, 0x0a, 0x67, 0x70, 0x75, 0x5f, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x61, - 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, - 0x47, 0x50, 0x55, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, 0x67, 0x70, 0x75, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x12, 0x46, 0x0a, 0x0e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x5f, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x10, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, - 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, - 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0d, 0x6e, - 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x12, - 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x63, 0x61, 0x5f, 0x63, 0x65, - 0x72, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, - 0x65, 0x74, 0x65, 0x73, 0x43, 0x61, 0x43, 0x65, 0x72, 0x74, 0x12, 0x2d, 0x0a, 0x12, 0x6b, 0x75, - 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, - 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x0e, 0x6b, 0x75, 0x62, - 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x13, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0c, 0x6b, 0x75, 0x62, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x55, 0x72, 0x6c, 0x12, - 0x17, 0x0a, 0x07, 0x76, 0x6d, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x06, 0x76, 0x6d, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x69, 0x6e, 0x75, - 0x78, 0x5f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, - 0x18, 0x15, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x69, 0x6e, 0x75, 0x78, 0x41, 0x64, 0x6d, - 0x69, 0x6e, 0x55, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x06, 0x69, 0x73, - 0x5f, 0x76, 0x68, 0x64, 0x18, 0x16, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x05, 0x69, 0x73, - 0x56, 0x68, 0x64, 0x88, 0x01, 0x01, 0x12, 0x22, 0x0a, 0x0a, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, - 0x5f, 0x73, 0x73, 0x68, 0x18, 0x17, 0x20, 0x01, 0x28, 0x08, 0x48, 0x01, 0x52, 0x09, 0x65, 0x6e, - 0x61, 0x62, 0x6c, 0x65, 0x53, 0x73, 0x68, 0x88, 0x01, 0x01, 0x12, 0x3a, 0x0a, 0x19, 0x65, 0x6e, - 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x6e, 0x61, 0x74, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x64, 0x5f, - 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x18, 0x18, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x65, - 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x55, 0x6e, 0x61, 0x74, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x64, 0x55, - 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x12, 0x2b, 0x0a, 0x12, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, - 0x65, 0x5f, 0x6f, 0x66, 0x5f, 0x74, 0x68, 0x65, 0x5f, 0x64, 0x61, 0x79, 0x18, 0x19, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x66, 0x54, 0x68, 0x65, - 0x44, 0x61, 0x79, 0x12, 0x39, 0x0a, 0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, 0x6f, - 0x73, 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, - 0x18, 0x1a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x48, 0x6f, - 0x73, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x26, - 0x0a, 0x0f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, - 0x73, 0x18, 0x1b, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, - 0x61, 0x43, 0x65, 0x72, 0x74, 0x73, 0x12, 0x29, 0x0a, 0x10, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, - 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x4f, 0x75, 0x74, 0x70, 0x75, - 0x74, 0x12, 0x4c, 0x0a, 0x10, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x72, 0x75, - 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x61, 0x6b, - 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x57, - 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x52, 0x0f, - 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, - 0x35, 0x0a, 0x17, 0x69, 0x70, 0x76, 0x36, 0x5f, 0x64, 0x75, 0x61, 0x6c, 0x5f, 0x73, 0x74, 0x61, - 0x63, 0x6b, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x08, - 0x52, 0x14, 0x69, 0x70, 0x76, 0x36, 0x44, 0x75, 0x61, 0x6c, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x45, - 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x29, 0x0a, 0x10, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, - 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0f, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, - 0x64, 0x12, 0x41, 0x0a, 0x1d, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x72, 0x69, 0x76, 0x61, - 