chore: change build process to use local and server the same (#955)

* initital ide

* init

* it is alive

* go test is running

* wip with buildkit

* it definitly alive

* all done, now the github actions

* pretty

* before i delete the generated proto stub

* delete generated code

* mount of grpc does not yet work

* save before

* level of insanity 1000%

* huhur

* gh action new dockerfile

* fix

* fix

* fix

* fix

* amd64 only

* try caching

* try with reg

* test with artifact upload

* trial

* add comments

* publish branchname

* correct vars

* correct id

* mode max for cache

* remove unused code

* cleanup

* test action which uploads coverage

* use

* proper path

* debug file location

* path

* test if ci still works

* correct docker file name
This commit is contained in:
Florian Forster 2020-11-17 09:33:07 +01:00 committed by GitHub
parent e8db038839
commit 84f0e24c63
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
35 changed files with 420 additions and 99996 deletions

16
.dockerignore Normal file
View File

@ -0,0 +1,16 @@
.git
.codecov
.github
build/dockerfile
site
console/node_modules
console/src/app/proto/generated
console/tmp
.releaserc.js
.typo-ci.yml
CONTRIBUTING.md
LICENSE
README.md
SECURITY.md
pkg/grpc/*/*.pb.*
pkg/grpc/*/*.swagger.json

View File

@ -17,7 +17,7 @@ updates:
prefix: chore
include: scope
- package-ecosystem: "docker"
directory: "/build/docker"
directory: "/build/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10

View File

@ -1,54 +0,0 @@
#!/bin/bash
#debugger
set -x
source ./.github/scripts/variables.env
############################
function setup_git {
############################
echo "###############"
echo "set git config"
echo "###############"
git config --global user.email "$GIT_USER_MAIL"
git config --global user.name "$GIT_USER_NAME"
}
############################
function checkout_project {
############################
echo "###############"
echo "clone repository $GIT_URL"
echo "###############"
# clone opsrepo
git clone $GIT_URL $LOCAL_TMP_DIR/$GIT_OPSREPO
}
############################
function change_image_version {
############################
echo "###############"
echo "checkout master"
echo "###############"
cd $LOCAL_TMP_DIR/$GIT_OPSREPO/$GIT_OPSREPO_APPFOLDER/$GIT_OPSREPO_APPLICATION_NAME/overlay/$TARGET_ENVIRONMENT
git checkout master
git pull
echo "###############"
echo "change image version and commit"
echo "###############"
sed -i "s#image: $REGISTRY_IMAGE:.*#image: $REGISTRY_IMAGE:$CAOS_NEXT_VERSION#g" $GIT_OPSREPO_IMAGEFILE
git add $GIT_OPSREPO_IMAGEFILE
git commit --message "Github Workflow: $GITHUB_WORKFLOW"
}
############################
function upload_files {
############################
echo "###############"
echo "git push"
echo "###############"
git push --quiet --set-upstream origin
}

View File

@ -1,21 +0,0 @@
### local vars
export LOCAL_TMP_DIR="/tmp"
### git settings for cloning operations repository
export GIT_USER_MAIL="hi@caos.ch"
export GIT_USER_NAME="zitadel-pipeline"
#path of opsrepository
export GIT_URL="https://$GIT_OPSREPO_DEPLOYTOKEN@github.com/caos/zitadel-ops.git"
export GIT_OPSREPO="citadel-ops"
### application settings
export GIT_OPSREPO_APPFOLDER="k8s/workload"
export GIT_OPSREPO_APPLICATION_NAME="zitadel"
export GIT_OPSREPO_IMAGEFILE="imageversion.yaml"
export REGISTRY_IMAGE="$REGISTRY/$GITHUB_REPOSITORY/$IMAGE"
### environment settings
#export TARGET_ENVIRONMENT="dev"

40
.github/workflows/codecov.yml vendored Normal file
View File

@ -0,0 +1,40 @@
name: Code Coverage
on: push
env:
REGISTRY: ghcr.io
NODE_VERSION: '12'
GO_VERSION: '1.15'
jobs:
container:
runs-on: ubuntu-18.04
steps:
- name: Source checkout
uses: actions/checkout@v2
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: docker/build-push-action@v2
with:
context: .
file: ./build/dockerfile
platforms: linux/amd64
tags: ${{ env.REGISTRY }}/${{ github.repository }}:coverage
push: false
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache
target: go-codecov
outputs: type=local,dest=.
- uses: codecov/codecov-action@v1
with:
file: ./profile.cov
name: codecov-go

