From f1fed6c96813ff2511ad15297d5c5e1149d0115c Mon Sep 17 00:00:00 2001 From: Misha Shkuran Date: Tue, 4 Nov 2025 12:07:46 +0100 Subject: [PATCH 1/3] feat: add OpenAPI documentation for auth, system, and tenant services --- Makefile | 2 +- buf.gen.yaml | 13 + buf.yaml | 2 + docs/openapiv2/apidocs.swagger.json | 1521 +++++++++++++++++ go.mod | 9 +- go.sum | 18 +- proto/kms/api/cmk/registry/auth/v1/auth.pb.go | 15 +- proto/kms/api/cmk/registry/auth/v1/auth.proto | 27 +- .../api/cmk/registry/system/v1/system.pb.go | 26 +- .../api/cmk/registry/system/v1/system.proto | 62 +- .../api/cmk/registry/tenant/v1/tenant.pb.go | 26 +- .../api/cmk/registry/tenant/v1/tenant.proto | 62 +- 12 files changed, 1717 insertions(+), 66 deletions(-) create mode 100644 docs/openapiv2/apidocs.swagger.json diff --git a/Makefile b/Makefile index b965f5d..ae61a02 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ generate: patch-swagger-doc format go mod vendor patch-swagger-doc: buf-gen - #./scripts/update_swagger.sh docs/openapiv2/apidocs.swagger.json + ./scripts/update_swagger.sh docs/openapiv2/apidocs.swagger.json init-git-hooks: git config --local core.hooksPath .githooks/ diff --git a/buf.gen.yaml b/buf.gen.yaml index 56f9c82..328fdac 100755 --- a/buf.gen.yaml +++ b/buf.gen.yaml @@ -4,8 +4,15 @@ version: v2 managed: enabled: true override: + # Standard go_package_prefix for our own proto files - file_option: go_package_prefix value: github.com/openkcm/api-sdk/proto + # Override for Google API dependencies to use the standard googleapis Go packages + # instead of generating them locally. This prevents import conflicts and uses + # the well-maintained googleapis packages from google.golang.org/genproto + - path: google/api + file_option: go_package + value: google.golang.org/genproto/googleapis/api/annotations;annotations plugins: - remote: buf.build/protocolbuffers/go out: proto @@ -19,5 +26,11 @@ plugins: out: proto opt: - paths=source_relative + - remote: buf.build/grpc-ecosystem/openapiv2 + out: docs/openapiv2 + opt: + - allow_merge=true + - merge_file_name=apidocs + - allow_delete_body=true inputs: - directory: proto diff --git a/buf.yaml b/buf.yaml index c7e30e3..4bd5cb5 100644 --- a/buf.yaml +++ b/buf.yaml @@ -1,6 +1,8 @@ version: v2 modules: - path: proto +deps: + - buf.build/googleapis/googleapis lint: use: - STANDARD diff --git a/docs/openapiv2/apidocs.swagger.json b/docs/openapiv2/apidocs.swagger.json new file mode 100644 index 0000000..28db690 --- /dev/null +++ b/docs/openapiv2/apidocs.swagger.json @@ -0,0 +1,1521 @@ +{ + "swagger": "2.0", + "info": { + "title": "kms/api/cmk/registry/auth/v1/auth.proto", + "version": "version not set" + }, + "tags": [ + { + "name": "Service" + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/v1/auth": { + "post": { + "operationId": "Service_ApplyAuth", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ApplyAuthResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1ApplyAuthRequest" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/auth/{externalId}": { + "get": { + "operationId": "Service_GetAuth", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1GetAuthResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + } + ], + "tags": [ + "Service" + ] + }, + "delete": { + "operationId": "Service_RemoveAuth", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1RemoveAuthResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/auths": { + "get": { + "operationId": "Service_ListAuths", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ListAuthsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "tenantId", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "limit", + "description": "default value is 50; max value is 1000", + "in": "query", + "required": false, + "type": "integer", + "format": "int32" + }, + { + "name": "nextPageToken", + "in": "query", + "required": false, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/system": { + "post": { + "operationId": "Service_RegisterSystem", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1RegisterSystemResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1RegisterSystemRequest" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/system/{externalId}": { + "delete": { + "operationId": "Service_DeleteSystem", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1DeleteSystemResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "region", + "in": "query", + "required": false, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/system/{externalId}/l1key-claim": { + "patch": { + "operationId": "Service_UpdateSystemL1KeyClaim", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1UpdateSystemL1KeyClaimResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceUpdateSystemL1KeyClaimBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/system/{externalId}/labels": { + "delete": { + "operationId": "Service_RemoveSystemLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1RemoveSystemLabelsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceRemoveSystemLabelsBody" + } + } + ], + "tags": [ + "Service" + ] + }, + "patch": { + "operationId": "Service_SetSystemLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1SetSystemLabelsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceSetSystemLabelsBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/system/{externalId}/status": { + "patch": { + "operationId": "Service_UpdateSystemStatus", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1UpdateSystemStatusResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceUpdateSystemStatusBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/systems": { + "get": { + "operationId": "Service_ListSystems", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ListSystemsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "externalId", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "region", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "tenantId", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "type", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "limit", + "description": "Default value is 50.\nMax value is 1000.", + "in": "query", + "required": false, + "type": "integer", + "format": "int32" + }, + { + "name": "pageToken", + "description": "Next page token.", + "in": "query", + "required": false, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/systems/link": { + "post": { + "operationId": "Service_LinkSystemsToTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1LinkSystemsToTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1LinkSystemsToTenantRequest" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/systems/unlink": { + "post": { + "operationId": "Service_UnlinkSystemsFromTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1UnlinkSystemsFromTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UnlinkSystemsFromTenantRequest" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant": { + "post": { + "operationId": "Service_RegisterTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1RegisterTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1RegisterTenantRequest" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant/{id}": { + "get": { + "operationId": "Service_GetTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1GetTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + } + ], + "tags": [ + "Service" + ] + }, + "delete": { + "operationId": "Service_TerminateTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1TerminateTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant/{id}/block": { + "post": { + "operationId": "Service_BlockTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1BlockTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceBlockTenantBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant/{id}/labels": { + "delete": { + "operationId": "Service_RemoveTenantLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1RemoveTenantLabelsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceRemoveTenantLabelsBody" + } + } + ], + "tags": [ + "Service" + ] + }, + "patch": { + "operationId": "Service_SetTenantLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1SetTenantLabelsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceSetTenantLabelsBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant/{id}/unblock": { + "post": { + "operationId": "Service_UnblockTenant", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1UnblockTenantResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceUnblockTenantBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenant/{id}/user-groups": { + "patch": { + "operationId": "Service_SetTenantUserGroups", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1SetTenantUserGroupsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ServiceSetTenantUserGroupsBody" + } + } + ], + "tags": [ + "Service" + ] + } + }, + "/v1/tenants": { + "get": { + "operationId": "Service_ListTenants", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ListTenantsResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/googlerpcStatus" + } + } + }, + "parameters": [ + { + "name": "id", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "name", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "region", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "ownerId", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "ownerType", + "in": "query", + "required": false, + "type": "string" + }, + { + "name": "limit", + "description": "Default value is 50.\nMax value is 1000.", + "in": "query", + "required": false, + "type": "integer", + "format": "int32" + }, + { + "name": "pageToken", + "description": "Next page token.", + "in": "query", + "required": false, + "type": "string" + } + ], + "tags": [ + "Service" + ] + } + } + }, + "definitions": { + "ServiceBlockTenantBody": { + "type": "object" + }, + "ServiceRemoveSystemLabelsBody": { + "type": "object", + "properties": { + "region": { + "type": "string" + }, + "labelKeys": { + "type": "array", + "items": { + "type": "string" + }, + "title": "Keys of labels to delete" + } + } + }, + "ServiceRemoveTenantLabelsBody": { + "type": "object", + "properties": { + "labelKeys": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "ServiceSetSystemLabelsBody": { + "type": "object", + "properties": { + "region": { + "type": "string" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "ServiceSetTenantLabelsBody": { + "type": "object", + "properties": { + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "ServiceSetTenantUserGroupsBody": { + "type": "object", + "properties": { + "userGroups": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "ServiceUnblockTenantBody": { + "type": "object" + }, + "ServiceUpdateSystemL1KeyClaimBody": { + "type": "object", + "properties": { + "region": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "l1keyClaim": { + "type": "boolean" + } + } + }, + "ServiceUpdateSystemStatusBody": { + "type": "object", + "properties": { + "region": { + "type": "string" + }, + "status": { + "$ref": "#/definitions/cmktypesv1Status" + } + } + }, + "cmktypesv1Status": { + "type": "string", + "enum": [ + "STATUS_UNSPECIFIED", + "STATUS_AVAILABLE", + "STATUS_PROCESSING", + "STATUS_TERMINATION_PENDING", + "STATUS_TERMINATED" + ], + "default": "STATUS_UNSPECIFIED" + }, + "googlerpcStatus": { + "type": "object", + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + }, + "details": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/protobufAny" + } + } + } + }, + "protobufAny": { + "type": "object", + "properties": { + "@type": { + "type": "string" + } + }, + "additionalProperties": {} + }, + "registrytenantv1Status": { + "type": "string", + "enum": [ + "STATUS_UNSPECIFIED", + "STATUS_REQUESTED", + "STATUS_PROVISIONING", + "STATUS_PROVISIONING_ERROR", + "STATUS_ACTIVE", + "STATUS_BLOCKING", + "STATUS_BLOCKING_ERROR", + "STATUS_BLOCKED", + "STATUS_UNBLOCKING", + "STATUS_UNBLOCKING_ERROR", + "STATUS_TERMINATING", + "STATUS_TERMINATION_ERROR", + "STATUS_TERMINATED" + ], + "default": "STATUS_UNSPECIFIED" + }, + "v1ApplyAuthRequest": { + "type": "object", + "properties": { + "externalId": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "type": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "v1ApplyAuthResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1ApplyOIDCMappingResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + }, + "message": { + "type": "string" + } + } + }, + "v1Auth": { + "type": "object", + "properties": { + "externalId": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "type": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "status": { + "$ref": "#/definitions/v1AuthStatus" + }, + "errorMessage": { + "type": "string" + }, + "updatedAt": { + "type": "string" + }, + "createdAt": { + "type": "string" + } + } + }, + "v1AuthStatus": { + "type": "string", + "enum": [ + "AUTH_STATUS_UNSPECIFIED", + "AUTH_STATUS_APPLYING", + "AUTH_STATUS_APPLYING_ERROR", + "AUTH_STATUS_APPLIED", + "AUTH_STATUS_REMOVING", + "AUTH_STATUS_REMOVING_ERROR", + "AUTH_STATUS_REMOVED" + ], + "default": "AUTH_STATUS_UNSPECIFIED" + }, + "v1BlockOIDCMappingResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + }, + "message": { + "type": "string" + } + } + }, + "v1BlockTenantResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1DeleteSystemResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1GetAuthResponse": { + "type": "object", + "properties": { + "auth": { + "$ref": "#/definitions/v1Auth" + } + } + }, + "v1GetOIDCProviderResponse": { + "type": "object", + "properties": { + "issuer": { + "type": "string" + }, + "jwksUris": { + "type": "array", + "items": { + "type": "string" + } + }, + "audiences": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "v1GetTenantResponse": { + "type": "object", + "properties": { + "tenant": { + "$ref": "#/definitions/v1Tenant" + } + } + }, + "v1LinkSystemsToTenantRequest": { + "type": "object", + "properties": { + "systemIdentifiers": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1SystemIdentifier" + } + }, + "tenantId": { + "type": "string" + } + } + }, + "v1LinkSystemsToTenantResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1ListAuthsResponse": { + "type": "object", + "properties": { + "auth": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1Auth" + } + }, + "nextPageToken": { + "type": "string" + } + } + }, + "v1ListSystemsResponse": { + "type": "object", + "properties": { + "systems": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1System" + } + }, + "nextPageToken": { + "type": "string", + "description": "Token of the next pagination page." + } + } + }, + "v1ListTenantsResponse": { + "type": "object", + "properties": { + "tenants": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1Tenant" + } + }, + "nextPageToken": { + "type": "string", + "description": "Token of the next pagination page." + } + } + }, + "v1RegisterSystemRequest": { + "type": "object", + "properties": { + "externalId": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "l2keyId": { + "type": "string" + }, + "hasL1keyClaim": { + "type": "boolean" + }, + "region": { + "type": "string" + }, + "status": { + "$ref": "#/definitions/cmktypesv1Status" + }, + "type": { + "type": "string" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "v1RegisterSystemResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1RegisterTenantRequest": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "id": { + "type": "string" + }, + "region": { + "type": "string" + }, + "ownerId": { + "type": "string" + }, + "ownerType": { + "type": "string" + }, + "role": { + "$ref": "#/definitions/v1Role" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "v1RegisterTenantResponse": { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + "v1RemoveAuthResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1RemoveOIDCMappingResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + }, + "message": { + "type": "string" + } + } + }, + "v1RemoveSystemLabelsResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1RemoveTenantLabelsResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1Role": { + "type": "string", + "enum": [ + "ROLE_UNSPECIFIED", + "ROLE_LIVE", + "ROLE_TEST", + "ROLE_TRIAL" + ], + "default": "ROLE_UNSPECIFIED" + }, + "v1SetSystemLabelsResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1SetTenantLabelsResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1SetTenantUserGroupsResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1System": { + "type": "object", + "properties": { + "externalId": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "l2keyId": { + "type": "string" + }, + "hasL1keyClaim": { + "type": "boolean" + }, + "region": { + "type": "string" + }, + "type": { + "type": "string" + }, + "status": { + "$ref": "#/definitions/cmktypesv1Status" + }, + "updatedAt": { + "type": "string" + }, + "createdAt": { + "type": "string" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "v1SystemIdentifier": { + "type": "object", + "properties": { + "externalId": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "v1Tenant": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "region": { + "type": "string" + }, + "ownerId": { + "type": "string" + }, + "ownerType": { + "type": "string" + }, + "status": { + "$ref": "#/definitions/registrytenantv1Status" + }, + "statusUpdatedAt": { + "type": "string" + }, + "role": { + "$ref": "#/definitions/v1Role" + }, + "updatedAt": { + "type": "string" + }, + "createdAt": { + "type": "string" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "userGroups": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "v1TerminateTenantResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1UnblockOIDCMappingResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + }, + "message": { + "type": "string" + } + } + }, + "v1UnblockTenantResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1UnlinkSystemsFromTenantRequest": { + "type": "object", + "properties": { + "systemIdentifiers": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1SystemIdentifier" + } + } + } + }, + "v1UnlinkSystemsFromTenantResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1UpdateSystemL1KeyClaimResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + }, + "v1UpdateSystemStatusResponse": { + "type": "object", + "properties": { + "success": { + "type": "boolean" + } + } + } + } +} diff --git a/go.mod b/go.mod index 4ad1c3e..a8abe99 100644 --- a/go.mod +++ b/go.mod @@ -3,13 +3,14 @@ module github.com/openkcm/api-sdk go 1.24.2 require ( + google.golang.org/genproto/googleapis/api v0.0.0-20251103181224-f26f9409b101 google.golang.org/grpc v1.76.0 google.golang.org/protobuf v1.36.10 ) require ( - golang.org/x/net v0.42.0 // indirect - golang.org/x/sys v0.34.0 // indirect - golang.org/x/text v0.27.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20250804133106-a7a43d27e69b // indirect + golang.org/x/net v0.46.0 // indirect + golang.org/x/sys v0.37.0 // indirect + golang.org/x/text v0.30.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 // indirect ) diff --git a/go.sum b/go.sum index d45f305..0b9b1ef 100644 --- a/go.sum +++ b/go.sum @@ -20,16 +20,18 @@ go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFh go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps= go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4= go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0= -golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= -golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= -golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= -golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= -golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= +golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4= +golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210= +golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= +golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k= +golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM= gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk= gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250804133106-a7a43d27e69b h1:zPKJod4w6F1+nRGDI9ubnXYhU9NSWoFAijkHkUXeTK8= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250804133106-a7a43d27e69b/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= +google.golang.org/genproto/googleapis/api v0.0.0-20251103181224-f26f9409b101 h1:vk5TfqZHNn0obhPIYeS+cxIFKFQgser/M2jnI+9c6MM= +google.golang.org/genproto/googleapis/api v0.0.0-20251103181224-f26f9409b101/go.mod h1:E17fc4PDhkr22dE3RgnH2hEubUaky6ZwW4VhANxyspg= +google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 h1:tRPGkdGHuewF4UisLzzHHr1spKw92qLM98nIzxbC0wY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk= google.golang.org/grpc v1.76.0 h1:UnVkv1+uMLYXoIz6o7chp59WfQUYA2ex/BXQ9rHZu7A= google.golang.org/grpc v1.76.0/go.mod h1:Ju12QI8M6iQJtbcsV+awF5a4hfJMLi4X0JLo94ULZ6c= google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE= diff --git a/proto/kms/api/cmk/registry/auth/v1/auth.pb.go b/proto/kms/api/cmk/registry/auth/v1/auth.pb.go index 89f06ca..b2664fd 100644 --- a/proto/kms/api/cmk/registry/auth/v1/auth.pb.go +++ b/proto/kms/api/cmk/registry/auth/v1/auth.pb.go @@ -7,6 +7,7 @@ package authv1 import ( + _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -635,7 +636,7 @@ var File_kms_api_cmk_registry_auth_v1_auth_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_auth_v1_auth_proto_rawDesc = "" + "\n" + - "'kms/api/cmk/registry/auth/v1/auth.proto\x12\x1ckms.api.cmk.registry.auth.v1\"\x90\x03\n" + + "'kms/api/cmk/registry/auth/v1/auth.proto\x12\x1ckms.api.cmk.registry.auth.v1\x1a\x1cgoogle/api/annotations.proto\"\x90\x03\n" + "\x04Auth\x12\x1f\n" + "\vexternal_id\x18\x01 \x01(\tR\n" + "externalId\x12\x1b\n" + @@ -696,13 +697,13 @@ const file_kms_api_cmk_registry_auth_v1_auth_proto_rawDesc = "" + "AuthAction\x12\x1b\n" + "\x17AUTH_ACTION_UNSPECIFIED\x10\x00\x12\x1a\n" + "\x16AUTH_ACTION_APPLY_AUTH\x10\x01\x12\x1b\n" + - "\x17AUTH_ACTION_REMOVE_AUTH\x10\x022\xc6\x03\n" + - "\aService\x12n\n" + - "\tApplyAuth\x12..kms.api.cmk.registry.auth.v1.ApplyAuthRequest\x1a/.kms.api.cmk.registry.auth.v1.ApplyAuthResponse\"\x00\x12h\n" + - "\aGetAuth\x12,.kms.api.cmk.registry.auth.v1.GetAuthRequest\x1a-.kms.api.cmk.registry.auth.v1.GetAuthResponse\"\x00\x12n\n" + - "\tListAuths\x12..kms.api.cmk.registry.auth.v1.ListAuthsRequest\x1a/.kms.api.cmk.registry.auth.v1.ListAuthsResponse\"\x00\x12q\n" + + "\x17AUTH_ACTION_REMOVE_AUTH\x10\x022\xa9\x04\n" + + "\aService\x12\x81\x01\n" + + "\tApplyAuth\x12..kms.api.cmk.registry.auth.v1.ApplyAuthRequest\x1a/.kms.api.cmk.registry.auth.v1.ApplyAuthResponse\"\x13\x82\xd3\xe4\x93\x02\r:\x01*\"\b/v1/auth\x12\x86\x01\n" + + "\aGetAuth\x12,.kms.api.cmk.registry.auth.v1.GetAuthRequest\x1a-.kms.api.cmk.registry.auth.v1.GetAuthResponse\"\x1e\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/auth/{external_id}\x12\x7f\n" + + "\tListAuths\x12..kms.api.cmk.registry.auth.v1.ListAuthsRequest\x1a/.kms.api.cmk.registry.auth.v1.ListAuthsResponse\"\x11\x82\xd3\xe4\x93\x02\v\x12\t/v1/auths\x12\x8f\x01\n" + "\n" + - "RemoveAuth\x12/.kms.api.cmk.registry.auth.v1.RemoveAuthRequest\x1a0.kms.api.cmk.registry.auth.v1.RemoveAuthResponse\"\x00B\x8a\x02\n" + + "RemoveAuth\x12/.kms.api.cmk.registry.auth.v1.RemoveAuthRequest\x1a0.kms.api.cmk.registry.auth.v1.RemoveAuthResponse\"\x1e\x82\xd3\xe4\x93\x02\x18*\x16/v1/auth/{external_id}B\x8a\x02\n" + " com.kms.api.cmk.registry.auth.v1B\tAuthProtoP\x01ZDgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/auth/v1;authv1\xa2\x02\x05KACRA\xaa\x02\x1cKms.Api.Cmk.Registry.Auth.V1\xca\x02\x1cKms\\Api\\Cmk\\Registry\\Auth\\V1\xe2\x02(Kms\\Api\\Cmk\\Registry\\Auth\\V1\\GPBMetadata\xea\x02!Kms::Api::Cmk::Registry::Auth::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/auth/v1/auth.proto b/proto/kms/api/cmk/registry/auth/v1/auth.proto