0x74, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x18, 0x20, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x50, - 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x53, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x1c, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, - 0x65, 0x67, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x61, 0x64, 0x64, - 0x72, 0x65, 0x73, 0x73, 0x18, 0x21, 0x20, 0x01, 0x28, 0x09, 0x52, 0x19, 0x70, 0x72, 0x69, 0x76, - 0x61, 0x74, 0x65, 0x45, 0x67, 0x72, 0x65, 0x73, 0x73, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x41, 0x64, - 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x3a, 0x0a, 0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, - 0x61, 0x72, 0x74, 0x69, 0x66, 0x61, 0x63, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, - 0x6e, 0x67, 0x18, 0x22, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, - 0x41, 0x72, 0x74, 0x69, 0x66, 0x61, 0x63, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, - 0x67, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x6b, 0x61, 0x74, 0x61, 0x18, 0x23, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x4b, 0x61, 0x74, 0x61, 0x12, 0x2a, 0x0a, 0x0e, 0x6e, 0x65, - 0x65, 0x64, 0x73, 0x5f, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x76, 0x32, 0x18, 0x24, 0x20, 0x01, - 0x28, 0x08, 0x48, 0x02, 0x52, 0x0d, 0x6e, 0x65, 0x65, 0x64, 0x73, 0x43, 0x67, 0x72, 0x6f, 0x75, - 0x70, 0x76, 0x32, 0x88, 0x01, 0x01, 0x12, 0x2e, 0x0a, 0x13, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, - 0x65, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x25, 0x20, - 0x01, 0x28, 0x08, 0x52, 0x11, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x43, 0x75, 0x73, 0x74, - 0x6f, 0x6d, 0x44, 0x61, 0x74, 0x61, 0x12, 0x5c, 0x0a, 0x2b, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, - 0x72, 0x61, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x74, - 0x61, 0x69, 0x6e, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x5f, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x26, 0x20, 0x01, 0x28, 0x09, 0x52, 0x27, 0x62, 0x6f, 0x6f, - 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x53, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x12, 0x5f, 0x0a, 0x17, 0x69, 0x6d, 0x64, 0x73, 0x5f, 0x72, 0x65, 0x73, - 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, - 0x27, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x49, 0x4d, 0x44, 0x53, 0x52, 0x65, 0x73, - 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x15, - 0x69, 0x6d, 0x64, 0x73, 0x52, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x69, 0x73, 0x5f, 0x76, 0x68, 0x64, - 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x73, 0x68, 0x42, - 0x11, 0x0a, 0x0f, 0x5f, 0x6e, 0x65, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, - 0x76, 0x32, 0x2a, 0x47, 0x0a, 0x0f, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x75, - 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x0e, 0x57, 0x52, 0x5f, 0x55, 0x4e, 0x53, 0x50, - 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4f, 0x43, 0x49, - 0x5f, 0x43, 0x4f, 0x4e, 0x54, 0x41, 0x49, 0x4e, 0x45, 0x52, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, - 0x57, 0x41, 0x53, 0x4d, 0x5f, 0x57, 0x41, 0x53, 0x49, 0x10, 0x02, 0x42, 0xcc, 0x01, 0x0a, 0x14, - 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, - 0x6f, 0x50, 0x01, 0x5a, 0x46, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, - 0x41, 0x7a, 0x75, 0x72, 0x65, 0x2f, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x42, 0x61, 0x6b, 0x65, 0x72, - 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, 0x6f, - 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x6b, 0x73, 0x6e, - 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, - 0x58, 0xaa, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x1c, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, - 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, - 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x11, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, + 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, + 0x65, 0x52, 0x0f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, + 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x17, 0x69, 0x70, 0x76, 0x36, 0x5f, 0x64, 0x75, 0x61, 0x6c, 0x5f, + 0x73, 0x74, 0x61, 0x63, 0x6b, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x1e, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x14, 0x69, 0x70, 0x76, 0x36, 0x44, 0x75, 0x61, 0x6c, 0x53, 0x74, 0x61, + 0x63, 