diff --git a/.buf.yaml b/.buf.yaml index bae2c1ff..b5890560 100644 --- a/.buf.yaml +++ b/.buf.yaml @@ -1,4 +1,6 @@ version: v2 +modules: + - path: hipcheck-common/proto lint: use: - STANDARD diff --git a/Cargo.lock b/Cargo.lock index 841910d9..5731a6e4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2108,7 +2108,6 @@ dependencies = [ "tokio-stream", "toml", "tonic", - "tonic-build", "unicode-normalization", "ureq", "url", diff --git a/hipcheck-common/build.rs b/hipcheck-common/build.rs index 38e64f3f..d56592f7 100644 --- a/hipcheck-common/build.rs +++ b/hipcheck-common/build.rs @@ -1,14 +1,11 @@ // SPDX-License-Identifier: Apache-2.0 use anyhow::Result; -use pathbuf::pathbuf; -use tonic_build::compile_protos; +use tonic_build::configure; fn main() -> Result<()> { // Compile the Hipcheck gRPC protocol spec to an .rs file - let root = env!("CARGO_MANIFEST_DIR"); - let path = pathbuf![root, "proto", "hipcheck", "v1", "hipcheck.proto"]; - compile_protos(path)?; + configure().compile_protos(&["proto/hipcheck/v1/plugin_service.proto"], &["proto"])?; // Make the target available as a compile-time env var for plugin arch // resolution diff --git a/proto/hipcheck/v1/messages/default_policy_expr_request.proto b/hipcheck-common/proto/hipcheck/v1/default_policy_expr_request.proto similarity index 64% rename from proto/hipcheck/v1/messages/default_policy_expr_request.proto rename to hipcheck-common/proto/hipcheck/v1/default_policy_expr_request.proto index 6acc1a83..2f3ce58b 100644 --- a/proto/hipcheck/v1/messages/default_policy_expr_request.proto +++ b/hipcheck-common/proto/hipcheck/v1/default_policy_expr_request.proto @@ -1,12 +1,12 @@ syntax = "proto3"; package hipcheck.v1; -import "empty.proto"; +import "hipcheck/v1/empty.proto"; /** * Getting the default policy expression has no params, so we just wrap * the empty message for maximal forward compatibility. */ -message DefaultPolicyExprRequest { - Empty empty = 1; +message GetDefaultPolicyExpressionRequest { + Empty empty = 1; } diff --git a/hipcheck-common/proto/hipcheck/v1/default_policy_expr_response.proto b/hipcheck-common/proto/hipcheck/v1/default_policy_expr_response.proto new file mode 100644 index 00000000..67b707dd --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/default_policy_expr_response.proto @@ -0,0 +1,10 @@ +syntax = "proto3"; +package hipcheck.v1; + +message GetDefaultPolicyExpressionResponse { + // A policy expression, if the plugin has a default policy. + // This MUST be filled in with any default values pulled from the plugin's + // configuration. Hipcheck will only request the default policy _after_ + // configuring the plugin. + string policy_expression = 1; +} diff --git a/proto/hipcheck/v1/messages/empty.proto b/hipcheck-common/proto/hipcheck/v1/empty.proto similarity index 100% rename from proto/hipcheck/v1/messages/empty.proto rename to hipcheck-common/proto/hipcheck/v1/empty.proto diff --git a/proto/hipcheck/v1/messages/explain_default_query_request.proto b/hipcheck-common/proto/hipcheck/v1/explain_default_query_request.proto similarity index 60% rename from proto/hipcheck/v1/messages/explain_default_query_request.proto rename to hipcheck-common/proto/hipcheck/v1/explain_default_query_request.proto index 0a02c862..9a091633 100644 --- a/proto/hipcheck/v1/messages/explain_default_query_request.proto +++ b/hipcheck-common/proto/hipcheck/v1/explain_default_query_request.proto @@ -1,8 +1,8 @@ syntax = "proto3"; package hipcheck.v1; -import "empty.proto"; +import "hipcheck/v1/empty.proto"; message ExplainDefaultQueryRequest { - Empty empty = 1; + Empty empty = 1; } diff --git a/proto/hipcheck/v1/messages/explain_default_query_response.proto b/hipcheck-common/proto/hipcheck/v1/explain_default_query_response.proto similarity index 58% rename from proto/hipcheck/v1/messages/explain_default_query_response.proto rename to hipcheck-common/proto/hipcheck/v1/explain_default_query_response.proto index 03ad17bf..15e0ef3c 100644 --- a/proto/hipcheck/v1/messages/explain_default_query_response.proto +++ b/hipcheck-common/proto/hipcheck/v1/explain_default_query_response.proto @@ -5,8 +5,8 @@ package hipcheck.v1; * The