From cd97feb5a0496214b1e4761da01461ed52a2afd0 Mon Sep 17 00:00:00 2001 From: Damjan Murn <damjan.murn@xlab.si> Date: Fri, 24 Nov 2023 11:28:20 +0100 Subject: [PATCH] Y3 release --- .dockerignore | 3 +- .env | 61 +- .gitlab-ci.env | 48 + .gitlab-ci.yml | 21 +- Dockerfile | 4 +- MANIFEST | 4 +- Makefile | 19 +- README.md | 193 +- clouditor_interface/assessment_interface.py | 35 + .../assessment_interface_messages.py | 36 + .../clouditor_authentication.py | 76 + clouditor_interface/ids_provider.py | 84 + clouditor_interface/orchestrator_interface.py | 57 + .../orchestrator_interface_messages.py | 22 + entrypoint.sh | 8 +- grpc_gen/assessment_pb2.py | 534 +----- grpc_gen/assessment_pb2_grpc.py | 49 +- grpc_gen/evidence_pb2.py | 124 +- grpc_gen/metric_pb2.py | 517 +----- grpc_gen/orchestrator_pb2.py | 436 +++++ grpc_gen/orchestrator_pb2_grpc.py | 1583 +++++++++++++++++ grpc_gen/tagger_pb2.py | 27 + grpc_gen/tagger_pb2_grpc.py | 4 + grpc_gen/validate_pb2.py | 79 + grpc_gen/validate_pb2_grpc.py | 4 + id_maps/cloud_service_name_map.json | 8 + id_maps/resource_id_map.json | 6 + ...azuh-vat-evidence-collector-configmap.yaml | 46 +- ...zuh-vat-evidence-collector-deployment.yaml | 53 +- ...vat-evidence-collector-json-configmap.yaml | 21 + kubernetes_clouditor_demo.env | 45 +- log_conf/log_conf.py | 6 + log_conf/logging.conf | 28 + proto/assessment.proto | 102 +- proto/evidence.proto | 30 +- proto/metric.proto | 70 +- proto/orchestrator.proto | 1008 +++++++++++ proto/tagger.proto | 18 + proto/validate.proto | 862 +++++++++ requirements.txt | 42 +- scheduler/scheduler.py | 24 +- test/test.sh | 13 +- vat_evidence_collector/vat_client.py | 40 + .../vat_evidence_collector.py | 210 +++ .../vat_nmap_request_config.json | 14 + .../vat_w3af_request_config.json | 15 + wazuh_evidence_collector/checker.py | 2 +- wazuh_evidence_collector/wazuh_client.py | 12 +- .../wazuh_evidence_collector.py | 48 +- 49 files changed, 5451 insertions(+), 1300 deletions(-) create mode 100644 .gitlab-ci.env create mode 100644 clouditor_interface/assessment_interface.py create mode 100644 clouditor_interface/assessment_interface_messages.py create mode 100644 clouditor_interface/clouditor_authentication.py create mode 100644 clouditor_interface/ids_provider.py create mode 100644 clouditor_interface/orchestrator_interface.py create mode 100644 clouditor_interface/orchestrator_interface_messages.py create mode 100644 grpc_gen/orchestrator_pb2.py create mode 100644 grpc_gen/orchestrator_pb2_grpc.py create mode 100644 grpc_gen/tagger_pb2.py create mode 100644 grpc_gen/tagger_pb2_grpc.py create mode 100644 grpc_gen/validate_pb2.py create mode 100644 grpc_gen/validate_pb2_grpc.py create mode 100644 id_maps/cloud_service_name_map.json create mode 100644 id_maps/resource_id_map.json create mode 100644 kubernetes/wazuh-vat-evidence-collector-json-configmap.yaml create mode 100644 log_conf/log_conf.py create mode 100644 log_conf/logging.conf create mode 100644 proto/orchestrator.proto create mode 100644 proto/tagger.proto create mode 100644 proto/validate.proto create mode 100644 vat_evidence_collector/vat_client.py create mode 100644 vat_evidence_collector/vat_evidence_collector.py create mode 100644 vat_evidence_collector/vat_nmap_request_config.json create mode 100644 vat_evidence_collector/vat_w3af_request_config.json diff --git a/.dockerignore b/.dockerignore index 3a2b624..88e1443 100644 --- a/.dockerignore +++ b/.dockerignore @@ -11,4 +11,5 @@ test/ venv/ env/ .env -resource_id_map.json \ No newline at end of file +kubernetes_clouditor_demon.env +id_maps/*.json diff --git a/.env b/.env index 2b5491e..45359d1 100644 --- a/.env +++ b/.env @@ -1,4 +1,8 @@ -dummy_wazuh_manager=false +redis_host=localhost +redis_port=6379 +redis_queue=low + +dummy_wazuh_manager=true wazuh_host=192.168.33.10 wazuh_port=55000 @@ -10,29 +14,52 @@ elastic_port=9200 elastic_username=admin elastic_password=password -redis_host=localhost -redis_port=6379 -redis_queue=low +dummy_vat=true -local_clouditor_deploy=true +vat_protocol=http +vat_host=192.168.33.100 +vat_port=80 +vat_api_prefix=/api + +vat_check_hosts=192.168.33.101 +vat_nmap_check_timeout=2 +vat_w3af_check_timeout=15 + +wazuh_rule_level=10 +vat_vulnerability_level=75 + +wazuh_check_interval=15 +vat_check_interval=15 + +local_clouditor_deploy=false ### Localy deployed Clouditor ### -clouditor_host=192.168.33.14 -clouditor_port=9090 -clouditor_oauth2_host=192.168.33.14 -clouditor_oauth2_port=8080 -clouditor_client_id=clouditor +#clouditor_host=192.168.33.14 +#clouditor_port=9090 +#clouditor_oauth2_host=192.168.33.14 +#clouditor_oauth2_port=8080 +#clouditor_client_id=clouditor +#clouditor_client_secret=password +#clouditor_oauth2_scope= + +### DEV K8s deployed Clouditor ### +clouditor_host=security-assessment-dev.k8s.medina.esilab.org +clouditor_port=443 +orchestrator_host=orchestrator-dev.k8s.medina.esilab.org +orchestrator_port=443 +clouditor_oauth2_host=catalogue-keycloak-dev.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token +clouditor_oauth2_port=443 +clouditor_client_id=wazuh-vat-evidence-collector-dev clouditor_client_secret=password -clouditor_oauth2_scope= +clouditor_oauth2_scope=openid -### K8s deployed Clouditor ### -#clouditor_host=security-assessment-dev.k8s.medina.esilab.org +### TEST K8s deployed Clouditor ### +#clouditor_host=security-assessment-test.k8s.medina.esilab.org #clouditor_port=443 -#clouditor_oauth2_host=catalogue-keycloak-dev.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token +#orchestrator_host=orchestrator-test.k8s.medina.esilab.org +#orchestrator_port=443 +#clouditor_oauth2_host=catalogue-keycloak-test.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token #clouditor_oauth2_port=443 #clouditor_client_id=wazuh-vat-evidence-collector-dev #clouditor_client_secret=password #clouditor_oauth2_scope=openid - -wazuh_check_interval=300 -wazuh_rule_level=10 \ No newline at end of file diff --git a/.gitlab-ci.env b/.gitlab-ci.env new file mode 100644 index 0000000..7eab112 --- /dev/null +++ b/.gitlab-ci.env @@ -0,0 +1,48 @@ +# +# GitLab CI test .env +# + +redis_host=localhost +redis_port=6379 +redis_queue=low + +dummy_wazuh_manager=false + +wazuh_host=localhost +wazuh_port=55000 +wazuh_username=test +wazuh_password=test + +elastic_host=localhost +elastic_port=9200 +elastic_username=test +elastic_password=test + +dummy_vat=false + +vat_protocol=http +vat_host=localhost +vat_port=80 +vat_api_prefix=/api + +vat_check_hosts=localhost +vat_nmap_check_timeout=2 +vat_w3af_check_timeout=15 + +wazuh_rule_level=10 +vat_vulnerability_level=75 + +wazuh_check_interval=15 +vat_check_interval=15 + +local_clouditor_deploy=true + +clouditor_host=localhost +clouditor_port=9090 +orchestrator_host=localhost +orchestrator_port=443 +clouditor_oauth2_host=localhost +clouditor_oauth2_port=8080 +clouditor_client_id=test +clouditor_client_secret=test +clouditor_oauth2_scope= diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dc5789d..517038a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -17,21 +17,21 @@ stages: build: stage: build - script: + script: + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $REGISTRY + - echo "$DOCKER_AUTH_CONFIG" > ~/.docker/config.json - docker build --no-cache -t $REGISTRY/medina/$SERVICE:$VERSION . test: stage: test script: - apk add bash - - docker network create test-ec - - docker run --rm --network=test-ec --env-file .env --name $SERVICE -d $REGISTRY/medina/$SERVICE:$VERSION - - docker run --rm --network=test-ec toschneck/wait-for-it $SERVICE:7890 -t 240 + - docker run --rm --env-file .gitlab-ci.env -v ./id_maps/resource_id_map.json:/wazuh-vat-evidence-collector/id_maps/resource_id_map.json -v ./id_maps/cloud_service_name_map.json:/wazuh-vat-evidence-collector/id_maps/cloud_service_name_map.json --name $SERVICE -d $REGISTRY/medina/$SERVICE:$VERSION + - sleep 5 - bash test/test.sh after_script: - SERVICE=$(grep SERVICE MANIFEST | cut -d '=' -f2) - - docker kill $SERVICE || docker network rm test-ec - - docker network rm test-ec + - docker kill $SERVICE push: stage: push @@ -42,10 +42,10 @@ push: - docker push $REGISTRY/medina/$SERVICE:latest - docker logout $REGISTRY - docker login $MEDINA_REGISTRY -u medina.fordevelopers@gmail.com -p AKCp8kqMZkcPRPGZhHBw7uKFsyifF1iHb2ZvbBy5PK88wD8EdeSHZqFsc4h1wp3M2oVYGazhv - - docker tag $REGISTRY/medina/$SERVICE:$VERSION $MEDINA_REGISTRY/$MEDINA_REG_PATH/wazuh-vat-$SERVICE:$VERSION - - docker tag $REGISTRY/medina/$SERVICE:$VERSION $MEDINA_REGISTRY/$MEDINA_REG_PATH/wazuh-vat-$SERVICE:latest - - docker push $MEDINA_REGISTRY/$MEDINA_REG_PATH/wazuh-vat-$SERVICE:$VERSION - - docker push $MEDINA_REGISTRY/$MEDINA_REG_PATH/wazuh-vat-$SERVICE:latest + - docker tag $REGISTRY/medina/$SERVICE:$VERSION $MEDINA_REGISTRY/$MEDINA_REG_PATH/$SERVICE:$VERSION + - docker tag $REGISTRY/medina/$SERVICE:$VERSION $MEDINA_REGISTRY/$MEDINA_REG_PATH/$SERVICE:latest + - docker push $MEDINA_REGISTRY/$MEDINA_REG_PATH/$SERVICE:$VERSION + - docker push $MEDINA_REGISTRY/$MEDINA_REG_PATH/$SERVICE:latest - docker logout $MEDINA_REGISTRY only: - master @@ -56,4 +56,3 @@ deploy: - docker run --rm curlimages/curl -I -X POST "https://xlab:110bb809200c797e6031787b51a049b819@cicd.medina.esilab.org/jenkins/job/medina/job/wp3/job/task_3.2/job/wazuh-vat-evidence-collector-deploy/buildWithParameters?PRJ_ENV=dev&PRJ_IMAGE_TAG=latest&YAMLS_OVERRIDE=" only: - master - diff --git a/Dockerfile b/Dockerfile index e611439..0ae29a3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ # syntax=docker/dockerfile:1 -FROM nexus-registry.xlab.si:5001/python:3.8-slim-buster +FROM python:3.8-slim-buster -WORKDIR /evidence-collector +WORKDIR /wazuh-vat-evidence-collector COPY requirements.txt requirements.txt RUN pip3 install -r requirements.txt diff --git a/MANIFEST b/MANIFEST index 37b7342..599e1ab 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1,2 +1,2 @@ -VERSION=v0.0.16 -SERVICE=evidence-collector +VERSION=v0.1.3 +SERVICE=wazuh-vat-evidence-collector diff --git a/Makefile b/Makefile index e76a427..0168ca6 100644 --- a/Makefile +++ b/Makefile @@ -1,13 +1,20 @@ build: - docker build -t evidence-collector . + docker build -t wazuh-vat-evidence-collector . run: - docker run --env-file .env -v ${PWD}/resource_id_map.json:/evidence-collector/resource_id_map.json --name evidence-collector evidence-collector + docker run \ + --env-file .env \ + -v ${PWD}/id_maps/resource_id_map.json:/wazuh-vat-evidence-collector/id_maps/resource_id_map.json \ + -v ${PWD}/id_maps/cloud_service_name_map.json:/wazuh-vat-evidence-collector/id_maps/cloud_service_name_map.json \ + --name wazuh-vat-evidence-collector wazuh-vat-evidence-collector run-kubernetes-clouditor-demo: - docker run --env-file kubernetes_clouditor_demo.env -v ${PWD}/resource_id_map.json:/evidence-collector/resource_id_map.json --name evidence-collector evidence-collector + docker run \ + --env-file kubernetes_clouditor_demo.env \ + -v ${PWD}/id_maps/resource_id_map.json:/wazuh-vat-evidence-collector/id_maps/resource_id_map.json \ + -v ${PWD}/id_maps/cloud_service_name_map.json:/wazuh-vat-evidence-collector/id_maps/cloud_service_name_map.json \ + --name wazuh-vat-evidence-collector wazuh-vat-evidence-collector stop-and-clean: - docker stop evidence-collector - docker container rm evidence-collector - docker volume rm resource_id_map.json \ No newline at end of file + docker stop wazuh-vat-evidence-collector + docker container rm wazuh-vat-evidence-collector diff --git a/README.md b/README.md index f544369..0c33730 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Evidence Collector +# Wazuh-VAT Evidence Collector Author: XLAB @@ -6,27 +6,33 @@ Author: XLAB This project includes modules for collecting evidence regarding Wazuh and VAT and sending it to [Clouditor](https://github.com/clouditor/clouditor) for further processing. -## Wazuh evidence collector +### Wazuh evidence collector -Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/current/user-manual/api/reference.html) to access information about manager's and agents' system informations and configurations. As an additional measure to ensure correct configuration of [ClamAV](https://www.clamav.net/) (if installed on machine) we also make use of [Elasticsearch's API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search.html) to dirrectly access collected logs | Elastic stack is one of the Wazuh's required components (usually installed on the same machine as Wazuh server, but can be stand alone as well). +Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/current/user-manual/api/reference.html) to access information about manager's and agents' system informations and configurations. As an additional measure to ensure correct configuration of [ClamAV](https://www.clamav.net/) (if installed on machine) we also make use of [Elasticsearch's API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search.html) to dirrectly access collected logs. Elastic stack is one of the Wazuh's required components (usually installed on the same machine as Wazuh server, but can be stand alone as well). + +### VAT evidence collector + +VAT evidence collector uses VAT API to create [w3af](http://w3af.org/) & [OWASP](https://owasp.org/) scans and retrieve their results. These are later processed and forwarded to Clouditor (Assessment Interface). ## Installation & use ### Using docker -1. Set up your Wazuh development environment. Use [Wazuh-deploy](https://git.code.tecnalia.com/medina/public/wazuh-deploy) repository to create and deploy Vagrant box with all the required components. +1. Set up your Wazuh & VAT development environment. Use [Wazuh Deploy](https://git.code.tecnalia.com/medina/public/wazuh-deploy) repository to create and deploy Vagrant box with all the required components. + + > Note: Wazuh Deploy repository is not up to date! Use only for development. 2. Clone this repository. 3. Build Docker image: - ``` + ```shell $ make build ``` 4. Run the image: - ``` + ```shell $ make run ``` @@ -34,25 +40,27 @@ Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/curr ### Local environment -1. Set up your Wazuh development environment. Use [Wazuh-deploy](https://git.code.tecnalia.com/medina/public/wazuh-deploy) repository to create and deploy Vagrant box with all required components. +1. Set up your Wazuh & VAT development environment. Use [Wazuh Deploy](https://git.code.tecnalia.com/medina/public/wazuh-deploy) repository to create and deploy Vagrant box with all required components. + + > Note: Wazuh Deploy repository is not up to date! Use only for development. 2. Clone this repository. 3. Install dependencies: - ``` + ```shell $ pip install -r requirements.txt ``` 4. Set environment variables: - ``` + ```shell $ source .env ``` 5. a) Install Redis server locally: - ``` + ```shell $ sudo apt-get install redis-server ``` @@ -60,19 +68,19 @@ Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/curr b) Run Redis server in Docker container: - ``` + ```shell $ docker run --name my-redis-server -p 6379:6379 -d redis ``` In this case also comment-out server start command in `entrypoint.sh`: - ``` + ```shell #redis-server & ``` 6. Run `entrypoint.sh`: - ``` + ```shell $ ./entrypoint.sh ``` @@ -86,11 +94,14 @@ Required environment variables (if deployed locally) are located and can be set Variables used when deploying to Kubernetes can be edited in `data` section of `/kubernetes/wazuh-vat-evidence-collector-configmap.yaml` file. -All of the following environment variables have to be set (or passed to container) for `evidence-collector` to work: +All of the following environment variables have to be set (or passed to container) for the `wazuh-vat-evidence-collector` to work: | Variable | Description | | ---------- | ---------- | -| `dummy_wazuh_manager` | Default value `false`. Set to `true` in case Evidence collector runs alone (without `security-monitoring` framework) locally - generates dummy data. | +| `redis_host` | Redis server host's IP address. Usually `localhost`. | +| `redis_port` | Redis server port. Default value `6379`. | +| `redis_queue` | Redis queue name. Default value `low`. Can be set to any name. | +| `dummy_wazuh_manager` | Default value `true`. Set to `false` in case you have Wazuh running and don't want to use dummy generated data. | | `wazuh_host` | Wazuh manager host's IP address. | | `wazuh_port` | Wazuh manager port. Default value `55000`. | | `wazuh_username` | Wazuh manager's username. | @@ -99,61 +110,149 @@ All of the following environment variables have to be set (or passed to containe | `elastic_port` | Elasticsearch port. Default value `9200`. | | `elastic_username` | Elasticsearch's username. | | `elastic_password` | Elasticsearch's password. | -| `redis_host` | Redis server host's IP address. Usually `localhost`. | -| `redis_port` | Redis server port. Default value `6379`. | -| `redis_queue` | Redis queue name. | +| `dummy_vat` | Default value `true`. Set to `false` in case you have VAT running and don't want to use dummy generated data. | +| `vat_protocol` | VAT API transfer protocol. Can be set either to `http` or `https`. Default value `http`. | +| `vat_host` | VAT host's IP address. | +| `vat_port` | VAT port. Default value `80`. | +| `vat_api_prefix` | VAT API's prefix. Default value `/api`. | +| `vat_check_hosts` | List of comma divided IPs (hosts) for VAT to check. | +| `vat_nmap_check_timeout` | VAT Nmap check timeout in minutes. Default value `2`. | +| `vat_w3af_check_timeout` | VAT w3af check timeout in minutes. Default value `15`. | +| `wazuh_rule_level` | Min. Wazuh rule severity level that is required for an event to be counted as a threat; values from `0` to `15`. Default value `10`. | +| `vat_vulnerability_level` | Min. VAT vulnerability risk level that is required for an event to be counted as a vulnerability; values from `0` to `100`. Default value `75`. | +| `wazuh_check_interval` | Interval in minutes; how often should evidence be created and forwarded. Should be the same as the check interval set on Wazuh manager. Default value `15`. | +| `vat_check_timeout` | Interval in minutes; how often should VAT checks be performed (i.e. how often should evidence be created and forwarded). Default value `15`. | | `local_clouditor_deploy` | Default value `true`. Set to `false` in case Evidence collector will be using Kubernetes deployed Clouditor. | | `clouditor_host` | Clouditor host's IP address. | | `clouditor_port` | Clouditor port. Default value `9090`. | +| `orchestrator_host` | Orchestrator host's IP address. | +| `orchestrator_port` | Orchestrator port. Default value `443`. | | `clouditor_oauth2_port` | Clouditor port used for authentication services. Default value `8080`. | | `clouditor_client_id` | Clouditor OAuth2 default id. Default value `clouditor`. | | `clouditor_client_secret` | Clouditor OAuth2 default secret. Default value `clouditor`. | -| `clouditor_oauth2_scope` | Must be defined if `local_clouditor_deploy` is set to `false`. Defines scope used when requesting OAuth2 token. | -| `wazuh_check_interval` | Interval in seconds (rounded to a minute/60 second intervals); how often should evidence be created and forwarded. Should be the same as the check interval set on Wazuh manager. | -| `wazuh_rule_level` | Min. Wazuh rule severity level that is required for an event to be counted as a threat. | +| `clouditor_oauth2_scope` | Must be defined if `local_clouditor_deploy` is set to `false`. Defines scope used when requesting OAuth2 token. | + +K8s Clouditor DEV environment variables configuration example: + +```ini +clouditor_host=security-assessment-dev.k8s.medina.esilab.org +clouditor_port=443 +orchestrator_host=orchestrator-dev.k8s.medina.esilab.org +orchestrator_port=443 +clouditor_oauth2_host=catalogue-keycloak-dev.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token +clouditor_oauth2_port=443 +clouditor_client_id=wazuh-vat-evidence-collector-dev +clouditor_client_secret=secret +clouditor_oauth2_scope=openid +``` -### Medina resource ID mapping +### Medina Resource ID mapping -Resource IDs used to generate evidence resources can be easily mapped to required values. In case ID isn't set, Evidence collector will use `name` parameter acquired from Wazuh - which is set to machine's hostname, unless explicitly set to something else. +Resource IDs used to generate evidence resources can be easily mapped to required values. In case ID isn't set, Evidence collector will use `name` parameter (which is set to machine's hostname, unless explicitly set to something else) acquired from Wazuh or IP address in the case of VAT. -IDs can be set as `key:value` pairs inside `resource_id_map.json` file, that is later passed to Docker container: +IDs can be set as `key:value` pairs inside `id_maps/resource_id_map.json` file, that is later passed to Docker container: -``` +```json { "manager": "wazuh_manager", "agent1": "test_agent_1", - "agent2": "test_agent_2" + "agent2": "test_agent_2", + "192.168.33.101": "vat_test_vm" } ``` -Where `key` represents Wazuh's `name` parameter (machine's hostname) and `value` equals to string `name` will be mapped to. +Where `key` represents Wazuh's `name` parameter (machine's hostname/IP) and `value` equals to string `name` will be mapped to. -### Generate gRPC code from `.proto` files +### Medina Cloud Service ID mapping + +Cloud Services used by Wazuh & VAT can be configured by editing `id_maps/cloud_service_name_map.json` file: +```json +{ + "vat": { + "name": "vat-test-service", + "description": "" + }, + "wazuh": { + "name": "wazuh-test-service", + "description": "" + } +} ``` -pip3 install grpcio-tools # (included in requirements.txt) -python3 -m grpc_tools.protoc --proto_path=proto evidence.proto --python_out=grpc_gen --grpc_python_out=grpc_gen -python3 -m grpc_tools.protoc --proto_path=proto assessment.proto --python_out=grpc_gen --grpc_python_out=grpc_gen -python3 -m grpc_tools.protoc --proto_path=proto metric.proto --python_out=grpc_gen --grpc_python_out=grpc_gen + +Top-level keys `vat` & `wazuh` and their `name` fields must be defined for the app to work. If Cloud Service with certain name already exists, app will find and fetch its `id` from the Orchestrator API. Otherwise it will create a new Cloud Service with `name` and `description` defined in this file. + +> Note: +> creation of the Cloud Services with more complex definitions (including `catalogs_in_scope` & `configured_metrics`) is not yet supported by the Evidence Collector and should be done through the Web GUI. In this case just change corresponding `name` variable accordingly. + +### Medina Tool ID + +Tool ID is generated from the information contained in `MANIFEST` file; in `<SERVICE>:<VERSION>` format i.e. `wazuh-vat-evidence-collector:v0.0.1`. + +# Dependant components: Wazuh, ClamAV, VAT + +Wazuh-VAT Evidence Collector generates evidence using information acquired from Wazuh and Vulnerability Assessment Tool APIs. These components should be installed and configurated in accordance with instructions given in the relavant repositories. + +Wazuh Agents also require ClamAV tool to be installed on their machines (to successfully cover all the requirements). + +Required component versions: +- Wazuh: `v4.1.5`, +- ClamAV: `latest`, +- VAT: `latest`. + +See [`wazuh-deploy`](https://git.code.tecnalia.com/medina/public/wazuh-deploy) for further details how to set up Wazuh & ClamAV. + +> Note: `wazuh-deploy` repository is deprecated and its information regarding (Wazuh-VAT) Evidence Collector configuration could be incomplete. However, information regarding Wazuh configuration is still up-to-date. + +See [`vat-deploy`](https://git.code.tecnalia.com/medina/public/vat-deploy) for relavant information regarding VAT installation. + +## Development + +### Generate gRPC code from `.proto` files + +If Clouditor's API changes, new gRPC code has to be generated using their prototype files: + +```shell +$ pip3 install grpcio-tools # included in requirements.txt + +$ python3 -m grpc_tools.protoc --proto_path=proto evidence.proto --python_out=grpc_gen --grpc_python_out=grpc_gen + +$ python3 -m grpc_tools.protoc --proto_path=proto assessment.proto --python_out=grpc_gen --grpc_python_out=grpc_gen + +$ python3 -m grpc_tools.protoc --proto_path=proto metric.proto --python_out=grpc_gen --grpc_python_out=grpc_gen + +$ python3 -m grpc_tools.protoc --proto_path=proto tagger.proto --python_out=grpc_gen --grpc_python_out=grpc_gen + +$ python3 -m grpc_tools.protoc --proto_path=proto validate.proto --python_out=grpc_gen --grpc_python_out=grpc_gen ``` -As we are interacting with Clouditor, .proto files are taken from [there](https://github.com/clouditor/clouditor/tree/main/proto). -Because of dependencies on Google APIs, .proto files in proto/google are taken from [here](https://github.com/googleapis/googleapis/tree/master/google/api). +> Note: +> some `.proto` import paths might need to be updated before generating gRPC code. This is due to our directory's structure not being a direct copy of the one of Clouditor. +> See the next note for additional info relating to the same cause. + +Clouditor prototype files origin: https://github.com/clouditor/clouditor/tree/main/api + +Dependencies: +- `googleapis`: https://github.com/googleapis/googleapis/tree/master/google/api +- `protoc-gen-gotag`: https://github.com/srikrsna/protoc-gen-gotag/blob/master/tagger/tagger.proto +- `protoc-gen-validate`: https://github.com/bufbuild/protoc-gen-validate/blob/main/validate/validate.proto -> Note: -> since we are running the code as a package, we have to modify imports in newly generated code: +All the required Couditor prototype files and their dependencies are already added to the repository for easier usage. However, they need to be updated manually in case anything changes. Alternatively, they can be automatically updated using Golang, but this repository does not support/automate this in any way. + +> Note: +> since we are running this code as a package, we have to modify imports in the newly generated Python code: > `import evidence_pb2 as evidence__pb2` --> `import grpc_gen.evidence_pb2 as evidence__pb2` -> (check all generated files) +> (check all generated files!) -### API User authentication +### Wazuh & Elastic API User authentication -Current implementation has disabled SSL certificate verification & uses simple username/password verification (defined inside `/constants/constants.py`). Production version should change this with cert verification. +Current implementation has disabled SSL certificate verification and uses simple username/password verification (credentials passed via `.env` file). The production version should change this to certificate verification, unless all the components are installed inside a local private network. ### Manual Elasticsearch API testin with cURL Example command for testing the API via CLI: -``` +```shell $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh-alerts*/_search?pretty" -H 'Content-Type: application/json' -d' {"query": { "bool": { @@ -169,7 +268,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh 1. Install (if needed) and run `redis-server`: - ``` + ```shell $ sudo apt-get install redis-server $ redis-server @@ -179,7 +278,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh 2. Install RQ and RQ-scheduler: - ``` + ```shell $ pip install rq $ pip install rq-scheduler @@ -187,7 +286,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh 3. Run both components in 2 terminals: - ``` + ```shell $ rqworker low $ rqscheduler --host localhost --port 6379 @@ -197,7 +296,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh 4. Run Python script containing RQ commands as usual: - ``` + ```shell $ python3 -m wazuh_evidence_collector.wazuh_evidence_collector ``` @@ -207,7 +306,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh gRPC can be easily set to verbose debug mode by adding the following variables to `.env` file passed to Docker container: -``` +```ini GRPC_VERBOSITY=DEBUG GRPC_TRACE=http,tcp,api,channel,connectivity_state,handshaker,server_channel ``` @@ -218,12 +317,12 @@ Full list of gRPC environment variables is available [here](https://github.com/g Latest versions (`7.14.0` & `7.15.0`) of Python Elasticsearch library have problems connecting to Open Distro for Elasticsearch and produce the following error when trying to do so: -``` +```shell elasticsearch.exceptions.UnsupportedProductError: The client noticed that the server is not a supported distribution of Elasticsearch ``` To resolve this, downgrade to older package version: -``` +```shell $ pip install 'elasticsearch<7.14.0' ``` diff --git a/clouditor_interface/assessment_interface.py b/clouditor_interface/assessment_interface.py new file mode 100644 index 0000000..7808523 --- /dev/null +++ b/clouditor_interface/assessment_interface.py @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: Apache-2.0 + +from grpc_gen.assessment_pb2_grpc import AssessmentStub +import grpc +import os + +LOCAL_CLOUDITOR_DEPLOY = os.environ.get("local_clouditor_deploy").lower() in ('true', '1', 't') +CLOUDITOR_HOST = os.environ.get("clouditor_host") +CLOUDITOR_PORT = int(os.environ.get("clouditor_port")) + +class AssessmentInterface(object): + + def __init__(self, logger): + if LOCAL_CLOUDITOR_DEPLOY: + self.channel = grpc.insecure_channel('{}:{}'.format(CLOUDITOR_HOST, CLOUDITOR_PORT)) + else: + ssl_metadata = grpc.ssl_channel_credentials() + self.channel = grpc.secure_channel('{}:{}'.format(CLOUDITOR_HOST, CLOUDITOR_PORT), ssl_metadata) + + self.stub = AssessmentStub(self.channel) + self.logger = logger + + def send_evidence(self, assessevidencerequest, token): + try: + if token is not None: + metadata = [('authorization', 'Bearer ' + token)] + else: + metadata = None + + response = self.stub.AssessEvidence(assessevidencerequest, metadata=metadata) + self.logger.debug('gRPC evidence forwarded: ' + str(response)) + except grpc.RpcError as err: + self.logger.error(err) + self.logger.error(err.details()) + self.logger.error('{}, {}'.format(err.code().name, err.code().value)) diff --git a/clouditor_interface/assessment_interface_messages.py b/clouditor_interface/assessment_interface_messages.py new file mode 100644 index 0000000..31f76a6 --- /dev/null +++ b/clouditor_interface/assessment_interface_messages.py @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: Apache-2.0 + +import json +from google.protobuf.json_format import MessageToJson +from clouditor_interface.ids_provider import map_resource_id +from grpc_gen.assessment_pb2 import AssessEvidenceRequest + +# Used if user doesn't provide other +_default_resource_type = ["VirtualMachine", "Compute", "Resource"] + +def create_resource(name, type, property_list): + resource = { + "id": str(map_resource_id(name)), + "name": str(name), + "type": type if type is not None else _default_resource_type + } + + if property_list is not None: + resource.update(property_list) + + return resource + +def create_assess_evidence_request(id, cloud_service_id, tool_id, raw, resource): + aer = AssessEvidenceRequest() + aer.evidence.id = str(id) + aer.evidence.timestamp.GetCurrentTime() + aer.evidence.timestamp.nanos = 0 + aer.evidence.cloud_service_id = str(cloud_service_id) + aer.evidence.tool_id = str(tool_id) + aer.evidence.raw = json.dumps(raw) + aer.evidence.resource.struct_value.update(resource) + + return aer + +def print_evidence(logger, evidence): + logger.debug(MessageToJson(evidence)) diff --git a/clouditor_interface/clouditor_authentication.py b/clouditor_interface/clouditor_authentication.py new file mode 100644 index 0000000..9d4b5bd --- /dev/null +++ b/clouditor_interface/clouditor_authentication.py @@ -0,0 +1,76 @@ +# SPDX-License-Identifier: Apache-2.0 + +import os +import json +import requests +import urllib3 +from datetime import datetime, timedelta + +LOCAL_CLOUDITOR_DEPLOY = os.environ.get("local_clouditor_deploy").lower() in ('true', '1', 't') +CLOUDITOR_OAUTH2_HOST = os.environ.get("clouditor_oauth2_host") +CLOUDITOR_OAUTH2_PORT = int(os.environ.get("clouditor_oauth2_port")) +CLIENT_ID = os.environ.get("clouditor_client_id") +CLIENT_SECRET = os.environ.get("clouditor_client_secret") + +urllib3.disable_warnings() + +class ClouditorAuthentication(object): + + def __init__(self, logger): + self.logger = logger + + self.