feat: Instance create (#4502)

* feat(instance): implement create instance with direct machine user and credentials * fix: deprecated add endpoint and variable declaration * fix(instance): update logic for pats and machinekeys * fix(instance): unit test corrections and additional unit test for pats and machinekeys * fix(instance-create): include review changes * fix(instance-create): linter fixes * move iframe usage to solution scenarios configurations * Revert "move iframe usage to solution scenarios configurations" This reverts commit 9db31f3808. * fix merge * fix: add review suggestions Co-authored-by: Livio Spring <livio.a@gmail.com> * fix: add review changes * fix: add review changes for default definitions * fix: add review changes for machinekey details * fix: add machinekey output when setup with machineuser * fix: add changes from review * fix instance converter for machine and allow overwriting of further machine fields Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 19:17:32 +00:00 · 2022-12-09 13:04:33 +00:00
parent c5ebeea590
commit 47ffa52f0f
27 changed files with 1403 additions and 354 deletions
--- a/proto/zitadel/system.proto
+++ b/proto/zitadel/system.proto
@@ -3,6 +3,7 @@ syntax = "proto3";
 import "zitadel/object.proto";
 import "zitadel/options.proto";
 import "zitadel/instance.proto";
+import "zitadel/auth_n_key.proto";

 import "google/api/annotations.proto";
 import "google/protobuf/timestamp.proto";
@@ -121,6 +122,7 @@ service SystemService {
    };
  }

+  // Deprecated: Use CreateInstance instead
  // Creates a new instance with all needed setup data
  // This might take some time
  rpc AddInstance(AddInstanceRequest) returns (AddInstanceResponse) {
@@ -146,6 +148,19 @@ service SystemService {
    };
  }

+  // Creates a new instance with all needed setup data
+  // This might take some time
+  rpc CreateInstance(CreateInstanceRequest) returns (CreateInstanceResponse) {
+    option (google.api.http) = {
+      post: "/instances/_create"
+      body: "*"
+    };
+
+    option (zitadel.v1.auth_option) = {
+      permission: "authenticated";
+    };
+  }
+
  // Removes a instances
  // This might take some time
  rpc RemoveInstance(RemoveInstanceRequest) returns (RemoveInstanceResponse) {
@@ -409,6 +424,72 @@ message AddInstanceResponse {
  zitadel.v1.ObjectDetails details = 2;
 }

+message CreateInstanceRequest {
+  message Profile {
+    string first_name = 1 [(validate.rules).string = {max_len: 200}];
+    string last_name = 2 [(validate.rules).string = {max_len: 200}];
+    string preferred_language = 3 [(validate.rules).string = {max_len: 10}];
+  }
+  message Email {
+    string email = 1[(validate.rules).string = {min_len: 1, max_len: 200, email: true}];
+    bool is_email_verified = 2;
+  }
+  message Password {
+    string password = 1 [(validate.rules).string = {max_len: 200}];
+    bool password_change_required = 2;
+  }
+  message Human {
+    string user_name = 1 [(validate.rules).string = {max_len: 200}];
+    Email email = 2 [(validate.rules).message.required = true];
+    Profile profile = 3 [(validate.rules).message.required = false];
+    Password password = 4 [(validate.rules).message.required = false];
+  }
+  message PersonalAccessToken {
+    google.protobuf.Timestamp expiration_date = 1 [
+      (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+        example: "\"2519-04-01T08:45:00.000000Z\"";
+        description: "The date the token will expire and no logins will be possible";
+      }
+    ];
+  }
+  message MachineKey {
+    zitadel.authn.v1.KeyType type = 1 [(validate.rules).enum = {defined_only: true, not_in: [0]}];
+    google.protobuf.Timestamp expiration_date = 2 [
+      (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+        example: "\"2519-04-01T08:45:00.000000Z\"";
+        description: "The date the key will expire and no logins will be possible";
+      }
+    ];
+  }
+  message Machine {
+    string user_name = 1 [(validate.rules).string = {max_len: 200}];
+    string name = 2 [(validate.rules).string = {max_len: 200}];
+    PersonalAccessToken personal_access_token = 3;
+    MachineKey machine_key = 4;
+  }
+
+  string instance_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
+  string first_org_name = 2 [(validate.rules).string = {max_len: 200}];
+  string custom_domain = 3 [(validate.rules).string = {max_len: 200}];
+
+  oneof owner {
+    option (validate.required) = true;
+
+    // oneof field for the user managing the instance
+    Human human = 4;
+    Machine machine = 5;
+  }
+
+  string default_language = 6 [(validate.rules).string = {max_len: 10}];
+}
+
+message CreateInstanceResponse {
+  string instance_id = 1;
+  zitadel.v1.ObjectDetails details = 2;
+  string pat = 3;
+  bytes machine_key = 4;
+}
+
 message UpdateInstanceRequest{
  string instance_id = 1;
  string instance_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];