response from the ExplainDefaultQuery RPC call. */ message ExplainDefaultQueryResponse { - /** - * An unstructured description of the default query. - */ - string explanation = 1; + /** + * An unstructured description of the default query. + */ + string explanation = 1; } diff --git a/hipcheck-common/proto/hipcheck/v1/hipcheck.proto b/hipcheck-common/proto/hipcheck/v1/hipcheck.proto deleted file mode 100644 index 63f043c8..00000000 --- a/hipcheck-common/proto/hipcheck/v1/hipcheck.proto +++ /dev/null @@ -1,212 +0,0 @@ -syntax = "proto3"; - -package hipcheck.v1; - -service PluginService { - /** - * Get schemas for all supported queries by the plugin. - * - * This is used by Hipcheck to validate that: - * - * - The plugin supports a default query taking a `target` type if used - * as a top-level plugin in the user's policy file. - * - That requests sent to the plugin and data returned by the plugin - * match the schema during execution. - */ - rpc GetQuerySchemas (GetQuerySchemasRequest) - returns (stream GetQuerySchemasResponse); - - /** - * Hipcheck sends all child nodes for the plugin from the user's policy - * file to configure the plugin. - */ - rpc SetConfiguration (SetConfigurationRequest) - returns (SetConfigurationResponse); - - /** - * Get the default policy for a plugin, which may additionally depend on - * the plugin's configuration. - */ - rpc GetDefaultPolicyExpression (GetDefaultPolicyExpressionRequest) - returns (GetDefaultPolicyExpressionResponse); - - /** - * Get an explanation of what the default query returns, to use when - * reporting analysis results to users. - * - * Note that, because users can specify their own policy expression, this - * explanation *should not* assume the user has used the default policy - * expression, if one is provided by the plugin. - */ - rpc ExplainDefaultQuery (ExplainDefaultQueryRequest) - returns (ExplainDefaultQueryResponse); - - /** - * Open a bidirectional streaming RPC to enable a request/response - * protocol between Hipcheck and a plugin, where Hipcheck can issue - * queries to the plugin, and the plugin may issue queries to _other_ - * plugins through Hipcheck. - * - * Queries are cached by the publisher name, plugin name, query name, - * and key, and if a match is found for those four values, then - * Hipcheck will respond with the cached result of that prior matching - * query rather than running the query again. - */ - rpc InitiateQueryProtocol (stream InitiateQueryProtocolRequest) - returns (stream InitiateQueryProtocolResponse); -} - -/*=========================================================================== - * GetQuerySchemas RPC Types - */ - -message GetQuerySchemasRequest { - Empty empty = 1; -} - -message GetQuerySchemasResponse { - // The name of the query being described by the schemas provided. - // - // If either the key and/or output schemas result in a message which is - // too big, they may be chunked across multiple replies in the stream. - // Replies with matching query names should have their fields concatenated - // in the order received to reconstruct the chunks. - string query_name = 1; - - // The key schema, in JSON Schema format. - string key_schema = 2; - - // The output schema, in JSON Schema format. - string output_schema = 3; -} - -/*=========================================================================== - * SetConfiguration RPC Types - */ - -message SetConfigurationRequest { - // JSON string containing configuration data expected by the plugin, - // pulled from the user's policy file. - string configuration = 1; -} - -message SetConfigurationResponse { - // The status of the configuration call. - ConfigurationStatus status = 1; - // An optional error message, if there was an error. - string message = 2; -} - -enum ConfigurationStatus { - // An unknown error occured. - CONFIGURATION_STATUS_UNSPECIFIED = 0; - // No error; the operation was successful. - CONFIGURATION_STATUS_NONE = 1; - // The user failed to provide a required configuration item. - CONFIGURATION_STATUS_MISSING_REQUIRED_CONFIGURATION = 2; - // The user provided a configuration item whose name was not