__access_token = None + self.__token_expiration_time = None + + if LOCAL_CLOUDITOR_DEPLOY: + #If Clouditor is deployed localy, in a VM + self.__token_url = 'http://{}:{}/v1/auth/token'.format(CLOUDITOR_OAUTH2_HOST, CLOUDITOR_OAUTH2_PORT) + self.__data = {'grant_type': 'client_credentials'} + else: + # For K8s/other remote deployed Clouditor + split_host_url = CLOUDITOR_OAUTH2_HOST.split("/", 1) + + if split_host_url[1] is not None: + self.__token_url = 'https://{}:{}/{}'.format(split_host_url[0], CLOUDITOR_OAUTH2_PORT, split_host_url[1]) + else: + self.__token_url = 'https://{}:{}'.format(split_host_url[0], CLOUDITOR_OAUTH2_PORT) + + CLOUDITOR_OAUTH2_SCOPE = os.environ.get("clouditor_oauth2_scope") + self.__data = {'grant_type': 'client_credentials', 'scope': CLOUDITOR_OAUTH2_SCOPE} + + def request_token(self): + try: + access_token_response = requests.post(self.__token_url, data=self.__data, verify=False, allow_redirects=False, auth=(CLIENT_ID, CLIENT_SECRET)) + + token = json.loads(access_token_response.text) + + self.__access_token = token['access_token'] + self.__token_expiration_time = datetime.utcnow() + timedelta(seconds=(token['expires_in'] - 10)) + + self.logger.debug("New OAuth2 token successfully acquired") + self.logger.debug("OAuth2 token expiring at: " + str(self.__token_expiration_time)) + except (TimeoutError, urllib3.exceptions.NewConnectionError, OSError, + urllib3.exceptions.MaxRetryError, requests.exceptions.ConnectionError) as err: + self.__access_token = None + self.__token_expiration_time = None + self.logger.exception("Acquiring Clouditor OAuth2 token failed: " + str(err), exc_info=False) + raise + except ValueError as err: + self.__access_token = None + self.__token_expiration_time = None + self.logger.exception("Invalid Clouditor OAuth2 token format: " + str(err), exc_info=False) + raise + except Exception as err: + self.__access_token = None + self.__token_expiration_time = None + self.logger.exception("Unknown exception occured while acquiring Clouditor OAuth2 token: " + str(err), exc_info=False) + raise + + def get_token(self): + if (self.__access_token == None): + self.request_token() + elif (self.__token_expiration_time != None and datetime.utcnow() > self.__token_expiration_time): + self.logger.debug("OAuth2 token expired") + self.request_token() + + return self.__access_token diff --git a/clouditor_interface/ids_provider.py b/clouditor_interface/ids_provider.py new file mode 100644 index 0000000..51708d8 --- /dev/null +++ b/clouditor_interface/ids_provider.py @@ -0,0 +1,84 @@ +# SPDX-License-Identifier: Apache-2.0 + +import json +from google.protobuf.json_format import MessageToDict +from clouditor_interface.orchestrator_interface import OrchestratorInterface +from clouditor_interface.orchestrator_interface_messages import create_list_cloud_services_request, create_register_cloud_service_request +from clouditor_interface.clouditor_authentication import ClouditorAuthentication +import uuid +from log_conf.log_conf import LOGGER +import configparser + +oauth_client = ClouditorAuthentication(LOGGER) + +oi = OrchestratorInterface(LOGGER) + +# Map Cloud Service Names from 'id_maps/cloud_service_name_map.json' +def map_cloud_service_name(name): + try: + f = open('id_maps/cloud_service_name_map.json') + map = json.load(f) + f.close() + except: + map = {} + + if name in map: + return map[name] + else: + return name + +# Map Cloud Resource IDs from 'id_maps/resource_id_map.json' +def map_resource_id(name): + try: + f = open('id_maps/resource_id_map.json') + map = json.load(f) + f.close() + except: + map = {} + + if name in map: + return map[name] + else: + return name + +# Get tool ID (SERVICE:VERSION format) +def get_tool_id(): + with open('MANIFEST', 'r') as f: + config_string = '[clouditor]\n' + f.read() + + config = configparser.ConfigParser() + config.read_string(config_string) + + version = '{}:{}'.format(config.get('clouditor', 'SERVICE'), config.get('clouditor', 'VERSION')) + + return version + +# Get dict of all Cloud Services from Orchestrator API +def get_cloud_services(): + listCloudServicesRequest = create_list_cloud_services_request(50, "", "name", True) + response = oi.list_cloud_services(listCloudServicesRequest, oauth_client.get_token()) + + response_json = MessageToDict(response) + + return response_json['services'] + +# Get Cloud Service ID (if it exists) or create a new Cloud Service if it doesn't +def get_cloud_service_id(name): + cloud_service_map = map_cloud_service_name(name) + + cloud_services = get_cloud_services() + + for service in cloud_services: + if service['name'] == cloud_service_map["name"]: + return service['id'] + + # Create new Cloud Service + id = uuid.uuid1() + crcsr = create_register_cloud_service_request(id, cloud_service_map["name"], cloud_service_map["description"] if "description" in cloud_service_map else None) + response = oi.register_cloud_service(crcsr, oauth_client.get_token()) + + response_dict = MessageToDict(response) + + LOGGER.debug("New Cloud Service '" + response_dict['name'] + "' (ID: '" + response_dict['id'] + "') successfully created") + + return response_dict['id'] diff --git a/clouditor_interface/orchestrator_interface.py b/clouditor_interface/orchestrator_interface.py new file mode 100644 index 0000000..fce897f --- /dev/null +++ b/clouditor_interface/orchestrator_interface.py @@ -0,0 +1,57 @@ +# SPDX-License-Identifier: Apache-2.0 + +from grpc_gen.orchestrator_pb2_grpc import OrchestratorStub +import grpc +import os + +LOCAL_CLOUDITOR_DEPLOY = os.environ.get("local_clouditor_deploy").lower() in ('true', '1', 't') +ORCHESTRATOR_HOST = os.environ.get("orchestrator_host") +ORCHESTRATOR_PORT = int(os.environ.get("orchestrator_port")) + +class OrchestratorInterface(object): + + def __init__(self, logger): + if LOCAL_CLOUDITOR_DEPLOY: + self.channel = grpc.insecure_channel('{}:{}'.format(ORCHESTRATOR_HOST, ORCHESTRATOR_PORT)) + else: + ssl_metadata = grpc.ssl_channel_credentials() + self.channel = grpc.secure_channel('{}:{}'.format(ORCHESTRATOR_HOST, ORCHESTRATOR_PORT), ssl_metadata) + + self.stub = OrchestratorStub(self.channel) + self.logger = logger + + def list_cloud_services(self, listcloudservicesrequest, token): + try: + if token is not None: + metadata = [('authorization', 'Bearer ' + token)] + else: + metadata = None + + response = self.stub.ListCloudServices(listcloudservicesrequest, metadata=metadata) + self.logger.debug('gRPC list cloud services request successfully forwarded') + + return response + except grpc.RpcError as err: + self.logger.error(err) + self.logger.error(err.details()) + self.logger.error('{}, {}'.format(err.code().name, err.code().value)) + + self.logger.debug("Unable to acquire cloud services list from the Orchestrator") + + return None + + def register_cloud_service(self, registercloudservicerequest, token): + try: + if token is not None: + metadata = [('authorization', 'Bearer ' + token)] + else: + metadata = None + + response = self.stub.RegisterCloudService(registercloudservicerequest, metadata=metadata, timeout=1) + self.logger.debug('gRPC register cloud service request successfully forwarded') + + return response + except grpc.RpcError as err: + self.logger.error(err) + self.logger.error(err.details()) + self.logger.error('{}, {}'.format(err.code().name, err.code().value)) diff --git a/clouditor_interface/orchestrator_interface_messages.py b/clouditor_interface/orchestrator_interface_messages.py new file mode 100644 index 0000000..553cc64 --- /dev/null +++ b/clouditor_interface/orchestrator_interface_messages.py @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: Apache-2.0 + +from grpc_gen.orchestrator_pb2 import ListCloudServicesRequest, RegisterCloudServiceRequest + +def create_list_cloud_services_request(page_size, page_token, order_by, asc): + lcsr = ListCloudServicesRequest() + lcsr.page_size = int(page_size) + lcsr.page_token = str(page_token) + lcsr.order_by = str(order_by) + lcsr.asc = bool(asc) + + return lcsr + +def create_register_cloud_service_request(id, name, description = None, catalogs_in_scope = None, configured_metrics = None): + rcsr = RegisterCloudServiceRequest() + rcsr.cloud_service.id = str(id) + rcsr.cloud_service.name = str(name) + rcsr.cloud_service.description = str(description) + #rcsr.catalogs_in_scope = catalogs_in_scope + #rcsr.configured_metrics = configured_metrics + + return rcsr diff --git a/entrypoint.sh b/entrypoint.sh index 70b2665..74aa658 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -7,10 +7,8 @@ rqworker $redis_queue & rqscheduler --host $redis_host --port $redis_port & -python3 -m scheduler.scheduler +mkdir -p /var/log/ && touch /var/log/wazuh_vat_evidence_collector.log && chmod 744 /var/log/wazuh_vat_evidence_collector.log -# open a listener on port 7890 for 1 second -# only for testing - CI script contains a wait-for-it that binds to this port -nc -l -p 7890 -w 1 +python3 -m scheduler.scheduler -tail -f /var/log/evidence_collector.log +tail -f /var/log/wazuh_vat_evidence_collector.log diff --git a/grpc_gen/assessment_pb2.py b/grpc_gen/assessment_pb2.py index 7f0efe0..dcfb4b0 100644 --- a/grpc_gen/assessment_pb2.py +++ b/grpc_gen/assessment_pb2.py @@ -2,9 +2,9 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: assessment.proto """Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder from google.protobuf import descriptor as _descriptor -from google.protobuf import message as _message -from google.protobuf import reflection as _reflection +from google.protobuf import descriptor_pool as _descriptor_pool from google.protobuf import symbol_database as _symbol_database # @@protoc_insertion_point(imports) @@ -16,474 +16,64 @@ from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 import grpc_gen.evidence_pb2 as evidence__pb2 import grpc_gen.metric_pb2 as metric__pb2 - - -DESCRIPTOR = _descriptor.FileDescriptor( - name='assessment.proto', - package='clouditor', - syntax='proto3', - serialized_options=None, - create_key=_descriptor._internal_create_key, - serialized_pb=b'\n\x10\x61ssessment.proto\x12\tclouditor\x1a\x1cgoogle/api/annotations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0e\x65vidence.proto\x1a\x0cmetric.proto\"\x1e\n\x1cListAssessmentResultsRequest\"M\n\x1dListAssessmentResultsResponse\x12,\n\x07results\x18\x01 \x03(\x0b\x32\x1b.clouditor.AssessmentResult\"\x1c\n\x1a\x43onfigureAssessmentRequest\"\x1d\n\x1b\x43onfigureAssessmentResponse\"/\n\x18TriggerAssessmentRequest\x12\x13\n\x0bsome_option\x18\x01 \x01(\t\">\n\x15\x41ssessEvidenceRequest\x12%\n\x08\x65vidence\x18\x01 \x01(\x0b\x32\x13.clouditor.Evidence\"\xde\x01\n\x16\x41ssessEvidenceResponse\x12\x42\n\x06status\x18\x01 \x01(\x0e\x32\x32.clouditor.AssessEvidenceResponse.AssessmentStatus\x12\x16\n\x0estatus_message\x18\x02 \x01(\t\"h\n\x10\x41ssessmentStatus\x12!\n\x1d\x41SSESSMENT_STATUS_UNSPECIFIED\x10\x00\x12\x17\n\x13WAITING_FOR_RELATED\x10\x01\x12\x0c\n\x08\x41SSESSED\x10\x02\x12\n\n\x06\x46\x41ILED\x10\x03\"\xfc\x01\n\x10\x41ssessmentResult\x12\n\n\x02id\x18\x01 \x01(\t\x12-\n\ttimestamp\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x11\n\tmetric_id\x18\x03 \x01(\t\x12<\n\x14metric_configuration\x18\x04 \x01(\x0b\x32\x1e.clouditor.MetricConfiguration\x12\x11\n\tcompliant\x18\x05 \x01(\x08\x12\x13\n\x0b\x65vidence_id\x18\x06 \x01(\t\x12\x13\n\x0bresource_id\x18\x07 \x01(\t\x12\x1f\n\x17non_compliance_comments\x18\x08 \x01(\t2\xd7\x03\n\nAssessment\x12R\n\x11TriggerAssessment\x12#.clouditor.TriggerAssessmentRequest\x1a\x16.google.protobuf.Empty\"\x00\x12\x89\x01\n\x0e\x41ssessEvidence\x12 .clouditor.AssessEvidenceRequest\x1a!.clouditor.AssessEvidenceResponse\"2\x82\xd3\xe4\x93\x02,\"\x18/v1/assessment/evidences:\x08\x65videnceb\x06status\x12\\\n\x0f\x41ssessEvidences\x12 .clouditor.AssessEvidenceRequest\x1a!.clouditor.AssessEvidenceResponse\"\x00(\x01\x30\x01\x12\x8a\x01\n\x15ListAssessmentResults\x12\'.clouditor.ListAssessmentResultsRequest\x1a(.clouditor.ListAssessmentResultsResponse\"\x1e\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/assessment/resultsb\x06proto3' - , - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,google_dot_protobuf_dot_empty__pb2.DESCRIPTOR,google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR,evidence__pb2.DESCRIPTOR,metric__pb2.DESCRIPTOR,]) - - - -_ASSESSEVIDENCERESPONSE_ASSESSMENTSTATUS = _descriptor.EnumDescriptor( - name='AssessmentStatus', - full_name='clouditor.AssessEvidenceResponse.AssessmentStatus', - filename=None, - file=DESCRIPTOR, - create_key=_descriptor._internal_create_key, - values=[ - _descriptor.EnumValueDescriptor( - name='ASSESSMENT_STATUS_UNSPECIFIED', index=0, number=0, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='WAITING_FOR_RELATED', index=1, number=1, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='ASSESSED', index=2, number=2, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='FAILED', index=3, number=3, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - ], - containing_type=None, - serialized_options=None, - serialized_start=557, - serialized_end=661, -) -_sym_db.RegisterEnumDescriptor(_ASSESSEVIDENCERESPONSE_ASSESSMENTSTATUS) - - -_LISTASSESSMENTRESULTSREQUEST = _descriptor.Descriptor( - name='ListAssessmentResultsRequest', - full_name='clouditor.ListAssessmentResultsRequest', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=153, - serialized_end=183, -) - - -_LISTASSESSMENTRESULTSRESPONSE = _descriptor.Descriptor( - name='ListAssessmentResultsResponse', - full_name='clouditor.ListAssessmentResultsResponse', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='results', full_name='clouditor.ListAssessmentResultsResponse.results', index=0, - number=1, type=11, cpp_type=10, label=3, - has_default_value=False, default_value=[], - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=185, - serialized_end=262, -) - - -_CONFIGUREASSESSMENTREQUEST = _descriptor.Descriptor( - name='ConfigureAssessmentRequest', - full_name='clouditor.ConfigureAssessmentRequest', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=264, - serialized_end=292, -) - - -_CONFIGUREASSESSMENTRESPONSE = _descriptor.Descriptor( - name='ConfigureAssessmentResponse', - full_name='clouditor.ConfigureAssessmentResponse', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=294, - serialized_end=323, -) - - -_TRIGGERASSESSMENTREQUEST = _descriptor.Descriptor( - name='TriggerAssessmentRequest', - full_name='clouditor.TriggerAssessmentRequest', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='some_option', full_name='clouditor.TriggerAssessmentRequest.some_option', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=325, - serialized_end=372, -) - - -_ASSESSEVIDENCEREQUEST = _descriptor.Descriptor( - name='AssessEvidenceRequest', - full_name='clouditor.AssessEvidenceRequest', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='evidence', full_name='clouditor.AssessEvidenceRequest.evidence', index=0, - number=1, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=374, - serialized_end=436, -) - - -_ASSESSEVIDENCERESPONSE = _descriptor.Descriptor( - name='AssessEvidenceResponse', - full_name='clouditor.AssessEvidenceResponse', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='status', full_name='clouditor.AssessEvidenceResponse.status', index=0, - number=1, type=14, cpp_type=8, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='status_message', full_name='clouditor.AssessEvidenceResponse.status_message', index=1, - number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - _ASSESSEVIDENCERESPONSE_ASSESSMENTSTATUS, - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=439, - serialized_end=661, -) - - -_ASSESSMENTRESULT = _descriptor.Descriptor( - name='AssessmentResult', - full_name='clouditor.AssessmentResult', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='id', full_name='clouditor.AssessmentResult.id', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='timestamp', full_name='clouditor.AssessmentResult.timestamp', index=1, - number=2, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='metric_id', full_name='clouditor.AssessmentResult.metric_id', index=2, - number=3, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='metric_configuration', full_name='clouditor.AssessmentResult.metric_configuration', index=3, - number=4, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='compliant', full_name='clouditor.AssessmentResult.compliant', index=4, - number=5, type=8, cpp_type=7, label=1, - has_default_value=False, default_value=False, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='evidence_id', full_name='clouditor.AssessmentResult.evidence_id', index=5, - number=6, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='resource_id', full_name='clouditor.AssessmentResult.resource_id', index=6, - number=7, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='non_compliance_comments', full_name='clouditor.AssessmentResult.non_compliance_comments', index=7, - number=8, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=664, - serialized_end=916, -) - -_LISTASSESSMENTRESULTSRESPONSE.fields_by_name['results'].message_type = _ASSESSMENTRESULT -_ASSESSEVIDENCEREQUEST.fields_by_name['evidence'].message_type = evidence__pb2._EVIDENCE -_ASSESSEVIDENCERESPONSE.fields_by_name['status'].enum_type = _ASSESSEVIDENCERESPONSE_ASSESSMENTSTATUS -_ASSESSEVIDENCERESPONSE_ASSESSMENTSTATUS.containing_type = _ASSESSEVIDENCERESPONSE -_ASSESSMENTRESULT.fields_by_name['timestamp'].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP -_ASSESSMENTRESULT.fields_by_name['metric_configuration'].message_type = metric__pb2._METRICCONFIGURATION -DESCRIPTOR.message_types_by_name['ListAssessmentResultsRequest'] = _LISTASSESSMENTRESULTSREQUEST -DESCRIPTOR.message_types_by_name['ListAssessmentResultsResponse'] = _LISTASSESSMENTRESULTSRESPONSE -DESCRIPTOR.message_types_by_name['ConfigureAssessmentRequest'] = _CONFIGUREASSESSMENTREQUEST -DESCRIPTOR.message_types_by_name['ConfigureAssessmentResponse'] = _CONFIGUREASSESSMENTRESPONSE -DESCRIPTOR.message_types_by_name['TriggerAssessmentRequest'] = _TRIGGERASSESSMENTREQUEST -DESCRIPTOR.message_types_by_name['AssessEvidenceRequest'] = _ASSESSEVIDENCEREQUEST -DESCRIPTOR.message_types_by_name['AssessEvidenceResponse'] = _ASSESSEVIDENCERESPONSE -DESCRIPTOR.message_types_by_name['AssessmentResult'] = _ASSESSMENTRESULT -_sym_db.RegisterFileDescriptor(DESCRIPTOR) - -ListAssessmentResultsRequest = _reflection.GeneratedProtocolMessageType('ListAssessmentResultsRequest', (_message.Message,), { - 'DESCRIPTOR' : _LISTASSESSMENTRESULTSREQUEST, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.ListAssessmentResultsRequest) - }) -_sym_db.RegisterMessage(ListAssessmentResultsRequest) - -ListAssessmentResultsResponse = _reflection.GeneratedProtocolMessageType('ListAssessmentResultsResponse', (_message.Message,), { - 'DESCRIPTOR' : _LISTASSESSMENTRESULTSRESPONSE, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.ListAssessmentResultsResponse) - }) -_sym_db.RegisterMessage(ListAssessmentResultsResponse) - -ConfigureAssessmentRequest = _reflection.GeneratedProtocolMessageType('ConfigureAssessmentRequest', (_message.Message,), { - 'DESCRIPTOR' : _CONFIGUREASSESSMENTREQUEST, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.ConfigureAssessmentRequest) - }) -_sym_db.RegisterMessage(ConfigureAssessmentRequest) - -ConfigureAssessmentResponse = _reflection.GeneratedProtocolMessageType('ConfigureAssessmentResponse', (_message.Message,), { - 'DESCRIPTOR' : _CONFIGUREASSESSMENTRESPONSE, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.ConfigureAssessmentResponse) - }) -_sym_db.RegisterMessage(ConfigureAssessmentResponse) - -TriggerAssessmentRequest = _reflection.GeneratedProtocolMessageType('TriggerAssessmentRequest', (_message.Message,), { - 'DESCRIPTOR' : _TRIGGERASSESSMENTREQUEST, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.TriggerAssessmentRequest) - }) -_sym_db.RegisterMessage(TriggerAssessmentRequest) - -AssessEvidenceRequest = _reflection.GeneratedProtocolMessageType('AssessEvidenceRequest', (_message.Message,), { - 'DESCRIPTOR' : _ASSESSEVIDENCEREQUEST, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.AssessEvidenceRequest) - }) -_sym_db.RegisterMessage(AssessEvidenceRequest) - -AssessEvidenceResponse = _reflection.GeneratedProtocolMessageType('AssessEvidenceResponse', (_message.Message,), { - 'DESCRIPTOR' : _ASSESSEVIDENCERESPONSE, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.AssessEvidenceResponse) - }) -_sym_db.RegisterMessage(AssessEvidenceResponse) - -AssessmentResult = _reflection.GeneratedProtocolMessageType('AssessmentResult', (_message.Message,), { - 'DESCRIPTOR' : _ASSESSMENTRESULT, - '__module__' : 'assessment_pb2' - # @@protoc_insertion_point(class_scope:clouditor.AssessmentResult) - }) -_sym_db.RegisterMessage(AssessmentResult) - - - -_ASSESSMENT = _descriptor.ServiceDescriptor( - name='Assessment', - full_name='clouditor.Assessment', - file=DESCRIPTOR, - index=0, - serialized_options=None, - create_key=_descriptor._internal_create_key, - serialized_start=919, - serialized_end=1390, - methods=[ - _descriptor.MethodDescriptor( - name='TriggerAssessment', - full_name='clouditor.Assessment.TriggerAssessment', - index=0, - containing_service=None, - input_type=_TRIGGERASSESSMENTREQUEST, - output_type=google_dot_protobuf_dot_empty__pb2._EMPTY, - serialized_options=None, - create_key=_descriptor._internal_create_key, - ), - _descriptor.MethodDescriptor( - name='AssessEvidence', - full_name='clouditor.Assessment.AssessEvidence', - index=1, - containing_service=None, - input_type=_ASSESSEVIDENCEREQUEST, - output_type=_ASSESSEVIDENCERESPONSE, - serialized_options=b'\202\323\344\223\002,\"\030/v1/assessment/evidences:\010evidenceb\006status', - create_key=_descriptor._internal_create_key, - ), - _descriptor.MethodDescriptor( - name='AssessEvidences', - full_name='clouditor.Assessment.AssessEvidences', - index=2, - containing_service=None, - input_type=_ASSESSEVIDENCEREQUEST, - output_type=_ASSESSEVIDENCERESPONSE, - serialized_options=None, - create_key=_descriptor._internal_create_key, - ), - _descriptor.MethodDescriptor( - name='ListAssessmentResults', - full_name='clouditor.Assessment.ListAssessmentResults', - index=3, - containing_service=None, - input_type=_LISTASSESSMENTRESULTSREQUEST, - output_type=_LISTASSESSMENTRESULTSRESPONSE, - serialized_options=b'\202\323\344\223\002\030\022\026/v1/assessment/results', - create_key=_descriptor._internal_create_key, - ), -]) -_sym_db.RegisterServiceDescriptor(_ASSESSMENT) - -DESCRIPTOR.services_by_name['Assessment'] = _ASSESSMENT - +import grpc_gen.tagger_pb2 as tagger__pb2 +import grpc_gen.validate_pb2 as validate__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x10\x61ssessment.proto\x12\x17\x63louditor.assessment.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0e\x65vidence.proto\x1a\x0cmetric.proto\x1a\x0ctagger.proto\x1a\x0evalidate.proto\"\x96\x02\n\x1cListAssessmentResultsRequest\x12\x30\n\x19\x66iltered_cloud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01H\x00\x88\x01\x01\x12\x1f\n\x12\x66iltered_compliant\x18\x02 \x01(\x08H\x01\x88\x01\x01\x12(\n\x12\x66iltered_metric_id\x18\x03 \x03(\tB\x0c\xfa\x42\t\x92\x01\x06\"\x04r\x02\x10\x01\x12\x11\n\tpage_size\x18\n \x01(\x05\x12\x12\n\npage_token\x18\x0b \x01(\t\x12\x10\n\x08order_by\x18\x0c \x01(\t\x12\x0b\n\x03\x61sc\x18\r \x01(\x08\x42\x1c\n\x1a_filtered_cloud_service_idB\x15\n\x13_filtered_compliant\"t\n\x1dListAssessmentResultsResponse\x12:\n\x07results\x18\x01 \x03(\x0b\x32).clouditor.assessment.v1.AssessmentResult\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"\x1c\n\x1a\x43onfigureAssessmentRequest\"\x1d\n\x1b\x43onfigureAssessmentResponse\"0\n\x1a\x43\x61lculateComplianceRequest\x12\x12\n\ncontrol_id\x18\x01 \x01(\t\"T\n\x15\x41ssessEvidenceRequest\x12;\n\x08\x65vidence\x18\x01 \x01(\x0b\x32\x1f.clouditor.evidence.v1.EvidenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"\x18\n\x16\x41ssessEvidenceResponse\"\xee\x01\n\x17\x41ssessEvidencesResponse\x12Q\n\x06status\x18\x01 \x01(\x0e\x32\x41.clouditor.assessment.v1.AssessEvidencesResponse.AssessmentStatus\x12\x16\n\x0estatus_message\x18\x02 \x01(\t\"h\n\x10\x41ssessmentStatus\x12!\n\x1d\x41SSESSMENT_STATUS_UNSPECIFIED\x10\x00\x12\x17\n\x13WAITING_FOR_RELATED\x10\x01\x12\x0c\n\x08\x41SSESSED\x10\x02\x12\n\n\x06\x46\x41ILED\x10\x03\"\xec\x03\n\x10\x41ssessmentResult\x12\x14\n\x02id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x63\n\ttimestamp\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.TimestampB4\x9a\x84\x9e\x03\'gorm:\"serializer:timestamppb;type:time\"\xfa\x42\x05\xb2\x01\x02\x08\x01\x12\x1a\n\tmetric_id\x18\x03 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12o\n\x14metric_configuration\x18\x04 \x01(\x0b\x32,.clouditor.assessment.v1.MetricConfigurationB#\x9a\x84\x9e\x03\x16gorm:\"serializer:json\"\xfa\x42\x05\x8a\x01\x02\x10\x01\x12\x11\n\tcompliant\x18\x05 \x01(\x08\x12\x1d\n\x0b\x65vidence_id\x18\x06 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x1c\n\x0bresource_id\x18\x07 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12;\n\x0eresource_types\x18\x08 \x03(\tB#\x9a\x84\x9e\x03\x16gorm:\"serializer:json\"\xfa\x42\x05\x92\x01\x02\x08\x01\x12\x1f\n\x17non_compliance_comments\x18\t \x01(\t\x12\"\n\x10\x63loud_service_id\x18\n \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x32\xb6\x04\n\nAssessment\x12\x64\n\x13\x43\x61lculateCompliance\x12\x33.clouditor.assessment.v1.CalculateComplianceRequest\x1a\x16.google.protobuf.Empty\"\x00\x12\x9d\x01\n\x0e\x41ssessEvidence\x12..clouditor.assessment.v1.AssessEvidenceRequest\x1a/.clouditor.assessment.v1.AssessEvidenceResponse\"*\x82\xd3\xe4\x93\x02$\"\x18/v1/assessment/evidences:\x08\x65vidence\x12y\n\x0f\x41ssessEvidences\x12..clouditor.assessment.v1.AssessEvidenceRequest\x1a\x30.clouditor.assessment.v1.AssessEvidencesResponse\"\x00(\x01\x30\x01\x12\xa6\x01\n\x15ListAssessmentResults\x12\x35.clouditor.assessment.v1.ListAssessmentResultsRequest\x1a\x36.clouditor.assessment.v1.ListAssessmentResultsResponse\"\x1e\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/assessment/resultsB\'Z%clouditor.io/clouditor/api/assessmentb\x06proto3') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'assessment_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'Z%clouditor.io/clouditor/api/assessment' + _LISTASSESSMENTRESULTSREQUEST.fields_by_name['filtered_cloud_service_id']._options = None + _LISTASSESSMENTRESULTSREQUEST.fields_by_name['filtered_cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _LISTASSESSMENTRESULTSREQUEST.fields_by_name['filtered_metric_id']._options = None + _LISTASSESSMENTRESULTSREQUEST.fields_by_name['filtered_metric_id']._serialized_options = b'\372B\t\222\001\006\"\004r\002\020\001' + _ASSESSEVIDENCEREQUEST.fields_by_name['evidence']._options = None + _ASSESSEVIDENCEREQUEST.fields_by_name['evidence']._serialized_options = b'\372B\005\212\001\002\020\001' + _ASSESSMENTRESULT.fields_by_name['id']._options = None + _ASSESSMENTRESULT.fields_by_name['id']._serialized_options = b'\372B\005r\003\260\001\001' + _ASSESSMENTRESULT.fields_by_name['timestamp']._options = None + _ASSESSMENTRESULT.fields_by_name['timestamp']._serialized_options = b'\232\204\236\003\'gorm:\"serializer:timestamppb;type:time\"\372B\005\262\001\002\010\001' + _ASSESSMENTRESULT.fields_by_name['metric_id']._options = None + _ASSESSMENTRESULT.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _ASSESSMENTRESULT.fields_by_name['metric_configuration']._options = None + _ASSESSMENTRESULT.fields_by_name['metric_configuration']._serialized_options = b'\232\204\236\003\026gorm:\"serializer:json\"\372B\005\212\001\002\020\001' + _ASSESSMENTRESULT.fields_by_name['evidence_id']._options = None + _ASSESSMENTRESULT.fields_by_name['evidence_id']._serialized_options = b'\372B\005r\003\260\001\001' + _ASSESSMENTRESULT.fields_by_name['resource_id']._options = None + _ASSESSMENTRESULT.fields_by_name['resource_id']._serialized_options = b'\372B\004r\002\020\001' + _ASSESSMENTRESULT.fields_by_name['resource_types']._options = None + _ASSESSMENTRESULT.fields_by_name['resource_types']._serialized_options = b'\232\204\236\003\026gorm:\"serializer:json\"\372B\005\222\001\002\010\001' + _ASSESSMENTRESULT.fields_by_name['cloud_service_id']._options = None + _ASSESSMENTRESULT.