docs: generate admin api (#1584)

* fix: generate admin api

* fix: generate admin api

* fix: generate admin api

* fix: http option

* fix: admin api

* fix: md files

* fix: correct headers

* fix: proto definitions

* fix: proto api

* fix: proto api

* fix: proto api

* fix: proto api

build/dockerfile

@@ -51,6 +51,7 @@ RUN curl https://raw.githubusercontent.com/envoyproxy/protoc-gen-validate/v0.4.1
 COPY proto/ include/.
 
 
+
 #######################
 ## With this step we prepare all node_modules, this helps caching the build
 ## Speed up this step by mounting your local node_modules directory
@@ -125,6 +126,7 @@ COPY --from=go-gen /go/src/github.com/caos/zitadel/pkg/grpc ./pkg/grpc
 COPY --from=go-gen /go/src/github.com/caos/zitadel/openapi/v2/zitadel ./openapi/v2/zitadel
 COPY --from=go-gen /go/src/github.com/caos/zitadel/internal/protoc/protoc-gen-authoption/templates.gen.go ./internal/protoc/protoc-gen-authoption/templates.gen.go
 COPY --from=go-gen /go/src/github.com/caos/zitadel/internal/protoc/protoc-gen-authoption/authoption/options.pb.go ./internal/protoc/protoc-gen-authoption/authoption/options.pb.go
+COPY --from=go-gen /go/src/github.com/caos/zitadel/docs/apis/proto ./docs/docs/apis/proto
 
 
 #######################

build/zitadel/generate-grpc.sh

@@ -8,6 +8,7 @@ OPENAPI_PATH=${GOPATH}/src/github.com/caos/zitadel/openapi/v2
 ZITADEL_PATH=${GOPATH}/src/github.com/caos/zitadel
 GRPC_PATH=${ZITADEL_PATH}/pkg/grpc
 PROTO_PATH=/proto/include/zitadel
+DOCS_PATH=${ZITADEL_PATH}/docs/apis/proto
 
 # generate go stub and grpc code for all files
 protoc \
@@ -28,6 +29,7 @@ go install ${ZITADEL_PATH}/internal/protoc/protoc-gen-authoption
 
 # output folder for openapi v2
 mkdir -p ${OPENAPI_PATH}
+mkdir -p ${DOCS_PATH}
 
 # generate additional output
 
@@ -75,4 +77,66 @@ protoc \
 mv ${ZITADEL_PATH}/pkg/grpc/auth/zitadel/* ${ZITADEL_PATH}/pkg/grpc/auth
 rm -r ${ZITADEL_PATH}/pkg/grpc/auth/zitadel
 
+## generate docs
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,auth.md \
+  ${PROTO_PATH}/auth.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,management.md \
+  ${PROTO_PATH}/management.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,admin.md \
+  ${PROTO_PATH}/admin.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,app.md \
+  ${PROTO_PATH}/app.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,auth_n_key.md \
+  ${PROTO_PATH}/auth_n_key.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,change.md \
+  ${PROTO_PATH}/change.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,idp.md \
+  ${PROTO_PATH}/idp.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,member.md \
+  ${PROTO_PATH}/member.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,message.md \
+  ${PROTO_PATH}/message.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,object.md \
+  ${PROTO_PATH}/object.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,options.md \
+  ${PROTO_PATH}/options.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,org.md \
+  ${PROTO_PATH}/org.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,policy.md \
+  ${PROTO_PATH}/policy.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,project.md \
+  ${PROTO_PATH}/project.proto
+protoc \
+  -I=/proto/include \
+  --doc_out=${DOCS_PATH} --doc_opt=${PROTO_PATH}/docs/zitadel-md.tmpl,user.md \
+  ${PROTO_PATH}/user.proto
+
 echo "done generating grpc"

docs/docs/apis/admin.md

@@ -1,3 +0,0 @@
----
-title: Administration
----

docs/docs/apis/apis.md

@@ -0,0 +1,45 @@
+---
+title: ZITADEL APIs
+---
+
+All of our APIs are generated by proto defintions. You can find all the proto definitions in the [Proto API Definitions](proto/auth).
+
+> More about [Protocol Buffer](https://developers.google.com/protocol-buffers)
+
+## Authentication API aka Auth
+
+The authentication API (aka Auth API) is used for all operations on the currently logged in user.
+
+| Service | URI                                                                                                                         |
+|:--------|:----------------------------------------------------------------------------------------------------------------------------|
+| REST    | [https://api.zitadel.ch/auth/v1/](https://api.zitadel.ch/auth/v1/)                                                          |
+| GRPC    | [https://api.zitadel.ch/caos.zitadel.auth.api.v1.AuthService/](https://api.zitadel.ch/caos.zitadel.auth.api.v1.AuthService) |
+
+> At a later date we might expose functions to build your own login GUI
+> You can build your own user Register GUI already by utilizing the [Management API](#management)
+
+[Latest API Version](https://github.com/caos/zitadel/blob/main/proto/zitadel/auth.proto)
+
+
+## Management API
+
+The management API is as the name states the interface where systems can mutate IAM objects like, organisations, projects, clients, users and so on if they have the necessary access rights.
+
+| Service | URI                                                                                                                                                 |
+|:--------|:----------------------------------------------------------------------------------------------------------------------------------------------------|
+| REST    | [https://api.zitadel.ch/management/v1/](https://api.zitadel.ch/management/v1/)                                                                      |
+| GRPC    | [https://api.zitadel.ch/caos.zitadel.management.api.v1.ManagementService/](https://api.zitadel.ch/caos.zitadel.management.api.v1.ManagementService) |
+
+[Latest API Version](https://github.com/caos/zitadel/blob/main/proto/zitadel/management.proto)
+
+
+## Administration API aka Admin
+
+This API is intended to configure and manage the IAM itself.
+
+| Service | URI                                                                                                                             |
+|:--------|:--------------------------------------------------------------------------------------------------------------------------------|
+| REST    | [https://api.zitadel.ch/admin/v1/](https://api.zitadel.ch/admin/v1/)                                                            |
+| GRPC    | [https://api.zitadel.ch/caos.zitadel.admin.api.v1.AdminService/](https://api.zitadel.ch/caos.zitadel.admin.api.v1.AdminService) |
+
+[Latest