0x6b, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x29, 0x0a, 0x10, 0x6f, 0x75, 0x74, + 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x1f, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6d, + 0x6d, 0x61, 0x6e, 0x64, 0x12, 0x41, 0x0a, 0x1d, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x5f, 0x70, 0x72, + 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x5f, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x20, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x61, 0x7a, 0x75, + 0x72, 0x65, 0x50, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, + 0x79, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x1c, 0x70, 0x72, 0x69, 0x76, 0x61, + 0x74, 0x65, 0x5f, 0x65, 0x67, 0x72, 0x65, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, + 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x21, 0x20, 0x01, 0x28, 0x09, 0x52, 0x19, 0x70, + 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x45, 0x67, 0x72, 0x65, 0x73, 0x73, 0x50, 0x72, 0x6f, 0x78, + 0x79, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x3a, 0x0a, 0x19, 0x65, 0x6e, 0x61, 0x62, + 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x74, 0x69, 0x66, 0x61, 0x63, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, + 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x22, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x65, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x41, 0x72, 0x74, 0x69, 0x66, 0x61, 0x63, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, + 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x6b, 0x61, 0x74, 0x61, 0x18, + 0x23, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x4b, 0x61, 0x74, 0x61, 0x12, 0x2a, 0x0a, + 0x0e, 0x6e, 0x65, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x76, 0x32, 0x18, + 0x24, 0x20, 0x01, 0x28, 0x08, 0x48, 0x02, 0x52, 0x0d, 0x6e, 0x65, 0x65, 0x64, 0x73, 0x43, 0x67, + 0x72, 0x6f, 0x75, 0x70, 0x76, 0x32, 0x88, 0x01, 0x01, 0x12, 0x2e, 0x0a, 0x13, 0x64, 0x69, 0x73, + 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x64, 0x61, 0x74, 0x61, + 0x18, 0x25, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x43, + 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x44, 0x61, 0x74, 0x61, 0x12, 0x5c, 0x0a, 0x2b, 0x62, 0x6f, 0x6f, + 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x63, + 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, + 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x26, 0x20, 0x01, 0x28, 0x09, 0x52, 0x27, + 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, + 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, + 0x79, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x5f, 0x0a, 0x17, 0x69, 0x6d, 0x64, 0x73, 0x5f, + 0x72, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x18, 0x27, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, + 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x49, 0x4d, 0x44, 0x53, + 0x52, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x52, 0x15, 0x69, 0x6d, 0x64, 0x73, 0x52, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x69, + 0x6f, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x69, 0x73, 0x5f, + 0x76, 0x68, 0x64, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, + 0x73, 0x68, 0x42, 0x11, 0x0a, 0x0f, 0x5f, 0x6e, 0x65, 0x65, 0x64, 0x73, 0x5f, 0x63, 0x67, 0x72, + 0x6f, 0x75, 0x70, 0x76, 0x32, 0x2a, 0x47, 0x0a, 0x0f, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, + 0x64, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x0e, 0x57, 0x52, 0x5f, 0x55, + 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, + 0x4f, 0x43, 0x49, 0x5f, 0x43, 0x4f, 0x4e, 0x54, 0x41, 0x49, 0x4e, 0x45, 0x52, 0x10, 0x01, 0x12, + 0x0d, 0x0a, 0x09, 0x57, 0x41, 0x53, 0x4d, 0x5f, 0x57, 0x41, 0x53, 0x49, 0x10, 0x02, 0x42, 0xcc, + 0x01, 0x0a, 0x14, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, + 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x46, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, + 0x6f, 0x6d, 0x2f, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x2f, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x42, 0x61, + 0x6b, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, + 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x3b, 0x61, + 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x76, 0x31, 0xa2, 0x02, + 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, + 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x1c, 0x41, 0x6b, 0x73, + 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, + 