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _ASSESSMENT.methods_by_name['AssessEvidence']._options = None + _ASSESSMENT.methods_by_name['AssessEvidence']._serialized_options = b'\202\323\344\223\002$\"\030/v1/assessment/evidences:\010evidence' + _ASSESSMENT.methods_by_name['ListAssessmentResults']._options = None + _ASSESSMENT.methods_by_name['ListAssessmentResults']._serialized_options = b'\202\323\344\223\002\030\022\026/v1/assessment/results' + _LISTASSESSMENTRESULTSREQUEST._serialized_start=198 + _LISTASSESSMENTRESULTSREQUEST._serialized_end=476 + _LISTASSESSMENTRESULTSRESPONSE._serialized_start=478 + _LISTASSESSMENTRESULTSRESPONSE._serialized_end=594 + _CONFIGUREASSESSMENTREQUEST._serialized_start=596 + _CONFIGUREASSESSMENTREQUEST._serialized_end=624 + _CONFIGUREASSESSMENTRESPONSE._serialized_start=626 + _CONFIGUREASSESSMENTRESPONSE._serialized_end=655 + _CALCULATECOMPLIANCEREQUEST._serialized_start=657 + _CALCULATECOMPLIANCEREQUEST._serialized_end=705 + _ASSESSEVIDENCEREQUEST._serialized_start=707 + _ASSESSEVIDENCEREQUEST._serialized_end=791 + _ASSESSEVIDENCERESPONSE._serialized_start=793 + _ASSESSEVIDENCERESPONSE._serialized_end=817 + _ASSESSEVIDENCESRESPONSE._serialized_start=820 + _ASSESSEVIDENCESRESPONSE._serialized_end=1058 + _ASSESSEVIDENCESRESPONSE_ASSESSMENTSTATUS._serialized_start=954 + _ASSESSEVIDENCESRESPONSE_ASSESSMENTSTATUS._serialized_end=1058 + _ASSESSMENTRESULT._serialized_start=1061 + _ASSESSMENTRESULT._serialized_end=1553 + _ASSESSMENT._serialized_start=1556 + _ASSESSMENT._serialized_end=2122 # @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/assessment_pb2_grpc.py b/grpc_gen/assessment_pb2_grpc.py index fbf893c..322d2d1 100644 --- a/grpc_gen/assessment_pb2_grpc.py +++ b/grpc_gen/assessment_pb2_grpc.py @@ -17,23 +17,23 @@ class AssessmentStub(object): Args: channel: A grpc.Channel. """ - self.TriggerAssessment = channel.unary_unary( - '/clouditor.Assessment/TriggerAssessment', - request_serializer=assessment__pb2.TriggerAssessmentRequest.SerializeToString, + self.CalculateCompliance = channel.unary_unary( + '/clouditor.assessment.v1.Assessment/CalculateCompliance', + request_serializer=assessment__pb2.CalculateComplianceRequest.SerializeToString, response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, ) self.AssessEvidence = channel.unary_unary( - '/clouditor.Assessment/AssessEvidence', + '/clouditor.assessment.v1.Assessment/AssessEvidence', request_serializer=assessment__pb2.AssessEvidenceRequest.SerializeToString, response_deserializer=assessment__pb2.AssessEvidenceResponse.FromString, ) self.AssessEvidences = channel.stream_stream( - '/clouditor.Assessment/AssessEvidences', + '/clouditor.assessment.v1.Assessment/AssessEvidences', request_serializer=assessment__pb2.AssessEvidenceRequest.SerializeToString, - response_deserializer=assessment__pb2.AssessEvidenceResponse.FromString, + response_deserializer=assessment__pb2.AssessEvidencesResponse.FromString, ) self.ListAssessmentResults = channel.unary_unary( - '/clouditor.Assessment/ListAssessmentResults', + '/clouditor.assessment.v1.Assessment/ListAssessmentResults', request_serializer=assessment__pb2.ListAssessmentResultsRequest.SerializeToString, response_deserializer=assessment__pb2.ListAssessmentResultsResponse.FromString, ) @@ -44,8 +44,9 @@ class AssessmentServicer(object): from discovery and sending results to orchestrator """ - def TriggerAssessment(self, request, context): - """Triggers the assessment. Part of the private API. Not exposed as REST. + def CalculateCompliance(self, request, context): + """Triggers the compliance calculation. Part of the private API. Not exposed + as REST. """ context.set_code(grpc.StatusCode.UNIMPLEMENTED) context.set_details('Method not implemented!') @@ -68,7 +69,11 @@ class AssessmentServicer(object): raise NotImplementedError('Method not implemented!') def ListAssessmentResults(self, request, context): - """List all assessment results. Part of the public API, also exposed as REST. + """List all assessment results of all cloud services the requester can access. + Optionally, further filters of specific cloud services, metrics or the + compliance status can be specified. + + Part of the public API, also exposed as REST. """ context.set_code(grpc.StatusCode.UNIMPLEMENTED) context.set_details('Method not implemented!') @@ -77,9 +82,9 @@ class AssessmentServicer(object): def add_AssessmentServicer_to_server(servicer, server): rpc_method_handlers = { - 'TriggerAssessment': grpc.unary_unary_rpc_method_handler( - servicer.TriggerAssessment, - request_deserializer=assessment__pb2.TriggerAssessmentRequest.FromString, + 'CalculateCompliance': grpc.unary_unary_rpc_method_handler( + servicer.CalculateCompliance, + request_deserializer=assessment__pb2.CalculateComplianceRequest.FromString, response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, ), 'AssessEvidence': grpc.unary_unary_rpc_method_handler( @@ -90,7 +95,7 @@ def add_AssessmentServicer_to_server(servicer, server): 'AssessEvidences': grpc.stream_stream_rpc_method_handler( servicer.AssessEvidences, request_deserializer=assessment__pb2.AssessEvidenceRequest.FromString, - response_serializer=assessment__pb2.AssessEvidenceResponse.SerializeToString, + response_serializer=assessment__pb2.AssessEvidencesResponse.SerializeToString, ), 'ListAssessmentResults': grpc.unary_unary_rpc_method_handler( servicer.ListAssessmentResults, @@ -99,7 +104,7 @@ def add_AssessmentServicer_to_server(servicer, server): ), } generic_handler = grpc.method_handlers_generic_handler( - 'clouditor.Assessment', rpc_method_handlers) + 'clouditor.assessment.v1.Assessment', rpc_method_handlers) server.add_generic_rpc_handlers((generic_handler,)) @@ -110,7 +115,7 @@ class Assessment(object): """ @staticmethod - def TriggerAssessment(request, + def CalculateCompliance(request, target, options=(), channel_credentials=None, @@ -120,8 +125,8 @@ class Assessment(object): wait_for_ready=None, timeout=None, metadata=None): - return grpc.experimental.unary_unary(request, target, '/clouditor.Assessment/TriggerAssessment', - assessment__pb2.TriggerAssessmentRequest.SerializeToString, + return grpc.experimental.unary_unary(request, target, '/clouditor.assessment.v1.Assessment/CalculateCompliance', + assessment__pb2.CalculateComplianceRequest.SerializeToString, google_dot_protobuf_dot_empty__pb2.Empty.FromString, options, channel_credentials, insecure, call_credentials, compression, wait_for_ready, timeout, metadata) @@ -137,7 +142,7 @@ class Assessment(object): wait_for_ready=None, timeout=None, metadata=None): - return grpc.experimental.unary_unary(request, target, '/clouditor.Assessment/AssessEvidence', + return grpc.experimental.unary_unary(request, target, '/clouditor.assessment.v1.Assessment/AssessEvidence', assessment__pb2.AssessEvidenceRequest.SerializeToString, assessment__pb2.AssessEvidenceResponse.FromString, options, channel_credentials, @@ -154,9 +159,9 @@ class Assessment(object): wait_for_ready=None, timeout=None, metadata=None): - return grpc.experimental.stream_stream(request_iterator, target, '/clouditor.Assessment/AssessEvidences', + return grpc.experimental.stream_stream(request_iterator, target, '/clouditor.assessment.v1.Assessment/AssessEvidences', assessment__pb2.AssessEvidenceRequest.SerializeToString, - assessment__pb2.AssessEvidenceResponse.FromString, + assessment__pb2.AssessEvidencesResponse.FromString, options, channel_credentials, insecure, call_credentials, compression, wait_for_ready, timeout, metadata) @@ -171,7 +176,7 @@ class Assessment(object): wait_for_ready=None, timeout=None, metadata=None): - return grpc.experimental.unary_unary(request, target, '/clouditor.Assessment/ListAssessmentResults', + return grpc.experimental.unary_unary(request, target, '/clouditor.assessment.v1.Assessment/ListAssessmentResults', assessment__pb2.ListAssessmentResultsRequest.SerializeToString, assessment__pb2.ListAssessmentResultsResponse.FromString, options, channel_credentials, diff --git a/grpc_gen/evidence_pb2.py b/grpc_gen/evidence_pb2.py index 0f152a5..2128f6a 100644 --- a/grpc_gen/evidence_pb2.py +++ b/grpc_gen/evidence_pb2.py @@ -2,9 +2,9 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: evidence.proto """Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder from google.protobuf import descriptor as _descriptor -from google.protobuf import message as _message -from google.protobuf import reflection as _reflection +from google.protobuf import descriptor_pool as _descriptor_pool from google.protobuf import symbol_database as _symbol_database # @@protoc_insertion_point(imports) @@ -13,98 +13,30 @@ _sym_db = _symbol_database.Default() from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 - - -DESCRIPTOR = _descriptor.FileDescriptor( - name='evidence.proto', - package='clouditor', - syntax='proto3', - serialized_options=None, - create_key=_descriptor._internal_create_key, - serialized_pb=b'\n\x0e\x65vidence.proto\x12\tclouditor\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xa1\x01\n\x08\x45vidence\x12\n\n\x02id\x18\x01 \x01(\t\x12-\n\ttimestamp\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\nservice_id\x18\x03 \x01(\t\x12\x0f\n\x07tool_id\x18\x04 \x01(\t\x12\x0b\n\x03raw\x18\x05 \x01(\t\x12(\n\x08resource\x18\x06 \x01(\x0b\x32\x16.google.protobuf.Valueb\x06proto3' - , - dependencies=[google_dot_protobuf_dot_struct__pb2.DESCRIPTOR,google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR,]) - - - - -_EVIDENCE = _descriptor.Descriptor( - name='Evidence', - full_name='clouditor.Evidence', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='id', full_name='clouditor.Evidence.id', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='timestamp', full_name='clouditor.Evidence.timestamp', index=1, - number=2, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='service_id', full_name='clouditor.Evidence.service_id', index=2, - number=3, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='tool_id', full_name='clouditor.Evidence.tool_id', index=3, - number=4, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='raw', full_name='clouditor.Evidence.raw', index=4, - number=5, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='resource', full_name='clouditor.Evidence.resource', index=5, - number=6, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=93, - serialized_end=254, -) - -_EVIDENCE.fields_by_name['timestamp'].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP -_EVIDENCE.fields_by_name['resource'].message_type = google_dot_protobuf_dot_struct__pb2._VALUE -DESCRIPTOR.message_types_by_name['Evidence'] = _EVIDENCE -_sym_db.RegisterFileDescriptor(DESCRIPTOR) - -Evidence = _reflection.GeneratedProtocolMessageType('Evidence', (_message.Message,), { - 'DESCRIPTOR' : _EVIDENCE, - '__module__' : 'evidence_pb2' - # @@protoc_insertion_point(class_scope:clouditor.Evidence) - }) -_sym_db.RegisterMessage(Evidence) - - +import grpc_gen.tagger_pb2 as tagger__pb2 +import grpc_gen.validate_pb2 as validate__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0e\x65vidence.proto\x12\x15\x63louditor.evidence.v1\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0ctagger.proto\x1a\x0evalidate.proto\"\xc2\x02\n\x08\x45vidence\x12\x14\n\x02id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x63\n\ttimestamp\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.TimestampB4\x9a\x84\x9e\x03\'gorm:\"serializer:timestamppb;type:time\"\xfa\x42\x05\xb2\x01\x02\x08\x01\x12\"\n\x10\x63loud_service_id\x18\x03 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x18\n\x07tool_id\x18\x04 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x19\n\x03raw\x18\x05 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01H\x00\x88\x01\x01\x12Z\n\x08resource\x18\x06 \x01(\x0b\x32\x16.google.protobuf.ValueB0\x9a\x84\x9e\x03#gorm:\"serializer:valuepb;type:json\"\xfa\x42\x05\x8a\x01\x02\x10\x01\x42\x06\n\x04_rawB%Z#clouditor.io/clouditor/api/evidenceb\x06proto3') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'evidence_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'Z#clouditor.io/clouditor/api/evidence' + _EVIDENCE.fields_by_name['id']._options = None + _EVIDENCE.fields_by_name['id']._serialized_options = b'\372B\005r\003\260\001\001' + _EVIDENCE.fields_by_name['timestamp']._options = None + _EVIDENCE.fields_by_name['timestamp']._serialized_options = b'\232\204\236\003\'gorm:\"serializer:timestamppb;type:time\"\372B\005\262\001\002\010\001' + _EVIDENCE.fields_by_name['cloud_service_id']._options = None + _EVIDENCE.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _EVIDENCE.fields_by_name['tool_id']._options = None + _EVIDENCE.fields_by_name['tool_id']._serialized_options = b'\372B\004r\002\020\001' + _EVIDENCE.fields_by_name['raw']._options = None + _EVIDENCE.fields_by_name['raw']._serialized_options = b'\372B\004r\002\020\001' + _EVIDENCE.fields_by_name['resource']._options = None + _EVIDENCE.fields_by_name['resource']._serialized_options = b'\232\204\236\003#gorm:\"serializer:valuepb;type:json\"\372B\005\212\001\002\020\001' + _EVIDENCE._serialized_start=135 + _EVIDENCE._serialized_end=457 # @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/metric_pb2.py b/grpc_gen/metric_pb2.py index cd0fdb1..75113ff 100644 --- a/grpc_gen/metric_pb2.py +++ b/grpc_gen/metric_pb2.py @@ -2,9 +2,9 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: metric.proto """Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder from google.protobuf import descriptor as _descriptor -from google.protobuf import message as _message -from google.protobuf import reflection as _reflection +from google.protobuf import descriptor_pool as _descriptor_pool from google.protobuf import symbol_database as _symbol_database # @@protoc_insertion_point(imports) @@ -12,460 +12,61 @@ _sym_db = _symbol_database.Default() from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 - - -DESCRIPTOR = _descriptor.FileDescriptor( - name='metric.proto', - package='clouditor', - syntax='proto3', - serialized_options=None, - create_key=_descriptor._internal_create_key, - serialized_pb=b'\n\x0cmetric.proto\x12\tclouditor\x1a\x1cgoogle/protobuf/struct.proto\"\xc1\x01\n\x06Metric\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12\x10\n\x08\x63\x61tegory\x18\x04 \x01(\t\x12&\n\x05scale\x18\x05 \x01(\x0e\x32\x17.clouditor.Metric.Scale\x12\x1f\n\x05range\x18\x06 \x01(\x0b\x32\x10.clouditor.Range\"-\n\x05Scale\x12\x0b\n\x07NOMINAL\x10\x00\x12\x0b\n\x07ORDINAL\x10\x01\x12\n\n\x06METRIC\x10\x02\"\x8d\x01\n\x05Range\x12\x32\n\x0e\x61llowed_values\x18\x01 \x01(\x0b\x32\x18.clouditor.AllowedValuesH\x00\x12!\n\x05order\x18\x02 \x01(\x0b\x32\x10.clouditor.OrderH\x00\x12$\n\x07min_max\x18\x03 \x01(\x0b\x32\x11.clouditor.MinMaxH\x00\x42\x07\n\x05range\"\"\n\x06MinMax\x12\x0b\n\x03min\x18\x01 \x01(\x03\x12\x0b\n\x03max\x18\x02 \x01(\x03\"7\n\rAllowedValues\x12&\n\x06values\x18\x01 \x03(\x0b\x32\x16.google.protobuf.Value\"/\n\x05Order\x12&\n\x06values\x18\x01 \x03(\x0b\x32\x16.google.protobuf.Value\"i\n\x13MetricConfiguration\x12\x10\n\x08operator\x18\x01 \x01(\t\x12,\n\x0ctarget_value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value\x12\x12\n\nis_default\x18\x03 \x01(\x08\"\x90\x01\n\x14MetricImplementation\x12:\n\x08language\x18\x01 \x01(\x0e\x32(.clouditor.MetricImplementation.Language\x12\x0c\n\x04\x63ode\x18\x02 \x01(\t\".\n\x08Language\x12\x18\n\x14LANGUAGE_UNSPECIFIED\x10\x00\x12\x08\n\x04REGO\x10\x01\x62\x06proto3' - , - dependencies=[google_dot_protobuf_dot_struct__pb2.DESCRIPTOR,]) - - - -_METRIC_SCALE = _descriptor.EnumDescriptor( - name='Scale', - full_name='clouditor.Metric.Scale', - filename=None, - file=DESCRIPTOR, - create_key=_descriptor._internal_create_key, - values=[ - _descriptor.EnumValueDescriptor( - name='NOMINAL', index=0, number=0, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='ORDINAL', index=1, number=1, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='METRIC', index=2, number=2, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - ], - containing_type=None, - serialized_options=None, - serialized_start=206, - serialized_end=251, -) -_sym_db.RegisterEnumDescriptor(_METRIC_SCALE) - -_METRICIMPLEMENTATION_LANGUAGE = _descriptor.EnumDescriptor( - name='Language', - full_name='clouditor.MetricImplementation.Language', - filename=None, - file=DESCRIPTOR, - create_key=_descriptor._internal_create_key, - values=[ - _descriptor.EnumValueDescriptor( - name='LANGUAGE_UNSPECIFIED', index=0, number=0, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - _descriptor.EnumValueDescriptor( - name='REGO', index=1, number=1, - serialized_options=None, - type=None, - create_key=_descriptor._internal_create_key), - ], - containing_type=None, - serialized_options=None, - serialized_start=745, - serialized_end=791, -) -_sym_db.RegisterEnumDescriptor(_METRICIMPLEMENTATION_LANGUAGE) - - -_METRIC = _descriptor.Descriptor( - name='Metric', - full_name='clouditor.Metric', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='id', full_name='clouditor.Metric.id', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='name', full_name='clouditor.Metric.name', index=1, - number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='description', full_name='clouditor.Metric.description', index=2, - number=3, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='category', full_name='clouditor.Metric.category', index=3, - number=4, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='scale', full_name='clouditor.Metric.scale', index=4, - number=5, type=14, cpp_type=8, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='range', full_name='clouditor.Metric.range', index=5, - number=6, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - _METRIC_SCALE, - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=58, - serialized_end=251, -) - - -_RANGE = _descriptor.Descriptor( - name='Range', - full_name='clouditor.Range', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='allowed_values', full_name='clouditor.Range.allowed_values', index=0, - number=1, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='order', full_name='clouditor.Range.order', index=1, - number=2, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='min_max', full_name='clouditor.Range.min_max', index=2, - number=3, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - _descriptor.OneofDescriptor( - name='range', full_name='clouditor.Range.range', - index=0, containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[]), - ], - serialized_start=254, - serialized_end=395, -) - - -_MINMAX = _descriptor.Descriptor( - name='MinMax', - full_name='clouditor.MinMax', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='min', full_name='clouditor.MinMax.min', index=0, - number=1, type=3, cpp_type=2, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='max', full_name='clouditor.MinMax.max', index=1, - number=2, type=3, cpp_type=2, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=397, - serialized_end=431, -) - - -_ALLOWEDVALUES = _descriptor.Descriptor( - name='AllowedValues', - full_name='clouditor.AllowedValues', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='values', full_name='clouditor.AllowedValues.values', index=0, - number=1, type=11, cpp_type=10, label=3, - has_default_value=False, default_value=[], - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=433, - serialized_end=488, -) - - -_ORDER = _descriptor.Descriptor( - name='Order', - full_name='clouditor.Order', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='values', full_name='clouditor.Order.values', index=0, - number=1, type=11, cpp_type=10, label=3, - has_default_value=False, default_value=[], - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=490, - serialized_end=537, -) - - -_METRICCONFIGURATION = _descriptor.Descriptor( - name='MetricConfiguration', - full_name='clouditor.MetricConfiguration', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='operator', full_name='clouditor.MetricConfiguration.operator', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='target_value', full_name='clouditor.MetricConfiguration.target_value', index=1, - number=2, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='is_default', full_name='clouditor.MetricConfiguration.is_default', index=2, - number=3, type=8, cpp_type=7, label=1, - has_default_value=False, default_value=False, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=539, - serialized_end=644, -) - - -_METRICIMPLEMENTATION = _descriptor.Descriptor( - name='MetricImplementation', - full_name='clouditor.MetricImplementation', - filename=None, - file=DESCRIPTOR, - containing_type=None, - create_key=_descriptor._internal_create_key, - fields=[ - _descriptor.FieldDescriptor( - name='language', full_name='clouditor.MetricImplementation.language', index=0, - number=1, type=14, cpp_type=8, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - _descriptor.FieldDescriptor( - name='code', full_name='clouditor.MetricImplementation.code', index=1, - number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=b"".decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - _METRICIMPLEMENTATION_LANGUAGE, - ], - serialized_options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=647, - serialized_end=791, -) - -_METRIC.fields_by_name['scale'].enum_type = _METRIC_SCALE -_METRIC.fields_by_name['range'].message_type = _RANGE -_METRIC_SCALE.containing_type = _METRIC -_RANGE.fields_by_name['allowed_values'].message_type = _ALLOWEDVALUES -_RANGE.fields_by_name['order'].message_type = _ORDER -_RANGE.fields_by_name['min_max'].message_type = _MINMAX -_RANGE.oneofs_by_name['range'].fields.append( - _RANGE.fields_by_name['allowed_values']) -_RANGE.fields_by_name['allowed_values'].containing_oneof = _RANGE.oneofs_by_name['range'] -_RANGE.oneofs_by_name['range'].fields.append( - _RANGE.fields_by_name['order']) -_RANGE.fields_by_name['order'].containing_oneof = _RANGE.oneofs_by_name['range'] -_RANGE.oneofs_by_name['range'].fields.append( - _RANGE.fields_by_name['min_max']) -_RANGE.fields_by_name['min_max'].containing_oneof = _RANGE.oneofs_by_name['range'] -_ALLOWEDVALUES.fields_by_name['values'].message_type = google_dot_protobuf_dot_struct__pb2._VALUE -_ORDER.fields_by_name['values'].message_type = google_dot_protobuf_dot_struct__pb2._VALUE -_METRICCONFIGURATION.fields_by_name['target_value'].message_type = google_dot_protobuf_dot_struct__pb2._VALUE -_METRICIMPLEMENTATION.fields_by_name['language'].enum_type = _METRICIMPLEMENTATION_LANGUAGE -_METRICIMPLEMENTATION_LANGUAGE.containing_type = _METRICIMPLEMENTATION -DESCRIPTOR.message_types_by_name['Metric'] = _METRIC -DESCRIPTOR.message_types_by_name['Range'] = _RANGE -DESCRIPTOR.message_types_by_name['MinMax'] = _MINMAX -DESCRIPTOR.message_types_by_name['AllowedValues'] = _ALLOWEDVALUES -DESCRIPTOR.message_types_by_name['Order'] = _ORDER -DESCRIPTOR.message_types_by_name['MetricConfiguration'] = _METRICCONFIGURATION -DESCRIPTOR.message_types_by_name['MetricImplementation'] = _METRICIMPLEMENTATION -_sym_db.RegisterFileDescriptor(DESCRIPTOR) - -Metric = _reflection.GeneratedProtocolMessageType('Metric', (_message.Message,), { - 'DESCRIPTOR' : _METRIC, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.Metric) - }) -_sym_db.RegisterMessage(Metric) - -Range = _reflection.GeneratedProtocolMessageType('Range', (_message.Message,), { - 'DESCRIPTOR' : _RANGE, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.Range) - }) -_sym_db.RegisterMessage(Range) - -MinMax = _reflection.GeneratedProtocolMessageType('MinMax', (_message.Message,), { - 'DESCRIPTOR' : _MINMAX, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.MinMax) - }) -_sym_db.RegisterMessage(MinMax) - -AllowedValues = _reflection.GeneratedProtocolMessageType('AllowedValues', (_message.Message,), { - 'DESCRIPTOR' : _ALLOWEDVALUES, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.AllowedValues) - }) -_sym_db.RegisterMessage(AllowedValues) - -Order = _reflection.GeneratedProtocolMessageType('Order', (_message.Message,), { - 'DESCRIPTOR' : _ORDER, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.Order) - }) -_sym_db.RegisterMessage(Order) - -MetricConfiguration = _reflection.GeneratedProtocolMessageType('MetricConfiguration', (_message.Message,), { - 'DESCRIPTOR' : _METRICCONFIGURATION, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.MetricConfiguration) - }) -_sym_db.RegisterMessage(MetricConfiguration) - -MetricImplementation = _reflection.GeneratedProtocolMessageType('MetricImplementation', (_message.Message,), { - 'DESCRIPTOR' : _METRICIMPLEMENTATION, - '__module__' : 'metric_pb2' - # @@protoc_insertion_point(class_scope:clouditor.MetricImplementation) - }) -_sym_db.RegisterMessage(MetricImplementation) - - +from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +import grpc_gen.tagger_pb2 as tagger__pb2 +import grpc_gen.validate_pb2 as validate__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0cmetric.proto\x12\x17\x63louditor.assessment.v1\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x0ctagger.proto\x1a\x0evalidate.proto\"\x8b\x03\n\x06Metric\x12\x13\n\x02id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x15\n\x04name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12\x10\n\x08\x63\x61tegory\x18\x04 \x01(\t\x12>\n\x05scale\x18\x05 \x01(\x0e\x32%.clouditor.assessment.v1.Metric.ScaleB\x08\xfa\x42\x05\x82\x01\x02\x10\x01\x12\x37\n\x05range\x18\x06 \x01(\x0b\x32\x1e.clouditor.assessment.v1.RangeB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\x12\x10\n\x08interval\x18\x07 \x01(\x03\x12J\n\x0eimplementation\x18\x08 \x01(\x0b\x32-.clouditor.assessment.v1.MetricImplementationH\x00\x88\x01\x01\"D\n\x05Scale\x12\x15\n\x11SCALE_UNSPECIFIED\x10\x00\x12\x0b\n\x07NOMINAL\x10\x01\x12\x0b\n\x07ORDINAL\x10\x02\x12\n\n\x06METRIC\x10\x03\x42\x11\n\x0f_implementation\"\xb7\x01\n\x05Range\x12@\n\x0e\x61llowed_values\x18\x01 \x01(\x0b\x32&.clouditor.assessment.v1.AllowedValuesH\x00\x12/\n\x05order\x18\x02 \x01(\x0b\x32\x1e.clouditor.assessment.v1.OrderH\x00\x12\x32\n\x07min_max\x18\x03 \x01(\x0b\x32\x1f.clouditor.assessment.v1.MinMaxH\x00\x42\x07\n\x05range\"\"\n\x06MinMax\x12\x0b\n\x03min\x18\x01 \x01(\x03\x12\x0b\n\x03max\x18\x02 \x01(\x03\"7\n\rAllowedValues\x12&\n\x06values\x18\x01 \x03(\x0b\x32\x16.google.protobuf.Value\"/\n\x05Order\x12&\n\x06values\x18\x01 \x03(\x0b\x32\x16.google.protobuf.Value\"\xf2\x02\n\x13MetricConfiguration\x12*\n\x08operator\x18\x01 \x01(\tB\x18\xfa\x42\x15r\x13\x32\x11^(|<|>|<=|>=|==)$\x12Q\n\x0ctarget_value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueB#\x9a\x84\x9e\x03\x16gorm:\"serializer:json\"\xfa\x42\x05\x8a\x01\x02\x10\x01\x12\x12\n\nis_default\x18\x03 \x01(\x08\x12\\\n\nupdated_at\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB,\x9a\x84\x9e\x03\'gorm:\"serializer:timestamppb;type:time\"\x12\x30\n\tmetric_id\x18\x05 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x38\n\x10\x63loud_service_id\x18\x06 \x01(\tB\x1e\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x05r\x03\xb0\x01\x01\"\xb0\x02\n\x14MetricImplementation\x12\x1a\n\tmetric_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12N\n\x04lang\x18\x02 \x01(\x0e\x32\x36.clouditor.assessment.v1.MetricImplementation.LanguageB\x08\xfa\x42\x05\x82\x01\x02\x10\x01\x12\x15\n\x04\x63ode\x18\x03 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\\\n\nupdated_at\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB,\x9a\x84\x9e\x03\'gorm:\"serializer:timestamppb;type:time\"\"7\n\x08Language\x12\x18\n\x14LANGUAGE_UNSPECIFIED\x10\x00\x12\x11\n\rLANGUAGE_REGO\x10\x01\x42\'Z%clouditor.io/clouditor/api/assessmentb\x06proto3') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'metric_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'Z%clouditor.io/clouditor/api/assessment' + _METRIC.fields_by_name['id']._options = None + _METRIC.fields_by_name['id']._serialized_options = b'\372B\004r\002\020\001' + _METRIC.fields_by_name['name']._options = None + _METRIC.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _METRIC.fields_by_name['scale']._options = None + _METRIC.fields_by_name['scale']._serialized_options = b'\372B\005\202\001\002\020\001' + _METRIC.fields_by_name['range']._options = None + _METRIC.fields_by_name['range']._serialized_options = b'\372B\005\212\001\002\020\001' + _METRICCONFIGURATION.fields_by_name['operator']._options = None + _METRICCONFIGURATION.fields_by_name['operator']._serialized_options = b'\372B\025r\0232\021^(|<|>|<=|>=|==)$' + _METRICCONFIGURATION.fields_by_name['target_value']._options = None + _METRICCONFIGURATION.fields_by_name['target_value']._serialized_options = b'\232\204\236\003\026gorm:\"serializer:json\"\372B\005\212\001\002\020\001' + _METRICCONFIGURATION.fields_by_name['updated_at']._options = None + _METRICCONFIGURATION.fields_by_name['updated_at']._serialized_options = b'\232\204\236\003\'gorm:\"serializer:timestamppb;type:time\"' + _METRICCONFIGURATION.fields_by_name['metric_id']._options = None + _METRICCONFIGURATION.fields_by_name['metric_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _METRICCONFIGURATION.fields_by_name['cloud_service_id']._options = None + _METRICCONFIGURATION.fields_by_name['cloud_service_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\005r\003\260\001\001' + _METRICIMPLEMENTATION.fields_by_name['metric_id']._options = None + _METRICIMPLEMENTATION.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _METRICIMPLEMENTATION.fields_by_name['lang']._options = None + _METRICIMPLEMENTATION.fields_by_name['lang']._serialized_options = b'\372B\005\202\001\002\020\001' + _METRICIMPLEMENTATION.fields_by_name['code']._options = None + _METRICIMPLEMENTATION.fields_by_name['code']._serialized_options = b'\372B\004r\002\020\001' + _METRICIMPLEMENTATION.fields_by_name['updated_at']._options = None + _METRICIMPLEMENTATION.fields_by_name['updated_at']._serialized_options = b'\232\204\236\003\'gorm:\"serializer:timestamppb;type:time\"' + _METRIC._serialized_start=135 + _METRIC._serialized_end=530 + _METRIC_SCALE._serialized_start=443 + _METRIC_SCALE._serialized_end=511 + _RANGE._serialized_start=533 + _RANGE._serialized_end=716 + _MINMAX._serialized_start=718 + _MINMAX._serialized_end=752 + _ALLOWEDVALUES._serialized_start=754 + _ALLOWEDVALUES._serialized_end=809 + _ORDER._serialized_start=811 + _ORDER._serialized_end=858 + _METRICCONFIGURATION._serialized_start=861 + _METRICCONFIGURATION._serialized_end=1231 + _METRICIMPLEMENTATION._serialized_start=1234 + _METRICIMPLEMENTATION._serialized_end=1538 + _METRICIMPLEMENTATION_LANGUAGE._serialized_start=1483 + _METRICIMPLEMENTATION_LANGUAGE._serialized_end=1538 # @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/orchestrator_pb2.py b/grpc_gen/orchestrator_pb2.py new file mode 100644 index 0000000..fc5c823 --- /dev/null +++ b/grpc_gen/orchestrator_pb2.py @@ -0,0 +1,436 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: orchestrator.proto +"""Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder +from google.protobuf import descriptor as _descriptor +from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import symbol_database as _symbol_database +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 +import grpc_gen.metric_pb2 as metric__pb2 +import grpc_gen.assessment_pb2 as assessment__pb2 +import grpc_gen.tagger_pb2 as tagger__pb2 +import grpc_gen.validate_pb2 as validate__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x12orchestrator.proto\x12\x19\x63louditor.orchestrator.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x0cmetric.proto\x1a\x10\x61ssessment.proto\x1a\x0ctagger.proto\x1a\x0evalidate.proto\"b\n\x1dRegisterAssessmentToolRequest\x12\x41\n\x04tool\x18\x01 \x01(\x0b\x32).clouditor.orchestrator.v1.AssessmentToolB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"\x9f\x01\n\x1aListAssessmentToolsRequest\x12&\n\x10\x66ilter_metric_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01H\x00\x88\x01\x01\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\x12\x10\n\x08order_by\x18\x04 \x01(\t\x12\x0b\n\x03\x61sc\x18\x05 \x01(\x08\x42\x13\n\x11_filter_metric_id\"p\n\x1bListAssessmentToolsResponse\x12\x38\n\x05tools\x18\x01 \x03(\x0b\x32).clouditor.orchestrator.v1.AssessmentTool\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"4\n\x18GetAssessmentToolRequest\x12\x18\n\x07tool_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"`\n\x1bUpdateAssessmentToolRequest\x12\x41\n\x04tool\x18\x02 \x01(\x0b\x32).clouditor.orchestrator.v1.AssessmentToolB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\";\n\x1f\x44\x65registerAssessmentToolRequest\x12\x18\n\x07tool_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"c\n\x1cStoreAssessmentResultRequest\x12\x43\n\x06result\x18\x01 \x01(\x0b\x32).clouditor.assessment.v1.AssessmentResultB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"\x1f\n\x1dStoreAssessmentResultResponse\"H\n\x1eStoreAssessmentResultsResponse\x12\x0e\n\x06status\x18\x01 \x01(\x08\x12\x16\n\x0estatus_message\x18\x02 \x01(\t\"P\n\x13\x43reateMetricRequest\x12\x39\n\x06metric\x18\x01 \x01(\x0b\x32\x1f.clouditor.assessment.v1.MetricB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"P\n\x13UpdateMetricRequest\x12\x39\n\x06metric\x18\x01 \x01(\x0b\x32\x1f.clouditor.assessment.v1.MetricB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\".\n\x10GetMetricRequest\x12\x1a\n\tmetric_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"Z\n\x12ListMetricsRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\"`\n\x13ListMetricsResponse\x12\x30\n\x07metrics\x18\x01 \x03(\x0b\x32\x1f.clouditor.assessment.v1.Metric\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"<\n\x16GetCloudServiceRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\"g\n\x1bRegisterCloudServiceRequest\x12H\n\rcloud_service\x18\x01 \x01(\x0b\x32\'.clouditor.orchestrator.v1.CloudServiceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"e\n\x19UpdateCloudServiceRequest\x12H\n\rcloud_service\x18\x01 \x01(\x0b\x32\'.clouditor.orchestrator.v1.CloudServiceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"?