index 255e76d..4a40fe5 100644 --- a/proto/kms/api/cmk/registry/auth/v1/auth.proto +++ b/proto/kms/api/cmk/registry/auth/v1/auth.proto @@ -2,11 +2,30 @@ syntax = "proto3"; package kms.api.cmk.registry.auth.v1; +import "google/api/annotations.proto"; + service Service { - rpc ApplyAuth(ApplyAuthRequest) returns (ApplyAuthResponse) {} - rpc GetAuth(GetAuthRequest) returns (GetAuthResponse) {} - rpc ListAuths(ListAuthsRequest) returns (ListAuthsResponse) {} - rpc RemoveAuth(RemoveAuthRequest) returns (RemoveAuthResponse) {} + rpc ApplyAuth(ApplyAuthRequest) returns (ApplyAuthResponse) { + option (google.api.http) = { + post: "/v1/auth" + body: "*" + }; + } + rpc GetAuth(GetAuthRequest) returns (GetAuthResponse) { + option (google.api.http) = { + get: "/v1/auth/{external_id}" + }; + } + rpc ListAuths(ListAuthsRequest) returns (ListAuthsResponse) { + option (google.api.http) = { + get: "/v1/auths" + }; + } + rpc RemoveAuth(RemoveAuthRequest) returns (RemoveAuthResponse) { + option (google.api.http) = { + delete: "/v1/auth/{external_id}" + }; + } } message Auth { diff --git a/proto/kms/api/cmk/registry/system/v1/system.pb.go b/proto/kms/api/cmk/registry/system/v1/system.pb.go index 954260e..83c465d 100644 --- a/proto/kms/api/cmk/registry/system/v1/system.pb.go +++ b/proto/kms/api/cmk/registry/system/v1/system.pb.go @@ -8,6 +8,7 @@ package systemv1 import ( v1 "github.com/openkcm/api-sdk/proto/kms/api/cmk/types/v1" + _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -1182,7 +1183,7 @@ var File_kms_api_cmk_registry_system_v1_system_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_system_v1_system_proto_rawDesc = "" + "\n" + - "+kms/api/cmk/registry/system/v1/system.proto\x12\x1ekms.api.cmk.registry.system.v1\x1a!kms/api/cmk/types/v1/status.proto\"\xb0\x03\n" + + "+kms/api/cmk/registry/system/v1/system.proto\x12\x1ekms.api.cmk.registry.system.v1\x1a\x1cgoogle/api/annotations.proto\x1a!kms/api/cmk/types/v1/status.proto\"\xb0\x03\n" + "\x06System\x12\x1f\n" + "\vexternal_id\x18\x01 \x01(\tR\n" + "externalId\x12\x1b\n" + @@ -1280,17 +1281,18 @@ const file_kms_api_cmk_registry_system_v1_system_proto_rawDesc = "" + "\n" + "label_keys\x18\x03 \x03(\tR\tlabelKeys\"6\n" + "\x1aRemoveSystemLabelsResponse\x12\x18\n" + - "\asuccess\x18\x01 \x01(\bR\asuccess2\xf9\t\n" + - "\aService\x12\x81\x01\n" + - "\x0eRegisterSystem\x125.kms.api.cmk.registry.system.v1.RegisterSystemRequest\x1a6.kms.api.cmk.registry.system.v1.RegisterSystemResponse\"\x00\x12x\n" + - "\vListSystems\x122.kms.api.cmk.registry.system.v1.ListSystemsRequest\x1a3.kms.api.cmk.registry.system.v1.ListSystemsResponse\"\x00\x12{\n" + - "\fDeleteSystem\x123.kms.api.cmk.registry.system.v1.DeleteSystemRequest\x1a4.kms.api.cmk.registry.system.v1.DeleteSystemResponse\"\x00\x12\x99\x01\n" + - "\x16UpdateSystemL1KeyClaim\x12=.kms.api.cmk.registry.system.v1.UpdateSystemL1KeyClaimRequest\x1a>.kms.api.cmk.registry.system.v1.UpdateSystemL1KeyClaimResponse\"\x00\x12\x9c\x01\n" + - "\x17UnlinkSystemsFromTenant\x12>.kms.api.cmk.registry.system.v1.UnlinkSystemsFromTenantRequest\x1a?.kms.api.cmk.registry.system.v1.UnlinkSystemsFromTenantResponse\"\x00\x12\x90\x01\n" + - "\x13LinkSystemsToTenant\x12:.kms.api.cmk.registry.system.v1.LinkSystemsToTenantRequest\x1a;.kms.api.cmk.registry.system.v1.LinkSystemsToTenantResponse\"\x00\x12\x8d\x01\n" + - "\x12UpdateSystemStatus\x129.kms.api.cmk.registry.system.v1.UpdateSystemStatusRequest\x1a:.kms.api.cmk.registry.system.v1.UpdateSystemStatusResponse\"\x00\x12\x84\x01\n" + - "\x0fSetSystemLabels\x126.kms.api.cmk.registry.system.v1.SetSystemLabelsRequest\x1a7.kms.api.cmk.registry.system.v1.SetSystemLabelsResponse\"\x00\x12\x8d\x01\n" + - "\x12RemoveSystemLabels\x129.kms.api.cmk.registry.system.v1.RemoveSystemLabelsRequest\x1a:.kms.api.cmk.registry.system.v1.RemoveSystemLabelsResponse\"\x00B\x9a\x02\n" + + "\asuccess\x18\x01 \x01(\bR\asuccess2\xa8\f\n" + + "\aService\x12\x96\x01\n" + + "\x0eRegisterSystem\x125.kms.api.cmk.registry.system.v1.RegisterSystemRequest\x1a6.kms.api.cmk.registry.system.v1.RegisterSystemResponse\"\x15\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n" + + "/v1/system\x12\x8b\x01\n" + + "\vListSystems\x122.kms.api.cmk.registry.system.v1.ListSystemsRequest\x1a3.kms.api.cmk.registry.system.v1.ListSystemsResponse\"\x13\x82\xd3\xe4\x93\x02\r\x12\v/v1/systems\x12\x9b\x01\n" + + "\fDeleteSystem\x123.kms.api.cmk.registry.system.v1.DeleteSystemRequest\x1a4.kms.api.cmk.registry.system.v1.DeleteSystemResponse\" \x82\xd3\xe4\x93\x02\x1a*\x18/v1/system/{external_id}\x12\xc8\x01\n" + + "\x16UpdateSystemL1KeyClaim\x12=.kms.api.cmk.registry.system.v1.UpdateSystemL1KeyClaimRequest\x1a>.kms.api.cmk.registry.system.v1.UpdateSystemL1KeyClaimResponse\"/\x82\xd3\xe4\x93\x02):\x01*2$/v1/system/{external_id}/l1key-claim\x12\xb9\x01\n" + + "\x17UnlinkSystemsFromTenant\x12>.kms.api.cmk.registry.system.v1.UnlinkSystemsFromTenantRequest\x1a?.kms.api.cmk.registry.system.v1.UnlinkSystemsFromTenantResponse\"\x1d\x82\xd3\xe4\x93\x02\x17:\x01*\"\x12/v1/systems/unlink\x12\xab\x01\n" + + "\x13LinkSystemsToTenant\x12:.kms.api.cmk.registry.system.v1.LinkSystemsToTenantRequest\x1a;.kms.api.cmk.registry.system.v1.LinkSystemsToTenantResponse\"\x1b\x82\xd3\xe4\x93\x02\x15:\x01*\"\x10/v1/systems/link\x12\xb7\x01\n" + + "\x12UpdateSystemStatus\x129.kms.api.cmk.registry.system.v1.UpdateSystemStatusRequest\x1a:.kms.api.cmk.registry.system.v1.UpdateSystemStatusResponse\"*\x82\xd3\xe4\x93\x02$:\x01*2\x1f/v1/system/{external_id}/status\x12\xae\x01\n" + + "\x0fSetSystemLabels\x126.kms.api.cmk.registry.system.v1.SetSystemLabelsRequest\x1a7.kms.api.cmk.registry.system.v1.SetSystemLabelsResponse\"*\x82\xd3\xe4\x93\x02$:\x01*2\x1f/v1/system/{external_id}/labels\x12\xb7\x01\n" + + "\x12RemoveSystemLabels\x129.kms.api.cmk.registry.system.v1.RemoveSystemLabelsRequest\x1a:.kms.api.cmk.registry.system.v1.RemoveSystemLabelsResponse\"*\x82\xd3\xe4\x93\x02$:\x01**\x1f/v1/system/{external_id}/labelsB\x9a\x02\n" + "\"com.kms.api.cmk.registry.system.v1B\vSystemProtoP\x01ZHgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/system/v1;systemv1\xa2\x02\x05KACRS\xaa\x02\x1eKms.Api.Cmk.Registry.System.V1\xca\x02\x1eKms\\Api\\Cmk\\Registry\\System\\V1\xe2\x02*Kms\\Api\\Cmk\\Registry\\System\\V1\\GPBMetadata\xea\x02#Kms::Api::Cmk::Registry::System::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/system/v1/system.proto b/proto/kms/api/cmk/registry/system/v1/system.proto index 2cb97c4..1999f92 100644 --- a/proto/kms/api/cmk/registry/system/v1/system.proto +++ b/proto/kms/api/cmk/registry/system/v1/system.proto @@ -2,18 +2,62 @@ syntax = "proto3"; package kms.api.cmk.registry.system.v1; +import "google/api/annotations.proto"; import "kms/api/cmk/types/v1/status.proto"; service Service { - rpc RegisterSystem(RegisterSystemRequest) returns (RegisterSystemResponse) {} - rpc ListSystems(ListSystemsRequest) returns (ListSystemsResponse) {} - rpc DeleteSystem(DeleteSystemRequest) returns (DeleteSystemResponse) {} - rpc UpdateSystemL1KeyClaim(UpdateSystemL1KeyClaimRequest) returns (UpdateSystemL1KeyClaimResponse) {} - rpc UnlinkSystemsFromTenant(UnlinkSystemsFromTenantRequest) returns (UnlinkSystemsFromTenantResponse) {} - rpc LinkSystemsToTenant(LinkSystemsToTenantRequest) returns (LinkSystemsToTenantResponse) {} - rpc UpdateSystemStatus(UpdateSystemStatusRequest) returns (UpdateSystemStatusResponse) {} - rpc SetSystemLabels(SetSystemLabelsRequest) returns (SetSystemLabelsResponse) {} - rpc RemoveSystemLabels(RemoveSystemLabelsRequest) returns (RemoveSystemLabelsResponse) {} + rpc RegisterSystem(RegisterSystemRequest) returns (RegisterSystemResponse) { + option (google.api.http) = { + post: "/v1/system" + body: "*" + }; + } + rpc ListSystems(ListSystemsRequest) returns (ListSystemsResponse) { + option (google.api.http) = { + get: "/v1/systems" + }; + } + rpc DeleteSystem(DeleteSystemRequest) returns (DeleteSystemResponse) { + option (google.api.http) = { + delete: "/v1/system/{external_id}" + }; + } + rpc UpdateSystemL1KeyClaim(UpdateSystemL1KeyClaimRequest) returns (UpdateSystemL1KeyClaimResponse) { + option (google.api.http) = { + patch: "/v1/system/{external_id}/l1key-claim" + body: "*" + }; + } + rpc UnlinkSystemsFromTenant(UnlinkSystemsFromTenantRequest) returns (UnlinkSystemsFromTenantResponse) { + option (google.api.http) = { + post: "/v1/systems/unlink" + body: "*" + }; + } + rpc LinkSystemsToTenant(LinkSystemsToTenantRequest) returns (LinkSystemsToTenantResponse) { + option (google.api.http) = { + post: "/v1/systems/link" + body: "*" + }; + } + rpc UpdateSystemStatus(UpdateSystemStatusRequest) returns (UpdateSystemStatusResponse) { + option (google.api.http) = { + patch: "/v1/system/{external_id}/status" + body: "*" + }; + } + rpc SetSystemLabels(SetSystemLabelsRequest) returns (SetSystemLabelsResponse) { + option (google.api.http) = { + patch: "/v1/system/{external_id}/labels" + body: "*" + }; + } + rpc RemoveSystemLabels(RemoveSystemLabelsRequest) returns (RemoveSystemLabelsResponse) { + option (google.api.http) = { + delete: "/v1/system/{external_id}/labels" + body: "*" + }; + } } message System { diff --git a/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go b/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go index fd0b806..b58eef3 100644 --- a/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go +++ b/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go @@ -7,6 +7,7 @@ package tenantv1 import ( + _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -1267,7 +1268,7 @@ var File_kms_api_cmk_registry_tenant_v1_tenant_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_tenant_v1_tenant_proto_rawDesc = "" + "\n" + - "+kms/api/cmk/registry/tenant/v1/tenant.proto\x12\x1ekms.api.cmk.registry.tenant.v1\"\x8a\x04\n" + + "+kms/api/cmk/registry/tenant/v1/tenant.proto\x12\x1ekms.api.cmk.registry.tenant.v1\x1a\x1cgoogle/api/annotations.proto\"\x8a\x04\n" + "\x06Tenant\x12\x0e\n" + "\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n" + "\x04name\x18\x02 \x01(\tR\x04name\x12\x16\n" + @@ -1378,17 +1379,18 @@ const file_kms_api_cmk_registry_tenant_v1_tenant_proto_rawDesc = "" + "\x17ACTION_PROVISION_TENANT\x10\x01\x12\x17\n" + "\x13ACTION_BLOCK_TENANT\x10\x02\x12\x19\n" + "\x15ACTION_UNBLOCK_TENANT\x10\x03\x12\x1b\n" + - "\x17ACTION_TERMINATE_TENANT\x10\x042\xa6\t\n" + - "\aService\x12\x81\x01\n" + - "\x0eRegisterTenant\x125.kms.api.cmk.registry.tenant.v1.RegisterTenantRequest\x1a6.kms.api.cmk.registry.tenant.v1.RegisterTenantResponse\"\x00\x12x\n" + - "\vListTenants\x122.kms.api.cmk.registry.tenant.v1.ListTenantsRequest\x1a3.kms.api.cmk.registry.tenant.v1.ListTenantsResponse\"\x00\x12r\n" + - "\tGetTenant\x120.kms.api.cmk.registry.tenant.v1.GetTenantRequest\x1a1.kms.api.cmk.registry.tenant.v1.GetTenantResponse\"\x00\x12x\n" + - "\vBlockTenant\x122.kms.api.cmk.registry.tenant.v1.BlockTenantRequest\x1a3.kms.api.cmk.registry.tenant.v1.BlockTenantResponse\"\x00\x12~\n" + - "\rUnblockTenant\x124.kms.api.cmk.registry.tenant.v1.UnblockTenantRequest\x1a5.kms.api.cmk.registry.tenant.v1.UnblockTenantResponse\"\x00\x12\x84\x01\n" + - "\x0fTerminateTenant\x126.kms.api.cmk.registry.tenant.v1.TerminateTenantRequest\x1a7.kms.api.cmk.registry.tenant.v1.TerminateTenantResponse\"\x00\x12\x84\x01\n" + - "\x0fSetTenantLabels\x126.kms.api.cmk.registry.tenant.v1.SetTenantLabelsRequest\x1a7.kms.api.cmk.registry.tenant.v1.SetTenantLabelsResponse\"\x00\x12\x8d\x01\n" + - "\x12RemoveTenantLabels\x129.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsRequest\x1a:.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsResponse\"\x00\x12\x90\x01\n" + - "\x13SetTenantUserGroups\x12:.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsRequest\x1a;.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsResponse\"\x00B\x9a\x02\n" + + "\x17ACTION_TERMINATE_TENANT\x10\x042\xaa\v\n" + + "\aService\x12\x96\x01\n" + + "\x0eRegisterTenant\x125.kms.api.cmk.registry.tenant.v1.RegisterTenantRequest\x1a6.kms.api.cmk.registry.tenant.v1.RegisterTenantResponse\"\x15\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n" + + "/v1/tenant\x12\x8b\x01\n" + + "\vListTenants\x122.kms.api.cmk.registry.tenant.v1.ListTenantsRequest\x1a3.kms.api.cmk.registry.tenant.v1.ListTenantsResponse\"\x13\x82\xd3\xe4\x93\x02\r\x12\v/v1/tenants\x12\x89\x01\n" + + "\tGetTenant\x120.kms.api.cmk.registry.tenant.v1.GetTenantRequest\x1a1.kms.api.cmk.registry.tenant.v1.GetTenantResponse\"\x17\x82\xd3\xe4\x93\x02\x11\x12\x0f/v1/tenant/{id}\x12\x98\x01\n" + + "\vBlockTenant\x122.kms.api.cmk.registry.tenant.v1.BlockTenantRequest\x1a3.kms.api.cmk.registry.tenant.v1.BlockTenantResponse\" \x82\xd3\xe4\x93\x02\x1a:\x01*\"\x15/v1/tenant/{id}/block\x12\xa0\x01\n" + + "\rUnblockTenant\x124.kms.api.cmk.registry.tenant.v1.UnblockTenantRequest\x1a5.kms.api.cmk.registry.tenant.v1.UnblockTenantResponse\"\"\x82\xd3\xe4\x93\x02\x1c:\x01*\"\x17/v1/tenant/{id}/unblock\x12\x9b\x01\n" + + "\x0fTerminateTenant\x126.kms.api.cmk.registry.tenant.v1.TerminateTenantRequest\x1a7.kms.api.cmk.registry.tenant.v1.TerminateTenantResponse\"\x17\x82\xd3\xe4\x93\x02\x11*\x0f/v1/tenant/{id}\x12\xa5\x01\n" + + "\x0fSetTenantLabels\x126.kms.api.cmk.registry.tenant.v1.SetTenantLabelsRequest\x1a7.kms.api.cmk.registry.tenant.v1.SetTenantLabelsResponse\"!\x82\xd3\xe4\x93\x02\x1b:\x01*2\x16/v1/tenant/{id}/labels\x12\xae\x01\n" + + "\x12RemoveTenantLabels\x129.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsRequest\x1a:.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsResponse\"!\x82\xd3\xe4\x93\x02\x1b:\x01**\x16/v1/tenant/{id}/labels\x12\xb6\x01\n" + + "\x13SetTenantUserGroups\x12:.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsRequest\x1a;.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsResponse\"&\x82\xd3\xe4\x93\x02 :\x01*2\x1b/v1/tenant/{id}/user-groupsB\x9a\x02\n" + "\"com.kms.api.cmk.registry.tenant.v1B\vTenantProtoP\x01ZHgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/tenant/v1;tenantv1\xa2\x02\x05KACRT\xaa\x02\x1eKms.Api.Cmk.Registry.Tenant.V1\xca\x02\x1eKms\\Api\\Cmk\\Registry\\Tenant\\V1\xe2\x02*Kms\\Api\\Cmk\\Registry\\Tenant\\V1\\GPBMetadata\xea\x02#Kms::Api::Cmk::Registry::Tenant::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/tenant/v1/tenant.proto b/proto/kms/api/cmk/registry/tenant/v1/tenant.proto index 518a589..9631687 100644 --- a/proto/kms/api/cmk/registry/tenant/v1/tenant.proto +++ b/proto/kms/api/cmk/registry/tenant/v1/tenant.proto @@ -2,16 +2,60 @@ syntax = "proto3"; package kms.api.cmk.registry.tenant.v1; +import "google/api/annotations.proto"; + service Service { - rpc RegisterTenant(RegisterTenantRequest) returns (RegisterTenantResponse) {} - rpc ListTenants(ListTenantsRequest) returns (ListTenantsResponse) {} - rpc GetTenant(GetTenantRequest) returns (GetTenantResponse) {} - rpc BlockTenant(BlockTenantRequest) returns (BlockTenantResponse) {} - rpc UnblockTenant(UnblockTenantRequest) returns (UnblockTenantResponse) {} - rpc TerminateTenant(TerminateTenantRequest) returns (TerminateTenantResponse) {} - rpc SetTenantLabels(SetTenantLabelsRequest) returns (SetTenantLabelsResponse) {} - rpc RemoveTenantLabels(RemoveTenantLabelsRequest) returns (RemoveTenantLabelsResponse) {} - rpc SetTenantUserGroups(SetTenantUserGroupsRequest) returns (SetTenantUserGroupsResponse) {} + rpc RegisterTenant(RegisterTenantRequest) returns (RegisterTenantResponse) { + option (google.api.http) = { + post: "/v1/tenant" + body: "*" + }; + } + rpc ListTenants(ListTenantsRequest) returns (ListTenantsResponse) { + option (google.api.http) = { + get: "/v1/tenants" + }; + } + rpc GetTenant(GetTenantRequest) returns (GetTenantResponse) { + option (google.api.http) = { + get: "/v1/tenant/{id}" + }; + } + rpc BlockTenant(BlockTenantRequest) returns (BlockTenantResponse) { + option (google.api.http) = { + post: "/v1/tenant/{id}/block" + body: "*" + }; + } + rpc UnblockTenant(UnblockTenantRequest) returns (UnblockTenantResponse) { + option (google.api.http) = { + post: "/v1/tenant/{id}/unblock" + body: "*" + }; + } + rpc TerminateTenant(TerminateTenantRequest) returns (TerminateTenantResponse) { + option (google.api.http) = { + delete: "/v1/tenant/{id}" + }; + } + rpc SetTenantLabels(SetTenantLabelsRequest) returns (SetTenantLabelsResponse) { + option (google.api.http) = { + patch: "/v1/tenant/{id}/labels" + body: "*" + }; + } + rpc RemoveTenantLabels(RemoveTenantLabelsRequest) returns (RemoveTenantLabelsResponse) { + option (google.api.http) = { + delete: "/v1/tenant/{id}/labels" + body: "*" + }; + } + rpc SetTenantUserGroups(SetTenantUserGroupsRequest) returns (SetTenantUserGroupsResponse) { + option (google.api.http) = { + patch: "/v1/tenant/{id}/user-groups" + body: "*" + }; + } } message Tenant { From d794afe3c79e1036528c2c83345359d2de06e3c3 Mon Sep 17 00:00:00 2001 From: Misha Shkuran Date: Tue, 4 Nov 2025 13:12:11 +0100 Subject: [PATCH 2/3] feat: enhance OpenAPI documentation --- buf.gen.yaml | 4 + buf.yaml | 1 + docs/openapiv2/apidocs.swagger.json | 82 +++++++++++++------ go.mod | 1 + go.sum | 2 + proto/kms/api/cmk/registry/auth/v1/auth.pb.go | 30 ++++--- proto/kms/api/cmk/registry/auth/v1/auth.proto | 34 +++++++- .../api/cmk/registry/system/v1/system.pb.go | 8 +- .../api/cmk/registry/system/v1/system.proto | 5 ++ .../api/cmk/registry/tenant/v1/tenant.pb.go | 8 +- .../api/cmk/registry/tenant/v1/tenant.proto | 5 ++ 11 files changed, 130 insertions(+), 50 deletions(-) diff --git a/buf.gen.yaml b/buf.gen.yaml index 328fdac..c85cc22 100755 --- a/buf.gen.yaml +++ b/buf.gen.yaml @@ -13,6 +13,10 @@ managed: - path: google/api file_option: go_package value: google.golang.org/genproto/googleapis/api/annotations;annotations + # Override for grpc-gateway OpenAPI v2 dependencies to use the standard grpc-gateway Go packages + - path: protoc-gen-openapiv2/options/annotations.proto + file_option: go_package + value: github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options;options plugins: - remote: buf.build/protocolbuffers/go out: proto diff --git a/buf.yaml b/buf.yaml index 4bd5cb5..f6f7795 100644 --- a/buf.yaml +++ b/buf.yaml @@ -3,6 +3,7 @@ modules: - path: proto deps: - buf.build/googleapis/googleapis + - buf.build/grpc-ecosystem/grpc-gateway lint: use: - STANDARD diff --git a/docs/openapiv2/apidocs.swagger.json b/docs/openapiv2/apidocs.swagger.json index 28db690..f0b9cfb 100644 --- a/docs/openapiv2/apidocs.swagger.json +++ b/docs/openapiv2/apidocs.swagger.json @@ -5,6 +5,15 @@ "version": "version not set" }, "tags": [ + { + "name": "Auth" + }, + { + "name": "System" + }, + { + "name": "Tenant" + }, { "name": "Service" } @@ -18,6 +27,8 @@ "paths": { "/v1/auth": { "post": { + "summary": "Apply authentication configuration", + "description": "Creates or updates authentication configuration for a tenant. Use this endpoint to configure authentication methods like OIDC. For OIDC authentication, provide the issuer URL, JWKS URI, and audiences in the properties field.", "operationId": "Service_ApplyAuth", "responses": { "200": { @@ -36,6 +47,7 @@ "parameters": [ { "name": "body", + "description": "Request message for applying authentication configuration to a tenant", "in": "body", "required": true, "schema": { @@ -44,7 +56,7 @@ } ], "tags": [ - "Service" + "Auth" ] } }, @@ -74,7 +86,7 @@ } ], "tags": [ - "Service" + "Auth" ] }, "delete": { @@ -102,7 +114,7 @@ } ], "tags": [ - "Service" + "Auth" ] } }, @@ -146,7 +158,7 @@ } ], "tags": [ - "Service" + "Auth" ] } }, @@ -178,7 +190,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -214,7 +226,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -252,7 +264,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -290,7 +302,7 @@ } ], "tags": [ - "Service" + "System" ] }, "patch": { @@ -326,7 +338,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -364,7 +376,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -427,7 +439,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -459,7 +471,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -491,7 +503,7 @@ } ], "tags": [ - "Service" + "System" ] } }, @@ -523,7 +535,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -553,7 +565,7 @@ } ], "tags": [ - "Service" + "Tenant" ] }, "delete": { @@ -581,7 +593,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -619,7 +631,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -657,7 +669,7 @@ } ], "tags": [ - "Service" + "Tenant" ] }, "patch": { @@ -693,7 +705,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -731,7 +743,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -769,7 +781,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } }, @@ -838,7 +850,7 @@ } ], "tags": [ - "Service" + "Tenant" ] } } @@ -997,23 +1009,39 @@ }, "v1ApplyAuthRequest": { "type": "object", + "example": { + "external_id": "auth-123", + "tenant_id": "tenant-abc", + "type": "OIDC", + "properties": { + "issuer": "https://issuer.example", + "jwks_uris": "https://issuer.example/.well-known/jwks.json", + "audiences": "aud1,aud2" + } + }, "properties": { "externalId": { - "type": "string" + "type": "string", + "description": "External identifier for the authentication configuration" }, "tenantId": { - "type": "string" + "type": "string", + "description": "Unique identifier of the tenant" }, "type": { - "type": "string" + "type": "string", + "description": "Type of authentication to be applied (e.g., OIDC)" }, "properties": { "type": "object", "additionalProperties": { "type": "string" - } + }, + "description": "Key-value pairs representing authentication properties. For OIDC this should be issuer, jwks_uris and audiences." } - } + }, + "description": "Request message for applying authentication configuration to a tenant", + "title": "Apply Auth Request" }, "v1ApplyAuthResponse": { "type": "object", diff --git a/go.mod b/go.mod index a8abe99..d30211c 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/openkcm/api-sdk go 1.24.2 require ( + github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 google.golang.org/genproto/googleapis/api v0.0.0-20251103181224-f26f9409b101 google.golang.org/grpc v1.76.0 google.golang.org/protobuf v1.36.10 diff --git a/go.sum b/go.sum index 0b9b1ef..94edf74 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 h1:NmZ1PKzSTQbuGHw9DGPFomqkkLWMC+vZCkfs+FHv1Vg= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3/go.mod h1:zQrxl1YP88HQlA6i9c63DSVPFklWpGX4OWAc9bFuaH4= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ= diff --git a/proto/kms/api/cmk/registry/auth/v1/auth.pb.go b/proto/kms/api/cmk/registry/auth/v1/auth.pb.go index b2664fd..20d38bb 100644 --- a/proto/kms/api/cmk/registry/auth/v1/auth.pb.go +++ b/proto/kms/api/cmk/registry/auth/v1/auth.pb.go @@ -7,6 +7,7 @@ package authv1 import ( + _ "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options" _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -636,7 +637,7 @@ var File_kms_api_cmk_registry_auth_v1_auth_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_auth_v1_auth_proto_rawDesc = "" + "\n" + - "'kms/api/cmk/registry/auth/v1/auth.proto\x12\x1ckms.api.cmk.registry.auth.v1\x1a\x1cgoogle/api/annotations.proto\"\x90\x03\n" + + "'kms/api/cmk/registry/auth/v1/auth.proto\x12\x1ckms.api.cmk.registry.auth.v1\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\x90\x03\n" + "\x04Auth\x12\x1f\n" + "\vexternal_id\x18\x01 \x01(\tR\n" + "externalId\x12\x1b\n" + @@ -653,18 +654,19 @@ const file_kms_api_cmk_registry_auth_v1_auth_proto_rawDesc = "" + "created_at\x18\b \x01(\tR\tcreatedAt\x1a=\n" + "\x0fPropertiesEntry\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + - "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x83\x02\n" + - "\x10ApplyAuthRequest\x12\x1f\n" + - "\vexternal_id\x18\x01 \x01(\tR\n" + - "externalId\x12\x1b\n" + - "\ttenant_id\x18\x02 \x01(\tR\btenantId\x12\x12\n" + - "\x04type\x18\x03 \x01(\tR\x04type\x12^\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\xd5\x06\n" + + "\x10ApplyAuthRequest\x12^\n" + + "\vexternal_id\x18\x01 \x01(\tB=\x92A:28External identifier for the authentication configurationR\n" + + "externalId\x12A\n" + + "\ttenant_id\x18\x02 \x01(\tB$\x92A!2\x1fUnique identifier of the tenantR\btenantId\x12J\n" + + "\x04type\x18\x03 \x01(\tB6\x92A321Type of authentication to be applied (e.g., OIDC)R\x04type\x12\xd5\x01\n" + "\n" + - "properties\x18\x04 \x03(\v2>.kms.api.cmk.registry.auth.v1.ApplyAuthRequest.PropertiesEntryR\n" + + "properties\x18\x04 \x03(\v2>.kms.api.cmk.registry.auth.v1.ApplyAuthRequest.PropertiesEntryBu\x92Ar2pKey-value pairs representing authentication properties. For OIDC this should be issuer, jwks_uris and audiences.R\n" + "properties\x1a=\n" + "\x0fPropertiesEntry\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + - "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"-\n" + + "\x05value\x18\x02 \x01(\tR\x05value:\x028\x01:\xba\x02\x92A\xb6\x02\n" + + "\xb3\x02*\x12Apply Auth Request2ERequest message for applying authentication configuration to a tenantJ\xd5\x01{ \"external_id\": \"auth-123\", \"tenant_id\": \"tenant-abc\", \"type\": \"OIDC\", \"properties\": { \"issuer\": \"https://issuer.example\", \"jwks_uris\": \"https://issuer.example/.well-known/jwks.json\", \"audiences\": \"aud1,aud2\" } }\"-\n" + "\x11ApplyAuthResponse\x12\x18\n" + "\asuccess\x18\x01 \x01(\bR\asuccess\"1\n" + "\x0eGetAuthRequest\x12\x1f\n" + @@ -697,13 +699,15 @@ const file_kms_api_cmk_registry_auth_v1_auth_proto_rawDesc = "" + "AuthAction\x12\x1b\n" + "\x17AUTH_ACTION_UNSPECIFIED\x10\x00\x12\x1a\n" + "\x16AUTH_ACTION_APPLY_AUTH\x10\x01\x12\x1b\n" + - "\x17AUTH_ACTION_REMOVE_AUTH\x10\x022\xa9\x04\n" + - "\aService\x12\x81\x01\n" + - "\tApplyAuth\x12..kms.api.cmk.registry.auth.v1.ApplyAuthRequest\x1a/.kms.api.cmk.registry.auth.v1.ApplyAuthResponse\"\x13\x82\xd3\xe4\x93\x02\r:\x01*\"\b/v1/auth\x12\x86\x01\n" + + "\x17AUTH_ACTION_REMOVE_AUTH\x10\x022\xc6\x06\n" + + "\aService\x12\x93\x03\n" + + "\tApplyAuth\x12..kms.api.cmk.registry.auth.v1.ApplyAuthRequest\x1a/.kms.api.cmk.registry.auth.v1.ApplyAuthResponse\"\xa4\x02\x92A\x8d\x02\n" + + "\x04Auth\x12\"Apply authentication configuration\x1a\xe0\x01Creates or updates authentication configuration for a tenant. Use this endpoint to configure authentication methods like OIDC. For OIDC authentication, provide the issuer URL, JWKS URI, and audiences in the properties field.\x82\xd3\xe4\x93\x02\r:\x01*\"\b/v1/auth\x12\x86\x01\n" + "\aGetAuth\x12,.kms.api.cmk.registry.auth.v1.GetAuthRequest\x1a-.kms.api.cmk.registry.auth.v1.GetAuthResponse\"\x1e\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/auth/{external_id}\x12\x7f\n" + "\tListAuths\x12..kms.api.cmk.registry.auth.v1.ListAuthsRequest\x1a/.kms.api.cmk.registry.auth.v1.ListAuthsResponse\"\x11\x82\xd3\xe4\x93\x02\v\x12\t/v1/auths\x12\x8f\x01\n" + "\n" + - "RemoveAuth\x12/.kms.api.cmk.registry.auth.v1.RemoveAuthRequest\x1a0.kms.api.cmk.registry.auth.v1.RemoveAuthResponse\"\x1e\x82\xd3\xe4\x93\x02\x18*\x16/v1/auth/{external_id}B\x8a\x02\n" + + "RemoveAuth\x12/.kms.api.cmk.registry.auth.v1.RemoveAuthRequest\x1a0.kms.api.cmk.registry.auth.v1.RemoveAuthResponse\"\x1e\x82\xd3\xe4\x93\x02\x18*\x16/v1/auth/{external_id}\x1a\t\x92A\x06\n" + + "\x04AuthB\x8a\x02\n" + " com.kms.api.cmk.registry.auth.v1B\tAuthProtoP\x01ZDgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/auth/v1;authv1\xa2\x02\x05KACRA\xaa\x02\x1cKms.Api.Cmk.Registry.Auth.V1\xca\x02\x1cKms\\Api\\Cmk\\Registry\\Auth\\V1\xe2\x02(Kms\\Api\\Cmk\\Registry\\Auth\\V1\\GPBMetadata\xea\x02!Kms::Api::Cmk::Registry::Auth::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/auth/v1/auth.proto b/proto/kms/api/cmk/registry/auth/v1/auth.proto index 4a40fe5..612b7fa 100644 --- a/proto/kms/api/cmk/registry/auth/v1/auth.proto +++ b/proto/kms/api/cmk/registry/auth/v1/auth.proto @@ -3,13 +3,23 @@ syntax = "proto3"; package kms.api.cmk.registry.auth.v1; import "google/api/annotations.proto"; +import "protoc-gen-openapiv2/options/annotations.proto"; service Service { + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_tag) = { + name: "Auth" + }; + rpc ApplyAuth(ApplyAuthRequest) returns (ApplyAuthResponse) { option (google.api.http) = { post: "/v1/auth" body: "*" }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + summary: "Apply authentication configuration" + description: "Creates or updates authentication configuration for a tenant. Use this endpoint to configure authentication methods like OIDC. For OIDC authentication, provide the issuer URL, JWKS URI, and audiences in the properties field." + tags: ["Auth"] + }; } rpc GetAuth(GetAuthRequest) returns (GetAuthResponse) { option (google.api.http) = { @@ -40,10 +50,26 @@ message Auth { } message ApplyAuthRequest { - string external_id = 1; - string tenant_id = 2; - string type = 3; - map properties = 4; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = { + json_schema: { + title: "Apply Auth Request" + description: "Request message for applying authentication configuration to a tenant" + example: "{ \"external_id\": \"auth-123\", \"tenant_id\": \"tenant-abc\", \"type\": \"OIDC\", \"properties\": { \"issuer\": \"https://issuer.example\", \"jwks_uris\": \"https://issuer.example/.well-known/jwks.json\", \"audiences\": \"aud1,aud2\" } }" + } + }; + + string external_id = 1 [(.grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { + description: "External identifier for the authentication configuration" + }]; + string tenant_id = 2 [(.grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { + description: "Unique identifier of the tenant" + }]; + string type = 3 [(.grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { + description: "Type of authentication to be applied (e.g., OIDC)" + }]; + map properties = 4 [(.grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { + description: "Key-value pairs representing authentication properties. For OIDC this should be issuer, jwks_uris and audiences." + }]; } message ApplyAuthResponse { diff --git a/proto/kms/api/cmk/registry/system/v1/system.pb.go b/proto/kms/api/cmk/registry/system/v1/system.pb.go index 83c465d..e7db4a1 100644 --- a/proto/kms/api/cmk/registry/system/v1/system.pb.go +++ b/proto/kms/api/cmk/registry/system/v1/system.pb.go @@ -7,6 +7,7 @@ package systemv1 import ( + _ "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options" v1 "github.com/openkcm/api-sdk/proto/kms/api/cmk/types/v1" _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" @@ -1183,7 +1184,7 @@ var File_kms_api_cmk_registry_system_v1_system_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_system_v1_system_proto_rawDesc = "" + "\n" + - "+kms/api/cmk/registry/system/v1/system.proto\x12\x1ekms.api.cmk.registry.system.v1\x1a\x1cgoogle/api/annotations.proto\x1a!kms/api/cmk/types/v1/status.proto\"\xb0\x03\n" + + "+kms/api/cmk/registry/system/v1/system.proto\x12\x1ekms.api.cmk.registry.system.v1\x1a\x1cgoogle/api/annotations.proto\x1a!kms/api/cmk/types/v1/status.