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x11, 0x41, 0x6b, 0x73, 0x6e, + 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -716,7 +715,7 @@ var file_pkg_proto_aksnodeconfig_v1_config_proto_goTypes = []any{ (*CustomCloudConfig)(nil), // 3: aksnodeconfig.v1.CustomCloudConfig (*ApiServerConfig)(nil), // 4: aksnodeconfig.v1.ApiServerConfig (*ClusterConfig)(nil), // 5: aksnodeconfig.v1.ClusterConfig - (*TLSBootstrappingConfig)(nil), // 6: aksnodeconfig.v1.TLSBootstrappingConfig + (*BootstrappingConfig)(nil), // 6: aksnodeconfig.v1.BootstrappingConfig (*AuthConfig)(nil), // 7: aksnodeconfig.v1.AuthConfig (*RuncConfig)(nil), // 8: aksnodeconfig.v1.RuncConfig (*ContainerdConfig)(nil), // 9: aksnodeconfig.v1.ContainerdConfig @@ -734,7 +733,7 @@ var file_pkg_proto_aksnodeconfig_v1_config_proto_depIdxs = []int32{ 3, // 1: aksnodeconfig.v1.Configuration.custom_cloud_config:type_name -> aksnodeconfig.v1.CustomCloudConfig 4, // 2: aksnodeconfig.v1.Configuration.api_server_config:type_name -> aksnodeconfig.v1.ApiServerConfig 5, // 3: aksnodeconfig.v1.Configuration.cluster_config:type_name -> aksnodeconfig.v1.ClusterConfig - 6, // 4: aksnodeconfig.v1.Configuration.tls_bootstrapping_config:type_name -> aksnodeconfig.v1.TLSBootstrappingConfig + 6, // 4: aksnodeconfig.v1.Configuration.bootstrapping_config:type_name -> aksnodeconfig.v1.BootstrappingConfig 7, // 5: aksnodeconfig.v1.Configuration.auth_config:type_name -> aksnodeconfig.v1.AuthConfig 8, // 6: aksnodeconfig.v1.Configuration.runc_config:type_name -> aksnodeconfig.v1.RuncConfig 9, // 7: aksnodeconfig.v1.Configuration.containerd_config:type_name -> aksnodeconfig.v1.ContainerdConfig @@ -771,7 +770,7 @@ func file_pkg_proto_aksnodeconfig_v1_config_proto_init() { file_pkg_proto_aksnodeconfig_v1_runcconfig_proto_init() file_pkg_proto_aksnodeconfig_v1_customcloudconfig_proto_init() file_pkg_proto_aksnodeconfig_v1_apiserverconfig_proto_init() - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_init() + file_pkg_proto_aksnodeconfig_v1_bootstrappingconfig_proto_init() file_pkg_proto_aksnodeconfig_v1_clusterconfig_proto_init() file_pkg_proto_aksnodeconfig_v1_networkconfig_proto_init() file_pkg_proto_aksnodeconfig_v1_imdsrestrictionconfig_proto_init() diff --git a/pkg/proto/aksnodeconfig/v1/config.proto b/pkg/proto/aksnodeconfig/v1/config.proto index 6dc193fba95..779d04cfe80 100644 --- a/pkg/proto/aksnodeconfig/v1/config.proto +++ b/pkg/proto/aksnodeconfig/v1/config.proto @@ -14,7 +14,7 @@ import "pkg/proto/aksnodeconfig/v1/teleportconfig.proto"; import "pkg/proto/aksnodeconfig/v1/runcconfig.proto"; import "pkg/proto/aksnodeconfig/v1/customcloudconfig.proto"; import "pkg/proto/aksnodeconfig/v1/apiserverconfig.proto"; -import "pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.proto"; +import "pkg/proto/aksnodeconfig/v1/bootstrappingconfig.proto"; import "pkg/proto/aksnodeconfig/v1/clusterconfig.proto"; import "pkg/proto/aksnodeconfig/v1/networkconfig.proto"; import "pkg/proto/aksnodeconfig/v1/imdsrestrictionconfig.proto"; @@ -42,7 +42,7 @@ message Configuration { ClusterConfig cluster_config = 5; // TLS bootstrap config - TLSBootstrappingConfig tls_bootstrapping_config = 6; + BootstrappingConfig bootstrapping_config = 6; // Authentication configuration AuthConfig auth_config = 7; diff --git a/pkg/proto/aksnodeconfig/v1/helper.go b/pkg/proto/aksnodeconfig/v1/helper.go index eafc62fb7a0..7f978b77699 100644 --- a/pkg/proto/aksnodeconfig/v1/helper.go +++ b/pkg/proto/aksnodeconfig/v1/helper.go @@ -31,7 +31,7 @@ func ensureConfigsNonNil(nBC *Configuration) { initializeIfNil(&nBC.ClusterConfig.ClusterNetworkConfig) initializeIfNil(&nBC.GpuConfig) initializeIfNil(&nBC.NetworkConfig) - initializeIfNil(&nBC.TlsBootstrappingConfig) + initializeIfNil(&nBC.BootstrappingConfig) initializeIfNil(&nBC.KubeletConfig) initializeIfNil(&nBC.RuncConfig) initializeIfNil(&nBC.ContainerdConfig) diff --git a/pkg/proto/aksnodeconfig/v1/helper_test.go b/pkg/proto/aksnodeconfig/v1/helper_test.go index cc09b7b5e3e..aa59f7a079d 100644 --- a/pkg/proto/aksnodeconfig/v1/helper_test.go +++ b/pkg/proto/aksnodeconfig/v1/helper_test.go @@ -18,13 +18,13 @@ func TestNewNBContractBuilder(t *testing.T) { LoadBalancerConfig: &LoadBalancerConfig{}, ClusterNetworkConfig: &ClusterNetworkConfig{}, }, - GpuConfig: &GPUConfig{}, - NetworkConfig: &NetworkConfig{}, - TlsBootstrappingConfig: &TLSBootstrappingConfig{}, - KubeletConfig: &KubeletConfig{}, - RuncConfig: &RuncConfig{}, - ContainerdConfig: &ContainerdConfig{}, - TeleportConfig: &TeleportConfig{}, + GpuConfig: &GPUConfig{}, + NetworkConfig: &NetworkConfig{}, + BootstrappingConfig: &BootstrappingConfig{}, + KubeletConfig: &KubeletConfig{}, + RuncConfig: &RuncConfig{}, + ContainerdConfig: &ContainerdConfig{}, + TeleportConfig: &TeleportConfig{}, CustomLinuxOsConfig: &CustomLinuxOSConfig{ SysctlConfig: &SysctlConfig{}, UlimitConfig: &UlimitConfig{}, @@ -64,13 +64,13 @@ func TestNBContractBuilder_ApplyConfiguration(t *testing.T) { LoadBalancerConfig: &LoadBalancerConfig{}, ClusterNetworkConfig: &ClusterNetworkConfig{}, }, - GpuConfig: &GPUConfig{}, - NetworkConfig: &NetworkConfig{}, - TlsBootstrappingConfig: &TLSBootstrappingConfig{}, - KubeletConfig: &KubeletConfig{}, - RuncConfig: &RuncConfig{}, - ContainerdConfig: &ContainerdConfig{}, - TeleportConfig: &TeleportConfig{}, + GpuConfig: &GPUConfig{}, + NetworkConfig: &NetworkConfig{}, + BootstrappingConfig: &BootstrappingConfig{}, + KubeletConfig: &KubeletConfig{}, + RuncConfig: &RuncConfig{}, + ContainerdConfig: &ContainerdConfig{}, + TeleportConfig: &TeleportConfig{}, CustomLinuxOsConfig: &CustomLinuxOSConfig{ SysctlConfig: &SysctlConfig{}, UlimitConfig: &UlimitConfig{}, diff --git a/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.pb.go b/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.pb.go deleted file mode 100644 index ba6acb4b9c5..00000000000 --- a/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.pb.go +++ /dev/null @@ -1,335 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.35.1 -// protoc (unknown) -// source: pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.proto - -package aksnodeconfigv1 - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type BootstrappingAuthMethod int32 - -const ( - // This is the default K8s bootstrap authentication method - a time limited bootstrap token. It's stored as a secret - // with a particular type in the API server. - // - //nolint:gosec // this is a const string to use in switch statements, not hardcoded credentials - BootstrappingAuthMethod_TlsBootstrapToken BootstrappingAuthMethod = 0 - // Secure TLS bootstrapping is a process where the node can use signed metadata from the Azure IMDS service to authenticate - // against the api server - BootstrappingAuthMethod_SecureTlsBootstrapping BootstrappingAuthMethod = 1 - // Nodes running outside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is - // - // using AAD authentication. - BootstrappingAuthMethod_ArcMsi BootstrappingAuthMethod = 2 - // Nodes running inside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is - // using AAD authentication. - BootstrappingAuthMethod_AzureMsi BootstrappingAuthMethod = 3 -) - -// Enum value maps for BootstrappingAuthMethod. -var ( - BootstrappingAuthMethod_name = map[int32]string{ - 0: "TlsBootstrapToken", - 1: "SecureTlsBootstrapping", - 2: "ArcMsi", - 3: "AzureMsi", - } - BootstrappingAuthMethod_value = map[string]int32{ - "TlsBootstrapToken": 0, - "SecureTlsBootstrapping": 1, - "ArcMsi": 2, - "AzureMsi": 3, - } -) - -func (x BootstrappingAuthMethod) Enum() *BootstrappingAuthMethod { - p := new(BootstrappingAuthMethod) - *p = x - return p -} - -func (x BootstrappingAuthMethod) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (BootstrappingAuthMethod) Descriptor() protoreflect.EnumDescriptor { - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes[0].Descriptor() -} - -func (BootstrappingAuthMethod) Type() protoreflect.EnumType { - return &file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes[0] -} - -func (x BootstrappingAuthMethod) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use BootstrappingAuthMethod.Descriptor instead. -func (BootstrappingAuthMethod) EnumDescriptor() ([]byte, []int) { - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescGZIP(), []int{0} -} - -type ClusterJoinMethod int32 - -const ( - // The default behaviour is for the node to make a certificate signing request (CSR) and then - // use that CSR for ongoing communication. - ClusterJoinMethod_GenerateCsr ClusterJoinMethod = 0 - // In some cases, the node will use the bootstrapping auth to register itself as a node and for ongoing communications. - ClusterJoinMethod_UseBootstrappingAuth ClusterJoinMethod = 1 -) - -// Enum value maps for ClusterJoinMethod. -var ( - ClusterJoinMethod_name = map[int32]string{ - 0: "GenerateCsr", - 1: "UseBootstrappingAuth", - } - ClusterJoinMethod_value = map[string]int32{ - "GenerateCsr": 0, - "UseBootstrappingAuth": 1, - } -) - -func (x ClusterJoinMethod) Enum() *ClusterJoinMethod { - p := new(ClusterJoinMethod) - *p = x - return p -} - -func (x ClusterJoinMethod) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (ClusterJoinMethod) Descriptor() protoreflect.EnumDescriptor { - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes[1].Descriptor() -} - -func (ClusterJoinMethod) Type() protoreflect.EnumType { - return &file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes[1] -} - -func (x ClusterJoinMethod) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use ClusterJoinMethod.Descriptor instead. -func (ClusterJoinMethod) EnumDescriptor() ([]byte, []int) { - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescGZIP(), []int{1} -} - -type TLSBootstrappingConfig struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // Method to authenticate the node to the API server - BootstrappingAuthMethod BootstrappingAuthMethod `protobuf:"varint,1,opt,name=bootstrapping_auth_method,json=bootstrappingAuthMethod,proto3,enum=aksnodeconfig.v1.BootstrappingAuthMethod" json:"bootstrapping_auth_method,omitempty"` - // how the node should join and communicate with the API server after authentication - ClusterJoinMethod ClusterJoinMethod `protobuf:"varint,2,opt,name=cluster_join_method,json=clusterJoinMethod,proto3,enum=aksnodeconfig.v1.ClusterJoinMethod" json:"cluster_join_method,omitempty"` - // Only required until Secure TLS bootstrapping in place. Would use kubelet identity after that. - TlsBootstrappingToken *string `protobuf:"bytes,3,opt,name=tls_bootstrapping_token,json=tlsBootstrappingToken,proto3,oneof" json:"tls_bootstrapping_token,omitempty"` - // Only used when secure TLS bootstrapping is enabled or one of the Azure/Arc methods. This is the appserver appid that the node will use to bootstrap. - CustomAadResource *string `protobuf:"bytes,4,opt,name=custom_aad_resource,json=customAadResource,proto3,oneof" json:"custom_aad_resource,omitempty"` - // Only used when one of the Azure/Arc methods is enabled. This is the client ID of the MSI that the node will use to bootstrap. - CustomAadClientId *string `protobuf:"bytes,5,opt,name=custom_aad_client_id,json=customAadClientId,proto3,oneof" json:"custom_aad_client_id,omitempty"` -} - -func (x *TLSBootstrappingConfig) Reset() { - *x = TLSBootstrappingConfig{} - mi := &file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) -} - -func (x *TLSBootstrappingConfig) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*TLSBootstrappingConfig) ProtoMessage() {} - -func (x *TLSBootstrappingConfig) ProtoReflect() protoreflect.Message { - mi := &file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_msgTypes[0] - if x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use TLSBootstrappingConfig.ProtoReflect.Descriptor instead. -func (*TLSBootstrappingConfig) Descriptor() ([]byte, []int) { - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescGZIP(), []int{0} -} - -func (x *TLSBootstrappingConfig) GetBootstrappingAuthMethod() BootstrappingAuthMethod { - if x != nil { - return x.BootstrappingAuthMethod - } - return BootstrappingAuthMethod_TlsBootstrapToken -} - -func (x *TLSBootstrappingConfig) GetClusterJoinMethod() ClusterJoinMethod { - if x != nil { - return x.ClusterJoinMethod - } - return ClusterJoinMethod_GenerateCsr -} - -func (x *TLSBootstrappingConfig) GetTlsBootstrappingToken() string { - if x != nil && x.TlsBootstrappingToken != nil { - return *x.TlsBootstrappingToken - } - return "" -} - -func (x *TLSBootstrappingConfig) GetCustomAadResource() string { - if x != nil && x.CustomAadResource != nil { - return *x.CustomAadResource - } - return "" -} - -func (x *TLSBootstrappingConfig) GetCustomAadClientId() string { - if x != nil && x.CustomAadClientId != nil { - return *x.CustomAadClientId - } - return "" -} - -var File_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto protoreflect.FileDescriptor - -var file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDesc = []byte{ - 0x0a, 0x37, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, 0x6b, 0x73, 0x6e, - 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x6c, 0x73, - 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x10, 0x61, 0x6b, 0x73, 0x6e, 0x6f, - 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x22, 0xc9, 0x03, 0x0a, 0x16, - 0x54, 0x4c, 