docs/docs/apis/authn.md

@@ -1,3 +0,0 @@
----
-title: Authentication
----

docs/docs/apis/introduction.md

@@ -4,7 +4,7 @@ title: Introduction
 
 > All documentations are under active work and subject to change soon!
 
-### APIs
+## APIs
 
 ---
 

docs/docs/apis/mgmt.md

@@ -1,3 +0,0 @@
----
-title: Management
----

docs/docs/apis/proto/app.md

@@ -0,0 +1,106 @@
+---
+title: zitadel/app.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### APIAuthMethodType {#apiauthmethodtype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| API_AUTH_METHOD_TYPE_BASIC | 0 | - |
+| API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT | 1 | - |
+
+
+
+
+### AppState {#appstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| APP_STATE_UNSPECIFIED | 0 | - |
+| APP_STATE_ACTIVE | 1 | - |
+| APP_STATE_INACTIVE | 2 | - |
+
+
+
+
+### OIDCAppType {#oidcapptype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_APP_TYPE_WEB | 0 | - |
+| OIDC_APP_TYPE_USER_AGENT | 1 | - |
+| OIDC_APP_TYPE_NATIVE | 2 | - |
+
+
+
+
+### OIDCAuthMethodType {#oidcauthmethodtype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_AUTH_METHOD_TYPE_BASIC | 0 | - |
+| OIDC_AUTH_METHOD_TYPE_POST | 1 | - |
+| OIDC_AUTH_METHOD_TYPE_NONE | 2 | - |
+| OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT | 3 | - |
+
+
+
+
+### OIDCGrantType {#oidcgranttype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_GRANT_TYPE_AUTHORIZATION_CODE | 0 | - |
+| OIDC_GRANT_TYPE_IMPLICIT | 1 | - |
+| OIDC_GRANT_TYPE_REFRESH_TOKEN | 2 | - |
+
+
+
+
+### OIDCResponseType {#oidcresponsetype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_RESPONSE_TYPE_CODE | 0 | - |
+| OIDC_RESPONSE_TYPE_ID_TOKEN | 1 | - |
+| OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN | 2 | - |
+
+
+
+
+### OIDCTokenType {#oidctokentype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_TOKEN_TYPE_BEARER | 0 | - |
+| OIDC_TOKEN_TYPE_JWT | 1 | - |
+
+
+
+
+### OIDCVersion {#oidcversion}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_VERSION_1_0 | 0 | - |
+
+
+
+

docs/docs/apis/proto/auth_n_key.md

@@ -0,0 +1,24 @@
+---
+title: zitadel/auth_n_key.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### KeyType {#keytype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| KEY_TYPE_UNSPECIFIED | 0 | - |
+| KEY_TYPE_JSON | 1 | - |
+
+
+
+

docs/docs/apis/proto/change.md

@@ -0,0 +1,10 @@
+---
+title: zitadel/change.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+

docs/docs/apis/proto/features.md

@@ -0,0 +1,25 @@
+---
+title: zitadel/features.proto
+---
+
+
+
+
+
+
+## Enums
+
+
+### FeaturesState {#featuresstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| FEATURES_STATE_ACTIVE | 0 | - |
+| FEATURES_STATE_ACTION_REQUIRED | 1 | - |
+| FEATURES_STATE_CANCELED | 2 | - |
+| FEATURES_STATE_GRANDFATHERED | 3 | - |
+
+
+
+

docs/docs/apis/proto/idp.md

@@ -0,0 +1,82 @@
+---
+title: zitadel/idp.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### IDPFieldName {#idpfieldname}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| IDP_FIELD_NAME_UNSPECIFIED | 0 | - |
+| IDP_FIELD_NAME_NAME | 1 | - |
+
+
+
+
+### IDPOwnerType {#idpownertype}
+the owner of the identity provider.
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| IDP_OWNER_TYPE_UNSPECIFIED | 0 | - |
+| IDP_OWNER_TYPE_SYSTEM | 1 | system is managed by the ZITADEL administrators |
+| IDP_OWNER_TYPE_ORG | 2 | org is managed by de organisation administrators |
+
+
+
+
+### IDPState {#idpstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| IDP_STATE_UNSPECIFIED | 0 | - |
+| IDP_STATE_ACTIVE | 1 | - |
+| IDP_STATE_INACTIVE | 2 | - |
+
+
+
+
+### IDPStylingType {#idpstylingtype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| STYLING_TYPE_UNSPECIFIED | 0 | - |
+| STYLING_TYPE_GOOGLE | 1 | - |
+
+
+
+
+### IDPType {#idptype}
+authorization framework of the identity provider
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| IDP_TYPE_UNSPECIFIED | 0 | - |
+| IDP_TYPE_OIDC | 1 | PLANNED: IDP_TYPE_SAML |
+
+
+
+
+### OIDCMappingField {#oidcmappingfield}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| OIDC_MAPPING_FIELD_UNSPECIFIED | 0 | - |
+| OIDC_MAPPING_FIELD_PREFERRED_USERNAME | 1 | - |
+| OIDC_MAPPING_FIELD_EMAIL | 2 | - |
+
+
+
+