View File

@ -8,128 +8,49 @@ env:
GO_VERSION: '1.15'
jobs:
## Angular test, will be added later
angular-lint:
container:
runs-on: ubuntu-18.04
defaults:
run:
working-directory: ./console
steps:
- uses: actions/checkout@v2
- name: Install Protoc
uses: arduino/setup-protoc@master
with:
version: '3.x'
- run: wget -O protoc-gen-grpc-web https://github.com/grpc/grpc-web/releases/download/1.2.0/protoc-gen-grpc-web-1.2.0-linux-x86_64
- run: sudo mv protoc-gen-grpc-web /usr/local/bin/protoc-gen-grpc-web
- run: sudo chmod +x /usr/local/bin/protoc-gen-grpc-web
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: ${{ env.NODE_VERSION }}
- run: npm ci
- run: npm run lint
angular-build:
runs-on: ubuntu-18.04
defaults:
run:
working-directory: ./console
steps:
- uses: actions/checkout@v2
- name: Install Protoc
uses: arduino/setup-protoc@master
with:
version: '3.x'
- run: wget -O protoc-gen-grpc-web https://github.com/grpc/grpc-web/releases/download/1.2.0/protoc-gen-grpc-web-1.2.0-linux-x86_64
- run: sudo mv protoc-gen-grpc-web /usr/local/bin/protoc-gen-grpc-web
- run: sudo chmod +x /usr/local/bin/protoc-gen-grpc-web
- uses: actions/setup-node@v1
with:
node-version: ${{ env.NODE_VERSION }}
- run: npm ci
- run: npm run prodbuild
- uses: actions/upload-artifact@v1
with:
name: angular
path: console/dist/console
go-test:
runs-on: ubuntu-18.04
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2-beta
with:
go-version: ${{ env.GO_VERSION }}
- run: go test -race -v -coverprofile=profile.cov ./...
- uses: actions/upload-artifact@v1
with:
name: go-coverage
path: profile.cov
- uses: codecov/codecov-action@v1
with:
file: ./profile.cov
name: codecov-go
## go lint, will be added later
go-build:
runs-on: ubuntu-18.04
needs: [angular-build, angular-lint, go-test] ### We need the artifact from the angular build and that's why we wait here
name: Build ${{ matrix.goos }}-${{ matrix.goarch }}
strategy:
matrix:
goos: [ 'linux', 'darwin', 'windows' ]
goarch: ['amd64']
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2-beta
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/download-artifact@v2
with:
name: angular
path: console/dist/console
- run: go get github.com/rakyll/statik
- run: ./build/console/generate-static.sh
- run: cat internal/ui/console/statik/statik.go
- run: ./build/login/generate-static.sh
- run: cat internal/ui/login/statik/statik.go
- run: ./build/notification/generate-static.sh
- run: cat internal/notification/statik/statik.go
- run: ./build/zitadel/generate-static.sh
- run: cat internal/statik/statik.go
- run: CGO_ENABLED=0 GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go build -a -installsuffix cgo -ldflags '-extldflags "-static"' -o zitadel-${{ matrix.goos }}-${{ matrix.goarch }} cmd/zitadel/main.go
- uses: actions/upload-artifact@v1
with:
name: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
path: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
container-prod:
runs-on: ubuntu-18.04
needs: go-build
steps:
- name: Source checkout
uses: actions/checkout@v2
- uses: actions/download-artifact@v2
- name: Set output
id: branch
run: echo ::set-output name=short_ref::${GITHUB_REF#refs/*/}
- name: Check output
run: echo ${{ steps.branch.outputs.short_ref }}
- name: Generate Short SHA Container Tag
id: vars
run: echo "::set-output name=sha_short::SHA-$(git rev-parse --short HEAD)"
- name: Cache Docker layers
uses: actions/cache@v2
with:
name: zitadel-linux-amd64
path: .artifacts
- uses: docker/build-push-action@v1
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
dockerfile: build/docker/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.CR_PAT }}
registry: ${{ env.REGISTRY }}
repository: ${{ github.repository }}
tag_with_ref: true
tag_with_sha: true
- uses: docker/build-push-action@v2
with:
context: .
file: ./build/dockerfile
platforms: linux/amd64
tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ steps.vars.outputs.sha_short }},${{ env.REGISTRY }}/${{ github.repository }}:${{ steps.branch.outputs.short_ref }}
push: true
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache
release:
runs-on: ubuntu-18.04
needs: [container-prod]
needs: [container]
env:
DOCKER_USERNAME: ${{ github.actor }}
DOCKER_PASSWORD: ${{ secrets.CR_PAT }}
@ -139,12 +60,6 @@ jobs:
- name: Generate Short SHA Container Tag
id: vars
run: echo "::set-output name=sha_short::SHA-$(git rev-parse --short HEAD)"
- uses: actions/download-artifact@v2
with:
path: .artifacts
- name: Display structure of downloaded files
run: ls -R
working-directory: .artifacts
- name: Docker Login
run: docker login $REGISTRY -u $GITHUB_ACTOR -p $GITHUB_TOKEN
- name: Docker Pull short-sha

3
.gitignore vendored
View File

@ -41,3 +41,6 @@ cmd/zitadel/zitadel
# buildfolders and generated js
tmp/
console/src/app/proto/generated/
pkg/grpc/*/*.pb.*
pkg/grpc/*/*.swagger.json

View File

@ -3,13 +3,7 @@ module.exports = {
plugins: [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
["@semantic-release/github", {
"assets": [
{"path": ".artifacts/zitadel-darwin-amd64/zitadel-darwin-amd64", "label": "Darwin x86_64"},
{"path": ".artifacts/zitadel-linux-amd64/zitadel-linux-amd64", "label": "Linux x86_64"},
{"path": ".artifacts/zitadel-windows-amd64/zitadel-windows-amd64", "label": "Windows x86_64"}
]
}],
"@semantic-release/github",
["@semantic-release/exec", {
"publishCmd": "echo '::set-env name=CAOS_NEXT_VERSION::${nextRelease.version}'"
}],

View File

@ -2,6 +2,10 @@
## **Did you find a bug?**
## **Want to contribute code?**
* Check out our [Dev Build Guide](build/README.md).
## **Did you find a security flaw?**
* Please read [Security Policy](SECURITY.md).