recognized. - CONFIGURATION_STATUS_UNRECOGNIZED_CONFIGURATION = 3; - // The user provided a configuration item whose value is invalid. - CONFIGURATION_STATUS_INVALID_CONFIGURATION_VALUE = 4; -} - -/*=========================================================================== - * GetDefaultPolicyExpression RPC Types - */ - -message GetDefaultPolicyExpressionRequest { - Empty empty = 1; -} - -message GetDefaultPolicyExpressionResponse { - // A policy expression, if the plugin has a default policy. - // This MUST be filled in with any default values pulled from the plugin's - // configuration. Hipcheck will only request the default policy _after_ - // configuring the plugin. - string policy_expression = 1; -} - -/*=========================================================================== - * ExplainDefaultQuery RPC Types - */ - -message ExplainDefaultQueryRequest { - Empty empty = 1; -} - -message ExplainDefaultQueryResponse { - string explanation = 1; -} - -/*=========================================================================== - * Query Protocol RPC Types - */ - -message InitiateQueryProtocolRequest { - Query query = 1; -} - -message InitiateQueryProtocolResponse { - Query query = 1; -} - -message Query { - // The ID of the request, used to associate requests and replies. - // Odd numbers = initiated by `hc`. - // Even numbers = initiated by a plugin. - int32 id = 1; - - // The state of the query, indicating if this is a request or a reply, - // and if it's a reply whether it's the end of the reply. - QueryState state = 2; - - // Publisher name and plugin name, when sent from Hipcheck to a plugin - // to initiate a fresh query, are used by the receiving plugin to validate - // that the query was intended for them. - // - // When a plugin is making a query to another plugin through Hipcheck, it's - // used to indicate the destination plugin, and to indicate the plugin that - // is replying when Hipcheck sends back the reply. - string publisher_name = 3; - string plugin_name = 4; - - // The name of the query being made, so the responding plugin knows what - // to do with the provided data. - string query_name = 5; - - // The key for the query, as a JSON object. This is the data that Hipcheck's - // incremental computation system will use to cache the response. - string key = 6; - - // The response for the query, as a JSON object. This will be cached by - // Hipcheck for future queries matching the publisher name, plugin name, - // query name, and key. - string output = 7; - - // An unstructured concern raised during the query that will be raised - // in the final Hipcheck report. - repeated string concern = 8; -} - -enum QueryState { - // Something has gone wrong. - QUERY_STATE_UNSPECIFIED = 0; - - // We are submitting a new query. - QUERY_STATE_SUBMIT = 1; - - // We are replying to a query and expect more chunks. - QUERY_STATE_REPLY_IN_PROGRESS = 2; - - // We are closing a reply to a query. If a query response is in one chunk, - // just send this. If a query is in more than one chunk, send this with - // the last message in the reply. This tells the receiver that all chunks - // have been received. - QUERY_STATE_REPLY_COMPLETE = 3; -} - -/*=========================================================================== - * Helper Types - */ - -message Empty {} diff --git a/hipcheck-common/proto/hipcheck/v1/plugin_service.proto b/hipcheck-common/proto/hipcheck/v1/plugin_service.proto new file mode 100644 index 00000000..901cd386 --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/plugin_service.proto @@ -0,0 +1,69 @@ +syntax = "proto3"; +package hipcheck.v1; + +import "hipcheck/v1/default_policy_expr_request.proto"; +import "hipcheck/v1/default_policy_expr_response.proto"; +import "hipcheck/v1/explain_default_query_request.proto"; +import "hipcheck/v1/explain_default_query_response.proto"; +import "hipcheck/v1/query.proto"; +import "hipcheck/v1/query_response.proto"; +import "hipcheck/v1/query_schemas_request.proto"; +import "hipcheck/v1/set_configuration_request.proto"; +import "hipcheck/v1/set_configuration_response.proto"; + +service PluginService { + /** + * Get schemas for