docs/docs/apis/proto/member.md

@@ -0,0 +1,10 @@
+---
+title: zitadel/member.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+

docs/docs/apis/proto/message.md

@@ -0,0 +1,10 @@
+---
+title: zitadel/message.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+

docs/docs/apis/proto/object.md

@@ -0,0 +1,30 @@
+---
+title: zitadel/object.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### TextQueryMethod {#textquerymethod}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| TEXT_QUERY_METHOD_EQUALS | 0 | - |
+| TEXT_QUERY_METHOD_EQUALS_IGNORE_CASE | 1 | - |
+| TEXT_QUERY_METHOD_STARTS_WITH | 2 | - |
+| TEXT_QUERY_METHOD_STARTS_WITH_IGNORE_CASE | 3 | - |
+| TEXT_QUERY_METHOD_CONTAINS | 4 | - |
+| TEXT_QUERY_METHOD_CONTAINS_IGNORE_CASE | 5 | - |
+| TEXT_QUERY_METHOD_ENDS_WITH | 6 | - |
+| TEXT_QUERY_METHOD_ENDS_WITH_IGNORE_CASE | 7 | - |
+
+
+
+

docs/docs/apis/proto/options.md

@@ -0,0 +1,10 @@
+---
+title: zitadel/options.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+

docs/docs/apis/proto/org.md

@@ -0,0 +1,48 @@
+---
+title: zitadel/org.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### DomainValidationType {#domainvalidationtype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| DOMAIN_VALIDATION_TYPE_UNSPECIFIED | 0 | - |
+| DOMAIN_VALIDATION_TYPE_HTTP | 1 | - |
+| DOMAIN_VALIDATION_TYPE_DNS | 2 | - |
+
+
+
+
+### OrgFieldName {#orgfieldname}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| ORG_FIELD_NAME_UNSPECIFIED | 0 | - |
+| ORG_FIELD_NAME_NAME | 1 | - |
+
+
+
+
+### OrgState {#orgstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| ORG_STATE_UNSPECIFIED | 0 | - |
+| ORG_STATE_ACTIVE | 1 | - |
+| ORG_STATE_INACTIVE | 2 | - |
+
+
+
+

docs/docs/apis/proto/policy.md

@@ -0,0 +1,47 @@
+---
+title: zitadel/policy.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### MultiFactorType {#multifactortype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| MULTI_FACTOR_TYPE_UNSPECIFIED | 0 | - |
+| MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION | 1 | TODO: what does livio think after the weekend? :D |
+
+
+
+
+### PasswordlessType {#passwordlesstype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| PASSWORDLESS_TYPE_NOT_ALLOWED | 0 | - |
+| PASSWORDLESS_TYPE_ALLOWED | 1 | PLANNED: PASSWORDLESS_TYPE_WITH_CERT |
+
+
+
+
+### SecondFactorType {#secondfactortype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| SECOND_FACTOR_TYPE_UNSPECIFIED | 0 | - |
+| SECOND_FACTOR_TYPE_OTP | 1 | - |
+| SECOND_FACTOR_TYPE_U2F | 2 | - |
+
+
+
+

docs/docs/apis/proto/project.md

@@ -0,0 +1,37 @@
+---
+title: zitadel/project.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### ProjectGrantState {#projectgrantstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| PROJECT_GRANT_STATE_UNSPECIFIED | 0 | - |
+| PROJECT_GRANT_STATE_ACTIVE | 1 | - |
+| PROJECT_GRANT_STATE_INACTIVE | 2 | - |
+
+
+
+
+### ProjectState {#projectstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| PROJECT_STATE_UNSPECIFIED | 0 | - |
+| PROJECT_STATE_ACTIVE | 1 | - |
+| PROJECT_STATE_INACTIVE | 2 | - |
+
+
+
+

docs/docs/apis/proto/user.md

@@ -0,0 +1,109 @@
+---
+title: zitadel/user.proto
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+
+
+
+
+
+## Enums
+
+
+### AuthFactorState {#authfactorstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| AUTH_FACTOR_STATE_UNSPECIFIED | 0 | - |
+| AUTH_FACTOR_STATE_NOT_READY | 1 | - |
+| AUTH_FACTOR_STATE_READY | 2 | - |
+| AUTH_FACTOR_STATE_REMOVED | 3 | - |
+
+
+
+
+### Gender {#gender}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| GENDER_UNSPECIFIED | 0 | - |
+| GENDER_FEMALE | 1 | - |
+| GENDER_MALE | 2 | - |
+| GENDER_DIVERSE | 3 | - |
+
+
+
+
+### SessionState {#sessionstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| SESSION_STATE_UNSPECIFIED | 0 | - |
+| SESSION_STATE_ACTIVE | 1 | - |
+| SESSION_STATE_TERMINATED | 2 | - |
+
+
+
+
+### Type {#type}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| TYPE_UNSPECIFIED | 0 | - |
+| TYPE_HUMAN | 1 | - |
+| TYPE_MACHINE | 2 | - |
+
+
+
+
+### UserFieldName {#userfieldname}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| USER_FIELD_NAME_UNSPECIFIED | 0 | - |
+| USER_FIELD_NAME_USER_NAME | 1 | - |
+| USER_FIELD_NAME_FIRST_NAME | 2 | - |
+| USER_FIELD_NAME_LAST_NAME | 3 | - |
+| USER_FIELD_NAME_NICK_NAME | 4 | - |
+| USER_FIELD_NAME_DISPLAY_NAME | 5 | - |
+| USER_FIELD_NAME_EMAIL | 6 | - |
+| USER_FIELD_NAME_STATE | 7 | - |
+| USER_FIELD_NAME_TYPE | 8 | - |
+
+
+
+
+### UserGrantState {#usergrantstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| USER_GRANT_STATE_UNSPECIFIED | 0 | - |
+| USER_GRANT_STATE_ACTIVE | 1 | - |
+| USER_GRANT_STATE_INACTIVE | 2 | - |
+
+
+
+
+### UserState {#userstate}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| USER_STATE_UNSPECIFIED | 0 | - |
+| USER_STATE_ACTIVE | 1 | - |
+| USER_STATE_INACTIVE | 2 | - |
+| USER_STATE_DELETED | 3 | - |
+| USER_STATE_LOCKED | 4 | - |
+| USER_STATE_SUSPEND | 5 | - |
+| USER_STATE_INITIAL | 6 | - |
+
+
+
+