View File

@ -60,4 +60,3 @@ See the policy [here](./SECURITY.md)
See the exact licensing terms [here](./LICENSE)
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

60
build/README.md Normal file
View File

@ -0,0 +1,60 @@
# Development
## Prerequisite
- Buildkit compatible docker installation
## Generate Proto Clients
### Angular
This command generates the grpc stub for angular into the folder console/src/app/proto/generated for local development
```Bash
DOCKER_BUILDKIT=1 docker build -f build/dockerfile . -t zitadel:local --target npm-copy -o console/src/app/proto/generated
```
### Go
With this command you can generate the stub for golang into the correct dir pkg/
```Bash
DOCKER_BUILDKIT=1 docker build -f build/dockerfile . -t zitadel:local --target go-copy -o pkg
```
## Run
### Run Angular
```Bash
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose -f build/docker-compose-dev.yml up --build angular
```
### Run Go
```Bash
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose -f build/docker-compose-dev.yml up --build go
```
### Fullstack including database
```Bash
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose -f build/docker-compose.yml up --build
```
## Debug
### Debug Go
```Bash
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose -f build/docker-compose-debug.yml up --build go
```
## Production Build
This can also be run locally!
```Bash
DOCKER_BUILDKIT=1 docker build -f build/dockerfile . -t zitadel:local --build-arg ENV=prod
```

View File

@ -4,38 +4,24 @@ set -eux
GEN_PATH=src/app/proto/generated
echo "Remove old files"
rm -rf $GEN_PATH
echo "Create folders"
mkdir -p $GEN_PATH
targetcurl () {
mkdir -p $1 && cd $1 && { curl -O $2; cd -; }
}
echo "Download additional protofiles"
targetcurl tmp/validate https://raw.githubusercontent.com/envoyproxy/protoc-gen-validate/v0.4.0/validate/validate.proto
targetcurl tmp/protoc-gen-swagger/options https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v1.14.6/protoc-gen-swagger/options/annotations.proto
targetcurl tmp/protoc-gen-swagger/options https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v1.14.6/protoc-gen-swagger/options/openapiv2.proto
echo "Generate grpc"
protoc \
-I=/usr/local/include \
-I=../pkg/grpc/message \
-I=../pkg/grpc/management/proto \
-I=../pkg/grpc/auth/proto \
-I=../pkg/grpc/admin/proto \
-I=../internal/protoc/protoc-gen-authoption \
-I=.tmp/protos/message \
-I=.tmp/protos/admin/proto \
-I=.tmp/protos/management/proto \
-I=.tmp/protos/auth/proto \
-I=node_modules/google-proto-files \
-I=tmp \
-I=.tmp/protos \
--js_out=import_style=commonjs,binary:$GEN_PATH \
--grpc-web_out=import_style=commonjs+dts,mode=grpcweb:$GEN_PATH \
../pkg/grpc/message/proto/*.proto \
../pkg/grpc/management/proto/*.proto \
../pkg/grpc/admin/proto/*.proto \
../pkg/grpc/auth/proto/*.proto
.tmp/protos/message/proto/*.proto \
.tmp/protos/admin/proto/*.proto \
.tmp/protos/auth/proto/*.proto \
.tmp/protos/management/proto/*.proto
echo "Generate annotations js file (compatibility)"

View File

@ -0,0 +1,30 @@
version: "3.8"
services:
angular:
build:
context: ..
dockerfile: build/Dockerfile
target: dev-angular-build
args:
ENV: dev
command: sh -c "ng serve --host 0.0.0.0"
ports:
- 4200:4200
go:
build:
context: ..
dockerfile: build/Dockerfile
target: dev-go-build
args:
ENV: dev
command: dlv --listen=:2345 --headless=true --log=true --log-output=debugger,debuglineerr,gdbwire,lldbout,rpc --accept-multiclient --api-version=2 debug cmd/zitadel/main.go
ports:
- 2345:2345
- 50000:50000
db:
image: cockroachdb/cockroach:v20.2.0
command: start-single-node --insecure
ports:
- 8080:8080
- 26257:26257

View File

@ -0,0 +1,31 @@
version: "3.8"
services:
angular:
build:
context: ..
dockerfile: build/Dockerfile
target: dev-angular-build
args:
ENV: dev
command: sh -c "ng serve --host 0.0.0.0"
ports:
- 4200:4200
go:
build:
context: ..
dockerfile: build/Dockerfile
target: dev-go-build
args:
ENV: dev
command: go run cmd/zitadel/main.go
ports:
- 50000:50000
db:
image: cockroachdb/cockroach:v20.2.0
command: start-single-node --insecure
ports:
- 8080:8080
- 26257:26257
volumes:
- "../cockroach-data/zitadel1:/cockroach/cockroach-data"