0x53, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, - 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x65, 0x0a, 0x19, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, - 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, - 0x68, 0x6f, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x61, 0x6b, 0x73, 0x6e, - 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, - 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x52, 0x17, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, - 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x53, 0x0a, - 0x13, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x61, 0x6b, 0x73, - 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6c, - 0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, - 0x11, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x12, 0x3b, 0x0a, 0x17, 0x74, 0x6c, 0x73, 0x5f, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, - 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x15, 0x74, 0x6c, 0x73, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, - 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x12, - 0x33, 0x0a, 0x13, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x72, 0x65, - 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x11, - 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x41, 0x61, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x88, 0x01, 0x01, 0x12, 0x34, 0x0a, 0x14, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, - 0x61, 0x64, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, - 0x28, 0x09, 0x48, 0x02, 0x52, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x41, 0x61, 0x64, 0x43, - 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x42, 0x1a, 0x0a, 0x18, 0x5f, 0x74, - 0x6c, 0x73, 0x5f, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, - 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x16, 0x0a, 0x14, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, - 0x6d, 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x42, 0x17, - 0x0a, 0x15, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, 0x61, 0x64, 0x5f, 0x63, 0x6c, - 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x2a, 0x66, 0x0a, 0x17, 0x42, 0x6f, 0x6f, 0x74, 0x73, - 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x12, 0x15, 0x0a, 0x11, 0x54, 0x6c, 0x73, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, - 0x61, 0x70, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x10, 0x00, 0x12, 0x1a, 0x0a, 0x16, 0x53, 0x65, 0x63, - 0x75, 0x72, 0x65, 0x54, 0x6c, 0x73, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, - 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x72, 0x63, 0x4d, 0x73, 0x69, 0x10, - 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x4d, 0x73, 0x69, 0x10, 0x03, 0x2a, - 0x3e, 0x0a, 0x11, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x12, 0x0f, 0x0a, 0x0b, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, - 0x43, 0x73, 0x72, 0x10, 0x00, 0x12, 0x18, 0x0a, 0x14, 0x55, 0x73, 0x65, 0x42, 0x6f, 0x6f, 0x74, - 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x10, 0x01, 0x42, - 0xdc, 0x01, 0x0a, 0x14, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x42, 0x1b, 0x54, 0x6c, 0x73, 0x62, 0x6f, 0x6f, - 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x46, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, - 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x2f, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x42, - 0x61, 0x6b, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x61, - 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x3b, - 0x61, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x76, 0x31, 0xa2, - 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x10, 0x41, 0x6b, 0x73, 0x6e, 0x6f, - 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x1c, 0x41, 0x6b, - 0x73, 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0x5c, 0x47, - 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x11, 0x41, 0x6b, 0x73, - 0x6e, 0x6f, 0x64, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescOnce sync.Once - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescData = file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDesc -) - -func file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescGZIP() []byte { - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescOnce.Do(func() { - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescData = protoimpl.X.CompressGZIP(file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescData) - }) - return