docs/docs/concepts/architecture.md

@@ -2,7 +2,7 @@
 title: ZITADEL Architecture
 ---
 
-### Software Architecture
+## Software Architecture
 
 **ZITADEL** is built with two essential patterns. Eventsourcing and CQRS. Due to the nature of eventsourcing **ZITADEL** provides the unique capability to generate a strong audit trail of ALL the things that happen to its resources, without compromising on storage cost or audit trail length.
 
@@ -12,7 +12,7 @@ Each **ZITADEL** contains all components of the IAM, from serving as API, render
 
 ![Software Architecture](/img/zitadel_software_architecture.png)
 
-#### Component Command Side
+### Component Command Side
 
 The **command handler** receives all operations who alter a IAM resource. For example if a user changes his name.
 This information is then passed to **command validation** for processing of the business logic, for example to make sure that the user actually can change his name. If this succeeds all generated events are inserted into the eventstore when required all within one transaction.
@@ -22,7 +22,7 @@ This information is then passed to **command validation** for processing of the
 
 > When we classify this with the CAP theorem we would choose **Consistent** and **Available** but leave **Performance** aside.
 
-#### Component Spooler
+### Component Spooler
 
 The spoolers job is it to keep a query view up-to-date or at least look that it does not have a too big lag behind the eventstore.
 Each query view has its own spooler who is responsible to look for the events who are relevant to generate the query view. It does this by triggering the relevant projection.
@@ -31,7 +31,7 @@ Spoolers are especially necessary where someone can query datasets instead of si
 > The query side has the option to dynamically check the eventstore for newer events on a certain id, see query side for more information
 > Each view can have exactly one spooler, but spoolers are dynamically leader elected, so even if a spooler crashes it will be replaced in a short amount of time.
 
-#### Component Query Side
+### Component Query Side
 
 The query handler receives all read relevant operations. These can either be query or simple `getById` calls.
 When receiving a query it will proceed by passing this to the repository which will call the database and return the dataset.
@@ -44,11 +44,11 @@ If a request calls for a specific id the call will, most of the times, be revali
 > When we classify this with the CAP theorem we would choose **Available** and **Performance** but leave **Consistent** aside
 > TODO explain more here
 
-#### Component HTTP Server
+### Component HTTP Server
 
 The http server is responsible for serving the management GUI called **ZITADEL Console**, serving the static assets and as well rendering server side html (login, password-reset, verification, ...)
 
-### Cluster Architecture
+## Cluster Architecture
 
 A **ZITADEL Cluster** is a highly available IAM system with each component critical for serving traffic laid out at least three times.
 As our storage (CockroachDB) relies on Raft it is also necessary to always utilizes odd numbers to address for "split brain" scenarios.
@@ -60,7 +60,7 @@ If you deploy **ZITADEL** with our GITOPS Tooling [**ORBOS**](https://github.com
 
 ![Cluster Architecture](/img/zitadel_cluster_architecture.png)
 
-### Multi Cluster Architecture
+## Multi Cluster Architecture
 
 To scale **ZITADEL** is recommend to create smaller clusters, see cluster architecture and then create a fabric which interconnects the database.
 In our reference design we recommend to create a cluster per cloud provider or availability zone and to group them into regions.

docs/docs/concepts/principles.md

@@ -2,7 +2,7 @@
 title: Principles
 ---
 
-### ZITADEL engineering and design principles
+## ZITADEL engineering and design principles
 
 - Be transparent about your decisions
 - Embrace stateless application design

docs/docs/guides/identity-brokering.md

@@ -28,7 +28,7 @@ title: Identity Brokering
     </tr>
 </table>
 
-### What is Identity Brokering and Federated Identities?
+## What is Identity Brokering and Federated Identities?
 
 Federated identity management is an arrangement built upon the trust between two or more domains. Users of these domains are allowed to access applications and services using the same identity.
 This identity is known as federated identity and the pattern behind this as identity federation.
@@ -43,11 +43,11 @@ Because Google is registered as trusted identity provider the user will be able
 
 ![Identity Brokering](/img/zitadel_identity_brokering.png)
 
-### Exercise: Register an external identity provider
+## Exercise: Register an external identity provider
 
 In this exercise we will add a new Google identity provider to federate identities with ZITADEL.
 