View File

@ -1,5 +0,0 @@
# Exclude system dirs
.dependabot
.github
.git

View File

@ -1,14 +0,0 @@
# This Stage prepares the user in the container and copies the files
FROM alpine:latest as prepare
RUN adduser -D zitadel
COPY .artifacts/zitadel-linux-amd64 /zitadel
COPY cmd/zitadel/*.yaml /
RUN chmod a+x /zitadel
# This Stage is intended as production image
FROM scratch as final
COPY --from=prepare /etc/passwd /etc/passwd
COPY --from=prepare / /
USER zitadel
HEALTHCHECK NONE
ENTRYPOINT ["/zitadel"]

127
build/dockerfile Normal file
View File

@ -0,0 +1,127 @@
#######################
## By default we build the prod enviroment
ARG ENV=prod
#######################
## This step downloads the protofiles, protoc and protoc-gen-grpc-web for later use
#######################
FROM alpine as base
RUN apk add tar curl
WORKDIR /.tmp
RUN wget -O protoc https://github.com/protocolbuffers/protobuf/releases/download/v3.13.0/protoc-3.13.0-linux-x86_64.zip \
&& unzip protoc \
&& wget -O bin/protoc-gen-grpc-web https://github.com/grpc/grpc-web/releases/download/1.2.0/protoc-gen-grpc-web-1.2.0-linux-x86_64 \
&& chmod +x bin/protoc-gen-grpc-web
RUN curl https://raw.githubusercontent.com/envoyproxy/protoc-gen-validate/v0.4.0/validate/validate.proto --create-dirs -o validate/validate.proto \
&& curl https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v1.14.6/protoc-gen-swagger/options/annotations.proto --create-dirs -o protoc-gen-swagger/options/annotations.proto \
&& curl https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v1.14.6/protoc-gen-swagger/options/openapiv2.proto --create-dirs -o protoc-gen-swagger/options/openapiv2.proto \
&& curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/api/annotations.proto --create-dirs -o google/api/annotations.proto \
&& curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/api/http.proto --create-dirs -o google/api/http.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/empty.proto --create-dirs -o google/protobuf/empty.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/timestamp.proto --create-dirs -o google/protobuf/timestamp.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/descriptor.proto --create-dirs -o google/protobuf/descriptor.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/duration.proto --create-dirs -o google/protobuf/duration.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/any.proto --create-dirs -o google/protobuf/any.proto \
&& curl https://raw.githubusercontent.com/protocolbuffers/protobuf/master/src/google/protobuf/struct.proto --create-dirs -o google/protobuf/struct.proto
COPY pkg/grpc/admin/proto/admin.proto admin/proto/admin.proto
COPY pkg/grpc/auth/proto/auth.proto auth/proto/auth.proto
COPY pkg/grpc/management/proto/management.proto management/proto/management.proto
COPY pkg/grpc/message/proto/message.proto message/proto/message.proto
COPY internal/protoc/protoc-gen-authoption/authoption/options.proto authoption/options.proto
#######################
## With this step we prepare all node_modules, this helps caching the build
## Speed up this step by mounting your local node_modules directory
#######################
FROM node:12 as npm-base
WORKDIR console
COPY console/package.json console/package-lock.json ./
RUN npm install \
&& mkdir .tmp
COPY console .
COPY --from=base /.tmp/bin /usr/local/bin/
COPY --from=base /.tmp .tmp/protos/
COPY build/console build/console/
RUN build/console/generate-grpc.sh
FROM scratch as npm-copy
COPY --from=npm-base /console/src/app/proto/generated .
## anular dev build
FROM npm-base as dev-angular-build
RUN npm install -g @angular/cli
## anular prod build
FROM npm-base as prod-angular-build
RUN npm run prodbuild
#######################
## Go base build
## Speed up this step by mounting your local go mod pkg directory
#######################
FROM golang:1.15 as go-base
WORKDIR src/github.com/caos/zitadel/
COPY go.mod go.sum ./
RUN go mod download
COPY --from=base /.tmp .tmp/protos/
COPY --from=base /.tmp/bin /usr/local/bin/
COPY internal/protoc/protoc-base internal/protoc/protoc-base/
COPY internal/protoc/protoc-gen-authoption internal/protoc/protoc-gen-authoption/
RUN go install \
github.com/grpc-ecosystem/grpc-gateway/protoc-gen-grpc-gateway \
github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger \
github.com/golang/protobuf/protoc-gen-go \
github.com/envoyproxy/protoc-gen-validate
RUN go get -u github.com/go-bindata/go-bindata/...
RUN go-bindata ./internal/protoc/protoc-gen-authoption/templates \
&& go install ./internal/protoc/protoc-gen-authoption
COPY build/zitadel build/zitadel/
RUN build/zitadel/generate-grpc.sh
FROM scratch as go-copy
COPY --from=go-base /go/src/github.com/caos/zitadel/pkg/ .
## Go test
FROM go-base as go-test
COPY . .
RUN go test -race -v -coverprofile=profile.cov ./...
## Go test
FROM scratch as go-codecov
COPY --from=go-test /go/src/github.com/caos/zitadel/profile.cov profile.cov
## Go prod build
FROM go-test as prod-go-build
COPY --from=prod-angular-build console/dist/console console/dist/console/
RUN go get github.com/rakyll/statik \
&& ./build/console/generate-static.sh \
&& ./build/login/generate-static.sh \
&& ./build/notification/generate-static.sh \
&& ./build/zitadel/generate-static.sh
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -installsuffix cgo -ldflags '-extldflags "-static"' -o zitadel-linux-amd64 cmd/zitadel/main.go
## Go dev build
FROM go-base as dev-go-build
RUN go get github.com/go-delve/delve/cmd/dlv
#######################
## Final Production Image
#######################
FROM ${ENV}-go-build as artifact
RUN useradd zitadel
COPY cmd/zitadel/*.yaml app/
RUN chmod a+x zitadel-linux-amd64
RUN mv zitadel-linux-amd64 app/zitadel
## Scratch Image
FROM scratch as final
COPY --from=artifact /etc/passwd /etc/passwd
COPY --from=artifact /go/src/github.com/caos/zitadel/app app/
USER zitadel
HEALTHCHECK NONE
ENTRYPOINT ["/app/zitadel"]