\n\x19RemoveCloudServiceRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\"`\n\x18ListCloudServicesRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\"o\n\x19ListCloudServicesResponse\x12\x39\n\x08services\x18\x01 \x03(\x0b\x32\'.clouditor.orchestrator.v1.CloudService\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"\xb1\x01\n UpdateMetricConfigurationRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x1a\n\tmetric_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12M\n\rconfiguration\x18\x03 \x01(\x0b\x32,.clouditor.assessment.v1.MetricConfigurationB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"_\n\x1dGetMetricConfigurationRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x1a\n\tmetric_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"D\n\x1eListMetricConfigurationRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\"\xee\x01\n\x1fListMetricConfigurationResponse\x12\x66\n\x0e\x63onfigurations\x18\x01 \x03(\x0b\x32N.clouditor.orchestrator.v1.ListMetricConfigurationResponse.ConfigurationsEntry\x1a\x63\n\x13\x43onfigurationsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12;\n\x05value\x18\x02 \x01(\x0b\x32,.clouditor.assessment.v1.MetricConfiguration:\x02\x38\x01\"t\n!UpdateMetricImplementationRequest\x12O\n\x0eimplementation\x18\x01 \x01(\x0b\x32-.clouditor.assessment.v1.MetricImplementationB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"<\n\x1eGetMetricImplementationRequest\x12\x1a\n\tmetric_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"#\n!SubscribeMetricChangeEventRequest\"\x91\x02\n\x11MetricChangeEvent\x12I\n\x04type\x18\x01 \x01(\x0e\x32\x31.clouditor.orchestrator.v1.MetricChangeEvent.TypeB\x08\xfa\x42\x05\x82\x01\x02\x10\x01\x12\x1a\n\tmetric_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\"\n\x10\x63loud_service_id\x18\x03 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\"q\n\x04Type\x12\x14\n\x10TYPE_UNSPECIFIED\x10\x00\x12\x17\n\x13TYPE_CONFIG_CHANGED\x10\x01\x12\x1f\n\x1bTYPE_IMPLEMENTATION_CHANGED\x10\x02\x12\x19\n\x15TYPE_METADATA_CHANGED\x10\x03\"~\n\x0e\x41ssessmentTool\x12\x17\n\x02id\x18\x01 \x01(\tB\x0b\xfa\x42\x08r\x06\xb0\x01\x01\xd0\x01\x01\x12\x15\n\x04name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12\'\n\x11\x61vailable_metrics\x18\x04 \x03(\tB\x0c\xfa\x42\t\x92\x01\x06\"\x04r\x02\x10\x01\"\xc3\x02\n\x0c\x43loudService\x12\x17\n\x02id\x18\x01 \x01(\tB\x0b\xfa\x42\x08r\x06\xb0\x01\x01\xd0\x01\x01\x12\x15\n\x04name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12w\n\x11\x63\x61talogs_in_scope\x18\x04 \x03(\x0b\x32\".clouditor.orchestrator.v1.CatalogB8\x9a\x84\x9e\x03&gorm:\"many2many:target_of_evaluations\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\x12u\n\x12\x63onfigured_metrics\x18\x05 \x03(\x0b\x32\x1f.clouditor.assessment.v1.MetricB8\x9a\x84\x9e\x03&gorm:\"many2many:metric_configurations\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\"\xcf\x01\n\x07\x43\x61talog\x12\x13\n\x02id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x15\n\x04name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12m\n\ncategories\x18\x04 \x03(\x0b\x32#.clouditor.orchestrator.v1.CategoryB4\x9a\x84\x9e\x03\"gorm:\"constraint:OnDelete:CASCADE\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\x12\x14\n\x0c\x61ll_in_scope\x18\x05 \x01(\x08\"\xb4\x02\n\x08\x43\x61tegory\x12+\n\x04name\x18\x01 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x31\n\ncatalog_id\x18\x02 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12\xb2\x01\n\x08\x63ontrols\x18\x04 \x03(\x0b\x32\".clouditor.orchestrator.v1.ControlB|\x9a\x84\x9e\x03jgorm:\"foreignKey:category_name,category_catalog_id;references:name,catalog_id;constraint:OnDelete:CASCADE\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\"\xaa\x06\n\x07\x43ontrol\x12)\n\x02id\x18\x01 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x34\n\rcategory_name\x18\x02 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12:\n\x13\x63\x61tegory_catalog_id\x18\x03 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x15\n\x04name\x18\x04 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x13\n\x0b\x64\x65scription\x18\x05 \x01(\t\x12\xdd\x01\n\x08\x63ontrols\x18\x06 \x03(\x0b\x32\".clouditor.orchestrator.v1.ControlB\xa6\x01\x9a\x84\x9e\x03\x93\x01gorm:\"foreignKey:parent_control_id,parent_control_category_name,parent_control_category_catalog_id;references=id,category_name;category_catalog_id\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\x12\x80\x01\n\x07metrics\x18\x07 \x03(\x0b\x32\x1f.clouditor.assessment.v1.MetricBN\x9a\x84\x9e\x03<gorm:\"many2many:control_metrics;constraint:OnDelete:CASCADE\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\x12\'\n\x11parent_control_id\x18\x08 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01H\x00\x88\x01\x01\x12\x32\n\x1cparent_control_category_name\x18\t \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01H\x01\x88\x01\x01\x12\x38\n\"parent_control_category_catalog_id\x18\n \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01H\x02\x88\x01\x01\x42\x14\n\x12_parent_control_idB\x1f\n\x1d_parent_control_category_nameB%\n#_parent_control_category_catalog_id\"\xe9\x02\n\x12TargetOfEvaluation\x12\x38\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x1e\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x05r\x03\xb0\x01\x01\x12\x31\n\ncatalog_id\x18\x02 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12@\n\x0f\x61ssurance_level\x18\x03 \x01(\tB\"\xfa\x42\x1fr\x1d\x32\x1b^(|basic|substantial|high)$H\x00\x88\x01\x01\x12\x8f\x01\n\x11\x63ontrols_in_scope\x18\x04 \x03(\x0b\x32\".clouditor.orchestrator.v1.ControlBP\x9a\x84\x9e\x03>gorm:\"many2many:controls_in_scope;constraint:OnDelete:CASCADE\"\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01\x42\x12\n\x10_assurance_level\"\xa9\x01\n\x1aListControlsInScopeRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\x12%\n\x10\x63loud_service_id\x18\n \x01(\tB\x0b\xfa\x42\x08r\x06\xb0\x01\x01\xd0\x01\x01\x12\x1e\n\ncatalog_id\x18\x0b \x01(\tB\n\xfa\x42\x07r\x05\x10\x01\xd0\x01\x01\"|\n\x1bListControlsInScopeResponse\x12\x44\n\x11\x63ontrols_in_scope\x18\x01 \x03(\x0b\x32).clouditor.orchestrator.v1.ControlInScope\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"a\n\x1bUpdateControlInScopeRequest\x12\x42\n\x05scope\x18\x01 \x01(\x0b\x32).clouditor.orchestrator.v1.ControlInScopeB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"^\n\x18\x41\x64\x64\x43ontrolToScopeRequest\x12\x42\n\x05scope\x18\x01 \x01(\x0b\x32).clouditor.orchestrator.v1.ControlInScopeB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"\xa4\x01\n\x1dRemoveControlFromScopeRequest\x12!\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x1b\n\ncatalog_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x1b\n\ncontrol_id\x18\x03 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12&\n\x15\x63ontrol_category_name\x18\x04 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"\xa3\x03\n\x0e\x43ontrolInScope\x12L\n%target_of_evaluation_cloud_service_id\x18\x01 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x46\n\x1ftarget_of_evaluation_catalog_id\x18\x02 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x31\n\ncontrol_id\x18\x03 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12<\n\x15\x63ontrol_category_name\x18\x04 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x42\n\x1b\x63ontrol_category_catalog_id\x18\x05 \x01(\tB\x1d\x9a\x84\x9e\x03\x11gorm:\"primaryKey\"\xfa\x42\x04r\x02\x10\x01\x12\x46\n\x11monitoring_status\x18\x06 \x01(\x0e\x32+.clouditor.orchestrator.v1.MonitoringStatus\"x\n\x1f\x43reateTargetOfEvaluationRequest\x12U\n\x14target_of_evaluation\x18\x01 \x01(\x0b\x32-.clouditor.orchestrator.v1.TargetOfEvaluationB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"b\n\x1fRemoveTargetOfEvaluationRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x1b\n\ncatalog_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"_\n\x1cGetTargetOfEvaluationRequest\x12\"\n\x10\x63loud_service_id\x18\x01 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x1b\n\ncatalog_id\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"\x94\x01\n\x1eListTargetsOfEvaluationRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\x12\x18\n\x10\x63loud_service_id\x18\x05 \x01(\t\x12\x12\n\ncatalog_id\x18\x06 \x01(\t\"\x87\x01\n\x1fListTargetsOfEvaluationResponse\x12K\n\x14target_of_evaluation\x18\x01 \x03(\x0b\x32-.clouditor.orchestrator.v1.TargetOfEvaluation\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"x\n\x1fUpdateTargetOfEvaluationRequest\x12U\n\x14target_of_evaluation\x18\x03 \x01(\x0b\x32-.clouditor.orchestrator.v1.TargetOfEvaluationB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"8\n\x15GetCertificateRequest\x12\x1f\n\x0e\x63\x65rtificate_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"_\n\x17ListCertificatesRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\"q\n\x18ListCertificatesResponse\x12<\n\x0c\x63\x65rtificates\x18\x01 \x03(\x0b\x32&.clouditor.orchestrator.v1.Certificate\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"a\n\x18UpdateCertificateRequest\x12\x45\n\x0b\x63\x65rtificate\x18\x01 \x01(\x0b\x32&.clouditor.orchestrator.v1.CertificateB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"U\n\x14\x43reateCatalogRequest\x12=\n\x07\x63\x61talog\x18\x01 \x01(\x0b\x32\".clouditor.orchestrator.v1.CatalogB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"3\n\x14RemoveCatalogRequest\x12\x1b\n\ncatalog_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"0\n\x11GetCatalogRequest\x12\x1b\n\ncatalog_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"[\n\x13ListCatalogsRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\"e\n\x14ListCatalogsResponse\x12\x34\n\x08\x63\x61talogs\x18\x01 \x03(\x0b\x32\".clouditor.orchestrator.v1.Catalog\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"U\n\x14UpdateCatalogRequest\x12=\n\x07\x63\x61talog\x18\x01 \x01(\x0b\x32\".clouditor.orchestrator.v1.CatalogB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\"Q\n\x12GetCategoryRequest\x12\x1b\n\ncatalog_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x1e\n\rcategory_name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"m\n\x11GetControlRequest\x12\x1b\n\ncatalog_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x1e\n\rcategory_name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x1b\n\ncontrol_id\x18\x03 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"\x86\x01\n\x13ListControlsRequest\x12\x11\n\tpage_size\x18\x01 \x01(\x05\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12\x0b\n\x03\x61sc\x18\x04 \x01(\x08\x12\x12\n\ncatalog_id\x18\x05 \x01(\t\x12\x15\n\rcategory_name\x18\x06 \x01(\t\"e\n\x14ListControlsResponse\x12\x34\n\x08\x63ontrols\x18\x01 \x03(\x0b\x32\".clouditor.orchestrator.v1.Control\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"a\n\x18\x43reateCertificateRequest\x12\x45\n\x0b\x63\x65rtificate\x18\x01 \x01(\x0b\x32&.clouditor.orchestrator.v1.CertificateB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01\";\n\x18RemoveCertificateRequest\x12\x1f\n\x0e\x63\x65rtificate_id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\"\xb2\x02\n\x0b\x43\x65rtificate\x12\x13\n\x02id\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\x15\n\x04name\x18\x02 \x01(\tB\x07\xfa\x42\x04r\x02\x10\x01\x12\"\n\x10\x63loud_service_id\x18\x03 \x01(\tB\x08\xfa\x42\x05r\x03\xb0\x01\x01\x12\x12\n\nissue_date\x18\x04 \x01(\t\x12\x17\n\x0f\x65xpiration_date\x18\x05 \x01(\t\x12\x10\n\x08standard\x18\x06 \x01(\t\x12\x17\n\x0f\x61ssurance_level\x18\x07 \x01(\t\x12\x0b\n\x03\x63\x61\x62\x18\x08 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\t \x01(\t\x12Y\n\x06states\x18\n \x03(\x0b\x32 .clouditor.orchestrator.v1.StateB\'\x9a\x84\x9e\x03\"gorm:\"constraint:OnDelete:CASCADE\"\"^\n\x05State\x12\n\n\x02id\x18\x01 \x01(\t\x12\r\n\x05state\x18\x02 \x01(\t\x12\x0f\n\x07tree_id\x18\x03 \x01(\t\x12\x11\n\ttimestamp\x18\x04 \x01(\t\x12\x16\n\x0e\x63\x65rtificate_id\x18\x05 \x01(\t\"\xcf\x04\n\x1dTargetOfEvaluationChangeEvent\x12U\n\x04type\x18\x01 \x01(\x0e\x32=.clouditor.orchestrator.v1.TargetOfEvaluationChangeEvent.TypeB\x08\xfa\x42\x05\x82\x01\x02\x10\x01\x12Z\n\x14target_of_evaluation\x18\x02 \x01(\x0b\x32-.clouditor.orchestrator.v1.TargetOfEvaluationB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01H\x00\x88\x01\x01\x12R\n\x10\x63ontrol_in_scope\x18\x03 \x01(\x0b\x32).clouditor.orchestrator.v1.ControlInScopeB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01H\x01\x88\x01\x01\"\xf8\x01\n\x04Type\x12\x14\n\x10TYPE_UNSPECIFIED\x10\x00\x12%\n!TYPE_TARGET_OF_EVALUATION_CREATED\x10\x01\x12%\n!TYPE_TARGET_OF_EVALUATION_UPDATED\x10\x02\x12%\n!TYPE_TARGET_OF_EVALUATION_REMOVED\x10\x03\x12\x1f\n\x1bTYPE_CONTROL_IN_SCOPE_ADDED\x10\x04\x12!\n\x1dTYPE_CONTROL_IN_SCOPE_UPDATED\x10\x05\x12!\n\x1dTYPE_CONTROL_IN_SCOPE_REMOVED\x10\x06\x42\x17\n\x15_target_of_evaluationB\x13\n\x11_control_in_scope*\xaf\x01\n\x10MonitoringStatus\x12!\n\x1dMONITORING_STATUS_UNSPECIFIED\x10\x00\x12-\n)MONITORING_STATUS_AUTOMATICALLY_MONITORED\x10\x01\x12(\n$MONITORING_STATUS_MANUALLY_MONITORED\x10\x02\x12\x1f\n\x1bMONITORING_STATUS_DELEGATED\x10\x03\x32\x88\x43\n\x0cOrchestrator\x12\xae\x01\n\x16RegisterAssessmentTool\x12\x38.clouditor.orchestrator.v1.RegisterAssessmentToolRequest\x1a).clouditor.orchestrator.v1.AssessmentTool\"/\x82\xd3\xe4\x93\x02)\"!/v1/orchestrator/assessment_tools:\x04tool\x12\xaf\x01\n\x13ListAssessmentTools\x12\x35.clouditor.orchestrator.v1.ListAssessmentToolsRequest\x1a\x36.clouditor.orchestrator.v1.ListAssessmentToolsResponse\")\x82\xd3\xe4\x93\x02#\x12!/v1/orchestrator/assessment_tools\x12\xa8\x01\n\x11GetAssessmentTool\x12\x33.clouditor.orchestrator.v1.GetAssessmentToolRequest\x1a).clouditor.orchestrator.v1.AssessmentTool\"3\x82\xd3\xe4\x93\x02-\x12+/v1/orchestrator/assessment_tools/{tool_id}\x12\xb4\x01\n\x14UpdateAssessmentTool\x12\x36.clouditor.orchestrator.v1.UpdateAssessmentToolRequest\x1a).clouditor.orchestrator.v1.AssessmentTool\"9\x82\xd3\xe4\x93\x02\x33\x1a+/v1/orchestrator/assessment_tools/{tool.id}:\x04tool\x12\xa3\x01\n\x18\x44\x65registerAssessmentTool\x12:.clouditor.orchestrator.v1.DeregisterAssessmentToolRequest\x1a\x16.google.protobuf.Empty\"3\x82\xd3\xe4\x93\x02-*+/v1/orchestrator/assessment_tools/{tool_id}\x12\xbf\x01\n\x15StoreAssessmentResult\x12\x37.clouditor.orchestrator.v1.StoreAssessmentResultRequest\x1a\x38.clouditor.orchestrator.v1.StoreAssessmentResultResponse\"3\x82\xd3\xe4\x93\x02-\"#/v1/orchestrator/assessment_results:\x06result\x12\x90\x01\n\x16StoreAssessmentResults\x12\x37.clouditor.orchestrator.v1.StoreAssessmentResultRequest\x1a\x39.clouditor.orchestrator.v1.StoreAssessmentResultsResponse(\x01\x30\x01\x12\xb3\x01\n\x15ListAssessmentResults\x12\x35.clouditor.assessment.v1.ListAssessmentResultsRequest\x1a\x36.clouditor.assessment.v1.ListAssessmentResultsResponse\"+\x82\xd3\xe4\x93\x02%\x12#/v1/orchestrator/assessment_results\x12\x89\x01\n\x0c\x43reateMetric\x12..clouditor.orchestrator.v1.CreateMetricRequest\x1a\x1f.clouditor.assessment.v1.Metric\"(\x82\xd3\xe4\x93\x02\"\"\x18/v1/orchestrator/metrics:\x06metric\x12\x95\x01\n\x0cUpdateMetric\x12..clouditor.orchestrator.v1.UpdateMetricRequest\x1a\x1f.clouditor.assessment.v1.Metric\"4\x82\xd3\xe4\x93\x02.\x1a$/v1/orchestrator/metrics/{metric.id}:\x06metric\x12\x87\x01\n\tGetMetric\x12+.clouditor.orchestrator.v1.GetMetricRequest\x1a\x1f.clouditor.assessment.v1.Metric\",\x82\xd3\xe4\x93\x02&\x12$/v1/orchestrator/metrics/{metric_id}\x12\x8e\x01\n\x0bListMetrics\x12-.clouditor.orchestrator.v1.ListMetricsRequest\x1a..clouditor.orchestrator.v1.ListMetricsResponse\" \x82\xd3\xe4\x93\x02\x1a\x12\x18/v1/orchestrator/metrics\x12\xaf\x01\n\x14RegisterCloudService\x12\x36.clouditor.orchestrator.v1.RegisterCloudServiceRequest\x1a\'.clouditor.orchestrator.v1.CloudService\"6\x82\xd3\xe4\x93\x02\x30\"\x1f/v1/orchestrator/cloud_services:\rcloud_service\x12\xbe\x01\n\x12UpdateCloudService\x12\x34.clouditor.orchestrator.v1.UpdateCloudServiceRequest\x1a\'.clouditor.orchestrator.v1.CloudService\"I\x82\xd3\xe4\x93\x02\x43\x1a\x32/v1/orchestrator/cloud_services/{cloud_service.id}:\rcloud_service\x12\xa9\x01\n\x0fGetCloudService\x12\x31.clouditor.orchestrator.v1.GetCloudServiceRequest\x1a\'.clouditor.orchestrator.v1.CloudService\":\x82\xd3\xe4\x93\x02\x34\x12\x32/v1/orchestrator/cloud_services/{cloud_service_id}\x12\xa7\x01\n\x11ListCloudServices\x12\x33.clouditor.orchestrator.v1.ListCloudServicesRequest\x1a\x34.clouditor.orchestrator.v1.ListCloudServicesResponse\"\'\x82\xd3\xe4\x93\x02!\x12\x1f/v1/orchestrator/cloud_services\x12\x9e\x01\n\x12RemoveCloudService\x12\x34.clouditor.orchestrator.v1.RemoveCloudServiceRequest\x1a\x16.google.protobuf.Empty\":\x82\xd3\xe4\x93\x02\x34*2/v1/orchestrator/cloud_services/{cloud_service_id}\x12\xf3\x01\n\x19UpdateMetricConfiguration\x12;.clouditor.orchestrator.v1.UpdateMetricConfigurationRequest\x1a,.clouditor.assessment.v1.MetricConfiguration\"k\x82\xd3\xe4\x93\x02\x65\x1aT/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations/{metric_id}:\rconfiguration\x12\xde\x01\n\x16GetMetricConfiguration\x12\x38.clouditor.orchestrator.v1.GetMetricConfigurationRequest\x1a,.clouditor.assessment.v1.MetricConfiguration\"\\\x82\xd3\xe4\x93\x02V\x12T/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations/{metric_id}\x12\xe3\x01\n\x18ListMetricConfigurations\x12\x39.clouditor.orchestrator.v1.ListMetricConfigurationRequest\x1a:.clouditor.orchestrator.v1.ListMetricConfigurationResponse\"P\x82\xd3\xe4\x93\x02J\x12H/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations\x12\xe5\x01\n\x1aUpdateMetricImplementation\x12<.clouditor.orchestrator.v1.UpdateMetricImplementationRequest\x1a-.clouditor.assessment.v1.MetricImplementation\"Z\x82\xd3\xe4\x93\x02T\x1a\x42/v1/orchestrator/metrics/{implementation.metric_id}/implementation:\x0eimplementation\x12\xc0\x01\n\x17GetMetricImplementation\x12\x39.clouditor.orchestrator.v1.GetMetricImplementationRequest\x1a-.clouditor.assessment.v1.MetricImplementation\";\x82\xd3\xe4\x93\x02\x35\x12\x33/v1/orchestrator/metrics/{metric_id}/implementation\x12\x8d\x01\n\x1bSubscribeMetricChangeEvents\x12<.clouditor.orchestrator.v1.SubscribeMetricChangeEventRequest\x1a,.clouditor.orchestrator.v1.MetricChangeEvent\"\x00\x30\x01\x12\xa4\x01\n\x11\x43reateCertificate\x12\x33.clouditor.orchestrator.v1.CreateCertificateRequest\x1a&.clouditor.orchestrator.v1.Certificate\"2\x82\xd3\xe4\x93\x02,\"\x1d/v1/orchestrator/certificates:\x0b\x63\x65rtificate\x12\xa2\x01\n\x0eGetCertificate\x12\x30.clouditor.orchestrator.v1.GetCertificateRequest\x1a&.clouditor.orchestrator.v1.Certificate\"6\x82\xd3\xe4\x93\x02\x30\x12./v1/orchestrator/certificates/{certificate_id}\x12\xa2\x01\n\x10ListCertificates\x12\x32.clouditor.orchestrator.v1.ListCertificatesRequest\x1a\x33.clouditor.orchestrator.v1.ListCertificatesResponse\"%\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/orchestrator/certificates\x12\xb5\x01\n\x11UpdateCertificate\x12\x33.clouditor.orchestrator.v1.UpdateCertificateRequest\x1a&.clouditor.orchestrator.v1.Certificate\"C\x82\xd3\xe4\x93\x02=\x1a./v1/orchestrator/certificates/{certificate.id}:\x0b\x63\x65rtificate\x12\x98\x01\n\x11RemoveCertificate\x12\x33.clouditor.orchestrator.v1.RemoveCertificateRequest\x1a\x16.google.protobuf.Empty\"6\x82\xd3\xe4\x93\x02\x30*./v1/orchestrator/certificates/{certificate_id}\x12\x90\x01\n\rCreateCatalog\x12/.clouditor.orchestrator.v1.CreateCatalogRequest\x1a\".clouditor.orchestrator.v1.Catalog\"*\x82\xd3\xe4\x93\x02$\"\x19/v1/orchestrator/catalogs:\x07\x63\x61talog\x12\x92\x01\n\x0cListCatalogs\x12..clouditor.orchestrator.v1.ListCatalogsRequest\x1a/.clouditor.orchestrator.v1.ListCatalogsResponse\"!\x82\xd3\xe4\x93\x02\x1b\x12\x19/v1/orchestrator/catalogs\x12\x8e\x01\n\nGetCatalog\x12,.clouditor.orchestrator.v1.GetCatalogRequest\x1a\".clouditor.orchestrator.v1.Catalog\".\x82\xd3\xe4\x93\x02(\x12&/v1/orchestrator/catalogs/{catalog_id}\x12\x88\x01\n\rRemoveCatalog\x12/.clouditor.orchestrator.v1.RemoveCatalogRequest\x1a\x16.google.protobuf.Empty\".\x82\xd3\xe4\x93\x02(*&/v1/orchestrator/catalogs/{catalog_id}\x12\x9d\x01\n\rUpdateCatalog\x12/.clouditor.orchestrator.v1.UpdateCatalogRequest\x1a\".clouditor.orchestrator.v1.Catalog\"7\x82\xd3\xe4\x93\x02\x31\x1a&/v1/orchestrator/catalogs/{catalog.id}:\x07\x63\x61talog\x12\xaa\x01\n\x0bGetCategory\x12-.clouditor.orchestrator.v1.GetCategoryRequest\x1a#.clouditor.orchestrator.v1.Category\"G\x82\xd3\xe4\x93\x02\x41\x12?/v1/orchestrator/catalogs/{catalog_id}/category/{category_name}\x12\xe0\x01\n\x0cListControls\x12..clouditor.orchestrator.v1.ListControlsRequest\x1a/.clouditor.orchestrator.v1.ListControlsResponse\"o\x82\xd3\xe4\x93\x02i\x12\x19/v1/orchestrator/controlsZL\x12J/v1/orchestrator/catalogs/{catalog_id}/categories/{category_name}/controls\x12\xbf\x01\n\nGetControl\x12,.clouditor.orchestrator.v1.GetControlRequest\x1a\".clouditor.orchestrator.v1.Control\"_\x82\xd3\xe4\x93\x02Y\x12W/v1/orchestrator/catalogs/{catalog_id}/categories/{category_name}/controls/{control_id}\x12\xba\x01\n\x18\x43reateTargetOfEvaluation\x12:.clouditor.orchestrator.v1.CreateTargetOfEvaluationRequest\x1a-.clouditor.orchestrator.v1.TargetOfEvaluation\"3\x82\xd3\xe4\x93\x02-\"\x15/v1/orchestrator/toes:\x14target_of_evaluation\x12\xcd\x01\n\x15GetTargetOfEvaluation\x12\x37.clouditor.orchestrator.v1.GetTargetOfEvaluationRequest\x1a-.clouditor.orchestrator.v1.TargetOfEvaluation\"L\x82\xd3\xe4\x93\x02\x46\x12\x44/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}\x12\xe4\x01\n\x13ListControlsInScope\x12\x35.clouditor.orchestrator.v1.ListControlsInScopeRequest\x1a\x36.clouditor.orchestrator.v1.ListControlsInScopeResponse\"^\x82\xd3\xe4\x93\x02X\x12V/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}/controls_in_scope\x12\x93\x02\n\x11\x41\x64\x64\x43ontrolToScope\x12\x33.clouditor.orchestrator.v1.AddControlToScopeRequest\x1a).clouditor.orchestrator.v1.ControlInScope\"\x9d\x01\x82\xd3\xe4\x93\x02\x96\x01\"\x8c\x01/v1/orchestrator/cloud_services/{scope.target_of_evaluation_cloud_service_id}/toes/{scope.target_of_evaluation_catalog_id}/controls_in_scope:\x05scope\x12\xde\x02\n\x14UpdateControlInScope\x12\x36.clouditor.orchestrator.v1.UpdateControlInScopeRequest\x1a).clouditor.orchestrator.v1.ControlInScope\"\xe2\x01\x82\xd3\xe4\x93\x02\xdb\x01\x1a\xd1\x01/v1/orchestrator/cloud_services/{scope.target_of_evaluation_cloud_service_id}/toes/{scope.target_of_evaluation_catalog_id}/controls_in_scope/categories/{scope.control_category_name}/controls/{scope.control_id}:\x05scope\x12\x86\x02\n\x16RemoveControlFromScope\x12\x38.clouditor.orchestrator.v1.RemoveControlFromScopeRequest\x1a\x16.google.protobuf.Empty\"\x99\x01\x82\xd3\xe4\x93\x02\x92\x01*\x8f\x01/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}/controls_in_scope/categories/{control_category_name}/controls/{control_id}\x12\x9b\x02\n\x17ListTargetsOfEvaluation\x12\x39.clouditor.orchestrator.v1.ListTargetsOfEvaluationRequest\x1a:.clouditor.orchestrator.v1.ListTargetsOfEvaluationResponse\"\x88\x01\x82\xd3\xe4\x93\x02\x81\x01\x12\x15/v1/orchestrator/toesZ9\x12\x37/v1/orchestrator/cloud_services/{cloud_service_id}/toesZ-\x12+/v1/orchestrator/catalogs/{catalog_id}/toes\x12\x95\x02\n\x18UpdateTargetOfEvaluation\x12:.clouditor.orchestrator.v1.UpdateTargetOfEvaluationRequest\x1a-.clouditor.orchestrator.v1.TargetOfEvaluation\"\x8d\x01\x82\xd3\xe4\x93\x02\x86\x01\x1an/v1/orchestrator/cloud_services/{target_of_evaluation.cloud_service_id}/toes/{target_of_evaluation.catalog_id}:\x14target_of_evaluation\x12\xbc\x01\n\x18RemoveTargetOfEvaluation\x12:.clouditor.orchestrator.v1.RemoveTargetOfEvaluationRequest\x1a\x16.google.protobuf.Empty\"L\x82\xd3\xe4\x93\x02\x46*D/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}B)Z\'clouditor.io/clouditor/api/orchestratorb\x06proto3') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'orchestrator_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'Z\'clouditor.io/clouditor/api/orchestrator' + _REGISTERASSESSMENTTOOLREQUEST.fields_by_name['tool']._options = None + _REGISTERASSESSMENTTOOLREQUEST.fields_by_name['tool']._serialized_options = b'\372B\005\212\001\002\020\001' + _LISTASSESSMENTTOOLSREQUEST.fields_by_name['filter_metric_id']._options = None + _LISTASSESSMENTTOOLSREQUEST.fields_by_name['filter_metric_id']._serialized_options = b'\372B\004r\002\020\001' + _GETASSESSMENTTOOLREQUEST.fields_by_name['tool_id']._options = None + _GETASSESSMENTTOOLREQUEST.fields_by_name['tool_id']._serialized_options = b'\372B\004r\002\020\001' + _UPDATEASSESSMENTTOOLREQUEST.fields_by_name['tool']._options = None + _UPDATEASSESSMENTTOOLREQUEST.fields_by_name['tool']._serialized_options = b'\372B\005\212\001\002\020\001' + _DEREGISTERASSESSMENTTOOLREQUEST.fields_by_name['tool_id']._options = None + _DEREGISTERASSESSMENTTOOLREQUEST.fields_by_name['tool_id']._serialized_options = b'\372B\004r\002\020\001' + _STOREASSESSMENTRESULTREQUEST.fields_by_name['result']._options = None + _STOREASSESSMENTRESULTREQUEST.fields_by_name['result']._serialized_options = b'\372B\005\212\001\002\020\001' + _CREATEMETRICREQUEST.fields_by_name['metric']._options = None + _CREATEMETRICREQUEST.fields_by_name['metric']._serialized_options = b'\372B\005\212\001\002\020\001' + _UPDATEMETRICREQUEST.fields_by_name['metric']._options = None + _UPDATEMETRICREQUEST.fields_by_name['metric']._serialized_options = b'\372B\005\212\001\002\020\001' + _GETMETRICREQUEST.fields_by_name['metric_id']._options = None + _GETMETRICREQUEST.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _GETCLOUDSERVICEREQUEST.fields_by_name['cloud_service_id']._options = None + _GETCLOUDSERVICEREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _REGISTERCLOUDSERVICEREQUEST.fields_by_name['cloud_service']._options = None + _REGISTERCLOUDSERVICEREQUEST.fields_by_name['cloud_service']._serialized_options = b'\372B\005\212\001\002\020\001' + _UPDATECLOUDSERVICEREQUEST.fields_by_name['cloud_service']._options = None + _UPDATECLOUDSERVICEREQUEST.fields_by_name['cloud_service']._serialized_options = b'\372B\005\212\001\002\020\001' + _REMOVECLOUDSERVICEREQUEST.fields_by_name['cloud_service_id']._options = None + _REMOVECLOUDSERVICEREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._options = None + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['metric_id']._options = None + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['configuration']._options = None + _UPDATEMETRICCONFIGURATIONREQUEST.fields_by_name['configuration']._serialized_options = b'\372B\005\212\001\002\020\001' + _GETMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._options = None + _GETMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _GETMETRICCONFIGURATIONREQUEST.fields_by_name['metric_id']._options = None + _GETMETRICCONFIGURATIONREQUEST.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _LISTMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._options = None + _LISTMETRICCONFIGURATIONREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _LISTMETRICCONFIGURATIONRESPONSE_CONFIGURATIONSENTRY._options = None + _LISTMETRICCONFIGURATIONRESPONSE_CONFIGURATIONSENTRY._serialized_options = b'8\001' + _UPDATEMETRICIMPLEMENTATIONREQUEST.fields_by_name['implementation']._options = None + _UPDATEMETRICIMPLEMENTATIONREQUEST.fields_by_name['implementation']._serialized_options = b'\372B\005\212\001\002\020\001' + _GETMETRICIMPLEMENTATIONREQUEST.fields_by_name['metric_id']._options = None + _GETMETRICIMPLEMENTATIONREQUEST.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _METRICCHANGEEVENT.fields_by_name['type']._options = None + _METRICCHANGEEVENT.fields_by_name['type']._serialized_options = b'\372B\005\202\001\002\020\001' + _METRICCHANGEEVENT.fields_by_name['metric_id']._options = None + _METRICCHANGEEVENT.fields_by_name['metric_id']._serialized_options = b'\372B\004r\002\020\001' + _METRICCHANGEEVENT.fields_by_name['cloud_service_id']._options = None + _METRICCHANGEEVENT.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _ASSESSMENTTOOL.fields_by_name['id']._options = None + _ASSESSMENTTOOL.fields_by_name['id']._serialized_options = b'\372B\010r\006\260\001\001\320\001\001' + _ASSESSMENTTOOL.fields_by_name['name']._options = None + _ASSESSMENTTOOL.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _ASSESSMENTTOOL.fields_by_name['available_metrics']._options = None + _ASSESSMENTTOOL.fields_by_name['available_metrics']._serialized_options = b'\372B\t\222\001\006\"\004r\002\020\001' + _CLOUDSERVICE.fields_by_name['id']._options = None + _CLOUDSERVICE.fields_by_name['id']._serialized_options = b'\372B\010r\006\260\001\001\320\001\001' + _CLOUDSERVICE.fields_by_name['name']._options = None + _CLOUDSERVICE.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _CLOUDSERVICE.fields_by_name['catalogs_in_scope']._options = None + _CLOUDSERVICE.fields_by_name['catalogs_in_scope']._serialized_options = b'\232\204\236\003&gorm:\"many2many:target_of_evaluations\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CLOUDSERVICE.fields_by_name['configured_metrics']._options = None + _CLOUDSERVICE.fields_by_name['configured_metrics']._serialized_options = b'\232\204\236\003&gorm:\"many2many:metric_configurations\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CATALOG.fields_by_name['id']._options = None + _CATALOG.fields_by_name['id']._serialized_options = b'\372B\004r\002\020\001' + _CATALOG.fields_by_name['name']._options = None + _CATALOG.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _CATALOG.fields_by_name['categories']._options = None + _CATALOG.fields_by_name['categories']._serialized_options = b'\232\204\236\003\"gorm:\"constraint:OnDelete:CASCADE\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CATEGORY.fields_by_name['name']._options = None + _CATEGORY.fields_by_name['name']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CATEGORY.fields_by_name['catalog_id']._options = None + _CATEGORY.fields_by_name['catalog_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CATEGORY.fields_by_name['controls']._options = None + _CATEGORY.fields_by_name['controls']._serialized_options = b'\232\204\236\003jgorm:\"foreignKey:category_name,category_catalog_id;references:name,catalog_id;constraint:OnDelete:CASCADE\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CONTROL.fields_by_name['id']._options = None + _CONTROL.fields_by_name['id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROL.fields_by_name['category_name']._options = None + _CONTROL.fields_by_name['category_name']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROL.fields_by_name['category_catalog_id']._options = None + _CONTROL.fields_by_name['category_catalog_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROL.fields_by_name['name']._options = None + _CONTROL.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _CONTROL.fields_by_name['controls']._options = None + _CONTROL.fields_by_name['controls']._serialized_options = b'\232\204\236\003\223\001gorm:\"foreignKey:parent_control_id,parent_control_category_name,parent_control_category_catalog_id;references=id,category_name;category_catalog_id\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CONTROL.fields_by_name['metrics']._options = None + _CONTROL.fields_by_name['metrics']._serialized_options = b'\232\204\236\003<gorm:\"many2many:control_metrics;constraint:OnDelete:CASCADE\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _CONTROL.fields_by_name['parent_control_id']._options = None + _CONTROL.fields_by_name['parent_control_id']._serialized_options = b'\372B\004r\002\020\001' + _CONTROL.fields_by_name['parent_control_category_name']._options = None + _CONTROL.fields_by_name['parent_control_category_name']._serialized_options = b'\372B\004r\002\020\001' + _CONTROL.fields_by_name['parent_control_category_catalog_id']._options = None + _CONTROL.fields_by_name['parent_control_category_catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _TARGETOFEVALUATION.fields_by_name['cloud_service_id']._options = None + _TARGETOFEVALUATION.fields_by_name['cloud_service_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\005r\003\260\001\001' + _TARGETOFEVALUATION.fields_by_name['catalog_id']._options = None + _TARGETOFEVALUATION.fields_by_name['catalog_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _TARGETOFEVALUATION.fields_by_name['assurance_level']._options = None + _TARGETOFEVALUATION.fields_by_name['assurance_level']._serialized_options = b'\372B\037r\0352\033^(|basic|substantial|high)$' + _TARGETOFEVALUATION.fields_by_name['controls_in_scope']._options = None + _TARGETOFEVALUATION.fields_by_name['controls_in_scope']._serialized_options = b'\232\204\236\003>gorm:\"many2many:controls_in_scope;constraint:OnDelete:CASCADE\"\372B\n\222\001\007\"\005\212\001\002\020\001' + _LISTCONTROLSINSCOPEREQUEST.fields_by_name['cloud_service_id']._options = None + _LISTCONTROLSINSCOPEREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\010r\006\260\001\001\320\001\001' + _LISTCONTROLSINSCOPEREQUEST.fields_by_name['catalog_id']._options = None + _LISTCONTROLSINSCOPEREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\007r\005\020\001\320\001\001' + _UPDATECONTROLINSCOPEREQUEST.fields_by_name['scope']._options = None + _UPDATECONTROLINSCOPEREQUEST.fields_by_name['scope']._serialized_options = b'\372B\005\212\001\002\020\001' + _ADDCONTROLTOSCOPEREQUEST.fields_by_name['scope']._options = None + _ADDCONTROLTOSCOPEREQUEST.fields_by_name['scope']._serialized_options = b'\372B\005\212\001\002\020\001' + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['cloud_service_id']._options = None + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\004r\002\020\001' + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['catalog_id']._options = None + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['control_id']._options = None + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['control_id']._serialized_options = b'\372B\004r\002\020\001' + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['control_category_name']._options = None + _REMOVECONTROLFROMSCOPEREQUEST.fields_by_name['control_category_name']._serialized_options = b'\372B\004r\002\020\001' + _CONTROLINSCOPE.fields_by_name['target_of_evaluation_cloud_service_id']._options = None + _CONTROLINSCOPE.fields_by_name['target_of_evaluation_cloud_service_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROLINSCOPE.fields_by_name['target_of_evaluation_catalog_id']._options = None + _CONTROLINSCOPE.fields_by_name['target_of_evaluation_catalog_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROLINSCOPE.fields_by_name['control_id']._options = None + _CONTROLINSCOPE.fields_by_name['control_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROLINSCOPE.fields_by_name['control_category_name']._options = None + _CONTROLINSCOPE.fields_by_name['control_category_name']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CONTROLINSCOPE.fields_by_name['control_category_catalog_id']._options = None + _CONTROLINSCOPE.fields_by_name['control_category_catalog_id']._serialized_options = b'\232\204\236\003\021gorm:\"primaryKey\"\372B\004r\002\020\001' + _CREATETARGETOFEVALUATIONREQUEST.fields_by_name['target_of_evaluation']._options = None + _CREATETARGETOFEVALUATIONREQUEST.fields_by_name['target_of_evaluation']._serialized_options = b'\372B\005\212\001\002\020\001' + _REMOVETARGETOFEVALUATIONREQUEST.fields_by_name['cloud_service_id']._options = None + _REMOVETARGETOFEVALUATIONREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _REMOVETARGETOFEVALUATIONREQUEST.fields_by_name['catalog_id']._options = None + _REMOVETARGETOFEVALUATIONREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _GETTARGETOFEVALUATIONREQUEST.fields_by_name['cloud_service_id']._options = None + _GETTARGETOFEVALUATIONREQUEST.