-#### 1. Create new OIDC Client
+### 1. Create new OIDC Client
 
 1. Register an OIDC Client in your preferred provider
 2. Make sure you add the ZITADEL callback redirect uris
@@ -66,7 +66,7 @@ Google Example:
 
 ![Add new oAuth credentials in Google Console](/img/google_add_credentials.gif)
 
-#### 2. Add custom login policy on your organisation
+### 2. Add custom login policy on your organisation
 
 1. Go to your organisation settings by clicking on "Organisation" in the menu or using the following link: <https://console.zitadel.ch/org>
 2. Modify your login policy
@@ -74,7 +74,7 @@ Google Example:
 
 ![Add custom login policy](/img/console_org_custom_login_policy.gif)
 
-#### 3.Configure new identity provider
+### 3.Configure new identity provider
 
 1. Go to the identity providers section and click new
 2. Fill out the form
@@ -89,7 +89,7 @@ Google Example:
 
 Your user will now be able to choose Google for login instead of username/password or mfa.
 
-### Knowledge Check
+## Knowledge Check
 
 * The issuer for your identity provider is <https://issuer.zitadel.ch>
     - [ ] yes
@@ -112,7 +112,7 @@ Your user will now be able to choose Google for login instead of username/passwo
 
 </details>
 
-### Summary
+## Summary
 
 * You can federate identities of all oAuth 2.0 compliant external identity providers
 * Configure the provider in your custom login policy

docs/docs/guides/oauth-recommended-flows.md

@@ -8,7 +8,7 @@ title: Recommended authorization flows
 | Learning Outcomes | In this module you will: <ul><li>Learn the basics of federated identities</li><li>Understand the basics of OAuth 2.x client profiles and their importance for authorization flows</li><li>Get a recommended flow for Web, Native, User-Agent, and API</li></ul> |
 | Prerequisites | Basic knowledge about federated identities. |
 
-### Introduction
+## Introduction
 
 Before we get into setting up our first application within ZITADEL, we need to go through some basics on how to obtain an authorization with OpenID Connect 1.x and OAuth 2.x.
 
@@ -18,7 +18,7 @@ We invite you to further explore the different authorization flows in the OAuth
 
 So this module will only go over the basics and explain why we recommend the flow “Authorization Flow with PKCE” as default for most applications. We will also cover the case of machine-to-machine communication, ie. where there is no interactive login. Further we will guide you to further reading viable alternatives, if the default flow is not feasible.
 
-### Basics of Federated Identity
+## Basics of Federated Identity
 
 Although Federated Identities are not a new concept ([RFC 6749](https://tools.ietf.org/html/rfc6749), “The OAuth 2.0 Authorization Framework” was released in 2012) it is important to highlight the difference between the traditional client-server authentication model and the concept of delegated authorization and authentication.
 
@@ -46,7 +46,7 @@ This is where the so-called “flows” come into play: There are a number of di
 
 Maybe interesting to mention is that we are mostly concerned with choosing the right OAuth 2.x flows (alas “authorization”). OpenID Connect extends the OAuth 2.x flow with useful features like endpoint discovery (where to ask), ID Token (who is the user, when and how did she authenticate), and UserInfo Endpoint (getting additional information about the user).
 
-### Different client profiles
+## Different client profiles
 
 As mentioned in the beginning of this module, there are two main determinants for choosing the optimal authorization flow:
 
@@ -86,7 +86,7 @@ The following table gives you a brief overview of different client profiles.
 	</tr>
 </table>
 
-### Our recommended authorization flows
+## Our recommended authorization flows
 
 We recommend using the flow **“Authorization Code with Proof Key of Code Exchange (PKCE)”** ([RFC7636](https://tools.ietf.org/html/rfc7636)) for **User-Agent**, **Native**, and **Web** clients.
 
@@ -104,7 +104,7 @@ A JWT with a private key can also be used with client profile web to further enh
 
 In case you need alternative flows and their advantages and drawbacks, there will be a module to outline more methods and our recommended fallback strategy per client profile that are available in ZITADEL.
 
-### Knowledge Check (3)
+## Knowledge Check (3)
 
 * With federated identities the user sends credentials to the server holding the protected resource
     - [ ] yes
@@ -133,7 +133,7 @@ In case you need alternative flows and their advantages and drawbacks, there wil
 
 </details>
 
-### Summary (3)
+## Summary (3)
 
 * Federated Identities solve key problems and challenges with traditional server-client architecture
 * Use “Authorization Code with Proof Key of Code Exchange (PKCE)” for User-Agent, Native, and Web clients

docs/sidebars.js

@@ -31,9 +31,27 @@ module.exports = {
   apis: [
     'apis/introduction',
     'apis/domains',
-    'apis/authn',
-    'apis/admin',
-    'apis/mgmt',
+    'apis/apis',
+    {
+      type: 'category',
+      label: 'Proto API Definition',
+      items: [
+        'apis/proto/auth',
+        'apis/proto/management',
+        'apis/proto/admin',
+        'apis/proto/org',
+        'apis/proto/user',
+        'apis/proto/app',
+        'apis/proto/policy',
+        'apis/proto/auth_n_key',
+        'apis/proto/change',
+        'apis/proto/idp',
+        'apis/proto/member',
+        'apis/proto/message',
+        'apis/proto/object',
+        'apis/proto/options',
+      ],
+    },
     {
       type: 'category',
       label: 'OpenID Connect & OAuth',