65
build/zitadel/generate-grpc.sh Executable file
View File

@ -0,0 +1,65 @@
#! /bin/sh
set -eux
echo "Generate grpc"
protoc \
-I=.tmp/protos/message \
-I=.tmp/protos/admin/proto \
-I=.tmp/protos/management/proto \
-I=.tmp/protos/auth/proto \
-I=.tmp/protos \
-I=${GOPATH}/src \
--go_out=plugins=grpc:$GOPATH/src \
.tmp/protos/message/proto/message.proto
protoc \
-I=.tmp/protos/message \
-I=.tmp/protos/admin/proto \
-I=.tmp/protos/management/proto \
-I=.tmp/protos/auth/proto \
-I=.tmp/protos \
-I=${GOPATH}/src \
--go_out=plugins=grpc:$GOPATH/src \
--grpc-gateway_out=logtostderr=true:$GOPATH/src \
--swagger_out=logtostderr=true:. \
--authoption_out=. \
--validate_out=lang=go:${GOPATH}/src \
.tmp/protos/admin/proto/admin.proto
mv admin* $GOPATH/src/github.com/caos/zitadel/pkg/grpc/admin/
protoc \
-I=.tmp/protos/message \
-I=.tmp/protos/admin/proto \
-I=.tmp/protos/management/proto \
-I=.tmp/protos/auth/proto \
-I=.tmp/protos \
-I=${GOPATH}/src \
--go_out=plugins=grpc:$GOPATH/src \
--grpc-gateway_out=logtostderr=true,allow_delete_body=true:${GOPATH}/src \
--swagger_out=logtostderr=true,allow_delete_body=true:. \
--authoption_out=. \
--validate_out=lang=go:${GOPATH}/src \
.tmp/protos/management/proto/management.proto
mv management* $GOPATH/src/github.com/caos/zitadel/pkg/grpc/management/
protoc \
-I=.tmp/protos/message \
-I=.tmp/protos/admin/proto \
-I=.tmp/protos/management/proto \
-I=.tmp/protos/auth/proto \
-I=.tmp/protos \
-I=${GOPATH}/src \
--go_out=plugins=grpc:$GOPATH/src \
--grpc-gateway_out=logtostderr=true:$GOPATH/src \
--swagger_out=logtostderr=true:. \
--authoption_out=. \
--validate_out=lang=go:${GOPATH}/src \
.tmp/protos/auth/proto/auth.proto
mv auth* $GOPATH/src/github.com/caos/zitadel/pkg/grpc/auth/
echo "done generating"

View File

@ -6,8 +6,7 @@
"start": "ng serve",
"build": "ng build",
"prodbuild": "ng build --prod",
"lint": "ng lint && stylelint './src/**/*.scss' --syntax scss",
"postinstall": "../build/console/generate-grpc.sh"
"lint": "ng lint && stylelint './src/**/*.scss' --syntax scss"
},
"private": true,
"dependencies": {