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _GETTARGETOFEVALUATIONREQUEST.fields_by_name['catalog_id']._options = None + _GETTARGETOFEVALUATIONREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _UPDATETARGETOFEVALUATIONREQUEST.fields_by_name['target_of_evaluation']._options = None + _UPDATETARGETOFEVALUATIONREQUEST.fields_by_name['target_of_evaluation']._serialized_options = b'\372B\005\212\001\002\020\001' + _GETCERTIFICATEREQUEST.fields_by_name['certificate_id']._options = None + _GETCERTIFICATEREQUEST.fields_by_name['certificate_id']._serialized_options = b'\372B\004r\002\020\001' + _UPDATECERTIFICATEREQUEST.fields_by_name['certificate']._options = None + _UPDATECERTIFICATEREQUEST.fields_by_name['certificate']._serialized_options = b'\372B\005\212\001\002\020\001' + _CREATECATALOGREQUEST.fields_by_name['catalog']._options = None + _CREATECATALOGREQUEST.fields_by_name['catalog']._serialized_options = b'\372B\005\212\001\002\020\001' + _REMOVECATALOGREQUEST.fields_by_name['catalog_id']._options = None + _REMOVECATALOGREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _GETCATALOGREQUEST.fields_by_name['catalog_id']._options = None + _GETCATALOGREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _UPDATECATALOGREQUEST.fields_by_name['catalog']._options = None + _UPDATECATALOGREQUEST.fields_by_name['catalog']._serialized_options = b'\372B\005\212\001\002\020\001' + _GETCATEGORYREQUEST.fields_by_name['catalog_id']._options = None + _GETCATEGORYREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _GETCATEGORYREQUEST.fields_by_name['category_name']._options = None + _GETCATEGORYREQUEST.fields_by_name['category_name']._serialized_options = b'\372B\004r\002\020\001' + _GETCONTROLREQUEST.fields_by_name['catalog_id']._options = None + _GETCONTROLREQUEST.fields_by_name['catalog_id']._serialized_options = b'\372B\004r\002\020\001' + _GETCONTROLREQUEST.fields_by_name['category_name']._options = None + _GETCONTROLREQUEST.fields_by_name['category_name']._serialized_options = b'\372B\004r\002\020\001' + _GETCONTROLREQUEST.fields_by_name['control_id']._options = None + _GETCONTROLREQUEST.fields_by_name['control_id']._serialized_options = b'\372B\004r\002\020\001' + _CREATECERTIFICATEREQUEST.fields_by_name['certificate']._options = None + _CREATECERTIFICATEREQUEST.fields_by_name['certificate']._serialized_options = b'\372B\005\212\001\002\020\001' + _REMOVECERTIFICATEREQUEST.fields_by_name['certificate_id']._options = None + _REMOVECERTIFICATEREQUEST.fields_by_name['certificate_id']._serialized_options = b'\372B\004r\002\020\001' + _CERTIFICATE.fields_by_name['id']._options = None + _CERTIFICATE.fields_by_name['id']._serialized_options = b'\372B\004r\002\020\001' + _CERTIFICATE.fields_by_name['name']._options = None + _CERTIFICATE.fields_by_name['name']._serialized_options = b'\372B\004r\002\020\001' + _CERTIFICATE.fields_by_name['cloud_service_id']._options = None + _CERTIFICATE.fields_by_name['cloud_service_id']._serialized_options = b'\372B\005r\003\260\001\001' + _CERTIFICATE.fields_by_name['states']._options = None + _CERTIFICATE.fields_by_name['states']._serialized_options = b'\232\204\236\003\"gorm:\"constraint:OnDelete:CASCADE\"' + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['type']._options = None + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['type']._serialized_options = b'\372B\005\202\001\002\020\001' + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['target_of_evaluation']._options = None + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['target_of_evaluation']._serialized_options = b'\372B\005\212\001\002\020\001' + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['control_in_scope']._options = None + _TARGETOFEVALUATIONCHANGEEVENT.fields_by_name['control_in_scope']._serialized_options = b'\372B\005\212\001\002\020\001' + _ORCHESTRATOR.methods_by_name['RegisterAssessmentTool']._options = None + _ORCHESTRATOR.methods_by_name['RegisterAssessmentTool']._serialized_options = b'\202\323\344\223\002)\"!/v1/orchestrator/assessment_tools:\004tool' + _ORCHESTRATOR.methods_by_name['ListAssessmentTools']._options = None + _ORCHESTRATOR.methods_by_name['ListAssessmentTools']._serialized_options = b'\202\323\344\223\002#\022!/v1/orchestrator/assessment_tools' + _ORCHESTRATOR.methods_by_name['GetAssessmentTool']._options = None + _ORCHESTRATOR.methods_by_name['GetAssessmentTool']._serialized_options = b'\202\323\344\223\002-\022+/v1/orchestrator/assessment_tools/{tool_id}' + _ORCHESTRATOR.methods_by_name['UpdateAssessmentTool']._options = None + _ORCHESTRATOR.methods_by_name['UpdateAssessmentTool']._serialized_options = b'\202\323\344\223\0023\032+/v1/orchestrator/assessment_tools/{tool.id}:\004tool' + _ORCHESTRATOR.methods_by_name['DeregisterAssessmentTool']._options = None + _ORCHESTRATOR.methods_by_name['DeregisterAssessmentTool']._serialized_options = b'\202\323\344\223\002-*+/v1/orchestrator/assessment_tools/{tool_id}' + _ORCHESTRATOR.methods_by_name['StoreAssessmentResult']._options = None + _ORCHESTRATOR.methods_by_name['StoreAssessmentResult']._serialized_options = b'\202\323\344\223\002-\"#/v1/orchestrator/assessment_results:\006result' + _ORCHESTRATOR.methods_by_name['ListAssessmentResults']._options = None + _ORCHESTRATOR.methods_by_name['ListAssessmentResults']._serialized_options = b'\202\323\344\223\002%\022#/v1/orchestrator/assessment_results' + _ORCHESTRATOR.methods_by_name['CreateMetric']._options = None + _ORCHESTRATOR.methods_by_name['CreateMetric']._serialized_options = b'\202\323\344\223\002\"\"\030/v1/orchestrator/metrics:\006metric' + _ORCHESTRATOR.methods_by_name['UpdateMetric']._options = None + _ORCHESTRATOR.methods_by_name['UpdateMetric']._serialized_options = b'\202\323\344\223\002.\032$/v1/orchestrator/metrics/{metric.id}:\006metric' + _ORCHESTRATOR.methods_by_name['GetMetric']._options = None + _ORCHESTRATOR.methods_by_name['GetMetric']._serialized_options = b'\202\323\344\223\002&\022$/v1/orchestrator/metrics/{metric_id}' + _ORCHESTRATOR.methods_by_name['ListMetrics']._options = None + _ORCHESTRATOR.methods_by_name['ListMetrics']._serialized_options = b'\202\323\344\223\002\032\022\030/v1/orchestrator/metrics' + _ORCHESTRATOR.methods_by_name['RegisterCloudService']._options = None + _ORCHESTRATOR.methods_by_name['RegisterCloudService']._serialized_options = b'\202\323\344\223\0020\"\037/v1/orchestrator/cloud_services:\rcloud_service' + _ORCHESTRATOR.methods_by_name['UpdateCloudService']._options = None + _ORCHESTRATOR.methods_by_name['UpdateCloudService']._serialized_options = b'\202\323\344\223\002C\0322/v1/orchestrator/cloud_services/{cloud_service.id}:\rcloud_service' + _ORCHESTRATOR.methods_by_name['GetCloudService']._options = None + _ORCHESTRATOR.methods_by_name['GetCloudService']._serialized_options = b'\202\323\344\223\0024\0222/v1/orchestrator/cloud_services/{cloud_service_id}' + _ORCHESTRATOR.methods_by_name['ListCloudServices']._options = None + _ORCHESTRATOR.methods_by_name['ListCloudServices']._serialized_options = b'\202\323\344\223\002!\022\037/v1/orchestrator/cloud_services' + _ORCHESTRATOR.methods_by_name['RemoveCloudService']._options = None + _ORCHESTRATOR.methods_by_name['RemoveCloudService']._serialized_options = b'\202\323\344\223\0024*2/v1/orchestrator/cloud_services/{cloud_service_id}' + _ORCHESTRATOR.methods_by_name['UpdateMetricConfiguration']._options = None + _ORCHESTRATOR.methods_by_name['UpdateMetricConfiguration']._serialized_options = b'\202\323\344\223\002e\032T/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations/{metric_id}:\rconfiguration' + _ORCHESTRATOR.methods_by_name['GetMetricConfiguration']._options = None + _ORCHESTRATOR.methods_by_name['GetMetricConfiguration']._serialized_options = b'\202\323\344\223\002V\022T/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations/{metric_id}' + _ORCHESTRATOR.methods_by_name['ListMetricConfigurations']._options = None + _ORCHESTRATOR.methods_by_name['ListMetricConfigurations']._serialized_options = b'\202\323\344\223\002J\022H/v1/orchestrator/cloud_services/{cloud_service_id}/metric_configurations' + _ORCHESTRATOR.methods_by_name['UpdateMetricImplementation']._options = None + _ORCHESTRATOR.methods_by_name['UpdateMetricImplementation']._serialized_options = b'\202\323\344\223\002T\032B/v1/orchestrator/metrics/{implementation.metric_id}/implementation:\016implementation' + _ORCHESTRATOR.methods_by_name['GetMetricImplementation']._options = None + _ORCHESTRATOR.methods_by_name['GetMetricImplementation']._serialized_options = b'\202\323\344\223\0025\0223/v1/orchestrator/metrics/{metric_id}/implementation' + _ORCHESTRATOR.methods_by_name['CreateCertificate']._options = None + _ORCHESTRATOR.methods_by_name['CreateCertificate']._serialized_options = b'\202\323\344\223\002,\"\035/v1/orchestrator/certificates:\013certificate' + _ORCHESTRATOR.methods_by_name['GetCertificate']._options = None + _ORCHESTRATOR.methods_by_name['GetCertificate']._serialized_options = b'\202\323\344\223\0020\022./v1/orchestrator/certificates/{certificate_id}' + _ORCHESTRATOR.methods_by_name['ListCertificates']._options = None + _ORCHESTRATOR.methods_by_name['ListCertificates']._serialized_options = b'\202\323\344\223\002\037\022\035/v1/orchestrator/certificates' + _ORCHESTRATOR.methods_by_name['UpdateCertificate']._options = None + _ORCHESTRATOR.methods_by_name['UpdateCertificate']._serialized_options = b'\202\323\344\223\002=\032./v1/orchestrator/certificates/{certificate.id}:\013certificate' + _ORCHESTRATOR.methods_by_name['RemoveCertificate']._options = None + _ORCHESTRATOR.methods_by_name['RemoveCertificate']._serialized_options = b'\202\323\344\223\0020*./v1/orchestrator/certificates/{certificate_id}' + _ORCHESTRATOR.methods_by_name['CreateCatalog']._options = None + _ORCHESTRATOR.methods_by_name['CreateCatalog']._serialized_options = b'\202\323\344\223\002$\"\031/v1/orchestrator/catalogs:\007catalog' + _ORCHESTRATOR.methods_by_name['ListCatalogs']._options = None + _ORCHESTRATOR.methods_by_name['ListCatalogs']._serialized_options = b'\202\323\344\223\002\033\022\031/v1/orchestrator/catalogs' + _ORCHESTRATOR.methods_by_name['GetCatalog']._options = None + _ORCHESTRATOR.methods_by_name['GetCatalog']._serialized_options = b'\202\323\344\223\002(\022&/v1/orchestrator/catalogs/{catalog_id}' + _ORCHESTRATOR.methods_by_name['RemoveCatalog']._options = None + _ORCHESTRATOR.methods_by_name['RemoveCatalog']._serialized_options = b'\202\323\344\223\002(*&/v1/orchestrator/catalogs/{catalog_id}' + _ORCHESTRATOR.methods_by_name['UpdateCatalog']._options = None + _ORCHESTRATOR.methods_by_name['UpdateCatalog']._serialized_options = b'\202\323\344\223\0021\032&/v1/orchestrator/catalogs/{catalog.id}:\007catalog' + _ORCHESTRATOR.methods_by_name['GetCategory']._options = None + _ORCHESTRATOR.methods_by_name['GetCategory']._serialized_options = b'\202\323\344\223\002A\022?/v1/orchestrator/catalogs/{catalog_id}/category/{category_name}' + _ORCHESTRATOR.methods_by_name['ListControls']._options = None + _ORCHESTRATOR.methods_by_name['ListControls']._serialized_options = b'\202\323\344\223\002i\022\031/v1/orchestrator/controlsZL\022J/v1/orchestrator/catalogs/{catalog_id}/categories/{category_name}/controls' + _ORCHESTRATOR.methods_by_name['GetControl']._options = None + _ORCHESTRATOR.methods_by_name['GetControl']._serialized_options = b'\202\323\344\223\002Y\022W/v1/orchestrator/catalogs/{catalog_id}/categories/{category_name}/controls/{control_id}' + _ORCHESTRATOR.methods_by_name['CreateTargetOfEvaluation']._options = None + _ORCHESTRATOR.methods_by_name['CreateTargetOfEvaluation']._serialized_options = b'\202\323\344\223\002-\"\025/v1/orchestrator/toes:\024target_of_evaluation' + _ORCHESTRATOR.methods_by_name['GetTargetOfEvaluation']._options = None + _ORCHESTRATOR.methods_by_name['GetTargetOfEvaluation']._serialized_options = b'\202\323\344\223\002F\022D/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}' + _ORCHESTRATOR.methods_by_name['ListControlsInScope']._options = None + _ORCHESTRATOR.methods_by_name['ListControlsInScope']._serialized_options = b'\202\323\344\223\002X\022V/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}/controls_in_scope' + _ORCHESTRATOR.methods_by_name['AddControlToScope']._options = None + _ORCHESTRATOR.methods_by_name['AddControlToScope']._serialized_options = b'\202\323\344\223\002\226\001\"\214\001/v1/orchestrator/cloud_services/{scope.target_of_evaluation_cloud_service_id}/toes/{scope.target_of_evaluation_catalog_id}/controls_in_scope:\005scope' + _ORCHESTRATOR.methods_by_name['UpdateControlInScope']._options = None + _ORCHESTRATOR.methods_by_name['UpdateControlInScope']._serialized_options = b'\202\323\344\223\002\333\001\032\321\001/v1/orchestrator/cloud_services/{scope.target_of_evaluation_cloud_service_id}/toes/{scope.target_of_evaluation_catalog_id}/controls_in_scope/categories/{scope.control_category_name}/controls/{scope.control_id}:\005scope' + _ORCHESTRATOR.methods_by_name['RemoveControlFromScope']._options = None + _ORCHESTRATOR.methods_by_name['RemoveControlFromScope']._serialized_options = b'\202\323\344\223\002\222\001*\217\001/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}/controls_in_scope/categories/{control_category_name}/controls/{control_id}' + _ORCHESTRATOR.methods_by_name['ListTargetsOfEvaluation']._options = None + _ORCHESTRATOR.methods_by_name['ListTargetsOfEvaluation']._serialized_options = b'\202\323\344\223\002\201\001\022\025/v1/orchestrator/toesZ9\0227/v1/orchestrator/cloud_services/{cloud_service_id}/toesZ-\022+/v1/orchestrator/catalogs/{catalog_id}/toes' + _ORCHESTRATOR.methods_by_name['UpdateTargetOfEvaluation']._options = None + _ORCHESTRATOR.methods_by_name['UpdateTargetOfEvaluation']._serialized_options = b'\202\323\344\223\002\206\001\032n/v1/orchestrator/cloud_services/{target_of_evaluation.cloud_service_id}/toes/{target_of_evaluation.catalog_id}:\024target_of_evaluation' + _ORCHESTRATOR.methods_by_name['RemoveTargetOfEvaluation']._options = None + _ORCHESTRATOR.methods_by_name['RemoveTargetOfEvaluation']._serialized_options = b'\202\323\344\223\002F*D/v1/orchestrator/cloud_services/{cloud_service_id}/toes/{catalog_id}' + _MONITORINGSTATUS._serialized_start=9396 + _MONITORINGSTATUS._serialized_end=9571 + _REGISTERASSESSMENTTOOLREQUEST._serialized_start=170 + _REGISTERASSESSMENTTOOLREQUEST._serialized_end=268 + _LISTASSESSMENTTOOLSREQUEST._serialized_start=271 + _LISTASSESSMENTTOOLSREQUEST._serialized_end=430 + _LISTASSESSMENTTOOLSRESPONSE._serialized_start=432 + _LISTASSESSMENTTOOLSRESPONSE._serialized_end=544 + _GETASSESSMENTTOOLREQUEST._serialized_start=546 + _GETASSESSMENTTOOLREQUEST._serialized_end=598 + _UPDATEASSESSMENTTOOLREQUEST._serialized_start=600 + _UPDATEASSESSMENTTOOLREQUEST._serialized_end=696 + _DEREGISTERASSESSMENTTOOLREQUEST._serialized_start=698 + _DEREGISTERASSESSMENTTOOLREQUEST._serialized_end=757 + _STOREASSESSMENTRESULTREQUEST._serialized_start=759 + _STOREASSESSMENTRESULTREQUEST._serialized_end=858 + _STOREASSESSMENTRESULTRESPONSE._serialized_start=860 + _STOREASSESSMENTRESULTRESPONSE._serialized_end=891 + _STOREASSESSMENTRESULTSRESPONSE._serialized_start=893 + _STOREASSESSMENTRESULTSRESPONSE._serialized_end=965 + _CREATEMETRICREQUEST._serialized_start=967 + _CREATEMETRICREQUEST._serialized_end=1047 + _UPDATEMETRICREQUEST._serialized_start=1049 + _UPDATEMETRICREQUEST._serialized_end=1129 + _GETMETRICREQUEST._serialized_start=1131 + _GETMETRICREQUEST._serialized_end=1177 + _LISTMETRICSREQUEST._serialized_start=1179 + _LISTMETRICSREQUEST._serialized_end=1269 + _LISTMETRICSRESPONSE._serialized_start=1271 + _LISTMETRICSRESPONSE._serialized_end=1367 + _GETCLOUDSERVICEREQUEST._serialized_start=1369 + _GETCLOUDSERVICEREQUEST._serialized_end=1429 + _REGISTERCLOUDSERVICEREQUEST._serialized_start=1431 + _REGISTERCLOUDSERVICEREQUEST._serialized_end=1534 + _UPDATECLOUDSERVICEREQUEST._serialized_start=1536 + _UPDATECLOUDSERVICEREQUEST._serialized_end=1637 + _REMOVECLOUDSERVICEREQUEST._serialized_start=1639 + _REMOVECLOUDSERVICEREQUEST._serialized_end=1702 + _LISTCLOUDSERVICESREQUEST._serialized_start=1704 + _LISTCLOUDSERVICESREQUEST._serialized_end=1800 + _LISTCLOUDSERVICESRESPONSE._serialized_start=1802 + _LISTCLOUDSERVICESRESPONSE._serialized_end=1913 + _UPDATEMETRICCONFIGURATIONREQUEST._serialized_start=1916 + _UPDATEMETRICCONFIGURATIONREQUEST._serialized_end=2093 + _GETMETRICCONFIGURATIONREQUEST._serialized_start=2095 + _GETMETRICCONFIGURATIONREQUEST._serialized_end=2190 + _LISTMETRICCONFIGURATIONREQUEST._serialized_start=2192 + _LISTMETRICCONFIGURATIONREQUEST._serialized_end=2260 + _LISTMETRICCONFIGURATIONRESPONSE._serialized_start=2263 + _LISTMETRICCONFIGURATIONRESPONSE._serialized_end=2501 + _LISTMETRICCONFIGURATIONRESPONSE_CONFIGURATIONSENTRY._serialized_start=2402 + _LISTMETRICCONFIGURATIONRESPONSE_CONFIGURATIONSENTRY._serialized_end=2501 + _UPDATEMETRICIMPLEMENTATIONREQUEST._serialized_start=2503 + _UPDATEMETRICIMPLEMENTATIONREQUEST._serialized_end=2619 + _GETMETRICIMPLEMENTATIONREQUEST._serialized_start=2621 + _GETMETRICIMPLEMENTATIONREQUEST._serialized_end=2681 + _SUBSCRIBEMETRICCHANGEEVENTREQUEST._serialized_start=2683 + _SUBSCRIBEMETRICCHANGEEVENTREQUEST._serialized_end=2718 + _METRICCHANGEEVENT._serialized_start=2721 + _METRICCHANGEEVENT._serialized_end=2994 + _METRICCHANGEEVENT_TYPE._serialized_start=2881 + _METRICCHANGEEVENT_TYPE._serialized_end=2994 + _ASSESSMENTTOOL._serialized_start=2996 + _ASSESSMENTTOOL._serialized_end=3122 + _CLOUDSERVICE._serialized_start=3125 + _CLOUDSERVICE._serialized_end=3448 + _CATALOG._serialized_start=3451 + _CATALOG._serialized_end=3658 + _CATEGORY._serialized_start=3661 + _CATEGORY._serialized_end=3969 + _CONTROL._serialized_start=3972 + _CONTROL._serialized_end=4782 + _TARGETOFEVALUATION._serialized_start=4785 + _TARGETOFEVALUATION._serialized_end=5146 + _LISTCONTROLSINSCOPEREQUEST._serialized_start=5149 + _LISTCONTROLSINSCOPEREQUEST._serialized_end=5318 + _LISTCONTROLSINSCOPERESPONSE._serialized_start=5320 + _LISTCONTROLSINSCOPERESPONSE._serialized_end=5444 + _UPDATECONTROLINSCOPEREQUEST._serialized_start=5446 + _UPDATECONTROLINSCOPEREQUEST._serialized_end=5543 + _ADDCONTROLTOSCOPEREQUEST._serialized_start=5545 + _ADDCONTROLTOSCOPEREQUEST._serialized_end=5639 + _REMOVECONTROLFROMSCOPEREQUEST._serialized_start=5642 + _REMOVECONTROLFROMSCOPEREQUEST._serialized_end=5806 + _CONTROLINSCOPE._serialized_start=5809 + _CONTROLINSCOPE._serialized_end=6228 + _CREATETARGETOFEVALUATIONREQUEST._serialized_start=6230 + _CREATETARGETOFEVALUATIONREQUEST._serialized_end=6350 + _REMOVETARGETOFEVALUATIONREQUEST._serialized_start=6352 + _REMOVETARGETOFEVALUATIONREQUEST._serialized_end=6450 + _GETTARGETOFEVALUATIONREQUEST._serialized_start=6452 + _GETTARGETOFEVALUATIONREQUEST._serialized_end=6547 + _LISTTARGETSOFEVALUATIONREQUEST._serialized_start=6550 + _LISTTARGETSOFEVALUATIONREQUEST._serialized_end=6698 + _LISTTARGETSOFEVALUATIONRESPONSE._serialized_start=6701 + _LISTTARGETSOFEVALUATIONRESPONSE._serialized_end=6836 + _UPDATETARGETOFEVALUATIONREQUEST._serialized_start=6838 + _UPDATETARGETOFEVALUATIONREQUEST._serialized_end=6958 + _GETCERTIFICATEREQUEST._serialized_start=6960 + _GETCERTIFICATEREQUEST._serialized_end=7016 + _LISTCERTIFICATESREQUEST._serialized_start=7018 + _LISTCERTIFICATESREQUEST._serialized_end=7113 + _LISTCERTIFICATESRESPONSE._serialized_start=7115 + _LISTCERTIFICATESRESPONSE._serialized_end=7228 + _UPDATECERTIFICATEREQUEST._serialized_start=7230 + _UPDATECERTIFICATEREQUEST._serialized_end=7327 + _CREATECATALOGREQUEST._serialized_start=7329 + _CREATECATALOGREQUEST._serialized_end=7414 + _REMOVECATALOGREQUEST._serialized_start=7416 + _REMOVECATALOGREQUEST._serialized_end=7467 + _GETCATALOGREQUEST._serialized_start=7469 + _GETCATALOGREQUEST._serialized_end=7517 + _LISTCATALOGSREQUEST._serialized_start=7519 + _LISTCATALOGSREQUEST._serialized_end=7610 + _LISTCATALOGSRESPONSE._serialized_start=7612 + _LISTCATALOGSRESPONSE._serialized_end=7713 + _UPDATECATALOGREQUEST._serialized_start=7715 + _UPDATECATALOGREQUEST._serialized_end=7800 + _GETCATEGORYREQUEST._serialized_start=7802 + _GETCATEGORYREQUEST._serialized_end=7883 + _GETCONTROLREQUEST._serialized_start=7885 + _GETCONTROLREQUEST._serialized_end=7994 + _LISTCONTROLSREQUEST._serialized_start=7997 + _LISTCONTROLSREQUEST._serialized_end=8131 + _LISTCONTROLSRESPONSE._serialized_start=8133 + _LISTCONTROLSRESPONSE._serialized_end=8234 + _CREATECERTIFICATEREQUEST._serialized_start=8236 + _CREATECERTIFICATEREQUEST._serialized_end=8333 + _REMOVECERTIFICATEREQUEST._serialized_start=8335 + _REMOVECERTIFICATEREQUEST._serialized_end=8394 + _CERTIFICATE._serialized_start=8397 + _CERTIFICATE._serialized_end=8703 + _STATE._serialized_start=8705 + _STATE._serialized_end=8799 + _TARGETOFEVALUATIONCHANGEEVENT._serialized_start=8802 + _TARGETOFEVALUATIONCHANGEEVENT._serialized_end=9393 + _TARGETOFEVALUATIONCHANGEEVENT_TYPE._serialized_start=9099 + _TARGETOFEVALUATIONCHANGEEVENT_TYPE._serialized_end=9347 + _ORCHESTRATOR._serialized_start=9574 + _ORCHESTRATOR._serialized_end=18158 +# @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/orchestrator_pb2_grpc.py b/grpc_gen/orchestrator_pb2_grpc.py new file mode 100644 index 0000000..f32dabc --- /dev/null +++ b/grpc_gen/orchestrator_pb2_grpc.py @@ -0,0 +1,1583 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" +import grpc + +import grpc_gen.assessment_pb2 as assessment__pb2 +from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 +import grpc_gen.metric_pb2 as metric__pb2 +import grpc_gen.orchestrator_pb2 as orchestrator__pb2 + + +class OrchestratorStub(object): + """Manages the orchestration of components within the Clouditor architecture + """ + + def __init__(self, channel): + """Constructor. + + Args: + channel: A grpc.Channel. + """ + self.RegisterAssessmentTool = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RegisterAssessmentTool', + request_serializer=orchestrator__pb2.RegisterAssessmentToolRequest.SerializeToString, + response_deserializer=orchestrator__pb2.AssessmentTool.FromString, + ) + self.ListAssessmentTools = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListAssessmentTools', + request_serializer=orchestrator__pb2.ListAssessmentToolsRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListAssessmentToolsResponse.FromString, + ) + self.GetAssessmentTool = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetAssessmentTool', + request_serializer=orchestrator__pb2.GetAssessmentToolRequest.SerializeToString, + response_deserializer=orchestrator__pb2.AssessmentTool.FromString, + ) + self.UpdateAssessmentTool = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateAssessmentTool', + request_serializer=orchestrator__pb2.UpdateAssessmentToolRequest.SerializeToString, + response_deserializer=orchestrator__pb2.AssessmentTool.FromString, + ) + self.DeregisterAssessmentTool = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/DeregisterAssessmentTool', + request_serializer=orchestrator__pb2.DeregisterAssessmentToolRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.StoreAssessmentResult = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/StoreAssessmentResult', + request_serializer=orchestrator__pb2.StoreAssessmentResultRequest.SerializeToString, + response_deserializer=orchestrator__pb2.StoreAssessmentResultResponse.FromString, + ) + self.StoreAssessmentResults = channel.stream_stream( + '/clouditor.orchestrator.v1.Orchestrator/StoreAssessmentResults', + request_serializer=orchestrator__pb2.StoreAssessmentResultRequest.SerializeToString, + response_deserializer=orchestrator__pb2.StoreAssessmentResultsResponse.FromString, + ) + self.ListAssessmentResults = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListAssessmentResults', + request_serializer=assessment__pb2.ListAssessmentResultsRequest.SerializeToString, + response_deserializer=assessment__pb2.ListAssessmentResultsResponse.FromString, + ) + self.CreateMetric = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/CreateMetric', + request_serializer=orchestrator__pb2.CreateMetricRequest.SerializeToString, + response_deserializer=metric__pb2.Metric.FromString, + ) + self.UpdateMetric = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateMetric', + request_serializer=orchestrator__pb2.UpdateMetricRequest.SerializeToString, + response_deserializer=metric__pb2.Metric.FromString, + ) + self.GetMetric = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetMetric', + request_serializer=orchestrator__pb2.GetMetricRequest.SerializeToString, + response_deserializer=metric__pb2.Metric.FromString, + ) + self.ListMetrics = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListMetrics', + request_serializer=orchestrator__pb2.ListMetricsRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListMetricsResponse.FromString, + ) + self.RegisterCloudService = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RegisterCloudService', + request_serializer=orchestrator__pb2.RegisterCloudServiceRequest.SerializeToString, + response_deserializer=orchestrator__pb2.CloudService.FromString, + ) + self.UpdateCloudService = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateCloudService', + request_serializer=orchestrator__pb2.UpdateCloudServiceRequest.SerializeToString, + response_deserializer=orchestrator__pb2.CloudService.FromString, + ) + self.GetCloudService = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetCloudService', + request_serializer=orchestrator__pb2.GetCloudServiceRequest.SerializeToString, + response_deserializer=orchestrator__pb2.CloudService.FromString, + ) + self.ListCloudServices = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListCloudServices', + request_serializer=orchestrator__pb2.ListCloudServicesRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListCloudServicesResponse.FromString, + ) + self.RemoveCloudService = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RemoveCloudService', + request_serializer=orchestrator__pb2.RemoveCloudServiceRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.UpdateMetricConfiguration = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateMetricConfiguration', + request_serializer=orchestrator__pb2.UpdateMetricConfigurationRequest.SerializeToString, + response_deserializer=metric__pb2.MetricConfiguration.FromString, + ) + self.GetMetricConfiguration = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetMetricConfiguration', + request_serializer=orchestrator__pb2.GetMetricConfigurationRequest.SerializeToString, + response_deserializer=metric__pb2.MetricConfiguration.FromString, + ) + self.ListMetricConfigurations = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListMetricConfigurations', + request_serializer=orchestrator__pb2.ListMetricConfigurationRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListMetricConfigurationResponse.FromString, + ) + self.UpdateMetricImplementation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateMetricImplementation', + request_serializer=orchestrator__pb2.UpdateMetricImplementationRequest.SerializeToString, + response_deserializer=metric__pb2.MetricImplementation.FromString, + ) + self.GetMetricImplementation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetMetricImplementation', + request_serializer=orchestrator__pb2.GetMetricImplementationRequest.SerializeToString, + response_deserializer=metric__pb2.MetricImplementation.FromString, + ) + self.SubscribeMetricChangeEvents = channel.unary_stream( + '/clouditor.orchestrator.v1.Orchestrator/SubscribeMetricChangeEvents', + request_serializer=orchestrator__pb2.SubscribeMetricChangeEventRequest.SerializeToString, + response_deserializer=orchestrator__pb2.MetricChangeEvent.FromString, + ) + self.CreateCertificate = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/CreateCertificate', + request_serializer=orchestrator__pb2.CreateCertificateRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Certificate.FromString, + ) + self.GetCertificate = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetCertificate', + request_serializer=orchestrator__pb2.GetCertificateRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Certificate.FromString, + ) + self.ListCertificates = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListCertificates', + request_serializer=orchestrator__pb2.ListCertificatesRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListCertificatesResponse.FromString, + ) + self.UpdateCertificate = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateCertificate', + request_serializer=orchestrator__pb2.UpdateCertificateRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Certificate.FromString, + ) + self.RemoveCertificate = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RemoveCertificate', + request_serializer=orchestrator__pb2.RemoveCertificateRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.CreateCatalog = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/CreateCatalog', + request_serializer=orchestrator__pb2.CreateCatalogRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Catalog.FromString, + ) + self.ListCatalogs = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListCatalogs', + request_serializer=orchestrator__pb2.ListCatalogsRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListCatalogsResponse.FromString, + ) + self.GetCatalog = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetCatalog', + request_serializer=orchestrator__pb2.GetCatalogRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Catalog.FromString, + ) + self.RemoveCatalog = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RemoveCatalog', + request_serializer=orchestrator__pb2.RemoveCatalogRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.UpdateCatalog = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateCatalog', + request_serializer=orchestrator__pb2.UpdateCatalogRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Catalog.FromString, + ) + self.GetCategory = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetCategory', + request_serializer=orchestrator__pb2.GetCategoryRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Category.FromString, + ) + self.ListControls = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListControls', + request_serializer=orchestrator__pb2.ListControlsRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListControlsResponse.FromString, + ) + self.GetControl = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetControl', + request_serializer=orchestrator__pb2.GetControlRequest.SerializeToString, + response_deserializer=orchestrator__pb2.Control.FromString, + ) + self.CreateTargetOfEvaluation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/CreateTargetOfEvaluation', + request_serializer=orchestrator__pb2.CreateTargetOfEvaluationRequest.SerializeToString, + response_deserializer=orchestrator__pb2.TargetOfEvaluation.FromString, + ) + self.GetTargetOfEvaluation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/GetTargetOfEvaluation', + request_serializer=orchestrator__pb2.GetTargetOfEvaluationRequest.SerializeToString, + response_deserializer=orchestrator__pb2.TargetOfEvaluation.FromString, + ) + self.ListControlsInScope = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListControlsInScope', + request_serializer=orchestrator__pb2.ListControlsInScopeRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListControlsInScopeResponse.FromString, + ) + self.AddControlToScope = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/AddControlToScope', + request_serializer=orchestrator__pb2.AddControlToScopeRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ControlInScope.FromString, + ) + self.UpdateControlInScope = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateControlInScope', + request_serializer=orchestrator__pb2.UpdateControlInScopeRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ControlInScope.FromString, + ) + self.RemoveControlFromScope = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RemoveControlFromScope', + request_serializer=orchestrator__pb2.RemoveControlFromScopeRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.ListTargetsOfEvaluation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/ListTargetsOfEvaluation', + request_serializer=orchestrator__pb2.ListTargetsOfEvaluationRequest.SerializeToString, + response_deserializer=orchestrator__pb2.ListTargetsOfEvaluationResponse.FromString, + ) + self.UpdateTargetOfEvaluation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/UpdateTargetOfEvaluation', + request_serializer=orchestrator__pb2.UpdateTargetOfEvaluationRequest.SerializeToString, + response_deserializer=orchestrator__pb2.TargetOfEvaluation.FromString, + ) + self.RemoveTargetOfEvaluation = channel.unary_unary( + '/clouditor.orchestrator.v1.Orchestrator/RemoveTargetOfEvaluation', + request_serializer=orchestrator__pb2.RemoveTargetOfEvaluationRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + + +class OrchestratorServicer(object): + """Manages the orchestration of components within the Clouditor architecture + """ + + def RegisterAssessmentTool(self, request, context): + """Registers the passed assessment tool + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListAssessmentTools(self, request, context): + """Lists all assessment tools assessing evidences for the metric given by the + passed metric id + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetAssessmentTool(self, request, context): + """Returns assessment tool given by the passed tool id + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateAssessmentTool(self, request, context): + """Updates the assessment tool given by the passed id + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def DeregisterAssessmentTool(self, request, context): + """Remove assessment tool with passed id from the list of active assessment + tools + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def StoreAssessmentResult(self, request, context): + """Stores the assessment result provided by an assessment tool + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def StoreAssessmentResults(self, request_iterator, context): + """Stores stream of assessment results provided by an assessment tool and + returns a response stream. Part of the public API, not exposed as REST. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListAssessmentResults(self, request, context): + """List all assessment results. Part of the public API, also exposed as REST. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateMetric(self, request, context): + """Creates a new metric + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateMetric(self, request, context): + """Updates an existing metric + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetMetric(self, request, context): + """Returns the metric with the passed metric id + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListMetrics(self, request, context): + """List all metrics provided by the metric catalog + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RegisterCloudService(self, request, context): + """Registers a new target cloud service + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateCloudService(self, request, context): + """Registers a new target cloud service + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetCloudService(self, request, context): + """Retrieves a target cloud service + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListCloudServices(self, request, context): + """Lists all target cloud services + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveCloudService(self, request, context): + """Removes a target cloud service + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateMetricConfiguration(self, request, context): + """Updates a metric configuration (target value and operator) for a specific + service and metric ID + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetMetricConfiguration(self, request, context): + """Retrieves a metric configuration (target value and operator) for a specific + service and metric ID. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListMetricConfigurations(self, request, context): + """Lists all a metric configurations (target value and operator) for a + specific service ID + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateMetricImplementation(self, request, context): + """Updates an existing metric implementation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetMetricImplementation(self, request, context): + """Returns the metric implementation of the passed metric id + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def SubscribeMetricChangeEvents(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateCertificate(self, request, context): + """Creates a new certificate + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetCertificate(self, request, context): + """Retrieves a certificate + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListCertificates(self, request, context): + """Lists all target certificates + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateCertificate(self, request, context): + """Updates an existing certificate + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveCertificate(self, request, context): + """Removes a certificate + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateCatalog(self, request, context): + """Creates a new security controls catalog + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListCatalogs(self, request, context): + """Lists all security controls catalogs. Each catalog includes a list of its + categories but no additional sub-resources. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetCatalog(self, request, context): + """Retrieves a specific catalog by it's ID. The catalog includes a list of all + of it categories as well as the first level of controls in each category. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveCatalog(self, request, context): + """Removes a catalog + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateCatalog(self, request, context): + """Updates an existing certificate + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetCategory(self, request, context): + """Retrieves a category of a catalog specified by the catalog ID and the + category name. It includes the first level of controls within each + category. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListControls(self, request, context): + """If no additional parameters are specified, this lists all controls. If a + catalog ID and a category name is specified, then only controls containing + in this category are returned. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetControl(self, request, context): + """Retrieves a control specified by the catalog ID, the control's category + name and the control ID. If present, it also includes a list of + sub-controls if present or a list of metrics if no sub-controls but metrics + are present. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateTargetOfEvaluation(self, request, context): + """Creates a new Target of Evaluation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetTargetOfEvaluation(self, request, context): + """Retrieves a Target of Evaluation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListControlsInScope(self, request, context): + """Lists all controls in scope of a target of evaluation. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def AddControlToScope(self, request, context): + """Adds the selected control as "in scope" for the target of evaluation. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateControlInScope(self, request, context): + """Updates a particular control in scope, e.g., its monitoring status. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveControlFromScope(self, request, context): + """Adds the selected control as "in scope" for the target of evaluation. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def ListTargetsOfEvaluation(self, request, context): + """Lists all Targets of Evaluation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateTargetOfEvaluation(self, request, context): + """Updates an existing Target of Evaluation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveTargetOfEvaluation(self, request, context): + """Removes a Target of Evaluation + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + +def add_OrchestratorServicer_to_server(servicer, server): + rpc_method_handlers = { + 'RegisterAssessmentTool': grpc.unary_unary_rpc_method_handler( + servicer.RegisterAssessmentTool, + request_deserializer=orchestrator__pb2.RegisterAssessmentToolRequest.FromString, + response_serializer=orchestrator__pb2.AssessmentTool.SerializeToString, + ), + 'ListAssessmentTools': grpc.unary_unary_rpc_method_handler( + servicer.ListAssessmentTools, + request_deserializer=orchestrator__pb2.ListAssessmentToolsRequest.FromString, + response_serializer=orchestrator__pb2.ListAssessmentToolsResponse.SerializeToString, + ), + 'GetAssessmentTool': grpc.unary_unary_rpc_method_handler( + servicer.GetAssessmentTool, + request_deserializer=orchestrator__pb2.GetAssessmentToolRequest.FromString, + response_serializer=orchestrator__pb2.AssessmentTool.SerializeToString, + ), + 'UpdateAssessmentTool': grpc.unary_unary_rpc_method_handler( + servicer.UpdateAssessmentTool, + request_deserializer=orchestrator__pb2.UpdateAssessmentToolRequest.FromString, + response_serializer=orchestrator__pb2.AssessmentTool.SerializeToString, + ), + 'DeregisterAssessmentTool': grpc.unary_unary_rpc_method_handler( + servicer.DeregisterAssessmentTool, + request_deserializer=orchestrator__pb2.DeregisterAssessmentToolRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + 'StoreAssessmentResult': grpc.unary_unary_rpc_method_handler( + servicer.StoreAssessmentResult, + request_deserializer=orchestrator__pb2.StoreAssessmentResultRequest.FromString, + response_serializer=orchestrator__pb2.StoreAssessmentResultResponse.SerializeToString, + ), + 'StoreAssessmentResults': grpc.stream_stream_rpc_method_handler( + servicer.StoreAssessmentResults, + request_deserializer=orchestrator__pb2.StoreAssessmentResultRequest.FromString, + response_serializer=orchestrator__pb2.StoreAssessmentResultsResponse.SerializeToString, + ), + 'ListAssessmentResults': grpc.unary_unary_rpc_method_handler( + servicer.ListAssessmentResults, + request_deserializer=assessment__pb2.ListAssessmentResultsRequest.FromString, + response_serializer=assessment__pb2.ListAssessmentResultsResponse.SerializeToString, + ), + 'CreateMetric': grpc.unary_unary_rpc_method_handler( + servicer.CreateMetric, + request_deserializer=orchestrator__pb2.CreateMetricRequest.FromString, + response_serializer=metric__pb2.Metric.SerializeToString, + ), + 'UpdateMetric': grpc.unary_unary_rpc_method_handler( + servicer.UpdateMetric, + request_deserializer=orchestrator__pb2.UpdateMetricRequest.FromString, + response_serializer=metric__pb2.Metric.SerializeToString, + ), + 'GetMetric': grpc.unary_unary_rpc_method_handler( + servicer.GetMetric, + request_deserializer=orchestrator__pb2.GetMetricRequest.FromString, + response_serializer=metric__pb2.Metric.SerializeToString, + ), + 'ListMetrics': grpc.unary_unary_rpc_method_handler( + servicer.ListMetrics, + request_deserializer=orchestrator__pb2.ListMetricsRequest.FromString, + response_serializer=orchestrator__pb2.ListMetricsResponse.SerializeToString, + ), + 'RegisterCloudService': grpc.unary_unary_rpc_method_handler( + servicer.RegisterCloudService, + request_deserializer=orchestrator__pb2.RegisterCloudServiceRequest.FromString, + response_serializer=orchestrator__pb2.CloudService.SerializeToString, + ), + 'UpdateCloudService': grpc.unary_unary_rpc_method_handler( + servicer.UpdateCloudService, + request_deserializer=orchestrator__pb2.UpdateCloudServiceRequest.FromString, + response_serializer=orchestrator__pb2.CloudService.SerializeToString, + ), + 'GetCloudService': grpc.unary_unary_rpc_method_handler( + servicer.GetCloudService, + request_deserializer=orchestrator__pb2.GetCloudServiceRequest.FromString, + response_serializer=orchestrator__pb2.CloudService.SerializeToString, + ), + 'ListCloudServices': grpc.unary_unary_rpc_method_handler( + servicer.ListCloudServices, + request_deserializer=orchestrator__pb2.ListCloudServicesRequest.FromString, + response_serializer=orchestrator__pb2.ListCloudServicesResponse.SerializeToString, + ), + 'RemoveCloudService': grpc.unary_unary_rpc_method_handler( + servicer.RemoveCloudService, + request_deserializer=orchestrator__pb2.RemoveCloudServiceRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + 'UpdateMetricConfiguration': grpc.unary_unary_rpc_method_handler( + servicer.UpdateMetricConfiguration, + request_deserializer=orchestrator__pb2.UpdateMetricConfigurationRequest.FromString, + response_serializer=metric__pb2.MetricConfiguration.SerializeToString, + ), + 'GetMetricConfiguration': grpc.unary_unary_rpc_method_handler( + servicer.GetMetricConfiguration, + request_deserializer=orchestrator__pb2.GetMetricConfigurationRequest.FromString, + response_serializer=metric__pb2.MetricConfiguration.SerializeToString, + ), + 'ListMetricConfigurations': grpc.unary_unary_rpc_method_handler( + servicer.ListMetricConfigurations, + request_deserializer=orchestrator__pb2.ListMetricConfigurationRequest.FromString, + response_serializer=orchestrator__pb2.ListMetricConfigurationResponse.SerializeToString, + ), + 'UpdateMetricImplementation': grpc.unary_unary_rpc_method_handler( + servicer.UpdateMetricImplementation, + request_deserializer=orchestrator__pb2.UpdateMetricImplementationRequest.FromString, + response_serializer=metric__pb2.MetricImplementation.SerializeToString, + ), + 'GetMetricImplementation': grpc.unary_unary_rpc_method_handler( + servicer.GetMetricImplementation, + request_deserializer=orchestrator__pb2.GetMetricImplementationRequest.FromString, + response_serializer=metric__pb2.MetricImplementation.SerializeToString, + ), + 'SubscribeMetricChangeEvents': grpc.unary_stream_rpc_method_handler( + servicer.SubscribeMetricChangeEvents, + request_deserializer=orchestrator__pb2.SubscribeMetricChangeEventRequest.FromString, + response_serializer=orchestrator__pb2.MetricChangeEvent.SerializeToString, + ), + 'CreateCertificate': grpc.unary_unary_rpc_method_handler( + servicer.CreateCertificate, + request_deserializer=orchestrator__pb2.CreateCertificateRequest.FromString, + response_serializer=orchestrator__pb2.Certificate.SerializeToString, + ), + 'GetCertificate': grpc.unary_unary_rpc_method_handler( + servicer.GetCertificate, + request_deserializer=orchestrator__pb2.GetCertificateRequest.FromString, + response_serializer=orchestrator__pb2.Certificate.SerializeToString, + ), + 'ListCertificates': grpc.unary_unary_rpc_method_handler( + servicer.ListCertificates, + request_deserializer=orchestrator__pb2.ListCertificatesRequest.FromString, + response_serializer=orchestrator__pb2.ListCertificatesResponse.SerializeToString, + ), + 'UpdateCertificate': grpc.unary_unary_rpc_method_handler( + servicer.UpdateCertificate, + request_deserializer=orchestrator__pb2.UpdateCertificateRequest.FromString, + response_serializer=orchestrator__pb2.Certificate.SerializeToString, + ), + 'RemoveCertificate': grpc.unary_unary_rpc_method_handler( + servicer.RemoveCertificate, + request_deserializer=orchestrator__pb2.RemoveCertificateRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + 'CreateCatalog': grpc.unary_unary_rpc_method_handler( + servicer.CreateCatalog, + request_deserializer=orchestrator__pb2.CreateCatalogRequest.FromString, + response_serializer=orchestrator__pb2.Catalog.SerializeToString, + ), + 'ListCatalogs': grpc.unary_unary_rpc_method_handler( + servicer.ListCatalogs, + request_deserializer=orchestrator__pb2.ListCatalogsRequest.FromString, + response_serializer=orchestrator__pb2.ListCatalogsResponse.SerializeToString, + ), + 'GetCatalog': grpc.unary_unary_rpc_method_handler( + servicer.GetCatalog, + request_deserializer=orchestrator__pb2.GetCatalogRequest.FromString, + response_serializer=orchestrator__pb2.Catalog.SerializeToString, + ), + 'RemoveCatalog': grpc.unary_unary_rpc_method_handler( + servicer.RemoveCatalog, + request_deserializer=orchestrator__pb2.RemoveCatalogRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + 'UpdateCatalog': grpc.unary_unary_rpc_method_handler( + servicer.UpdateCatalog, + request_deserializer=orchestrator__pb2.UpdateCatalogRequest.FromString, + response_serializer=orchestrator__pb2.Catalog.SerializeToString, + ), + 'GetCategory': grpc.unary_unary_rpc_method_handler( + servicer.GetCategory, + request_deserializer=orchestrator__pb2.GetCategoryRequest.FromString, + response_serializer=orchestrator__pb2.Category.SerializeToString, + ), + 'ListControls': grpc.unary_unary_rpc_method_handler( + servicer.ListControls, + request_deserializer=orchestrator__pb2.ListControlsRequest.FromString, + response_serializer=orchestrator__pb2.ListControlsResponse.SerializeToString, + ), + 'GetControl': grpc.unary_unary_rpc_method_handler( + servicer.GetControl, + request_deserializer=orchestrator__pb2.GetControlRequest.FromString, + response_serializer=orchestrator__pb2.Control.SerializeToString, + ), + 'CreateTargetOfEvaluation': grpc.unary_unary_rpc_method_handler( + servicer.CreateTargetOfEvaluation, + request_deserializer=orchestrator__pb2.CreateTargetOfEvaluationRequest.FromString, + response_serializer=orchestrator__pb2.TargetOfEvaluation.SerializeToString, + ), + 'GetTargetOfEvaluation': grpc.unary_unary_rpc_method_handler( + servicer.GetTargetOfEvaluation, + request_deserializer=orchestrator__pb2.GetTargetOfEvaluationRequest.FromString, + response_serializer=orchestrator__pb2.TargetOfEvaluation.SerializeToString, + ), + 'ListControlsInScope': grpc.unary_unary_rpc_method_handler( + servicer.ListControlsInScope, + request_deserializer=orchestrator__pb2.ListControlsInScopeRequest.FromString, + response_serializer=orchestrator__pb2.ListControlsInScopeResponse.SerializeToString, + ), + 'AddControlToScope': grpc.unary_unary_rpc_method_handler( + servicer.AddControlToScope, + request_deserializer=orchestrator__pb2.AddControlToScopeRequest.FromString, + response_serializer=orchestrator__pb2.ControlInScope.SerializeToString, + ), + 'UpdateControlInScope': grpc.unary_unary_rpc_method_handler( + servicer.UpdateControlInScope, + request_deserializer=orchestrator__pb2.UpdateControlInScopeRequest.FromString, + response_serializer=orchestrator__pb2.ControlInScope.SerializeToString, + ), + 'RemoveControlFromScope': grpc.unary_unary_rpc_method_handler( + servicer.RemoveControlFromScope, + request_deserializer=orchestrator__pb2.RemoveControlFromScopeRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + 'ListTargetsOfEvaluation': grpc.unary_unary_rpc_method_handler( + servicer.ListTargetsOfEvaluation, + request_deserializer=orchestrator__pb2.ListTargetsOfEvaluationRequest.FromString, + response_serializer=orchestrator__pb2.ListTargetsOfEvaluationResponse.SerializeToString, + ), + 'UpdateTargetOfEvaluation': grpc.unary_unary_rpc_method_handler( + servicer.UpdateTargetOfEvaluation, + request_deserializer=orchestrator__pb2.UpdateTargetOfEvaluationRequest.FromString, + response_serializer=orchestrator__pb2.TargetOfEvaluation.SerializeToString, + ), + 'RemoveTargetOfEvaluation': grpc.unary_unary_rpc_method_handler( + servicer.RemoveTargetOfEvaluation, + request_deserializer=orchestrator__pb2.RemoveTargetOfEvaluationRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + } + generic_handler = grpc.method_handlers_generic_handler( + 'clouditor.orchestrator.v1.Orchestrator', rpc_method_handlers) + server.add_generic_rpc_handlers((generic_handler,)) + + + # This class is part of an EXPERIMENTAL API. +class Orchestrator(object): + """Manages the orchestration of components within the Clouditor architecture + """ + + @staticmethod + def RegisterAssessmentTool(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RegisterAssessmentTool', + orchestrator__pb2.RegisterAssessmentToolRequest.SerializeToString, + orchestrator__pb2.AssessmentTool.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListAssessmentTools(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListAssessmentTools', + orchestrator__pb2.ListAssessmentToolsRequest.SerializeToString, + orchestrator__pb2.ListAssessmentToolsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetAssessmentTool(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetAssessmentTool', + orchestrator__pb2.GetAssessmentToolRequest.SerializeToString, + orchestrator__pb2.AssessmentTool.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateAssessmentTool(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateAssessmentTool', + orchestrator__pb2.UpdateAssessmentToolRequest.SerializeToString, + orchestrator__pb2.AssessmentTool.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def DeregisterAssessmentTool(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/DeregisterAssessmentTool', + orchestrator__pb2.DeregisterAssessmentToolRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def StoreAssessmentResult(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/StoreAssessmentResult', + orchestrator__pb2.StoreAssessmentResultRequest.SerializeToString, + orchestrator__pb2.StoreAssessmentResultResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def StoreAssessmentResults(request_iterator, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.stream_stream(request_iterator, target, '/clouditor.orchestrator.v1.Orchestrator/StoreAssessmentResults', + orchestrator__pb2.StoreAssessmentResultRequest.SerializeToString, + orchestrator__pb2.StoreAssessmentResultsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListAssessmentResults(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListAssessmentResults', + assessment__pb2.ListAssessmentResultsRequest.SerializeToString, + assessment__pb2.ListAssessmentResultsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def CreateMetric(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/CreateMetric', + orchestrator__pb2.CreateMetricRequest.SerializeToString, + metric__pb2.Metric.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateMetric(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateMetric', + orchestrator__pb2.UpdateMetricRequest.SerializeToString, + metric__pb2.Metric.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetMetric(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetMetric', + orchestrator__pb2.GetMetricRequest.SerializeToString, + metric__pb2.Metric.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListMetrics(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListMetrics', + orchestrator__pb2.ListMetricsRequest.SerializeToString, + orchestrator__pb2.ListMetricsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RegisterCloudService(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RegisterCloudService', + orchestrator__pb2.RegisterCloudServiceRequest.SerializeToString, + orchestrator__pb2.CloudService.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateCloudService(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateCloudService', + orchestrator__pb2.UpdateCloudServiceRequest.SerializeToString, + orchestrator__pb2.CloudService.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetCloudService(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetCloudService', + orchestrator__pb2.GetCloudServiceRequest.SerializeToString, + orchestrator__pb2.CloudService.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListCloudServices(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListCloudServices', + orchestrator__pb2.ListCloudServicesRequest.SerializeToString, + orchestrator__pb2.ListCloudServicesResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RemoveCloudService(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RemoveCloudService', + orchestrator__pb2.RemoveCloudServiceRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateMetricConfiguration(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateMetricConfiguration', + orchestrator__pb2.UpdateMetricConfigurationRequest.SerializeToString, + metric__pb2.MetricConfiguration.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetMetricConfiguration(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetMetricConfiguration', + orchestrator__pb2.GetMetricConfigurationRequest.SerializeToString, + metric__pb2.MetricConfiguration.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListMetricConfigurations(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListMetricConfigurations', + orchestrator__pb2.ListMetricConfigurationRequest.SerializeToString, + orchestrator__pb2.ListMetricConfigurationResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateMetricImplementation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateMetricImplementation', + orchestrator__pb2.UpdateMetricImplementationRequest.SerializeToString, + metric__pb2.MetricImplementation.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetMetricImplementation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetMetricImplementation', + orchestrator__pb2.GetMetricImplementationRequest.SerializeToString, + metric__pb2.MetricImplementation.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def SubscribeMetricChangeEvents(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_stream(request, target, '/clouditor.orchestrator.v1.Orchestrator/SubscribeMetricChangeEvents', + orchestrator__pb2.SubscribeMetricChangeEventRequest.SerializeToString, + orchestrator__pb2.MetricChangeEvent.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def CreateCertificate(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/CreateCertificate', + orchestrator__pb2.CreateCertificateRequest.SerializeToString, + orchestrator__pb2.Certificate.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetCertificate(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetCertificate', + orchestrator__pb2.GetCertificateRequest.SerializeToString, + orchestrator__pb2.Certificate.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListCertificates(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListCertificates', + orchestrator__pb2.ListCertificatesRequest.SerializeToString, + orchestrator__pb2.ListCertificatesResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateCertificate(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateCertificate', + orchestrator__pb2.UpdateCertificateRequest.SerializeToString, + orchestrator__pb2.Certificate.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RemoveCertificate(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RemoveCertificate', + orchestrator__pb2.RemoveCertificateRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def CreateCatalog(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/CreateCatalog', + orchestrator__pb2.CreateCatalogRequest.SerializeToString, + orchestrator__pb2.Catalog.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListCatalogs(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListCatalogs', + orchestrator__pb2.ListCatalogsRequest.SerializeToString, + orchestrator__pb2.ListCatalogsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetCatalog(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetCatalog', + orchestrator__pb2.GetCatalogRequest.SerializeToString, + orchestrator__pb2.Catalog.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RemoveCatalog(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RemoveCatalog', + orchestrator__pb2.RemoveCatalogRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateCatalog(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateCatalog', + orchestrator__pb2.UpdateCatalogRequest.SerializeToString, + orchestrator__pb2.Catalog.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetCategory(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetCategory', + orchestrator__pb2.GetCategoryRequest.SerializeToString, + orchestrator__pb2.Category.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListControls(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListControls', + orchestrator__pb2.ListControlsRequest.SerializeToString, + orchestrator__pb2.ListControlsResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetControl(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetControl', + orchestrator__pb2.GetControlRequest.SerializeToString, + orchestrator__pb2.Control.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def CreateTargetOfEvaluation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/CreateTargetOfEvaluation', + orchestrator__pb2.CreateTargetOfEvaluationRequest.SerializeToString, + orchestrator__pb2.TargetOfEvaluation.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def GetTargetOfEvaluation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/GetTargetOfEvaluation', + orchestrator__pb2.GetTargetOfEvaluationRequest.SerializeToString, + orchestrator__pb2.TargetOfEvaluation.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListControlsInScope(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListControlsInScope', + orchestrator__pb2.ListControlsInScopeRequest.SerializeToString, + orchestrator__pb2.ListControlsInScopeResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def AddControlToScope(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/AddControlToScope', + orchestrator__pb2.AddControlToScopeRequest.SerializeToString, + orchestrator__pb2.ControlInScope.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateControlInScope(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateControlInScope', + orchestrator__pb2.UpdateControlInScopeRequest.SerializeToString, + orchestrator__pb2.ControlInScope.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RemoveControlFromScope(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RemoveControlFromScope', + orchestrator__pb2.RemoveControlFromScopeRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def ListTargetsOfEvaluation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/ListTargetsOfEvaluation', + orchestrator__pb2.ListTargetsOfEvaluationRequest.SerializeToString, + orchestrator__pb2.ListTargetsOfEvaluationResponse.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def UpdateTargetOfEvaluation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/UpdateTargetOfEvaluation', + orchestrator__pb2.UpdateTargetOfEvaluationRequest.SerializeToString, + orchestrator__pb2.TargetOfEvaluation.