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/BurntSushi/toml v0.3.1
 	github.com/DATA-DOG/go-sqlmock v1.5.0
 	github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace v0.13.0
-	github.com/Masterminds/goutils v1.1.0 // indirect
+	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver v1.5.0 // indirect
 	github.com/Masterminds/sprig v2.22.0+incompatible
 	github.com/VictoriaMetrics/fastcache v1.5.7
@@ -20,11 +20,12 @@ require (
 	github.com/caos/orbos v1.5.14-0.20210323181340-093f4c8a30f9
 	github.com/cockroachdb/cockroach-go/v2 v2.1.0
 	github.com/duo-labs/webauthn v0.0.0-20200714211715-1daaee874e43
-	github.com/envoyproxy/protoc-gen-validate v0.4.1
+	github.com/envoyproxy/protoc-gen-validate v0.5.1
 	github.com/ghodss/yaml v1.0.0
+	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
 	github.com/golang/mock v1.5.0
-	github.com/golang/protobuf v1.4.3
+	github.com/golang/protobuf v1.5.2
 	github.com/golang/snappy v0.0.2 // indirect
 	github.com/gorilla/csrf v1.7.0
 	github.com/gorilla/mux v1.8.0
@@ -34,7 +35,7 @@ require (
 	github.com/grpc-ecosystem/grpc-gateway v1.16.0
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.2.0
 	github.com/huandu/xstrings v1.3.2 // indirect
-	github.com/imdario/mergo v0.3.11 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/log15 v0.0.0-20200109203555-b30bc20e4fd1 // indirect
 	github.com/jinzhu/gorm v1.9.16
 	github.com/kevinburke/go-types v0.0.0-20200309064045-f2d4aea18a7a // indirect
@@ -44,13 +45,15 @@ require (
 	github.com/lib/pq v1.9.0
 	github.com/manifoldco/promptui v0.7.0
 	github.com/mattn/go-colorable v0.1.8 // indirect; indirect github.com/mitchellh/copystructure v1.0.0 // indirect
-	github.com/mitchellh/copystructure v1.0.0 // indirect
+	github.com/mitchellh/copystructure v1.1.2 // indirect
 	github.com/mitchellh/reflectwalk v1.0.1 // indirect
+	github.com/mwitkow/go-proto-validators v0.3.2 // indirect
 	github.com/nicksnyder/go-i18n/v2 v2.1.1
 	github.com/pkg/errors v0.9.1
 	github.com/pquerna/otp v1.2.0
 	github.com/prometheus/client_golang v1.8.0 // indirect
 	github.com/prometheus/common v0.15.0 // indirect
+	github.com/pseudomuto/protoc-gen-doc v1.4.1 // indirect
 	github.com/rakyll/statik v0.1.7
 	github.com/rs/cors v1.7.0
 	github.com/sony/sonyflake v1.0.0
@@ -65,15 +68,14 @@ require (
 	go.opentelemetry.io/otel/exporters/otlp v0.13.0
 	go.opentelemetry.io/otel/exporters/stdout v0.13.0
 	go.opentelemetry.io/otel/sdk v0.13.0
-	golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897
-	golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 // indirect
+	golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
 	golang.org/x/text v0.3.5
-	golang.org/x/tools v0.0.0-20201103235415-b653051172e4
+	golang.org/x/tools v0.1.0
 	google.golang.org/api v0.34.0
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20210207032614-bba0dbe2a9ea
-	google.golang.org/grpc v1.35.0
-	google.golang.org/protobuf v1.25.0
+	google.golang.org/genproto v0.0.0-20210406143921-e86de6bf7a46
+	google.golang.org/grpc v1.36.1
+	google.golang.org/protobuf v1.26.0
 	gopkg.in/square/go-jose.v2 v2.5.1
 	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
 	gotest.tools v2.2.0+incompatible