View File

@ -1,246 +0,0 @@
// Code generated by protoc-gen-authmethod. DO NOT EDIT.
package admin
import (
"github.com/caos/zitadel/internal/api/authz"
)
/**
* AdminService
*/
const AdminService_MethodPrefix = "caos.zitadel.admin.api.v1.AdminService"
var AdminService_AuthMethods = authz.MethodMapping{
"/caos.zitadel.admin.api.v1.AdminService/IsOrgUnique": authz.Option{
Permission: "iam.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetOrgByID": authz.Option{
Permission: "iam.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/SearchOrgs": authz.Option{
Permission: "iam.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/SetUpOrg": authz.Option{
Permission: "iam.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultOrgIamPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultOrgIamPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetOrgIamPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/CreateOrgIamPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateOrgIamPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveOrgIamPolicy": authz.Option{
Permission: "iam.policy.delete",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetIamMemberRoles": authz.Option{
Permission: "iam.member.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/AddIamMember": authz.Option{
Permission: "iam.member.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/ChangeIamMember": authz.Option{
Permission: "iam.member.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveIamMember": authz.Option{
Permission: "iam.member.delete",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/SearchIamMembers": authz.Option{
Permission: "iam.member.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetViews": authz.Option{
Permission: "iam.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/ClearView": authz.Option{
Permission: "iam.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetFailedEvents": authz.Option{
Permission: "iam.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveFailedEvent": authz.Option{
Permission: "iam.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/IdpByID": authz.Option{
Permission: "iam.idp.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/CreateOidcIdp": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateIdpConfig": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/DeactivateIdpConfig": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/ReactivateIdpConfig": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveIdpConfig": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateOidcIdpConfig": authz.Option{
Permission: "iam.idp.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/SearchIdps": authz.Option{
Permission: "iam.idp.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultLabelPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultLabelPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultLoginPolicyIdpProviders": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/AddIdpProviderToDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveIdpProviderFromDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultLoginPolicySecondFactors": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/AddSecondFactorToDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveSecondFactorFromDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultLoginPolicyMultiFactors": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/AddMultiFactorToDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/RemoveMultiFactorFromDefaultLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultPasswordComplexityPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultPasswordComplexityPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultPasswordAgePolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultPasswordAgePolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/GetDefaultPasswordLockoutPolicy": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.admin.api.v1.AdminService/UpdateDefaultPasswordLockoutPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,161 +0,0 @@
// Code generated by protoc-gen-authmethod. DO NOT EDIT.
package auth
import (
"github.com/caos/zitadel/internal/api/authz"
)
/**
* AuthService
*/
const AuthService_MethodPrefix = "caos.zitadel.auth.api.v1.AuthService"
var AuthService_AuthMethods = authz.MethodMapping{
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserSessions": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUser": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserProfile": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/UpdateMyUserProfile": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ChangeMyUserName": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserEmail": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ChangeMyUserEmail": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/VerifyMyUserEmail": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ResendMyEmailVerificationMail": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserPhone": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ChangeMyUserPhone": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/RemoveMyUserPhone": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/VerifyMyUserPhone": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ResendMyPhoneVerificationCode": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserAddress": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyUserChanges": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/UpdateMyUserAddress": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyMfas": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/ChangeMyPassword": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyPasswordComplexityPolicy": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/SearchMyExternalIDPs": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/RemoveMyExternalIDP": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/AddMfaOTP": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/VerifyMfaOTP": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/RemoveMfaOTP": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/SearchMyUserGrant": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/SearchMyProjectOrgs": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyZitadelPermissions": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.auth.api.v1.AuthService/GetMyProjectPermissions": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,721 +0,0 @@
// Code generated by protoc-gen-authmethod. DO NOT EDIT.
package management
import (
"github.com/caos/zitadel/internal/api/authz"
)
/**
* ManagementService
*/
const ManagementService_MethodPrefix = "caos.zitadel.management.api.v1.ManagementService"
var ManagementService_AuthMethods = authz.MethodMapping{
"/caos.zitadel.management.api.v1.ManagementService/GetIam": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/IsUserUnique": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserByID": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserByLoginNameGlobal": authz.Option{
Permission: "user.global.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchUsers": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateUser": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateUser": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateUser": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/LockUser": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UnlockUser": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeleteUser": authz.Option{
Permission: "user.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UserChanges": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddMachineKey": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeleteMachineKey": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchMachineKeys": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetMachineKey": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserProfile": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateUserProfile": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserEmail": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeUserUserName": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeUserEmail": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ResendEmailVerificationMail": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserPhone": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeUserPhone": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveUserPhone": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ResendPhoneVerificationCode": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserAddress": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateUserAddress": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateUserMachine": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchUserExternalIDPs": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveExternalIDP": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetUserMfas": authz.Option{