all supported queries by the plugin. + * + * This is used by Hipcheck to validate that: + * + * - The plugin supports a default query taking a `target` type if used + * as a top-level plugin in the user's policy file. + * - That requests sent to the plugin and data returned by the plugin + * match the schema during execution. + */ + rpc GetQuerySchemas(GetQuerySchemasRequest) returns (stream GetQuerySchemasResponse); + + /** + * Hipcheck sends all child nodes for the plugin from the user's policy + * file to configure the plugin. + */ + rpc SetConfiguration(SetConfigurationRequest) returns (SetConfigurationResponse); + + /** + * Get the default policy for a plugin, which may additionally depend on + * the plugin's configuration. + */ + rpc GetDefaultPolicyExpression(GetDefaultPolicyExpressionRequest) returns (GetDefaultPolicyExpressionResponse); + + /** + * Get an explanation of what the default query returns, to use when + * reporting analysis results to users. + * + * Note that, because users can specify their own policy expression, this + * explanation *should not* assume the user has used the default policy + * expression, if one is provided by the plugin. + */ + rpc ExplainDefaultQuery(ExplainDefaultQueryRequest) returns (ExplainDefaultQueryResponse); + + /** + * Open a bidirectional streaming RPC to enable a request/response + * protocol between Hipcheck and a plugin, where Hipcheck can issue + * queries to the plugin, and the plugin may issue queries to _other_ + * plugins through Hipcheck. + * + * Queries are cached by the publisher name, plugin name, query name, + * and key, and if a match is found for those four values, then + * Hipcheck will respond with the cached result of that prior matching + * query rather than running the query again. + */ + rpc InitiateQueryProtocol(stream InitiateQueryProtocolRequest) returns (stream InitiateQueryProtocolResponse); +} + +message InitiateQueryProtocolRequest { + Query query = 1; +} + +message InitiateQueryProtocolResponse { + Query query = 1; +} diff --git a/hipcheck-common/proto/hipcheck/v1/query.proto b/hipcheck-common/proto/hipcheck/v1/query.proto new file mode 100644 index 00000000..e5cb2a7f --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/query.proto @@ -0,0 +1,42 @@ +syntax = "proto3"; +package hipcheck.v1; + +import "hipcheck/v1/query_state.proto"; + +message Query { + // The ID of the request, used to associate requests and replies. + // Odd numbers = initiated by `hc`. + // Even numbers = initiated by a plugin. + int32 id = 1; + + // The state of the query, indicating if this is a request or a reply, + // and if it's a reply whether it's the end of the reply. + QueryState state = 2; + + // Publisher name and plugin name, when sent from Hipcheck to a plugin + // to initiate a fresh query, are used by the receiving plugin to validate + // that the query was intended for them. + // + // When a plugin is making a query to another plugin through Hipcheck, it's + // used to indicate the destination plugin, and to indicate the plugin that + // is replying when Hipcheck sends back the reply. + string publisher_name = 3; + string plugin_name = 4; + + // The name of the query being made, so the responding plugin knows what + // to do with the provided data. + string query_name = 5; + + // The key for the query, as a JSON object. This is the data that Hipcheck's + // incremental computation system will use to cache the response. + string key = 6; + + // The response for the query, as a JSON object. This will be cached by + // Hipcheck for future queries matching the publisher name, plugin name, + // query name, and key. + string output = 7; + + // An unstructured concern raised during the query that will be raised + // in the final Hipcheck report. + repeated string concern = 8; +} diff --git a/proto/hipcheck/v1/messages/query_request.proto b/hipcheck-common/proto/hipcheck/v1/query_request.proto similarity index 55% rename from proto/hipcheck/v1/messages/query_request.proto rename to hipcheck-common/proto/hipcheck/v1/query_request.proto index 7c8af882..8e47ae8f 100644 --- a/proto/hipcheck/v1/messages/query_request.proto +++ b/hipcheck-common/proto/hipcheck/v1/query_request.proto @@ -1,8 +1,8 @@ syntax = "proto3"; package hipcheck.v1; -import "query.proto"; +import "hipcheck/v1/query.proto"; message QueryRequest { - Query query = 1; + Query query = 1; } diff --git a/hipcheck-common/proto/hipcheck/v1/query_response.proto b/hipcheck-common/proto/hipcheck/v1/query_response.proto new file mode 100644 index 00000000..93c34a3f --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/query_response.proto @@ -0,0 +1,18 @@ +syntax = "proto3"; +package hipcheck.v1; + +message GetQuerySchemasResponse { + // The name of the query being described by the schemas provided. + // + // If either the key and/or output schemas result in a message which is + // too big, they may be chunked across multiple replies in the stream. + // Replies with matching query names should have their fields concatenated + // in the order received to reconstruct the chunks. + string query_name = 1; + + // The key schema, in JSON Schema format. + string key_schema = 2; + + // The output schema, in JSON Schema format. + string output_schema = 3; +} diff --git a/hipcheck-common/proto/hipcheck/v1/query_schemas_request.proto b/hipcheck-common/proto/hipcheck/v1/query_schemas_request.proto new file mode 100644 index 00000000..bbfffb1c --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/query_schemas_request.proto @@ -0,0 +1,8 @@ +syntax = "proto3"; +package hipcheck.v1; + +import "hipcheck/v1/empty.proto"; + +message GetQuerySchemasRequest { + Empty empty = 1; +} diff --git a/hipcheck-common/proto/hipcheck/v1/query_schemas_response.proto b/hipcheck-common/proto/hipcheck/v1/query_schemas_response.proto new file mode 100644 index 00000000..634f6c96 --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/query_schemas_response.proto @@ -0,0 +1,18 @@ +syntax = "proto3"; +package hipcheck.v1; + +message QuerySchemasResponse { + // The name of the query being described by the schemas provided. + // + // If either the key and/or output schemas result in a message which is + // too big, they may be chunked across multiple replies in the stream. + // Replies with matching query names should have their fields concatenated + // in the order received to reconstruct the chunks. + string query_name = 1; + + // The key schema, in JSON Schema format. + string key_schema = 2; + + // The output schema, in JSON Schema format. + string output_schema = 3; +} diff --git a/hipcheck-common/proto/hipcheck/v1/query_state.proto b/hipcheck-common/proto/hipcheck/v1/query_state.proto new file mode 100644 index 00000000..a8e782d8 --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/query_state.proto @@ -0,0 +1,19 @@ +syntax = "proto3"; +package hipcheck.v1; + +enum QueryState { + // Something has gone wrong. + QUERY_STATE_UNSPECIFIED = 0; + + // We are submitting a new query. + QUERY_STATE_SUBMIT = 1; + + // We are replying to a query and expect more chunks. + QUERY_STATE_REPLY_IN_PROGRESS = 2; + + // We are closing a reply to a query. If a query response is in one chunk, + // just send this. If a query is in more than one chunk, send this with + // the last message in the reply. This tells the receiver that all chunks + // have been received. + QUERY_STATE_REPLY_COMPLETE = 3; +} diff --git a/hipcheck-common/proto/hipcheck/v1/set_configuration_request.proto b/hipcheck-common/proto/hipcheck/v1/set_configuration_request.proto new file mode 100644 index 00000000..d4d3eecc --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/set_configuration_request.proto @@ -0,0 +1,8 @@ +syntax = "proto3"; +package hipcheck.v1; + +message SetConfigurationRequest { + // JSON string containing configuration data expected by the plugin, + // pulled from the user's policy file. + string configuration = 1; +} diff --git a/hipcheck-common/proto/hipcheck/v1/set_configuration_response.proto b/hipcheck-common/proto/hipcheck/v1/set_configuration_response.proto new file mode 100644 index 00000000..43f7b49b --- /dev/null +++ b/hipcheck-common/proto/hipcheck/v1/set_configuration_response.proto @@ -0,0 +1,22 @@ +syntax = "proto3"; +package hipcheck.v1; + +enum ConfigurationStatus { + // An unknown error occured. + CONFIGURATION_STATUS_UNSPECIFIED = 0; + // No error; the operation was successful. + CONFIGURATION_STATUS_NONE = 1; + // The user failed to provide a required configuration item. + CONFIGURATION_STATUS_MISSING_REQUIRED_CONFIGURATION = 2; + // The user provided a configuration item whose name was not recognized. + CONFIGURATION_STATUS_UNRECOGNIZED_CONFIGURATION = 3; + // The user provided a configuration item whose value is invalid. + CONFIGURATION_STATUS_INVALID_CONFIGURATION_VALUE = 4; +} + +message SetConfigurationResponse { + // The status of the configuration call. + ConfigurationStatus status = 1; + // An optional error message, if there was an error. + string message = 2; +} diff --git a/hipcheck/Cargo.toml b/hipcheck/Cargo.toml index 6a097bca..8e8a56f2 100644 --- a/hipcheck/Cargo.toml +++ b/hipcheck/Cargo.toml @@ -151,7 +151,6 @@ pathbuf = "1.0.0" schemars = { version = "0.8.21", features = ["chrono", "url"] } serde = { version = "1.0.215", features = ["derive"] } serde_json = "1.0.133" -tonic-build = "0.12.3" url = { version = "2.5.4", features = ["serde"] } which = { version = "7.0.0", default-features = false } diff --git a/proto/hipcheck/v1/messages/default_policy_expr_response.proto b/proto/hipcheck/v1/messages/default_policy_expr_response.proto deleted file mode 100644 index ef00ab36..00000000 --- a/proto/hipcheck/v1/messages/default_policy_expr_response.proto +++ /dev/null @@ -1,15 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -/** - * The response from the DefaultPolicyExpr RPC call. - */ -message DefaultPolicyExprResponse { - /** - * A policy expression, if the plugin has a default policy. - * This MUST be filled in with any default values pulled from the plugin's - * configuration. Hipcheck will only request the default policy _after_ - * configuring the plugin. - */ - string policy_expression = 1; -} diff --git a/proto/hipcheck/v1/messages/query.proto b/proto/hipcheck/v1/messages/query.proto deleted file mode 100644 index 41161b0e..00000000 --- a/proto/hipcheck/v1/messages/query.proto +++ /dev/null @@ -1,46 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -import "query_state.proto"; - -message Query { - // The ID of the request, used to associate requests and replies. - // Odd numbers = initiated by `hc`. - // Even numbers = initiated by a plugin. - int32 id = 1; - - // The state of the query, indicating if this is a request or a reply, - // and if it's a reply whether it's the end of the reply. - QueryState state = 2; - - // Publisher name and plugin name, when sent from Hipcheck to a plugin - // to initiate a fresh query, are used by the receiving plugin to validate - // that the query was intended for them. - // - // When a plugin is making a query to another plugin through Hipcheck, it's - // used to indicate the destination plugin, and to indicate the plugin that - // is replying when Hipcheck sends back the reply. - string publisher_name = 3; - string plugin_name = 4; - - // The name of the query being made, so the responding plugin knows what - // to do with the provided data. - string query_name = 5; - - // The key for the query, as a JSON object. This is the data that Hipcheck's - // incremental computation system will use to cache the response. - string key = 6; - - // The response for the query, as a JSON object. This will be cached by - // Hipcheck for future queries matching the publisher name, plugin name, - // query name, and key. - string output = 7; - - // Any "concerns" reported by a query. Concerns are *not* provided to - // other plugins calling a query, and are _only_ used by Hipcheck itself - // to provide the end-user with additional information about issues found - // during analysis. - // - // Concern chunking is the same as other fields. - repeated string concern = 8; -} diff --git a/proto/hipcheck/v1/messages/query_response.proto b/proto/hipcheck/v1/messages/query_response.proto deleted file mode 100644 index 1fa86bac..00000000 --- a/proto/hipcheck/v1/messages/query_response.proto +++ /dev/null @@ -1,8 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -import "query.proto"; - -message