go.sum

@@ -70,8 +70,12 @@ github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go
 github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E=
 github.com/Masterminds/goutils v1.1.0 h1:zukEsf/1JZwCMgHiK3GZftabmxiCw4apj3a28RPBiVg=
 github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
+github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
+github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
+github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
 github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=
 github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
+github.com/Masterminds/sprig v2.15.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o=
 github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60=
 github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
@@ -108,6 +112,7 @@ github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9Pq
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
+github.com/aokoli/goutils v1.0.1/go.mod h1:SijmP0QR8LtwsmDs8Yii5Z/S4trXFGFC2oO5g9DP+DQ=
 github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
@@ -191,6 +196,7 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsr
 github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
 github.com/creack/pty v1.1.9 h1:uDmaGzcdjhF4i/plgjmEsriH11Y0o7RKapEf/LDaM3w=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -229,8 +235,11 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/envoyproxy/protoc-gen-validate v0.3.0-java/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/envoyproxy/protoc-gen-validate v0.4.1 h1:7dLaJvASGRD7X49jSCSXXHwKPm0ZN9r9kJD+p+vS7dM=
 github.com/envoyproxy/protoc-gen-validate v0.4.1/go.mod h1:E+IEazqdaWv3FrnGtZIu3b9fPFMK8AzeTTrk9SfVwWs=
+github.com/envoyproxy/protoc-gen-validate v0.5.1 h1:MkpAQXrYF26uVnlFruA05G0xmM5rfE0OZDZPGY/UABU=
+github.com/envoyproxy/protoc-gen-validate v0.5.1/go.mod h1:xL5IroIBOR+aTp0IZk48epGwBV3+LcuaosPL0pr0hE0=
 github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y=
 github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0=
 github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
@@ -337,8 +346,11 @@ github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFG
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
+github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
@@ -374,6 +386,9 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.2 h1:aeE13tS0IiQgFjYdoL8qN3K1N2bXXtI6Vi51/y7BpMw=
@@ -395,6 +410,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-github/v31 v31.0.0/go.mod h1:NQPZol8/1sMoWYGN2yaALIBytu17gAWfhbweiEed3pM=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -414,6 +430,7 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf
 github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/uuid v0.0.0-20161128191214-064e2069ce9c/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -490,17 +507,21 @@ github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/J
 github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174 h1:WlZsjVhE8Af9IcZDGgJGQpNflI3+MJSBhsgT5PCtzBQ=
 github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174/go.mod h1:DqJ97dSdRW1W22yXSB90986pcOyQ7r45iio1KN2ez1A=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/huandu/xstrings v1.0.0/go.mod h1:4qWG/gcEcfX4z/mBDHJ++3ReCw9ibxbsNJbcucJdbSo=
 github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
 github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
 github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
 github.com/iancoleman/strcase v0.0.0-20180726023541-3605ed457bf7/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/imdario/mergo v0.3.4/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA=
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
+github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
+github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/inconshreveable/log15 v0.0.0-20200109203555-b30bc20e4fd1 h1:KUDFlmBg2buRWNzIcwLlKvfcnujcHQRQ1As1LoaCLAM=
 github.com/inconshreveable/log15 v0.0.0-20200109203555-b30bc20e4fd1/go.mod h1:cOaXtrgN4ScfRrD9Bre7U1thNq5RtJ8ZoP4iXVGRj6o=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
@@ -594,6 +615,7 @@ github.com/kevinburke/twilio-go v0.0.0-20200810163702-320748330fac h1:qQ7NAZEHpT
 github.com/kevinburke/twilio-go v0.0.0-20200810163702-320748330fac/go.mod h1:Fm9alkN1/LPVY1eqD/psyMwPWE4VWl4P01/nTYZKzBk=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@@ -671,6 +693,8 @@ github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3N
 github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
 github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ=
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
+github.com/mitchellh/copystructure v1.1.2 h1:Th2TIvG1+6ma3e/0/bopBKohOTY7s4dA8V2q4EUcBJ0=
+github.com/mitchellh/copystructure v1.1.2/go.mod h1:EBArHfARyrSWO/+Wyr9zwEkc6XMFB9XyNgFNmRkZZU4=
 github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
@@ -695,6 +719,9 @@ github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8m
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/mwitkow/go-proto-validators v0.0.0-20180403085117-0950a7990007/go.mod h1:m2XC9Qq0AlmmVksL6FktJCdTYyLk7V3fKyp0sl1yWQo=
+github.com/mwitkow/go-proto-validators v0.3.2 h1:qRlmpTzm2pstMKKzTdvwPCF5QfBNURSlAgN/R+qbKos=
+github.com/mwitkow/go-proto-validators v0.3.2/go.mod h1:ej0Qp0qMgHN/KtDyUt+Q1/tA7a5VarXUOUxD+oeD30w=
 github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
 github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
 github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
@@ -755,6 +782,7 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
 github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
+github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
@@ -794,6 +822,10 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O
 github.com/prometheus/procfs v0.2.0 h1:wH4vA7pcjKuZzjF7lM8awk4fnuJO6idemZXoKnULUx4=
 github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
+github.com/pseudomuto/protoc-gen-doc v1.4.1 h1:aNTZq0dy0Pq2ag2v7bhNKFNgBBA8wMCoJSChhd7RciE=
+github.com/pseudomuto/protoc-gen-doc v1.4.1/go.mod h1:exDTOVwqpp30eV/EDPFLZy3Pwr2sn6hBC1WIYH/UbIg=
+github.com/pseudomuto/protokit v0.2.0 h1:hlnBDcy3YEDXH7kc9gV+NLaN0cDzhDvD1s7Y6FZ8RpM=
+github.com/pseudomuto/protokit v0.2.0/go.mod h1:2PdH30hxVHsup8KpBTOXTBeMVhJZVio3Q8ViKSAXT0Q=
 github.com/rakyll/statik v0.1.7 h1:OF3QCZUuyPxuGEP7B4ypUa7sB/iHtqOTDYZXGM8KOdQ=
 github.com/rakyll/statik v0.1.7/go.mod h1:AlZONWzMtEnMs7W4e/1LURLiI49pIMmp6V9Unghqrcc=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
@@ -858,6 +890,7 @@ github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5J
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/testify v0.0.0-20170130113145-4d4bfba8f1d1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
@@ -946,6 +979,7 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM=
 go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc=
+golang.org/x/crypto v0.0.0-20180501155221-613d6eafa307/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -973,6 +1007,8 @@ golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w=
+golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -997,6 +1033,7 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu
 golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
@@ -1056,6 +1093,8 @@ golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81R
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201026091529-146b70c837a4 h1:awiuzyrRjJDb+OXi9ceHO3SDxVoN3JER57mhtqkdQBs=
 golang.org/x/net v0.0.0-20201026091529-146b70c837a4/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190517181255-950ef44c6e07/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1070,6 +1109,7 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1139,6 +1179,10 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20201015000850-e3ed0017c211/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1211,6 +1255,7 @@ golang.org/x/tools v0.0.0-20200522201501-cb1345f3a375/go.mod h1:EkVYQZoAsY45+roY
 golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200616195046-dc31b401abb5/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200701151220-7cb253f4c4f8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200713011307-fd294ab11aed/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
@@ -1220,6 +1265,8 @@ golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82u
 golang.org/x/tools v0.0.0-20201030143252-cf7a54d06671/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20201103235415-b653051172e4 h1:Qe0EMgvVYb6tmJhJHljCj3gS96hvSTkGNaIzp/ivq10=
 golang.org/x/tools v0.0.0-20201103235415-b653051172e4/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1259,6 +1306,7 @@ google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID
 google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
 google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20181107211654-5fc9ac540362/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
@@ -1297,6 +1345,8 @@ google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20201030142918-24207fddd1c3/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210207032614-bba0dbe2a9ea h1:N98SvVh7Hdle2lgUVFuIkf0B3u29CUakMUQa7Hwz8Wc=
 google.golang.org/genproto v0.0.0-20210207032614-bba0dbe2a9ea/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
+google.golang.org/genproto v0.0.0-20210406143921-e86de6bf7a46 h1:f4STrQZf8jaowsiUitigvrqMCCM4QJH1A2JCSI7U1ow=
+google.golang.org/genproto v0.0.0-20210406143921-e86de6bf7a46/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
 google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
@@ -1319,6 +1369,7 @@ google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM
 google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
 google.golang.org/grpc v1.35.0 h1:TwIQcH3es+MojMVojxxfQ3l3OF2KzlRxML2xZq0kRo8=
 google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
+google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.0.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -1331,6 +1382,9 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD
 google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