file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDescData -} - -var file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_msgTypes = make([]protoimpl.MessageInfo, 1) -var file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_goTypes = []any{ - (BootstrappingAuthMethod)(0), // 0: aksnodeconfig.v1.BootstrappingAuthMethod - (ClusterJoinMethod)(0), // 1: aksnodeconfig.v1.ClusterJoinMethod - (*TLSBootstrappingConfig)(nil), // 2: aksnodeconfig.v1.TLSBootstrappingConfig -} -var file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_depIdxs = []int32{ - 0, // 0: aksnodeconfig.v1.TLSBootstrappingConfig.bootstrapping_auth_method:type_name -> aksnodeconfig.v1.BootstrappingAuthMethod - 1, // 1: aksnodeconfig.v1.TLSBootstrappingConfig.cluster_join_method:type_name -> aksnodeconfig.v1.ClusterJoinMethod - 2, // [2:2] is the sub-list for method output_type - 2, // [2:2] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 2, // [2:2] is the sub-list for extension extendee - 0, // [0:2] is the sub-list for field type_name -} - -func init() { file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_init() } -func file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_init() { - if File_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto != nil { - return - } - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_msgTypes[0].OneofWrappers = []any{} - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDesc, - NumEnums: 2, - NumMessages: 1, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_goTypes, - DependencyIndexes: file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_depIdxs, - EnumInfos: file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_enumTypes, - MessageInfos: file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_msgTypes, - }.Build() - File_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto = out.File - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_rawDesc = nil - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_goTypes = nil - file_pkg_proto_aksnodeconfig_v1_tlsbootstrappingconfig_proto_depIdxs = nil -} diff --git a/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.proto b/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.proto deleted file mode 100644 index cb05b05635d..00000000000 --- a/pkg/proto/aksnodeconfig/v1/tlsbootstrappingconfig.proto +++ /dev/null @@ -1,44 +0,0 @@ -syntax = "proto3"; -package aksnodeconfig.v1; - -enum BootstrappingAuthMethod { - // This is the default K8s bootstrap authentication method - a time limited bootstrap token. It's stored as a secret - // with a particular type in the API server. - //nolint:gosec // this is a const string to use in switch statements, not hardcoded credentials - TlsBootstrapToken = 0; - // Secure TLS bootstrapping is a process where the node can use signed metadata from the Azure IMDS service to authenticate - // against the api server - SecureTlsBootstrapping = 1; - // Nodes running outside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is - // using AAD authentication. - ArcMsi = 2; - // Nodes running inside Azure can use the Azure Arc MSI to authenticate to an API server. This only works when the cluster is - // using AAD authentication. - AzureMsi = 3; -} - -enum ClusterJoinMethod { - // The default behaviour is for the node to make a certificate signing request (CSR) and then - // use that CSR for ongoing communication. - GenerateCsr = 0; - // In some cases, the node will use the bootstrapping auth to register itself as a node and for ongoing communications. - UseBootstrappingAuth = 1; -} - - -message TLSBootstrappingConfig { - // Method to authenticate the node to the API server - BootstrappingAuthMethod bootstrapping_auth_method = 1; - - // how the node should join and communicate with the API server after authentication - ClusterJoinMethod cluster_join_method = 2; - - // Only required until Secure TLS bootstrapping in place. Would use kubelet identity after that. - optional string tls_bootstrapping_token = 3; - - // Only used when secure TLS bootstrapping is enabled or one of the Azure/Arc methods. This is the appserver appid that the node will use to bootstrap. - optional string custom_aad_resource = 4; - - // Only used when one of the Azure/Arc methods is enabled. This is the client ID of the MSI that the node will use to bootstrap. - optional string custom_aad_client_id = 5; -} \ No newline at end of file