QueryResponse { - Query query = 1; -} diff --git a/proto/hipcheck/v1/messages/query_schemas_request.proto b/proto/hipcheck/v1/messages/query_schemas_request.proto deleted file mode 100644 index d04c2cef..00000000 --- a/proto/hipcheck/v1/messages/query_schemas_request.proto +++ /dev/null @@ -1,8 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -import "empty.proto"; - -message QuerySchemasRequest { - Empty empty = 1; -} diff --git a/proto/hipcheck/v1/messages/query_schemas_response.proto b/proto/hipcheck/v1/messages/query_schemas_response.proto deleted file mode 100644 index 58e70217..00000000 --- a/proto/hipcheck/v1/messages/query_schemas_response.proto +++ /dev/null @@ -1,18 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -message QuerySchemasResponse { - // The name of the query being described by the schemas provided. - // - // If either the key and/or output schemas result in a message which is - // too big, they may be chunked across multiple replies in the stream. - // Replies with matching query names should have their fields concatenated - // in the order received to reconstruct the chunks. - string query_name = 1; - - // The key schema, in JSON Schema format. - string key_schema = 2; - - // The output schema, in JSON Schema format. - string output_schema = 3; -} diff --git a/proto/hipcheck/v1/messages/query_state.proto b/proto/hipcheck/v1/messages/query_state.proto deleted file mode 100644 index 1a093605..00000000 --- a/proto/hipcheck/v1/messages/query_state.proto +++ /dev/null @@ -1,19 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -enum QueryState { - // Something has gone wrong. - QUERY_STATE_UNSPECIFIED = 0; - - // We are submitting a new query. - QUERY_STATE_SUBMIT = 1; - - // We are replying to a query and expect more chunks. - QUERY_STATE_REPLY_IN_PROGRESS = 2; - - // We are closing a reply to a query. If a query response is in one chunk, - // just send this. If a query is in more than one chunk, send this with - // the last message in the reply. This tells the receiver that all chunks - // have been received. - QUERY_STATE_REPLY_COMPLETE = 3; -} diff --git a/proto/hipcheck/v1/messages/set_config_request.proto b/proto/hipcheck/v1/messages/set_config_request.proto deleted file mode 100644 index 430ab075..00000000 --- a/proto/hipcheck/v1/messages/set_config_request.proto +++ /dev/null @@ -1,8 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -message SetConfigRequest { - // JSON string containing configuration data expected by the plugin, - // pulled from the user's policy file. - string configuration = 1; -} diff --git a/proto/hipcheck/v1/messages/set_config_response.proto b/proto/hipcheck/v1/messages/set_config_response.proto deleted file mode 100644 index f4c0951a..00000000 --- a/proto/hipcheck/v1/messages/set_config_response.proto +++ /dev/null @@ -1,9 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -import "empty.proto"; - -message SetConfigResponse { - // No actual data returned. Errors handled with normal gRPC error system. - Empty empty = 1; -} diff --git a/proto/hipcheck/v1/plugin_service.proto b/proto/hipcheck/v1/plugin_service.proto deleted file mode 100644 index 201189c3..00000000 --- a/proto/hipcheck/v1/plugin_service.proto +++ /dev/null @@ -1,67 +0,0 @@ -syntax = "proto3"; -package hipcheck.v1; - -import "messages/query_schemas_request.proto"; -import "messages/query_schemas_response.proto"; -import "messages/set_config_request.proto"; -import "messages/set_config_response.proto"; -import "messages/default_policy_expr_request.proto"; -import "messages/default_policy_expr_response.proto"; -import "messages/explain_default_query_request.proto"; -import "messages/explain_default_query_response.proto"; -import "messages/query_request.proto"; -import "messages/query_response.proto"; - -/** - * Defines a Hipcheck plugin, able to interact with Hipcheck to provide - * support for additional analyses and sources of data. - */ -service PluginService { - /** - * Get schemas for all supported queries by the plugin. - * - * This is used by Hipcheck to validate that: - * - * - The plugin supports a default query taking a `target` type if used - * as a top-level plugin in the user's policy file. - * - That requests sent to the plugin and data returned by the plugin - * match the schema during execution. - */ - rpc QuerySchemas (QuerySchemasRequest) returns (stream QuerySchemasResponse); - - /** - * Hipcheck sends all child nodes for the plugin from the user's policy - * file to configure the plugin. - */ - rpc SetConfig (SetConfigRequest) returns (SetConfigResponse); - - /** - * Get the default policy for a plugin, which may additionally depend on - * the plugin's configuration. - */ - rpc DefaultPolicyExpr (DefaultPolicyExprRequest) returns (DefaultPolicyExprResponse); - - /** - * Get an explanation of what the default query returns, to use when - * reporting analysis results to users. - * - * Note that, because users can specify their own policy expression, this - * explanation *should not* assume the user has used the default policy - * expression, if one is provided by the plugin. - */ - rpc ExplainDefaultQuery (ExplainDefaultQueryRequest) - returns (ExplainDefaultQueryResponse); - - /** - * Open a bidirectional streaming RPC to enable a request/response - * protocol between Hipcheck and a plugin, where Hipcheck can issue - * queries to the plugin, and the plugin may issue queries to _other_ - * plugins through Hipcheck. - * - * Queries are cached by the publisher name, plugin name, query name, - * and key, and if a match is found for those four values, then - * Hipcheck will respond with the cached result of that prior matching - * query rather than running the query again. - */ - rpc Query (stream QueryRequest) returns (stream QueryResponse); -} diff --git a/xtask/src/task/buf.rs b/xtask/src/task/buf.rs index 5fa7b573..692922d7 100644 --- a/xtask/src/task/buf.rs +++ b/xtask/src/task/buf.rs @@ -1,21 +1,15 @@ // SPDX-License-Identifier: Apache-2.0 -use crate::workspace; use anyhow::{Context, Result}; -use pathbuf::pathbuf; use which::which; -use xshell::{cmd, Shell}; +use xshell::Shell; + +use super::ci::run_buf_lint; /// Run the `buf lint` command pub fn run() -> Result<()> { let sh = Shell::new().context("could not init shell")?; which("buf").context("could not find 'buf'")?; - - let root = workspace::root()?; - let config = pathbuf![&root, ".buf.yaml"]; - let target = pathbuf![&root, "hipcheck", "proto"]; - - cmd!(sh, "buf lint --config {config} {target}").run()?; - + run_buf_lint(&sh)?; Ok(()) } diff --git a/xtask/src/task/ci.rs b/xtask/src/task/ci.rs index 5beb54f8..e89177f9 100644 --- a/xtask/src/task/ci.rs +++ b/xtask/src/task/ci.rs @@ -25,6 +25,7 @@ pub fn run() -> Result<()> { task!(check_target_matches_ci), task!(print_versions), task!(run_fmt), + task!(run_buf_lint), task!(run_check), task!(run_build), task!(run_test), @@ -123,7 +124,7 @@ fn print_versions(sh: &Shell) -> Result<()> { print_fmt_version(sh)?; print_clippy_version(sh)?; print_xtask_version(sh)?; - + print_buf_version(sh)?; Ok(()) } @@ -169,6 +170,13 @@ fn print_xtask_version(sh: &Shell) -> Result<()> { .map_err(reason("call to cargo xtask failed. Make sure rust is installed and path to home-dir-here/.cargo/bin is on your path.")) } +// Print the version of `buf` +fn print_buf_version(sh: &Shell) -> Result<()> { + cmd!(sh, "buf --version").run().map(drop).map_err(reason( + "call to buf failed. Make sure buf is installed and on your path.", + )) +} + /// Run `cargo fmt`. fn run_fmt(sh: &Shell) -> Result<()> { cmd!(sh, "cargo fmt --all -- --color=always --check") @@ -228,6 +236,14 @@ fn run_xtask_check(sh: &Shell) -> Result<()> { .map_err(reason("call to cargo xtask failed")) } +/// Run `buf lint` +pub fn run_buf_lint(sh: &Shell) -> Result<()> { + cmd!(sh, "buf lint --config .buf.yaml") + .run() + .map(drop) + .map_err(reason("call to buf lint failed")) +} + /// Tell the user we're done. fn done(_sh: &Shell) -> Result<()> { log::info!( diff --git a/xtask/src/task/mod.rs b/xtask/src/task/mod.rs index f944fc57..67b77ddb 100644 --- a/xtask/src/task/mod.rs +++ b/xtask/src/task/mod.rs @@ -6,6 +6,6 @@ pub mod buf; pub mod changelog; pub mod check; pub mod ci; +pub mod manifest; pub mod rfd; pub mod site; -pub mod manifest;