Permission: "user.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SendSetPasswordNotification": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SetInitialPassword": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ResendInitialMail": authz.Option{
Permission: "user.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchUserMemberships": authz.Option{
Permission: "user.membership.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateOrg": authz.Option{
Permission: "org.create",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/OrgChanges": authz.Option{
Permission: "org.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetMyOrg": authz.Option{
Permission: "org.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetOrgByDomainGlobal": authz.Option{
Permission: "org.global.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateMyOrg": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateMyOrg": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchMyOrgDomains": authz.Option{
Permission: "org.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddMyOrgDomain": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GenerateMyOrgDomainValidation": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ValidateMyOrgDomain": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SetMyPrimaryOrgDomain": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveMyOrgDomain": authz.Option{
Permission: "org.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetMyOrgIamPolicy": authz.Option{
Permission: "authenticated",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetOrgMemberRoles": authz.Option{
Permission: "org.member.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddMyOrgMember": authz.Option{
Permission: "org.member.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeMyOrgMember": authz.Option{
Permission: "org.member.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveMyOrgMember": authz.Option{
Permission: "org.member.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchMyOrgMembers": authz.Option{
Permission: "org.member.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ProjectChanges": authz.Option{
Permission: "project.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchProjects": authz.Option{
Permission: "project.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ProjectByID": authz.Option{
Permission: "project.read",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateProject": authz.Option{
Permission: "project.create",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateProject": authz.Option{
Permission: "project.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateProject": authz.Option{
Permission: "project.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateProject": authz.Option{
Permission: "project.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveProject": authz.Option{
Permission: "project.delete",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchGrantedProjects": authz.Option{
Permission: "project.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetGrantedProjectByID": authz.Option{
Permission: "project.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetProjectMemberRoles": authz.Option{
Permission: "project.member.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectMembers": authz.Option{
Permission: "project.member.read",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/AddProjectMember": authz.Option{
Permission: "project.member.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeProjectMember": authz.Option{
Permission: "project.member.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveProjectMember": authz.Option{
Permission: "project.member.delete",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectRoles": authz.Option{
Permission: "project.role.read",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/AddProjectRole": authz.Option{
Permission: "project.role.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/BulkAddProjectRole": authz.Option{
Permission: "project.role.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeProjectRole": authz.Option{
Permission: "project.role.write",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveProjectRole": authz.Option{
Permission: "project.role.delete",
CheckParam: "Id",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchApplications": authz.Option{
Permission: "project.app.read",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/ApplicationByID": authz.Option{
Permission: "project.app.read",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/ApplicationChanges": authz.Option{
Permission: "project.app.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateOIDCApplication": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateApplication": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateApplication": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateApplication": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveApplication": authz.Option{
Permission: "project.app.delete",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateApplicationOIDCConfig": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/RegenerateOIDCClientSecret": authz.Option{
Permission: "project.app.write",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectGrants": authz.Option{
Permission: "project.grant.read",
CheckParam: "ProjectId",
},
"/caos.zitadel.management.api.v1.ManagementService/ProjectGrantByID": authz.Option{
Permission: "project.grant.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateProjectGrant": authz.Option{
Permission: "project.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateProjectGrant": authz.Option{
Permission: "project.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateProjectGrant": authz.Option{
Permission: "project.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateProjectGrant": authz.Option{
Permission: "project.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveProjectGrant": authz.Option{
Permission: "project.grant.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetProjectGrantMemberRoles": authz.Option{
Permission: "project.grant.member.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectGrantMembers": authz.Option{
Permission: "project.grant.member.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddProjectGrantMember": authz.Option{
Permission: "project.grant.member.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ChangeProjectGrantMember": authz.Option{
Permission: "project.grant.member.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveProjectGrantMember": authz.Option{
Permission: "project.grant.member.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchUserGrants": authz.Option{
Permission: "user.grant.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UserGrantByID": authz.Option{
Permission: "user.grant.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateUserGrant": authz.Option{
Permission: "user.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateUserGrant": authz.Option{
Permission: "user.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateUserGrant": authz.Option{
Permission: "user.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateUserGrant": authz.Option{
Permission: "user.grant.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveUserGrant": authz.Option{
Permission: "user.grant.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/BulkRemoveUserGrant": authz.Option{
Permission: "user.grant.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/IdpByID": authz.Option{