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xb0\x03\n" + "\x06System\x12\x1f\n" + "\vexternal_id\x18\x01 \x01(\tR\n" + "externalId\x12\x1b\n" + @@ -1281,7 +1282,7 @@ const file_kms_api_cmk_registry_system_v1_system_proto_rawDesc = "" + "\n" + "label_keys\x18\x03 \x03(\tR\tlabelKeys\"6\n" + "\x1aRemoveSystemLabelsResponse\x12\x18\n" + - "\asuccess\x18\x01 \x01(\bR\asuccess2\xa8\f\n" + + "\asuccess\x18\x01 \x01(\bR\asuccess2\xb5\f\n" + "\aService\x12\x96\x01\n" + "\x0eRegisterSystem\x125.kms.api.cmk.registry.system.v1.RegisterSystemRequest\x1a6.kms.api.cmk.registry.system.v1.RegisterSystemResponse\"\x15\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n" + "/v1/system\x12\x8b\x01\n" + @@ -1292,7 +1293,8 @@ const file_kms_api_cmk_registry_system_v1_system_proto_rawDesc = "" + "\x13LinkSystemsToTenant\x12:.kms.api.cmk.registry.system.v1.LinkSystemsToTenantRequest\x1a;.kms.api.cmk.registry.system.v1.LinkSystemsToTenantResponse\"\x1b\x82\xd3\xe4\x93\x02\x15:\x01*\"\x10/v1/systems/link\x12\xb7\x01\n" + "\x12UpdateSystemStatus\x129.kms.api.cmk.registry.system.v1.UpdateSystemStatusRequest\x1a:.kms.api.cmk.registry.system.v1.UpdateSystemStatusResponse\"*\x82\xd3\xe4\x93\x02$:\x01*2\x1f/v1/system/{external_id}/status\x12\xae\x01\n" + "\x0fSetSystemLabels\x126.kms.api.cmk.registry.system.v1.SetSystemLabelsRequest\x1a7.kms.api.cmk.registry.system.v1.SetSystemLabelsResponse\"*\x82\xd3\xe4\x93\x02$:\x01*2\x1f/v1/system/{external_id}/labels\x12\xb7\x01\n" + - "\x12RemoveSystemLabels\x129.kms.api.cmk.registry.system.v1.RemoveSystemLabelsRequest\x1a:.kms.api.cmk.registry.system.v1.RemoveSystemLabelsResponse\"*\x82\xd3\xe4\x93\x02$:\x01**\x1f/v1/system/{external_id}/labelsB\x9a\x02\n" + + "\x12RemoveSystemLabels\x129.kms.api.cmk.registry.system.v1.RemoveSystemLabelsRequest\x1a:.kms.api.cmk.registry.system.v1.RemoveSystemLabelsResponse\"*\x82\xd3\xe4\x93\x02$:\x01**\x1f/v1/system/{external_id}/labels\x1a\v\x92A\b\n" + + "\x06SystemB\x9a\x02\n" + "\"com.kms.api.cmk.registry.system.v1B\vSystemProtoP\x01ZHgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/system/v1;systemv1\xa2\x02\x05KACRS\xaa\x02\x1eKms.Api.Cmk.Registry.System.V1\xca\x02\x1eKms\\Api\\Cmk\\Registry\\System\\V1\xe2\x02*Kms\\Api\\Cmk\\Registry\\System\\V1\\GPBMetadata\xea\x02#Kms::Api::Cmk::Registry::System::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/system/v1/system.proto b/proto/kms/api/cmk/registry/system/v1/system.proto index 1999f92..a7a56c8 100644 --- a/proto/kms/api/cmk/registry/system/v1/system.proto +++ b/proto/kms/api/cmk/registry/system/v1/system.proto @@ -4,8 +4,13 @@ package kms.api.cmk.registry.system.v1; import "google/api/annotations.proto"; import "kms/api/cmk/types/v1/status.proto"; +import "protoc-gen-openapiv2/options/annotations.proto"; service Service { + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_tag) = { + name: "System" + }; + rpc RegisterSystem(RegisterSystemRequest) returns (RegisterSystemResponse) { option (google.api.http) = { post: "/v1/system" diff --git a/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go b/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go index b58eef3..1f5bb8b 100644 --- a/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go +++ b/proto/kms/api/cmk/registry/tenant/v1/tenant.pb.go @@ -7,6 +7,7 @@ package tenantv1 import ( + _ "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options" _ "google.golang.org/genproto/googleapis/api/annotations" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -1268,7 +1269,7 @@ var File_kms_api_cmk_registry_tenant_v1_tenant_proto protoreflect.FileDescriptor const file_kms_api_cmk_registry_tenant_v1_tenant_proto_rawDesc = "" + "\n" + - "+kms/api/cmk/registry/tenant/v1/tenant.proto\x12\x1ekms.api.cmk.registry.tenant.v1\x1a\x1cgoogle/api/annotations.proto\"\x8a\x04\n" + + "+kms/api/cmk/registry/tenant/v1/tenant.proto\x12\x1ekms.api.cmk.registry.tenant.v1\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\x8a\x04\n" + "\x06Tenant\x12\x0e\n" + "\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n" + "\x04name\x18\x02 \x01(\tR\x04name\x12\x16\n" + @@ -1379,7 +1380,7 @@ const file_kms_api_cmk_registry_tenant_v1_tenant_proto_rawDesc = "" + "\x17ACTION_PROVISION_TENANT\x10\x01\x12\x17\n" + "\x13ACTION_BLOCK_TENANT\x10\x02\x12\x19\n" + "\x15ACTION_UNBLOCK_TENANT\x10\x03\x12\x1b\n" + - "\x17ACTION_TERMINATE_TENANT\x10\x042\xaa\v\n" + + "\x17ACTION_TERMINATE_TENANT\x10\x042\xb7\v\n" + "\aService\x12\x96\x01\n" + "\x0eRegisterTenant\x125.kms.api.cmk.registry.tenant.v1.RegisterTenantRequest\x1a6.kms.api.cmk.registry.tenant.v1.RegisterTenantResponse\"\x15\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n" + "/v1/tenant\x12\x8b\x01\n" + @@ -1390,7 +1391,8 @@ const file_kms_api_cmk_registry_tenant_v1_tenant_proto_rawDesc = "" + "\x0fTerminateTenant\x126.kms.api.cmk.registry.tenant.v1.TerminateTenantRequest\x1a7.kms.api.cmk.registry.tenant.v1.TerminateTenantResponse\"\x17\x82\xd3\xe4\x93\x02\x11*\x0f/v1/tenant/{id}\x12\xa5\x01\n" + "\x0fSetTenantLabels\x126.kms.api.cmk.registry.tenant.v1.SetTenantLabelsRequest\x1a7.kms.api.cmk.registry.tenant.v1.SetTenantLabelsResponse\"!\x82\xd3\xe4\x93\x02\x1b:\x01*2\x16/v1/tenant/{id}/labels\x12\xae\x01\n" + "\x12RemoveTenantLabels\x129.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsRequest\x1a:.kms.api.cmk.registry.tenant.v1.RemoveTenantLabelsResponse\"!\x82\xd3\xe4\x93\x02\x1b:\x01**\x16/v1/tenant/{id}/labels\x12\xb6\x01\n" + - "\x13SetTenantUserGroups\x12:.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsRequest\x1a;.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsResponse\"&\x82\xd3\xe4\x93\x02 :\x01*2\x1b/v1/tenant/{id}/user-groupsB\x9a\x02\n" + + "\x13SetTenantUserGroups\x12:.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsRequest\x1a;.kms.api.cmk.registry.tenant.v1.SetTenantUserGroupsResponse\"&\x82\xd3\xe4\x93\x02 :\x01*2\x1b/v1/tenant/{id}/user-groups\x1a\v\x92A\b\n" + + "\x06TenantB\x9a\x02\n" + "\"com.kms.api.cmk.registry.tenant.v1B\vTenantProtoP\x01ZHgithub.com/openkcm/api-sdk/proto/kms/api/cmk/registry/tenant/v1;tenantv1\xa2\x02\x05KACRT\xaa\x02\x1eKms.Api.Cmk.Registry.Tenant.V1\xca\x02\x1eKms\\Api\\Cmk\\Registry\\Tenant\\V1\xe2\x02*Kms\\Api\\Cmk\\Registry\\Tenant\\V1\\GPBMetadata\xea\x02#Kms::Api::Cmk::Registry::Tenant::V1b\x06proto3" var ( diff --git a/proto/kms/api/cmk/registry/tenant/v1/tenant.proto b/proto/kms/api/cmk/registry/tenant/v1/tenant.proto index 9631687..7338fc4 100644 --- a/proto/kms/api/cmk/registry/tenant/v1/tenant.proto +++ b/proto/kms/api/cmk/registry/tenant/v1/tenant.proto @@ -3,8 +3,13 @@ syntax = "proto3"; package kms.api.cmk.registry.tenant.v1; import "google/api/annotations.proto"; +import "protoc-gen-openapiv2/options/annotations.proto"; service Service { + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_tag) = { + name: "Tenant" + }; + rpc RegisterTenant(RegisterTenantRequest) returns (RegisterTenantResponse) { option (google.api.http) = { post: "/v1/tenant" From 6cf0c032dbbe32e14adb1c6f50f691f670dc99b5 Mon Sep 17 00:00:00 2001 From: Misha Shkuran Date: Thu, 6 Nov 2025 16:25:13 +0100 Subject: [PATCH 3/3] feat: add version --- docs/openapiv2/apidocs.swagger.json | 7 +++++-- scripts/update_swagger.sh | 23 +++++++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/docs/openapiv2/apidocs.swagger.json b/docs/openapiv2/apidocs.swagger.json index f0b9cfb..af3d8ff 100644 --- a/docs/openapiv2/apidocs.swagger.json +++ b/docs/openapiv2/apidocs.swagger.json @@ -1,8 +1,8 @@ { "swagger": "2.0", "info": { - "title": "kms/api/cmk/registry/auth/v1/auth.proto", - "version": "version not set" + "title": "api-sdk", + "version": "0.10.0" }, "tags": [ { @@ -1544,6 +1544,9 @@ "type": "boolean" } } + }, + "ConsistencyPreference": { + "example": "MINIMIZE_LATENCY" } } } diff --git a/scripts/update_swagger.sh b/scripts/update_swagger.sh index 800d032..42a86bc 100755 --- a/scripts/update_swagger.sh +++ b/scripts/update_swagger.sh @@ -9,6 +9,29 @@ fi filename=$1 tmp_filename=$filename.tmp +# Extract version from CHANGELOG.md +SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" +PROJECT_ROOT="$(dirname "$SCRIPT_DIR")" +CHANGELOG_PATH="$PROJECT_ROOT/CHANGELOG.md" + +# Get the latest version from CHANGELOG.md (first occurrence of ## [version]) +if [ -f "$CHANGELOG_PATH" ]; then + API_VERSION=$(grep -m 1 '^## \[' "$CHANGELOG_PATH" | sed 's/^## \[\([^]]*\)\].*/\1/') + if [ -z "$API_VERSION" ]; then + API_VERSION="version not set" + fi +else + API_VERSION="version not set" +fi + +echo "Setting API version to: $API_VERSION" + +# Update the API version and title in the info section +cat ${filename} | \ + jq --arg version "$API_VERSION" \ + '.info.version = $version | .info.title = "api-sdk"' > ${tmp_filename} +mv ${tmp_filename} ${filename} + # We also need to cleanup response code that are obsolete because # either i) we override the error code or ii) we override success case where we respond with 201/204 cat ${filename} | \