proto/zitadel/admin.proto

@@ -1679,7 +1679,7 @@ message HealthzRequest {}
 
 message HealthzResponse {}
 
-// parameters are ORed
+// if name or domain is already in use, org is not unique
 message IsOrgUniqueRequest {
     option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = {
 		json_schema: {
@@ -2284,7 +2284,7 @@ message AddCustomOrgIAMPolicyRequest {
         (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
             description: "the username has to end with the domain of it's organisation"
         }
-    ];
+    ]; // the username has to end with the domain of it's organisation (uniqueness is organisation based)
 }
 
 message AddCustomOrgIAMPolicyResponse {
@@ -2442,7 +2442,7 @@ message AddIDPToLoginPolicyRequest {
             min_length: 1;
             max_length: 200;
         }
-    ];
+    ]; // Id of the predefined idp configuration
 }
 
 message AddIDPToLoginPolicyResponse {
@@ -2617,7 +2617,7 @@ message UpdatePasswordLockoutPolicyRequest {
             example: "\"10\""
         }
     ];
-    // TODO: how to describe?
+    // If an error should be displayed during a lockout or not
     bool show_lockout_failure = 2;
 }
 
@@ -2805,7 +2805,7 @@ message View {
             example: "\"2019-04-01T08:45:00.000000Z\"";
             description: "The timestamp the event occured";
         }
-    ];
+    ]; // The timestamp the event occured
     google.protobuf.Timestamp last_successful_spooler_run = 5 [
         (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
             description: "The timestamp the event occured";

proto/zitadel/docs/zitadel-md.tmpl

@@ -0,0 +1,58 @@
+{{range .Files}}---
+title: {{.Name}}
+---
+> This document reflects the state from API 1.0 (available from 20.04.2021)
+
+{{if .HasServices}}
+{{range .Services -}}
+## {{.Name}} {#{{.FullName | lower | replace "." ""}}}
+{{.Description}}
+
+{{range .Methods -}}
+### {{.Name}}
+
+> **rpc** {{.Name}}([{{.RequestLongType}}](#{{.RequestLongType | lower | replace "." ""}}))
+[{{.ResponseLongType}}](#{{.ResponseLongType | lower | replace "." ""}})
+
+{{ .Description}}
+
+{{$httpOption := .Option "google.api.http"}}
+{{range $httpOption.Rules}}
+    {{ .Method }}: {{ .Pattern }}
+{{end}}
+
+{{end}}
+{{end}}
+{{end}}
+
+{{if .HasServices}}
+## Messages
+{{range .Messages}}
+
+### {{.LongName}}
+{{.Description}}
+
+| Field | Type | Description |
+| ----- | ---- | ----------- |
+{{range .Fields -}}
+| {{if .IsOneof}}[**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) {{.OneofDecl}}.{{end}}{{.Name}} | {{if .IsMap}}map {{else}}{{.Label}} {{end}}{{.LongType}} | {{if .Description}}{{nobr .Description}}{{if .DefaultValue}} Default: {{.DefaultValue}}{{end}}{{else}}-{{end}} |
+{{end}}
+{{end}}
+{{end}}
+
+{{if .HasEnums }}
+## Enums
+{{range .Enums}}
+
+### {{.LongName}} {#{{.LongName | lower | replace "." ""}}}
+{{.Description}}
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+{{range .Values -}}
+| {{.Name}} | {{.Number}} | {{if .Description}}{{nobr .Description}}{{else}}-{{end}} |
+{{end}}
+
+{{end}}
+{{end}}
+{{end}}

proto/zitadel/features.proto

@@ -1,7 +1,6 @@
 syntax = "proto3";
 
 import "zitadel/object.proto";
-import "google/protobuf/timestamp.proto";
 import "google/protobuf/duration.proto";
 
 package zitadel.features.v1;

tools/tools.go

@@ -19,6 +19,8 @@ import (
 	_ "github.com/rakyll/statik"
 	//proto
 	_ "google.golang.org/grpc/cmd/protoc-gen-go-grpc"
+	//proto doc
+	_ "github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc"
 	//mock
 	_ "github.com/golang/mock/mockgen"
 )