Permission: "org.idp.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateOidcIdp": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateIdpConfig": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/DeactivateIdpConfig": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/ReactivateIdpConfig": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveIdpConfig": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateOidcIdpConfig": authz.Option{
Permission: "org.idp.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/SearchIdps": authz.Option{
Permission: "org.idp.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetLoginPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetDefaultLoginPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreateLoginPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdateLoginPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveLoginPolicy": authz.Option{
Permission: "policy.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetLoginPolicyIdpProviders": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddIdpProviderToLoginPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveIdpProviderFromLoginPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetLoginPolicySecondFactors": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddSecondFactorToLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveSecondFactorFromLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetLoginPolicyMultiFactors": authz.Option{
Permission: "iam.policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/AddMultiFactorToLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemoveMultiFactorFromLoginPolicy": authz.Option{
Permission: "iam.policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetPasswordComplexityPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetDefaultPasswordComplexityPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreatePasswordComplexityPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdatePasswordComplexityPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemovePasswordComplexityPolicy": authz.Option{
Permission: "policy.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetPasswordAgePolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetDefaultPasswordAgePolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreatePasswordAgePolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdatePasswordAgePolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemovePasswordAgePolicy": authz.Option{
Permission: "policy.delete",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetPasswordLockoutPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/GetDefaultPasswordLockoutPolicy": authz.Option{
Permission: "policy.read",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/CreatePasswordLockoutPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/UpdatePasswordLockoutPolicy": authz.Option{
Permission: "policy.write",
CheckParam: "",
},
"/caos.zitadel.management.api.v1.ManagementService/RemovePasswordLockoutPolicy": authz.Option{
Permission: "policy.delete",
CheckParam: "",
},
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,232 +0,0 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.25.0
// protoc v3.13.0
// source: message.proto
package message
import (
proto "github.com/golang/protobuf/proto"
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
reflect "reflect"
sync "sync"
)
const (
// Verify that this generated code is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
// Verify that runtime/protoimpl is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
// This is a compile-time assertion that a sufficiently up-to-date version
// of the legacy proto package is being used.
const _ = proto.ProtoPackageIsVersion4
type ErrorDetail struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"`
}
func (x *ErrorDetail) Reset() {
*x = ErrorDetail{}
if protoimpl.UnsafeEnabled {
mi := &file_message_proto_msgTypes[0]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *ErrorDetail) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ErrorDetail) ProtoMessage() {}
func (x *ErrorDetail) ProtoReflect() protoreflect.Message {
mi := &file_message_proto_msgTypes[0]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ErrorDetail.ProtoReflect.Descriptor instead.
func (*ErrorDetail) Descriptor() ([]byte, []int) {
return file_message_proto_rawDescGZIP(), []int{0}
}
func (x *ErrorDetail) GetId() string {
if x != nil {
return x.Id
}
return ""
}
func (x *ErrorDetail) GetMessage() string {
if x != nil {
return x.Message
}
return ""
}
type LocalizedMessage struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
LocalizedMessage string `protobuf:"bytes,2,opt,name=localized_message,json=localizedMessage,proto3" json:"localized_message,omitempty"`
}
func (x *LocalizedMessage) Reset() {
*x = LocalizedMessage{}
if protoimpl.UnsafeEnabled {
mi := &file_message_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *LocalizedMessage) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*LocalizedMessage) ProtoMessage() {}
func (x *LocalizedMessage) ProtoReflect() protoreflect.Message {
mi := &file_message_proto_msgTypes[1]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use LocalizedMessage.ProtoReflect.Descriptor instead.
func (*LocalizedMessage) Descriptor() ([]byte, []int) {
return file_message_proto_rawDescGZIP(), []int{1}
}
func (x *LocalizedMessage) GetKey() string {
if x != nil {
return x.Key
}
return ""
}
func (x *LocalizedMessage) GetLocalizedMessage() string {
if x != nil {
return x.LocalizedMessage
}
return ""
}
var File_message_proto protoreflect.FileDescriptor
var file_message_proto_rawDesc = []byte{
0x0a, 0x0d, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
0x13, 0x63, 0x61, 0x6f, 0x73, 0x2e, 0x7a, 0x69, 0x74, 0x61, 0x64, 0x65, 0x6c, 0x2e, 0x61, 0x70,
0x69, 0x2e, 0x76, 0x31, 0x22, 0x37, 0x0a, 0x0b, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x44, 0x65, 0x74,
0x61, 0x69, 0x6c, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
0x02, 0x69, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02,
0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x51, 0x0a,
0x10, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67,
0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
0x6b, 0x65, 0x79, 0x12, 0x2b, 0x0a, 0x11, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64,
0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10,
0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
0x42, 0x2a, 0x5a, 0x28, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63,
0x61, 0x6f, 0x73, 0x2f, 0x7a, 0x69, 0x74, 0x61, 0x64, 0x65, 0x6c, 0x2f, 0x70, 0x6b, 0x67, 0x2f,
0x67, 0x72, 0x70, 0x63, 0x2f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x62, 0x06, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x33,
}
var (
file_message_proto_rawDescOnce sync.Once
file_message_proto_rawDescData = file_message_proto_rawDesc
)
func file_message_proto_rawDescGZIP() []byte {
file_message_proto_rawDescOnce.Do(func() {
file_message_proto_rawDescData = protoimpl.X.CompressGZIP(file_message_proto_rawDescData)
})
return file_message_proto_rawDescData
}
var file_message_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
var file_message_proto_goTypes = []interface{}{
(*ErrorDetail)(nil), // 0: caos.zitadel.api.v1.ErrorDetail
(*LocalizedMessage)(nil), // 1: caos.zitadel.api.v1.LocalizedMessage
}
var file_message_proto_depIdxs = []int32{
0, // [0:0] is the sub-list for method output_type
0, // [0:0] is the sub-list for method input_type
0, // [0:0] is the sub-list for extension type_name
0, // [0:0] is the sub-list for extension extendee
0, // [0:0] is the sub-list for field type_name
}
func init() { file_message_proto_init() }
func file_message_proto_init() {
if File_message_proto != nil {
return
}
if !protoimpl.UnsafeEnabled {
file_message_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ErrorDetail); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_message_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*LocalizedMessage); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
}
type x struct{}
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_message_proto_rawDesc,
NumEnums: 0,
NumMessages: 2,
NumExtensions: 0,
NumServices: 0,
},
GoTypes: file_message_proto_goTypes,
DependencyIndexes: file_message_proto_depIdxs,
MessageInfos: file_message_proto_msgTypes,
}.Build()
File_message_proto = out.File
file_message_proto_rawDesc = nil
file_message_proto_goTypes = nil
file_message_proto_depIdxs = nil
}