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) + + @staticmethod + def RemoveTargetOfEvaluation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary(request, target, '/clouditor.orchestrator.v1.Orchestrator/RemoveTargetOfEvaluation', + orchestrator__pb2.RemoveTargetOfEvaluationRequest.SerializeToString, + google_dot_protobuf_dot_empty__pb2.Empty.FromString, + options, channel_credentials, + insecure, call_credentials, compression, wait_for_ready, timeout, metadata) diff --git a/grpc_gen/tagger_pb2.py b/grpc_gen/tagger_pb2.py new file mode 100644 index 0000000..d2babbd --- /dev/null +++ b/grpc_gen/tagger_pb2.py @@ -0,0 +1,27 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: tagger.proto +"""Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder +from google.protobuf import descriptor as _descriptor +from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import symbol_database as _symbol_database +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.protobuf import descriptor_pb2 as google_dot_protobuf_dot_descriptor__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0ctagger.proto\x12\x06tagger\x1a google/protobuf/descriptor.proto:-\n\x04tags\x12\x1d.google.protobuf.FieldOptions\x18\xc3\xe0\x33 \x01(\t:3\n\noneof_tags\x12\x1d.google.protobuf.OneofOptions\x18\xc3\xe0\x33 \x01(\tB4Z2github.com/srikrsna/protoc-gen-gotag/tagger;taggerb\x06proto3') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'tagger_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + google_dot_protobuf_dot_descriptor__pb2.FieldOptions.RegisterExtension(tags) + google_dot_protobuf_dot_descriptor__pb2.OneofOptions.RegisterExtension(oneof_tags) + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'Z2github.com/srikrsna/protoc-gen-gotag/tagger;tagger' +# @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/tagger_pb2_grpc.py b/grpc_gen/tagger_pb2_grpc.py new file mode 100644 index 0000000..2daafff --- /dev/null +++ b/grpc_gen/tagger_pb2_grpc.py @@ -0,0 +1,4 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" +import grpc + diff --git a/grpc_gen/validate_pb2.py b/grpc_gen/validate_pb2.py new file mode 100644 index 0000000..e03f663 --- /dev/null +++ b/grpc_gen/validate_pb2.py @@ -0,0 +1,79 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: validate.proto +"""Generated protocol buffer code.""" +from google.protobuf.internal import builder as _builder +from google.protobuf import descriptor as _descriptor +from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import symbol_database as _symbol_database +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.protobuf import descriptor_pb2 as google_dot_protobuf_dot_descriptor__pb2 +from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 +from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0evalidate.proto\x12\x08validate\x1a google/protobuf/descriptor.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\x98\x07\n\nFieldRules\x12\'\n\x07message\x18\x11 \x01(\x0b\x32\x16.validate.MessageRules\x12%\n\x05\x66loat\x18\x01 \x01(\x0b\x32\x14.validate.FloatRulesH\x00\x12\'\n\x06\x64ouble\x18\x02 \x01(\x0b\x32\x15.validate.DoubleRulesH\x00\x12%\n\x05int32\x18\x03 \x01(\x0b\x32\x14.validate.Int32RulesH\x00\x12%\n\x05int64\x18\x04 \x01(\x0b\x32\x14.validate.Int64RulesH\x00\x12\'\n\x06uint32\x18\x05 \x01(\x0b\x32\x15.validate.UInt32RulesH\x00\x12\'\n\x06uint64\x18\x06 \x01(\x0b\x32\x15.validate.UInt64RulesH\x00\x12\'\n\x06sint32\x18\x07 \x01(\x0b\x32\x15.validate.SInt32RulesH\x00\x12\'\n\x06sint64\x18\x08 \x01(\x0b\x32\x15.validate.SInt64RulesH\x00\x12)\n\x07\x66ixed32\x18\t \x01(\x0b\x32\x16.validate.Fixed32RulesH\x00\x12)\n\x07\x66ixed64\x18\n \x01(\x0b\x32\x16.validate.Fixed64RulesH\x00\x12+\n\x08sfixed32\x18\x0b \x01(\x0b\x32\x17.validate.SFixed32RulesH\x00\x12+\n\x08sfixed64\x18\x0c \x01(\x0b\x32\x17.validate.SFixed64RulesH\x00\x12#\n\x04\x62ool\x18\r \x01(\x0b\x32\x13.validate.BoolRulesH\x00\x12\'\n\x06string\x18\x0e \x01(\x0b\x32\x15.validate.StringRulesH\x00\x12%\n\x05\x62ytes\x18\x0f \x01(\x0b\x32\x14.validate.BytesRulesH\x00\x12#\n\x04\x65num\x18\x10 \x01(\x0b\x32\x13.validate.EnumRulesH\x00\x12+\n\x08repeated\x18\x12 \x01(\x0b\x32\x17.validate.RepeatedRulesH\x00\x12!\n\x03map\x18\x13 \x01(\x0b\x32\x12.validate.MapRulesH\x00\x12!\n\x03\x61ny\x18\x14 \x01(\x0b\x32\x12.validate.AnyRulesH\x00\x12+\n\x08\x64uration\x18\x15 \x01(\x0b\x32\x17.validate.DurationRulesH\x00\x12-\n\ttimestamp\x18\x16 \x01(\x0b\x32\x18.validate.TimestampRulesH\x00\x42\x06\n\x04type\"\x7f\n\nFloatRules\x12\r\n\x05\x63onst\x18\x01 \x01(\x02\x12\n\n\x02lt\x18\x02 \x01(\x02\x12\x0b\n\x03lte\x18\x03 \x01(\x02\x12\n\n\x02gt\x18\x04 \x01(\x02\x12\x0b\n\x03gte\x18\x05 \x01(\x02\x12\n\n\x02in\x18\x06 \x03(\x02\x12\x0e\n\x06not_in\x18\x07 \x03(\x02\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x80\x01\n\x0b\x44oubleRules\x12\r\n\x05\x63onst\x18\x01 \x01(\x01\x12\n\n\x02lt\x18\x02 \x01(\x01\x12\x0b\n\x03lte\x18\x03 \x01(\x01\x12\n\n\x02gt\x18\x04 \x01(\x01\x12\x0b\n\x03gte\x18\x05 \x01(\x01\x12\n\n\x02in\x18\x06 \x03(\x01\x12\x0e\n\x06not_in\x18\x07 \x03(\x01\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x7f\n\nInt32Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x05\x12\n\n\x02lt\x18\x02 \x01(\x05\x12\x0b\n\x03lte\x18\x03 \x01(\x05\x12\n\n\x02gt\x18\x04 \x01(\x05\x12\x0b\n\x03gte\x18\x05 \x01(\x05\x12\n\n\x02in\x18\x06 \x03(\x05\x12\x0e\n\x06not_in\x18\x07 \x03(\x05\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x7f\n\nInt64Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x03\x12\n\n\x02lt\x18\x02 \x01(\x03\x12\x0b\n\x03lte\x18\x03 \x01(\x03\x12\n\n\x02gt\x18\x04 \x01(\x03\x12\x0b\n\x03gte\x18\x05 \x01(\x03\x12\n\n\x02in\x18\x06 \x03(\x03\x12\x0e\n\x06not_in\x18\x07 \x03(\x03\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x80\x01\n\x0bUInt32Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\r\x12\n\n\x02lt\x18\x02 \x01(\r\x12\x0b\n\x03lte\x18\x03 \x01(\r\x12\n\n\x02gt\x18\x04 \x01(\r\x12\x0b\n\x03gte\x18\x05 \x01(\r\x12\n\n\x02in\x18\x06 \x03(\r\x12\x0e\n\x06not_in\x18\x07 \x03(\r\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x80\x01\n\x0bUInt64Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x04\x12\n\n\x02lt\x18\x02 \x01(\x04\x12\x0b\n\x03lte\x18\x03 \x01(\x04\x12\n\n\x02gt\x18\x04 \x01(\x04\x12\x0b\n\x03gte\x18\x05 \x01(\x04\x12\n\n\x02in\x18\x06 \x03(\x04\x12\x0e\n\x06not_in\x18\x07 \x03(\x04\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x80\x01\n\x0bSInt32Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x11\x12\n\n\x02lt\x18\x02 \x01(\x11\x12\x0b\n\x03lte\x18\x03 \x01(\x11\x12\n\n\x02gt\x18\x04 \x01(\x11\x12\x0b\n\x03gte\x18\x05 \x01(\x11\x12\n\n\x02in\x18\x06 \x03(\x11\x12\x0e\n\x06not_in\x18\x07 \x03(\x11\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x80\x01\n\x0bSInt64Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x12\x12\n\n\x02lt\x18\x02 \x01(\x12\x12\x0b\n\x03lte\x18\x03 \x01(\x12\x12\n\n\x02gt\x18\x04 \x01(\x12\x12\x0b\n\x03gte\x18\x05 \x01(\x12\x12\n\n\x02in\x18\x06 \x03(\x12\x12\x0e\n\x06not_in\x18\x07 \x03(\x12\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x81\x01\n\x0c\x46ixed32Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x07\x12\n\n\x02lt\x18\x02 \x01(\x07\x12\x0b\n\x03lte\x18\x03 \x01(\x07\x12\n\n\x02gt\x18\x04 \x01(\x07\x12\x0b\n\x03gte\x18\x05 \x01(\x07\x12\n\n\x02in\x18\x06 \x03(\x07\x12\x0e\n\x06not_in\x18\x07 \x03(\x07\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x81\x01\n\x0c\x46ixed64Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x06\x12\n\n\x02lt\x18\x02 \x01(\x06\x12\x0b\n\x03lte\x18\x03 \x01(\x06\x12\n\n\x02gt\x18\x04 \x01(\x06\x12\x0b\n\x03gte\x18\x05 \x01(\x06\x12\n\n\x02in\x18\x06 \x03(\x06\x12\x0e\n\x06not_in\x18\x07 \x03(\x06\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x82\x01\n\rSFixed32Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x0f\x12\n\n\x02lt\x18\x02 \x01(\x0f\x12\x0b\n\x03lte\x18\x03 \x01(\x0f\x12\n\n\x02gt\x18\x04 \x01(\x0f\x12\x0b\n\x03gte\x18\x05 \x01(\x0f\x12\n\n\x02in\x18\x06 \x03(\x0f\x12\x0e\n\x06not_in\x18\x07 \x03(\x0f\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x82\x01\n\rSFixed64Rules\x12\r\n\x05\x63onst\x18\x01 \x01(\x10\x12\n\n\x02lt\x18\x02 \x01(\x10\x12\x0b\n\x03lte\x18\x03 \x01(\x10\x12\n\n\x02gt\x18\x04 \x01(\x10\x12\x0b\n\x03gte\x18\x05 \x01(\x10\x12\n\n\x02in\x18\x06 \x03(\x10\x12\x0e\n\x06not_in\x18\x07 \x03(\x10\x12\x14\n\x0cignore_empty\x18\x08 \x01(\x08\"\x1a\n\tBoolRules\x12\r\n\x05\x63onst\x18\x01 \x01(\x08\"\xfd\x03\n\x0bStringRules\x12\r\n\x05\x63onst\x18\x01 \x01(\t\x12\x0b\n\x03len\x18\x13 \x01(\x04\x12\x0f\n\x07min_len\x18\x02 \x01(\x04\x12\x0f\n\x07max_len\x18\x03 \x01(\x04\x12\x11\n\tlen_bytes\x18\x14 \x01(\x04\x12\x11\n\tmin_bytes\x18\x04 \x01(\x04\x12\x11\n\tmax_bytes\x18\x05 \x01(\x04\x12\x0f\n\x07pattern\x18\x06 \x01(\t\x12\x0e\n\x06prefix\x18\x07 \x01(\t\x12\x0e\n\x06suffix\x18\x08 \x01(\t\x12\x10\n\x08\x63ontains\x18\t \x01(\t\x12\x14\n\x0cnot_contains\x18\x17 \x01(\t\x12\n\n\x02in\x18\n \x03(\t\x12\x0e\n\x06not_in\x18\x0b \x03(\t\x12\x0f\n\x05\x65mail\x18\x0c \x01(\x08H\x00\x12\x12\n\x08hostname\x18\r \x01(\x08H\x00\x12\x0c\n\x02ip\x18\x0e \x01(\x08H\x00\x12\x0e\n\x04ipv4\x18\x0f \x01(\x08H\x00\x12\x0e\n\x04ipv6\x18\x10 \x01(\x08H\x00\x12\r\n\x03uri\x18\x11 \x01(\x08H\x00\x12\x11\n\x07uri_ref\x18\x12 \x01(\x08H\x00\x12\x11\n\x07\x61\x64\x64ress\x18\x15 \x01(\x08H\x00\x12\x0e\n\x04uuid\x18\x16 \x01(\x08H\x00\x12\x30\n\x10well_known_regex\x18\x18 \x01(\x0e\x32\x14.validate.KnownRegexH\x00\x12\x14\n\x06strict\x18\x19 \x01(\x08:\x04true\x12\x14\n\x0cignore_empty\x18\x1a \x01(\x08\x42\x0c\n\nwell_known\"\xfb\x01\n\nBytesRules\x12\r\n\x05\x63onst\x18\x01 \x01(\x0c\x12\x0b\n\x03len\x18\r \x01(\x04\x12\x0f\n\x07min_len\x18\x02 \x01(\x04\x12\x0f\n\x07max_len\x18\x03 \x01(\x04\x12\x0f\n\x07pattern\x18\x04 \x01(\t\x12\x0e\n\x06prefix\x18\x05 \x01(\x0c\x12\x0e\n\x06suffix\x18\x06 \x01(\x0c\x12\x10\n\x08\x63ontains\x18\x07 \x01(\x0c\x12\n\n\x02in\x18\x08 \x03(\x0c\x12\x0e\n\x06not_in\x18\t \x03(\x0c\x12\x0c\n\x02ip\x18\n \x01(\x08H\x00\x12\x0e\n\x04ipv4\x18\x0b \x01(\x08H\x00\x12\x0e\n\x04ipv6\x18\x0c \x01(\x08H\x00\x12\x14\n\x0cignore_empty\x18\x0e \x01(\x08\x42\x0c\n\nwell_known\"L\n\tEnumRules\x12\r\n\x05\x63onst\x18\x01 \x01(\x05\x12\x14\n\x0c\x64\x65\x66ined_only\x18\x02 \x01(\x08\x12\n\n\x02in\x18\x03 \x03(\x05\x12\x0e\n\x06not_in\x18\x04 \x03(\x05\".\n\x0cMessageRules\x12\x0c\n\x04skip\x18\x01 \x01(\x08\x12\x10\n\x08required\x18\x02 \x01(\x08\"\x80\x01\n\rRepeatedRules\x12\x11\n\tmin_items\x18\x01 \x01(\x04\x12\x11\n\tmax_items\x18\x02 \x01(\x04\x12\x0e\n\x06unique\x18\x03 \x01(\x08\x12#\n\x05items\x18\x04 \x01(\x0b\x32\x14.validate.FieldRules\x12\x14\n\x0cignore_empty\x18\x05 \x01(\x08\"\xa3\x01\n\x08MapRules\x12\x11\n\tmin_pairs\x18\x01 \x01(\x04\x12\x11\n\tmax_pairs\x18\x02 \x01(\x04\x12\x11\n\tno_sparse\x18\x03 \x01(\x08\x12\"\n\x04keys\x18\x04 \x01(\x0b\x32\x14.validate.FieldRules\x12$\n\x06values\x18\x05 \x01(\x0b\x32\x14.validate.FieldRules\x12\x14\n\x0cignore_empty\x18\x06 \x01(\x08\"8\n\x08\x41nyRules\x12\x10\n\x08required\x18\x01 \x01(\x08\x12\n\n\x02in\x18\x02 \x03(\t\x12\x0e\n\x06not_in\x18\x03 \x03(\t\"\xbb\x02\n\rDurationRules\x12\x10\n\x08required\x18\x01 \x01(\x08\x12(\n\x05\x63onst\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12%\n\x02lt\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x12&\n\x03lte\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12%\n\x02gt\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12&\n\x03gte\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12%\n\x02in\x18\x07 \x03(\x0b\x32\x19.google.protobuf.Duration\x12)\n\x06not_in\x18\x08 \x03(\x0b\x32\x19.google.protobuf.Duration\"\xba\x02\n\x0eTimestampRules\x12\x10\n\x08required\x18\x01 \x01(\x08\x12)\n\x05\x63onst\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12&\n\x02lt\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\'\n\x03lte\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12&\n\x02gt\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\'\n\x03gte\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x0e\n\x06lt_now\x18\x07 \x01(\x08\x12\x0e\n\x06gt_now\x18\x08 \x01(\x08\x12)\n\x06within\x18\t \x01(\x0b\x32\x19.google.protobuf.Duration*F\n\nKnownRegex\x12\x0b\n\x07UNKNOWN\x10\x00\x12\x14\n\x10HTTP_HEADER_NAME\x10\x01\x12\x15\n\x11HTTP_HEADER_VALUE\x10\x02:2\n\x08\x64isabled\x12\x1f.google.protobuf.MessageOptions\x18\xaf\x08 \x01(\x08:1\n\x07ignored\x12\x1f.google.protobuf.MessageOptions\x18\xb0\x08 \x01(\x08:0\n\x08required\x12\x1d.google.protobuf.OneofOptions\x18\xaf\x08 \x01(\x08:C\n\x05rules\x12\x1d.google.protobuf.FieldOptions\x18\xaf\x08 \x01(\x0b\x32\x14.validate.FieldRulesBP\n\x1aio.envoyproxy.pgv.validateZ2github.com/envoyproxy/protoc-gen-validate/validate') + +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'validate_pb2', globals()) +if _descriptor._USE_C_DESCRIPTORS == False: + google_dot_protobuf_dot_descriptor__pb2.MessageOptions.RegisterExtension(disabled) + google_dot_protobuf_dot_descriptor__pb2.MessageOptions.RegisterExtension(ignored) + google_dot_protobuf_dot_descriptor__pb2.OneofOptions.RegisterExtension(required) + google_dot_protobuf_dot_descriptor__pb2.FieldOptions.RegisterExtension(rules) + + DESCRIPTOR._options = None + DESCRIPTOR._serialized_options = b'\n\032io.envoyproxy.pgv.validateZ2github.com/envoyproxy/protoc-gen-validate/validate' + _KNOWNREGEX._serialized_start=4532 + _KNOWNREGEX._serialized_end=4602 + _FIELDRULES._serialized_start=128 + _FIELDRULES._serialized_end=1048 + _FLOATRULES._serialized_start=1050 + _FLOATRULES._serialized_end=1177 + _DOUBLERULES._serialized_start=1180 + _DOUBLERULES._serialized_end=1308 + _INT32RULES._serialized_start=1310 + _INT32RULES._serialized_end=1437 + _INT64RULES._serialized_start=1439 + _INT64RULES._serialized_end=1566 + _UINT32RULES._serialized_start=1569 + _UINT32RULES._serialized_end=1697 + _UINT64RULES._serialized_start=1700 + _UINT64RULES._serialized_end=1828 + _SINT32RULES._serialized_start=1831 + _SINT32RULES._serialized_end=1959 + _SINT64RULES._serialized_start=1962 + _SINT64RULES._serialized_end=2090 + _FIXED32RULES._serialized_start=2093 + _FIXED32RULES._serialized_end=2222 + _FIXED64RULES._serialized_start=2225 + _FIXED64RULES._serialized_end=2354 + _SFIXED32RULES._serialized_start=2357 + _SFIXED32RULES._serialized_end=2487 + _SFIXED64RULES._serialized_start=2490 + _SFIXED64RULES._serialized_end=2620 + _BOOLRULES._serialized_start=2622 + _BOOLRULES._serialized_end=2648 + _STRINGRULES._serialized_start=2651 + _STRINGRULES._serialized_end=3160 + _BYTESRULES._serialized_start=3163 + _BYTESRULES._serialized_end=3414 + _ENUMRULES._serialized_start=3416 + _ENUMRULES._serialized_end=3492 + _MESSAGERULES._serialized_start=3494 + _MESSAGERULES._serialized_end=3540 + _REPEATEDRULES._serialized_start=3543 + _REPEATEDRULES._serialized_end=3671 + _MAPRULES._serialized_start=3674 + _MAPRULES._serialized_end=3837 + _ANYRULES._serialized_start=3839 + _ANYRULES._serialized_end=3895 + _DURATIONRULES._serialized_start=3898 + _DURATIONRULES._serialized_end=4213 + _TIMESTAMPRULES._serialized_start=4216 + _TIMESTAMPRULES._serialized_end=4530 +# @@protoc_insertion_point(module_scope) diff --git a/grpc_gen/validate_pb2_grpc.py b/grpc_gen/validate_pb2_grpc.py new file mode 100644 index 0000000..2daafff --- /dev/null +++ b/grpc_gen/validate_pb2_grpc.py @@ -0,0 +1,4 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" +import grpc + diff --git a/id_maps/cloud_service_name_map.json b/id_maps/cloud_service_name_map.json new file mode 100644 index 0000000..8da9fbd --- /dev/null +++ b/id_maps/cloud_service_name_map.json @@ -0,0 +1,8 @@ +{ + "vat": { + "name": "vat-test-service" + }, + "wazuh": { + "name": "wazuh-test-service" + } +} \ No newline at end of file diff --git a/id_maps/resource_id_map.json b/id_maps/resource_id_map.json new file mode 100644 index 0000000..e183fdc --- /dev/null +++ b/id_maps/resource_id_map.json @@ -0,0 +1,6 @@ +{ + "manager": "wazuh_manager", + "agent1": "test_agent_1", + "agent2": "test_agent_2", + "192.168.33.101": "vat_test_vm" +} \ No newline at end of file diff --git a/kubernetes/wazuh-vat-evidence-collector-configmap.yaml b/kubernetes/wazuh-vat-evidence-collector-configmap.yaml index a121e39..6755008 100644 --- a/kubernetes/wazuh-vat-evidence-collector-configmap.yaml +++ b/kubernetes/wazuh-vat-evidence-collector-configmap.yaml @@ -6,31 +6,47 @@ kind: ConfigMap metadata: name: wazuh-vat-evidence-collector-env data: + redis_host: 'localhost' + redis_port: '6379' + redis_queue: 'low' + dummy_wazuh_manager: 'true' - wazuh_host: 'bosch-demo-wazuh-manager-svc' + wazuh_host: 'localhost' wazuh_port: '55000' - wazuh_username: 'wazuh-wui' - wazuh_password: 'password' + wazuh_username: 'test' + wazuh_password: 'test' - elastic_host: 'bosch-demo-elastic-svc' + elastic_host: 'localhost' elastic_port: '9200' - elastic_username: 'admin' - elastic_password: 'password' + elastic_username: 'test' + elastic_password: 'test' - redis_host: 'localhost' - redis_port: '6379' - redis_queue: 'low' + dummy_vat: 'true' + + vat_protocol: 'http' + vat_host: 'localhost' + vat_port: '80' + vat_api_prefix: '/api' + + vat_check_hosts: 'localhost' + vat_nmap_check_timeout: '2' + vat_w3af_check_timeout: '15' + + wazuh_rule_level: '10' + vat_vulnerability_level: '75' + + wazuh_check_interval: '15' + vat_check_interval: '15' local_clouditor_deploy: 'false' clouditor_host: 'security-assessment-dev.k8s.medina.esilab.org' clouditor_port: '443' + orchestrator_host: 'orchestrator-dev.k8s.medina.esilab.org' + orchestrator_port: '443' clouditor_oauth2_host: 'catalogue-keycloak-dev.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token' clouditor_oauth2_port: '443' - clouditor_client_id: wazuh-vat-evidence-collector-dev - clouditor_client_secret: secret - clouditor_oauth2_scope: openid - - wazuh_check_interval: '300' - wazuh_rule_level: '10' + clouditor_client_id: 'wazuh-vat-evidence-collector-dev' + clouditor_client_secret: 'secret' + clouditor_oauth2_scope: 'openid' diff --git a/kubernetes/wazuh-vat-evidence-collector-deployment.yaml b/kubernetes/wazuh-vat-evidence-collector-deployment.yaml index 850b7b3..8dcad77 100644 --- a/kubernetes/wazuh-vat-evidence-collector-deployment.yaml +++ b/kubernetes/wazuh-vat-evidence-collector-deployment.yaml @@ -4,27 +4,34 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: wazuh-vat-evidence-collector - labels: - app: wazuh-vat-evidence-collector -spec: - selector: - matchLabels: - app: wazuh-vat-evidence-collector - template: - metadata: - labels: + name: wazuh-vat-evidence-collector + labels: app: wazuh-vat-evidence-collector - spec: - containers: - - image: optima-medina-docker-dev.artifact.tecnalia.com/wp3/t32/wazuh-vat-evidence-collector:latest - name: wazuh-vat-evidence-collector - imagePullPolicy: Always - envFrom: - - configMapRef: - name: wazuh-vat-evidence-collector-env - env: - - name: TIME - value: {{time}} - imagePullSecrets: - - name: regcred +spec: + selector: + matchLabels: + app: wazuh-vat-evidence-collector + template: + metadata: + labels: + app: wazuh-vat-evidence-collector + spec: + containers: + - image: optima-medina-docker-dev.artifact.tecnalia.com/wp3/t32/wazuh-vat-evidence-collector:latest + name: wazuh-vat-evidence-collector + imagePullPolicy: Always + volumeMounts: + - name: wazuh-vat-evidence-collector-json + mountPath: /wazuh-vat-evidence-collector/id_maps + envFrom: + - configMapRef: + name: wazuh-vat-evidence-collector-env + env: + - name: TIME + value: {{time}} + volumes: + - name: wazuh-vat-evidence-collector-json + configMap: + name: wazuh-vat-evidence-collector-json + imagePullSecrets: + - name: regcred diff --git a/kubernetes/wazuh-vat-evidence-collector-json-configmap.yaml b/kubernetes/wazuh-vat-evidence-collector-json-configmap.yaml new file mode 100644 index 0000000..e10ccb9 --- /dev/null +++ b/kubernetes/wazuh-vat-evidence-collector-json-configmap.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: wazuh-vat-evidence-collector-json +data: + resource_id_map.json: | + { + "manager": "wazuh_manager", + "agent1": "test_agent_1", + "agent2": "test_agent_2", + "192.168.33.101": "vat_test_vm" + } + cloud_service_name_map.json: | + { + "vat": { + "name": "vat-test-service" + }, + "wazuh": { + "name": "wazuh-test-service" + } + } diff --git a/kubernetes_clouditor_demo.env b/kubernetes_clouditor_demo.env index 1eb1118..1073775 100644 --- a/kubernetes_clouditor_demo.env +++ b/kubernetes_clouditor_demo.env @@ -1,29 +1,48 @@ +# +# Medina Kubernetes DEV pod .env +# + +redis_host=localhost +redis_port=6379 +redis_queue=low + dummy_wazuh_manager=true -wazuh_host=192.168.33.10 +wazuh_host=localhost wazuh_port=55000 -wazuh_username=wazuh-wui -wazuh_password=password +wazuh_username=test +wazuh_password=test -elastic_host=192.168.33.10 +elastic_host=localhost elastic_port=9200 -elastic_username=admin -elastic_password=password +elastic_username=test +elastic_password=test -redis_host=localhost -redis_port=6379 -redis_queue=low +dummy_vat=true + +vat_protocol=http +vat_host=localhost +vat_port=80 +vat_api_prefix=/api + +vat_check_hosts=localhost +vat_nmap_check_timeout=2 +vat_w3af_check_timeout=15 + +wazuh_rule_level=10 +vat_vulnerability_level=75 + +wazuh_check_interval=15 +vat_check_interval=15 local_clouditor_deploy=false clouditor_host=security-assessment-dev.k8s.medina.esilab.org clouditor_port=443 - +orchestrator_host=orchestrator-dev.k8s.medina.esilab.org +orchestrator_port=443 clouditor_oauth2_host=catalogue-keycloak-dev.k8s.medina.esilab.org/auth/realms/medina/protocol/openid-connect/token clouditor_oauth2_port=443 clouditor_client_id=wazuh-vat-evidence-collector-dev clouditor_client_secret=secret clouditor_oauth2_scope=openid - -wazuh_check_interval=60 -wazuh_rule_level=10 \ No newline at end of file diff --git a/log_conf/log_conf.py b/log_conf/log_conf.py new file mode 100644 index 0000000..e810280 --- /dev/null +++ b/log_conf/log_conf.py @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: Apache-2.0 + +import logging.config + +logging.config.fileConfig('log_conf/logging.conf') +LOGGER = logging.getLogger('root') diff --git a/log_conf/logging.conf b/log_conf/logging.conf new file mode 100644 index 0000000..648e1bd --- /dev/null +++ b/log_conf/logging.conf @@ -0,0 +1,28 @@ +[loggers] +keys=root + +[handlers] +keys=consoleHandler,fileHandler + +[formatters] +keys=simpleFormatter + +[logger_root] +level=DEBUG +handlers=fileHandler + +[handler_consoleHandler] +class=StreamHandler +level=DEBUG +formatter=simpleFormatter +args=(sys.stdout,) + +[handler_fileHandler] +class=FileHandler +level=DEBUG +formatter=simpleFormatter +args=('/var/log/wazuh_vat_evidence_collector.log',) + +[formatter_simpleFormatter] +format=%(asctime)s - %(name)s - %(levelname)s - %(pathname)s:%(lineno)d - %(message)s +datefmt= diff --git a/proto/assessment.proto b/proto/assessment.proto index 69d2e8d..6d6343c 100644 --- a/proto/assessment.proto +++ b/proto/assessment.proto @@ -26,20 +26,25 @@ */ syntax = "proto3"; -package clouditor; +package clouditor.assessment.v1; import "google/api/annotations.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/timestamp.proto"; import "evidence.proto"; import "metric.proto"; +import "tagger.proto"; +import "validate.proto"; + +option go_package = "clouditor.io/clouditor/api/assessment"; // Representing the link between orchestrator and discovery: Assessing evidences // from discovery and sending results to orchestrator service Assessment { - // Triggers the assessment. Part of the private API. Not exposed as REST. - rpc TriggerAssessment(TriggerAssessmentRequest) + // Triggers the compliance calculation. Part of the private API. Not exposed + // as REST. + rpc CalculateCompliance(CalculateComplianceRequest) returns (google.protobuf.Empty) {} // Assesses the evidence sent by the discovery. Part of the public API, also @@ -48,16 +53,19 @@ service Assessment { option (google.api.http) = { post : "/v1/assessment/evidences" body : "evidence" - response_body : "status" }; } // Assesses stream of evidences sent by the discovery and returns a response // stream. Part of the public API. Not exposed as REST. rpc AssessEvidences(stream AssessEvidenceRequest) - returns (stream AssessEvidenceResponse) {}; + returns (stream AssessEvidencesResponse) {}; - // List all assessment results. Part of the public API, also exposed as REST. + // List all assessment results of all cloud services the requester can access. + // Optionally, further filters of specific cloud services, metrics or the + // compliance status can be specified. + // + // Part of the public API, also exposed as REST. rpc ListAssessmentResults(ListAssessmentResultsRequest) returns (ListAssessmentResultsResponse) { option (google.api.http) = { @@ -66,16 +74,41 @@ service Assessment { } }; -message ListAssessmentResultsRequest {} -message ListAssessmentResultsResponse { repeated AssessmentResult results = 1; } +message ListAssessmentResultsRequest { + // Optional. List only assessment results of a specific cloud service. + optional string filtered_cloud_service_id = 1 + [ (validate.rules).string.uuid = true ]; + // Optional. List only compliant assessment results. + optional bool filtered_compliant = 2; + // Optional. List only assessment results of a specific metric id. + repeated string filtered_metric_id = 3 + [ (validate.rules).repeated .items.string.min_len = 1 ]; + + int32 page_size = 10; + string page_token = 11; + string order_by = 12; + bool asc = 13; +} +message ListAssessmentResultsResponse { + repeated AssessmentResult results = 1; + string next_page_token = 2; +} message ConfigureAssessmentRequest {} message ConfigureAssessmentResponse {} -message TriggerAssessmentRequest { string some_option = 1; } +message CalculateComplianceRequest { string control_id = 1; } -message AssessEvidenceRequest { Evidence evidence = 1; } -message AssessEvidenceResponse { +message AssessEvidenceRequest { + clouditor.evidence.v1.Evidence evidence = 1 + [ (validate.rules).message.required = true ]; +} + +// AssessEvidenceResponse belongs to AssessEvidence, which uses a custom unary RPC and therefore requires a response message according to the style convention. Since no return values are required, this is empty. +message AssessEvidenceResponse {} + +// AssessEvidencesResponse belongs to AssessEvidences, which uses a custom bidirectional streaming RPC and therefore requires a response message according to the style convention. The bidirectional streaming needs the status and its message in the response for error handling. +message AssessEvidencesResponse { enum AssessmentStatus { ASSESSMENT_STATUS_UNSPECIFIED = 0; WAITING_FOR_RELATED = 1; @@ -91,26 +124,59 @@ message AssessEvidenceResponse { // with id resource_id. message AssessmentResult { // Assessment result id - string id = 1; + string id = 1 [ (validate.rules).string.uuid = true ]; // Time of assessment - google.protobuf.Timestamp timestamp = 2; + google.protobuf.Timestamp timestamp = 2 [ + (tagger.tags) = "gorm:\"serializer:timestamppb;type:time\"", + (validate.rules).timestamp.required = true + ]; // Reference to the metric the assessment was based on - string metric_id = 3; + string metric_id = 3 [ (validate.rules).string.min_len = 1 ]; // Data corresponding to the metric by the given metric id - MetricConfiguration metric_configuration = 4; + MetricConfiguration metric_configuration = 4 [ + (tagger.tags) = "gorm:\"serializer:json\"", + (validate.rules).message.required = true + ]; // Compliant case: true or false bool compliant = 5; // Reference to the assessed evidence - string evidence_id = 6; + string evidence_id = 6 [ (validate.rules).string.uuid = true ]; // Reference to the resource of the assessed evidence - string resource_id = 7; + string resource_id = 7 [ (validate.rules).string.min_len = 1 ]; + + // Resource types + repeated string resource_types = 8 [ + (tagger.tags) = "gorm:\"serializer:json\"", + (validate.rules).repeated .min_items = 1 + ]; // Some comments on the reason for non-compliance - string non_compliance_comments = 8; + string non_compliance_comments = 9; + + // The cloud service which this assessment result belongs to + string cloud_service_id = 10 [ (validate.rules).string.uuid = true ]; } + +/* +prepared for future use +message ComplianceResult { + string id = 1; + enum Status { + STATUS_UNSPECIFIED = 0; + COMPLIANT = 1; + NOT_COMPLIANT = 2; + PENDING = 3; + } + Status status = 2; + google.protobuf.Timestamp timestamp = 3 + [ (tagger.tags) = "gorm:\"serializer:timestamppb;type:time\"" ]; + string control_id = 4; + string cloud_service_id = 5; + repeated AssessmentResult results = 6; +}*/ diff --git a/proto/evidence.proto b/proto/evidence.proto index 5a6e5b8..03dcf43 100644 --- a/proto/evidence.proto +++ b/proto/evidence.proto @@ -26,30 +26,40 @@ */ syntax = "proto3"; -package clouditor; +package clouditor.evidence.v1; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +import "tagger.proto"; +import "validate.proto"; + +option go_package = "clouditor.io/clouditor/api/evidence"; // An evidence resource message Evidence { // the ID in a uuid format - string id = 1; + string id = 1 [ (validate.rules).string.uuid = true ]; // time of evidence creation - google.protobuf.Timestamp timestamp = 2; + google.protobuf.Timestamp timestamp = 2 [ + (tagger.tags) = "gorm:\"serializer:timestamppb;type:time\"", + (validate.rules).timestamp.required = true + ]; // Reference to a service this evidence was gathered from - string service_id = 3; + string cloud_service_id = 3 [ (validate.rules).string.uuid = true ]; // Reference to the tool which provided the evidence - string tool_id = 4; + string tool_id = 4 [ (validate.rules).string.min_len = 1 ]; - // Contains the evidence in its original form without following a defined - // schema, e.g. the raw JSON - string raw = 5; + // Optional. Contains the evidence in its original form without following a + // defined schema, e.g. the raw JSON + optional string raw = 5 [ (validate.rules).string.min_len = 1 ]; // Semantic representation of the Cloud resource according to our defined // ontology - google.protobuf.Value resource = 6; -} \ No newline at end of file + google.protobuf.Value resource = 6 [ + (tagger.tags) = "gorm:\"serializer:valuepb;type:json\"", + (validate.rules).message.required = true + ]; +} diff --git a/proto/metric.proto b/proto/metric.proto index 33c1807..7eed0d9 100644 --- a/proto/metric.proto +++ b/proto/metric.proto @@ -26,17 +26,22 @@ */ syntax = "proto3"; -package clouditor; +package clouditor.assessment.v1; import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; +import "tagger.proto"; +import "validate.proto"; + +option go_package = "clouditor.io/clouditor/api/assessment"; // A metric resource message Metric { // Required. The unique identifier of the metric. - string id = 1; + string id = 1 [ (validate.rules).string.min_len = 1 ]; // Required. The human readable name of the metric. - string name = 2; + string name = 2 [ (validate.rules).string.min_len = 1 ]; // The description of the metric string description = 3; @@ -45,17 +50,28 @@ message Metric { string category = 4; // The scale of this metric, e.g. categories, ranked data or metric values. - Scale scale = 5; + Scale scale = 5 [ (validate.rules).enum.defined_only = true ]; // The range of this metric. Depending on the scale. - Range range = 6; + Range range = 6 [ (validate.rules).message.required = true ]; // The values a Scale accepts enum Scale { - NOMINAL = 0; - ORDINAL = 1; - METRIC = 2; + SCALE_UNSPECIFIED = 0; + NOMINAL = 1; + ORDINAL = 2; + METRIC = 3; } + + // The interval in seconds the evidences must be collected for the respective + // metric. For now, we are not able to use google.protobuf.Duration because it + // is converted to a custom object in OpenAPI + // (https://github.com/google/gnostic/issues/351) + int64 interval = 7; + + // The implementation of this metric. This ensures that we are modelling an + // association between a Metric and its MetricImplementation. + optional MetricImplementation implementation = 8; } // A range resource representing the range of values @@ -91,25 +107,51 @@ message Order { repeated google.protobuf.Value values = 1; } // Defines the operator and a target value for an individual metric message MetricConfiguration { // The operator to compare the metric, such as == or > - string operator = 1; + string operator = 1 [ (validate.rules).string.pattern = "^(|<|>|<=|>=|==)$" ]; // The target value - google.protobuf.Value target_value = 2; + google.protobuf.Value target_value = 2 [ + (tagger.tags) = "gorm:\"serializer:json\"", + (validate.rules).message.required = true + ]; // Whether this configuration is a default configuration bool is_default = 3; + + // The last time of update + google.protobuf.Timestamp updated_at = 4 + [ (tagger.tags) = "gorm:\"serializer:timestamppb;type:time\"" ]; + + // The metric this configuration belongs to + string metric_id = 5 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + // The service this configuration belongs to + string cloud_service_id = 6 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.uuid = true + ]; } // MetricImplementation defines the implementation of an individual metric. message MetricImplementation { + // The metric which is implemented + string metric_id = 1 [ (validate.rules).string.min_len = 1 ]; + enum Language { LANGUAGE_UNSPECIFIED = 0; - REGO = 1; + LANGUAGE_REGO = 1; }; // The language this metric is implemented in - Language language = 1; + Language lang = 2 [ (validate.rules).enum.defined_only = true ]; // The actual implementation - string code = 2; -} \ No newline at end of file + string code = 3 [ (validate.rules).string.min_len = 1 ]; + + // The last time of update + google.protobuf.Timestamp updated_at = 4 + [ (tagger.tags) = "gorm:\"serializer:timestamppb;type:time\"" ]; +} diff --git a/proto/orchestrator.proto b/proto/orchestrator.proto new file mode 100644 index 0000000..e961760 --- /dev/null +++ b/proto/orchestrator.proto @@ -0,0 +1,1008 @@ +/* + * Copyright 2016-2022 Fraunhofer AISEC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * $$\ $$\ $$\ $$\ + * $$ | $$ |\__| $$ | + * $$$$$$$\ $$ | $$$$$$\ $$\ $$\ $$$$$$$ |$$\ $$$$$$\ $$$$$$\ $$$$$$\ + * $$ _____|$$ |$$ __$$\ $$ | $$ |$$ __$$ |$$ |\_$$ _| $$ __$$\ $$ __$$\ + * $$ / $$ |$$ / $$ |$$ | $$ |$$ / $$ |$$ | $$ | $$ / $$ |$$ | \__| + * $$ | $$ |$$ | $$ |$$ | $$ |$$ | $$ |$$ | $$ |$$\ $$ | $$ |$$ | + * \$$$$$$\ $$ |\$$$$$ |\$$$$$ |\$$$$$$ |$$ | \$$$ |\$$$$$ |$$ | + * \_______|\__| \______/ \______/ \_______|\__| \____/ \______/ \__| + * + * This file is part of Clouditor Community Edition. + */ +syntax = "proto3"; + +package clouditor.orchestrator.v1; + +import "google/api/annotations.proto"; +import "google/protobuf/empty.proto"; +import "metric.proto"; +import "assessment.proto"; +import "tagger.proto"; +import "validate.proto"; + +option go_package = "clouditor.io/clouditor/api/orchestrator"; + +// Manages the orchestration of components within the Clouditor architecture +service Orchestrator { + // Registers the passed assessment tool + rpc RegisterAssessmentTool(RegisterAssessmentToolRequest) + returns (AssessmentTool) { + option (google.api.http) = { + post : "/v1/orchestrator/assessment_tools" + body : "tool" + }; + } + + // Lists all assessment tools assessing evidences for the metric given by the + // passed metric id + rpc ListAssessmentTools(ListAssessmentToolsRequest) + returns (ListAssessmentToolsResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/assessment_tools" + }; + } + + // Returns assessment tool given by the passed tool id + rpc GetAssessmentTool(GetAssessmentToolRequest) returns (AssessmentTool) { + option (google.api.http) = { + get : "/v1/orchestrator/assessment_tools/{tool_id}" + }; + } + + // Updates the assessment tool given by the passed id + rpc UpdateAssessmentTool(UpdateAssessmentToolRequest) + returns (AssessmentTool) { + option (google.api.http) = { + put : "/v1/orchestrator/assessment_tools/{tool.id}" + body : "tool" + }; + } + + // Remove assessment tool with passed id from the list of active assessment + // tools + rpc DeregisterAssessmentTool(DeregisterAssessmentToolRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/assessment_tools/{tool_id}" + }; + } + + // Stores the assessment result provided by an assessment tool + rpc StoreAssessmentResult(StoreAssessmentResultRequest) + returns (StoreAssessmentResultResponse) { + option (google.api.http) = { + post : "/v1/orchestrator/assessment_results" + body : "result" + }; + } + + // Stores stream of assessment results provided by an assessment tool and + // returns a response stream. Part of the public API, not exposed as REST. + rpc StoreAssessmentResults(stream StoreAssessmentResultRequest) + returns (stream StoreAssessmentResultsResponse); + + // List all assessment results. Part of the public API, also exposed as REST. + rpc ListAssessmentResults( + clouditor.assessment.v1.ListAssessmentResultsRequest) + returns (clouditor.assessment.v1.ListAssessmentResultsResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/assessment_results" + }; + } + + // Creates a new metric + rpc CreateMetric(CreateMetricRequest) + returns (clouditor.assessment.v1.Metric) { + option (google.api.http) = { + post : "/v1/orchestrator/metrics" + body : "metric" + }; + } + + // Updates an existing metric + rpc UpdateMetric(UpdateMetricRequest) + returns (clouditor.assessment.v1.Metric) { + option (google.api.http) = { + put : "/v1/orchestrator/metrics/{metric.id}" + body : "metric" + }; + } + + // Returns the metric with the passed metric id + rpc GetMetric(GetMetricRequest) returns (clouditor.assessment.v1.Metric) { + option (google.api.http) = { + get : "/v1/orchestrator/metrics/{metric_id}" + }; + } + + // List all metrics provided by the metric catalog + rpc ListMetrics(ListMetricsRequest) returns (ListMetricsResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/metrics" + }; + } + + // Registers a new target cloud service + rpc RegisterCloudService(RegisterCloudServiceRequest) returns (CloudService) { + option (google.api.http) = { + post : "/v1/orchestrator/cloud_services" + body : "cloud_service" + }; + } + + // Registers a new target cloud service + rpc UpdateCloudService(UpdateCloudServiceRequest) returns (CloudService) { + option (google.api.http) = { + put : "/v1/orchestrator/cloud_services/{cloud_service.id}" + body : "cloud_service" + }; + } + + // Retrieves a target cloud service + rpc GetCloudService(GetCloudServiceRequest) returns (CloudService) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}" + }; + } + + // Lists all target cloud services + rpc ListCloudServices(ListCloudServicesRequest) + returns (ListCloudServicesResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services" + }; + } + + // Removes a target cloud service + rpc RemoveCloudService(RemoveCloudServiceRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/cloud_services/{cloud_service_id}" + }; + } + + // Updates a metric configuration (target value and operator) for a specific + // service and metric ID + rpc UpdateMetricConfiguration(UpdateMetricConfigurationRequest) + returns (clouditor.assessment.v1.MetricConfiguration) { + option (google.api.http) = { + put : "/v1/orchestrator/cloud_services/{cloud_service_id}/" + "metric_configurations/" + "{metric_id}" + body : "configuration" + }; + } + + // Retrieves a metric configuration (target value and operator) for a specific + // service and metric ID. + rpc GetMetricConfiguration(GetMetricConfigurationRequest) + returns (clouditor.assessment.v1.MetricConfiguration) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}/" + "metric_configurations/" + "{metric_id}" + }; + } + + // Lists all a metric configurations (target value and operator) for a + // specific service ID + rpc ListMetricConfigurations(ListMetricConfigurationRequest) + returns (ListMetricConfigurationResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}/" + "metric_configurations" + }; + } + + // Updates an existing metric implementation + rpc UpdateMetricImplementation(UpdateMetricImplementationRequest) + returns (clouditor.assessment.v1.MetricImplementation) { + option (google.api.http) = { + put : "/v1/orchestrator/metrics/{implementation.metric_id}/" + "implementation" + body : "implementation" + }; + } + + // Returns the metric implementation of the passed metric id + rpc GetMetricImplementation(GetMetricImplementationRequest) + returns (clouditor.assessment.v1.MetricImplementation) { + option (google.api.http) = { + get : "/v1/orchestrator/metrics/{metric_id}/implementation" + }; + } + + rpc SubscribeMetricChangeEvents(SubscribeMetricChangeEventRequest) + returns (stream MetricChangeEvent) {} + + // Creates a new certificate + rpc CreateCertificate(CreateCertificateRequest) returns (Certificate) { + option (google.api.http) = { + post : "/v1/orchestrator/certificates" + body : "certificate" + }; + } + + // Retrieves a certificate + rpc GetCertificate(GetCertificateRequest) returns (Certificate) { + option (google.api.http) = { + get : "/v1/orchestrator/certificates/{certificate_id}" + }; + } + + // Lists all target certificates + rpc ListCertificates(ListCertificatesRequest) + returns (ListCertificatesResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/certificates" + }; + } + + // Updates an existing certificate + rpc UpdateCertificate(UpdateCertificateRequest) returns (Certificate) { + option (google.api.http) = { + put : "/v1/orchestrator/certificates/{certificate.id}" + body : "certificate" + }; + } + + // Removes a certificate + rpc RemoveCertificate(RemoveCertificateRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/certificates/{certificate_id}" + }; + } + + // Creates a new security controls catalog + rpc CreateCatalog(CreateCatalogRequest) returns (Catalog) { + option (google.api.http) = { + post : "/v1/orchestrator/catalogs" + body : "catalog" + }; + } + + // Lists all security controls catalogs. Each catalog includes a list of its + // categories but no additional sub-resources. + rpc ListCatalogs(ListCatalogsRequest) returns (ListCatalogsResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/catalogs" + }; + } + + // Retrieves a specific catalog by it's ID. The catalog includes a list of all + // of it categories as well as the first level of controls in each category. + rpc GetCatalog(GetCatalogRequest) returns (Catalog) { + option (google.api.http) = { + get : "/v1/orchestrator/catalogs/{catalog_id}" + }; + } + + // Removes a catalog + rpc RemoveCatalog(RemoveCatalogRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/catalogs/{catalog_id}" + }; + } + + // Updates an existing certificate + rpc UpdateCatalog(UpdateCatalogRequest) returns (Catalog) { + option (google.api.http) = { + put : "/v1/orchestrator/catalogs/{catalog.id}" + body : "catalog" + }; + } + + // Retrieves a category of a catalog specified by the catalog ID and the + // category name. It includes the first level of controls within each + // category. + rpc GetCategory(GetCategoryRequest) returns (Category) { + option (google.api.http) = { + get : "/v1/orchestrator/catalogs/{catalog_id}/category/{category_name}" + }; + } + + // If no additional parameters are specified, this lists all controls. If a + // catalog ID and a category name is specified, then only controls containing + // in this category are returned. + rpc ListControls(ListControlsRequest) returns (ListControlsResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/controls" + additional_bindings { + get : "/v1/orchestrator/catalogs/{catalog_id}/categories/" + "{category_name}/controls" + } + }; + } + + // Retrieves a control specified by the catalog ID, the control's category + // name and the control ID. If present, it also includes a list of + // sub-controls if present or a list of metrics if no sub-controls but metrics + // are present. + rpc GetControl(GetControlRequest) returns (Control) { + option (google.api.http) = { + get : "/v1/orchestrator/catalogs/{catalog_id}/categories/{category_name}/" + "controls/{control_id}" + }; + } + + // Creates a new Target of Evaluation + rpc CreateTargetOfEvaluation(CreateTargetOfEvaluationRequest) + returns (TargetOfEvaluation) { + option (google.api.http) = { + post : "/v1/orchestrator/toes" + body : "target_of_evaluation" + }; + } + + // Retrieves a Target of Evaluation + rpc GetTargetOfEvaluation(GetTargetOfEvaluationRequest) + returns (TargetOfEvaluation) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}/toes/" + "{catalog_id}" + }; + } + + // Lists all controls in scope of a target of evaluation. + rpc ListControlsInScope(ListControlsInScopeRequest) + returns (ListControlsInScopeResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}/toes/" + "{catalog_id}/controls_in_scope" + }; + } + + // Adds the selected control as "in scope" for the target of evaluation. + rpc AddControlToScope(AddControlToScopeRequest) returns (ControlInScope) { + option (google.api.http) = { + post : "/v1/orchestrator/cloud_services/" + "{scope.target_of_evaluation_cloud_service_id}/toes/" + "{scope.target_of_evaluation_catalog_id}/controls_in_scope" + body : "scope" + }; + } + + // Updates a particular control in scope, e.g., its monitoring status. + rpc UpdateControlInScope(UpdateControlInScopeRequest) + returns (ControlInScope) { + option (google.api.http) = { + put : "/v1/orchestrator/cloud_services/" + "{scope.target_of_evaluation_cloud_service_id}/toes/" + "{scope.target_of_evaluation_catalog_id}/controls_in_scope/" + "categories/{scope.control_category_name}/" + "controls/{scope.control_id}" + body : "scope" + }; + } + + // Adds the selected control as "in scope" for the target of evaluation. + rpc RemoveControlFromScope(RemoveControlFromScopeRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/cloud_services/" + "{cloud_service_id}/toes/" + "{catalog_id}/controls_in_scope/" + "categories/{control_category_name}/" + "controls/{control_id}" + }; + } + + // Lists all Targets of Evaluation + rpc ListTargetsOfEvaluation(ListTargetsOfEvaluationRequest) + returns (ListTargetsOfEvaluationResponse) { + option (google.api.http) = { + get : "/v1/orchestrator/toes" + additional_bindings { + get : "/v1/orchestrator/cloud_services/{cloud_service_id}/toes" + } + additional_bindings {get : "/v1/orchestrator/catalogs/{catalog_id}/toes"} + }; + } + + // Updates an existing Target of Evaluation + rpc UpdateTargetOfEvaluation(UpdateTargetOfEvaluationRequest) + returns (TargetOfEvaluation) { + option (google.api.http) = { + put : "/v1/orchestrator/cloud_services/" + "{target_of_evaluation.cloud_service_id}/toes/" + "{target_of_evaluation.catalog_id}" + body : "target_of_evaluation" + }; + } + + // Removes a Target of Evaluation + rpc RemoveTargetOfEvaluation(RemoveTargetOfEvaluationRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete : "/v1/orchestrator/cloud_services/{cloud_service_id}/toes/" + "{catalog_id}" + }; + } +} + +message RegisterAssessmentToolRequest { + AssessmentTool tool = 1 [ (validate.rules).message.required = true ]; +} + +message ListAssessmentToolsRequest { + // Optional. Filter tools by metric id. + optional string filter_metric_id = 1 [ (validate.rules).string.min_len = 1 ]; + + int32 page_size = 2; + string page_token = 3; + string order_by = 4; + bool asc = 5; +} +message ListAssessmentToolsResponse { + repeated AssessmentTool tools = 1; + string next_page_token = 2; +} + +message GetAssessmentToolRequest { + string tool_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message UpdateAssessmentToolRequest { + AssessmentTool tool = 2 [ (validate.rules).message.required = true ]; +} + +message DeregisterAssessmentToolRequest { + string tool_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message StoreAssessmentResultRequest { + clouditor.assessment.v1.AssessmentResult result = 1 + [ (validate.rules).message.required = true ]; +} + +// StoreAssessmentResultReponse belongs to StoreAssessmentResult, which uses a custom unary RPC and therefore requires a response message according to the style convention. Since no return values are required, this is empty. +message StoreAssessmentResultResponse {} + +// StoreAssessmentResultsReponse belongs to StoreAssessmentResults, which uses a custom bidirectional streaming RPC and therefore requires a response message according to the style convention. The bidirectional streaming needs the status and its message in the response for error handling. +message StoreAssessmentResultsResponse { + bool status = 1; + string status_message = 2; +} + +message CreateMetricRequest { + clouditor.assessment.v1.Metric metric = 1 + [ (validate.rules).message.required = true ]; +} + +message UpdateMetricRequest { + clouditor.assessment.v1.Metric metric = 1 + [ (validate.rules).message.required = true ]; +} + +message GetMetricRequest { + string metric_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message ListMetricsRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; +} + +message ListMetricsResponse { + repeated clouditor.assessment.v1.Metric metrics = 1; + string next_page_token = 2; +} + +message GetCloudServiceRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; +} + +message RegisterCloudServiceRequest { + CloudService cloud_service = 1 [ (validate.rules).message.required = true ]; +} + +message UpdateCloudServiceRequest { + CloudService cloud_service = 1 [ (validate.rules).message.required = true ]; +} + +message RemoveCloudServiceRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; +} + +message ListCloudServicesRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; +} +message ListCloudServicesResponse { + repeated CloudService services = 1; + string next_page_token = 2; +} + +message UpdateMetricConfigurationRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; + + string metric_id = 2 [ (validate.rules).string.min_len = 1 ]; + + clouditor.assessment.v1.MetricConfiguration configuration = 3 + [ (validate.rules).message.required = true ]; +} + +message GetMetricConfigurationRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; + + string metric_id = 2 [ (validate.rules).string.min_len = 1 ]; +} + +message ListMetricConfigurationRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; +} + +message ListMetricConfigurationResponse { + // A map of metric configurations associated by their metric ID + map<string, clouditor.assessment.v1.MetricConfiguration> configurations = 1; +} + +message UpdateMetricImplementationRequest { + clouditor.assessment.v1.MetricImplementation implementation = 1 + [ (validate.rules).message.required = true ]; +} + +message GetMetricImplementationRequest { + string metric_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message SubscribeMetricChangeEventRequest {} + +// MetricChangeEvent represents a change of either a metric configuration or +// implementation. +message MetricChangeEvent { + enum Type { + TYPE_UNSPECIFIED = 0; + TYPE_CONFIG_CHANGED = 1; + TYPE_IMPLEMENTATION_CHANGED = 2; + TYPE_METADATA_CHANGED = 3; + } + + Type type = 1 [ (validate.rules).enum.defined_only = true ]; + + // The metric that is changing. + string metric_id = 2 [ (validate.rules).string.min_len = 1 ]; + + // The cloud service id that is affected by this change. Primarily + // concerns metric configuration changes. + string cloud_service_id = 3 [ (validate.rules).string.uuid = true ]; +} + +// Represents an external tool or service that offers assessments according to +// certain metrics. +message AssessmentTool { + string id = 1 + [ (validate.rules).string = {ignore_empty : true, uuid : true} ]; + + string name = 2 [ (validate.rules).string.min_len = 1 ]; + + string description = 3; + + // a list of metrics that this tool can assess, referred by their ids + repeated string available_metrics = 4 + [ (validate.rules).repeated .items.string.min_len = 1 ]; +} + +message CloudService { + string id = 1 + [ (validate.rules).string = {ignore_empty : true, uuid : true} ]; + + string name = 2 [ (validate.rules).string.min_len = 1 ]; + + string description = 3; + + repeated Catalog catalogs_in_scope = 4 [ + (tagger.tags) = "gorm:\"many2many:target_of_evaluations\"", + (validate.rules).repeated .items.message.required = true + ]; + + repeated clouditor.assessment.v1.Metric configured_metrics = 5 [ + (tagger.tags) = "gorm:\"many2many:metric_configurations\"", + (validate.rules).repeated .items.message.required = true + ]; +} + +message Catalog { + string id = 1 [ (validate.rules).string.min_len = 1 ]; + + string name = 2 [ (validate.rules).string.min_len = 1 ]; + + string description = 3; + + repeated Category categories = 4 [ + (tagger.tags) = "gorm:\"constraint:OnDelete:CASCADE\"", + (validate.rules).repeated .items.message.required = true + ]; + + // Certain security catalogs do not allow to select the scope of the controls, + // but all controls are automatically "in scope", however they can be set to a + // DELEGATED status. + bool all_in_scope = 5; +} + +message Category { + string name = 1 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + // Reference to the catalog this category belongs to. + string catalog_id = 2 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + string description = 3; + + repeated Control controls = 4 [ + (tagger.tags) = + "gorm:\"foreignKey:category_name,category_" + "catalog_id;references:name,catalog_id;constraint:OnDelete:CASCADE\"", + (validate.rules).repeated .items.message.required = true + ]; +} + +// Control represents a certain Control that needs to be fulfilled. It could be +// a Control in a certification catalog. It follows the OSCAL model. A +// requirement in the EUCS terminology, e.g., is represented as the lowest +// sub-control. +message Control { + // A short name of the control, e.g. OPS-01, as used in OSCAL; it is not a + // unique ID! + string id = 1 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + string category_name = 2 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + string category_catalog_id = 3 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + // Human-readable name of the control + string name = 4 [ (validate.rules).string.min_len = 1 ]; + + // Description of the control + string description = 5; + + // List of sub - controls - + // this is in accordance with the OSCAL model. + repeated Control controls = 6 [ + (tagger.tags) = "gorm:\"foreignKey:parent_control_id,parent_control_" + "category_name,parent_control_category_catalog_id;" + "references=id,category_name;category_catalog_id\"", + (validate.rules).repeated .items.message.required = true + ]; + + // metrics contains either a list of reference to metrics - in this case only + // the id field of the metric is populated - or a list of populated metric + // meta-data, most likely returned by the database. + repeated clouditor.assessment.v1.Metric metrics = 7 [ + (tagger.tags) = + "gorm:\"many2many:control_metrics;constraint:OnDelete:CASCADE\"", + (validate.rules).repeated .items.message.required = true + ]; + + // Reference to the parent category this control belongs to. + optional string parent_control_id = 8 [ (validate.rules).string.min_len = 1 ]; + optional string parent_control_category_name = 9 + [ (validate.rules).string.min_len = 1 ]; + optional string parent_control_category_catalog_id = 10 + [ (validate.rules).string.min_len = 1 ]; +} + +// A Target of Evaluation binds a cloud service to a catalog, so the service is +// evaluated regarding this catalog's controls +message TargetOfEvaluation { + string cloud_service_id = 1 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.uuid = true + ]; + string catalog_id = 2 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + // an assurance level is not offered by every catalog, therefore it is + // optional + optional string assurance_level = 3 + [ (validate.rules).string.pattern = "^(|basic|substantial|high)$" ]; + + // the controls that are in scope of this ToE. Note: For some security + // catalogs, e.g., the EUCS, a specific set of controls (in the "worst case": + // all) are automatically in scope. In this case, this list needs auto-filled + // at an appropriate time, e.g,. in CreateTargetOfEvaluation. + // + // Note: Because of limitations of our ORM framework, this field only contains + // a list of controls that are in scope of the target, but not the actual + // meta-data associated it with it (which is of message type ControlInScope). + // In order to retrieve the meta-data of the controls, the RPC + // ListControlsInScope (or the associated REST path) must be called. + repeated Control controls_in_scope = 4 [ + (tagger.tags) = "gorm:\"many2many:controls_in_scope;" + "constraint:OnDelete:CASCADE\"", + (validate.rules).repeated .items.message.required = true + ]; +} + +message ListControlsInScopeRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; + + string cloud_service_id = 10 + [ (validate.rules).string = {ignore_empty : true, uuid : true} ]; + string catalog_id = 11 + [ (validate.rules).string = {ignore_empty : true, min_len : 1} ]; +} + +message ListControlsInScopeResponse { + repeated ControlInScope controls_in_scope = 1; + string next_page_token = 2; +} + +message UpdateControlInScopeRequest { + ControlInScope scope = 1 [ (validate.rules).message.required = true ]; +} + +message AddControlToScopeRequest { + ControlInScope scope = 1 [ (validate.rules).message.required = true ]; +} + +message RemoveControlFromScopeRequest { + string cloud_service_id = 1 [ (validate.rules).string.min_len = 1 ]; + string catalog_id = 2 [ (validate.rules).string.min_len = 1 ]; + string control_id = 3 [ (validate.rules).string.min_len = 1 ]; + string control_category_name = 4 [ (validate.rules).string.min_len = 1 ]; +} + +// MonitoringStatus describes how a particular control is handled by the +// Clouditor framework. +enum MonitoringStatus { + // The status is not yet decided. + MONITORING_STATUS_UNSPECIFIED = 0; + // Control is automatically assessed by the Clouditor security assessment + // engine or another tool, which forwards assessment results to the + // Orchestrator. + MONITORING_STATUS_AUTOMATICALLY_MONITORED = 1; + // Control is assessed manually and the result must be set via the Clouditor + // UI to be evaluated by the Clouditor. + MONITORING_STATUS_MANUALLY_MONITORED = 2; + // Control is checked by another party and the result is not used by the + // Clouditor evaluation. In the future this might be part of compositional + // certification. + MONITORING_STATUS_DELEGATED = 3; +} + +// ControlInScope defines a control which is "in scope" of a target of +// evaluation. Additional meta-data can be defined when a control is in scope, +// e.g., its monitoring status (continuously monitored, delegated, etc.) +message ControlInScope { + string target_of_evaluation_cloud_service_id = 1 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + string target_of_evaluation_catalog_id = 2 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + string control_id = 3 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + string control_category_name = 4 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + string control_category_catalog_id = 5 [ + (tagger.tags) = "gorm:\"primaryKey\"", + (validate.rules).string.min_len = 1 + ]; + + MonitoringStatus monitoring_status = 6; +} + +message CreateTargetOfEvaluationRequest { + TargetOfEvaluation target_of_evaluation = 1 + [ (validate.rules).message.required = true ]; +} + +message RemoveTargetOfEvaluationRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; + string catalog_id = 2 [ (validate.rules).string.min_len = 1 ]; +} + +message GetTargetOfEvaluationRequest { + string cloud_service_id = 1 [ (validate.rules).string.uuid = true ]; + string catalog_id = 2 [ (validate.rules).string.min_len = 1 ]; +} + +message ListTargetsOfEvaluationRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; + // We cannot create additional bindings when the parameter is optional so we + // check for != "" in the method to see if it is set when the service is + // specified, return all Targets of Evaluation that evaluate the given service + // for any catalog + string cloud_service_id = 5; + // when the catalog is specified, return all Targets of Evaluation that + // evaluate the given catalog for any service + string catalog_id = 6; +} + +message ListTargetsOfEvaluationResponse { + repeated TargetOfEvaluation target_of_evaluation = 1; + string next_page_token = 2; +} + +message UpdateTargetOfEvaluationRequest { + TargetOfEvaluation target_of_evaluation = 3 + [ (validate.rules).message.required = true ]; +} + +message GetCertificateRequest { + string certificate_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message ListCertificatesRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; +} +message ListCertificatesResponse { + repeated Certificate certificates = 1; + string next_page_token = 2; +} + +message UpdateCertificateRequest { + Certificate certificate = 1 [ (validate.rules).message.required = true ]; +} + +message CreateCatalogRequest { + Catalog catalog = 1 [ (validate.rules).message.required = true ]; +} + +message RemoveCatalogRequest { + string catalog_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message GetCatalogRequest { + string catalog_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +message ListCatalogsRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; +} + +message ListCatalogsResponse { + repeated Catalog catalogs = 1; + string next_page_token = 2; +} + +message UpdateCatalogRequest { + Catalog catalog = 1 [ (validate.rules).message.required = true ]; +} + +message GetCategoryRequest { + string catalog_id = 1 [ (validate.rules).string.min_len = 1 ]; + string category_name = 2 [ (validate.rules).string.min_len = 1 ]; +} + +message GetControlRequest { + string catalog_id = 1 [ (validate.rules).string.min_len = 1 ]; + string category_name = 2 [ (validate.rules).string.min_len = 1 ]; + string control_id = 3 [ (validate.rules).string.min_len = 1 ]; +} + +message ListControlsRequest { + int32 page_size = 1; + string page_token = 2; + string order_by = 3; + bool asc = 4; + + // return either all controls or only the controls of the specified category + string catalog_id = 5; + string category_name = 6; +} + +message ListControlsResponse { + repeated Control controls = 1; + string next_page_token = 2; +} + +message CreateCertificateRequest { + Certificate certificate = 1 [ (validate.rules).message.required = true ]; +} + +message RemoveCertificateRequest { + string certificate_id = 1 [ (validate.rules).string.min_len = 1 ]; +} + +// An ISO17021-based certificate +message Certificate { + string id = 1 [ (validate.rules).string.min_len = 1 ]; + string name = 2 [ (validate.rules).string.min_len = 1 ]; + string cloud_service_id = 3 [ (validate.rules).string.uuid = true ]; + string issue_date = 4; + string expiration_date = 5; + string standard = 6; + string assurance_level = 7; + string cab = 8; + string description = 9; + // A list of states at specific times + repeated State states = 10 + [ (tagger.tags) = "gorm:\"constraint:OnDelete:CASCADE\"" ]; +} + +// A state of a certificate at a given time +message State { + string id = 1; + // An EUCS-defined state, e.g. `new`, `suspended` or `withdrawn` + string state = 2; + string tree_id = 3; + string timestamp = 4; + // Reference to the certificate + string certificate_id = 5; +} + +// TargetOfEvaluationChangeEvent represents a change of either a Target of +// Evaluation or Control Monitoring Status and the TargetOfEvaluation hook +// function can be informed about the reason of its call. +message TargetOfEvaluationChangeEvent { + // Type represents the type of the change event. Type can be a change event + // regarding the Target of Evaluation or the Control Monitoring Status. + enum Type { + TYPE_UNSPECIFIED = 0; + + TYPE_TARGET_OF_EVALUATION_CREATED = 1; + TYPE_TARGET_OF_EVALUATION_UPDATED = 2; + TYPE_TARGET_OF_EVALUATION_REMOVED = 3; + + TYPE_CONTROL_IN_SCOPE_ADDED = 4; + TYPE_CONTROL_IN_SCOPE_UPDATED = 5; + TYPE_CONTROL_IN_SCOPE_REMOVED = 6; + } + + Type type = 1 [ (validate.rules).enum.defined_only = true ]; + + // Optional. If the type is a TARGET_OF_EVALUATION_* the target_of_evaluation + // field must be set + optional TargetOfEvaluation target_of_evaluation = 2 + [ (validate.rules).message.required = true ]; + + // Optional. If the type is a CONTROL_IN_SCOPE_* the + // control_in_scope fied must be set + optional ControlInScope control_in_scope = 3 + [ (validate.rules).message.required = true ]; +} diff --git a/proto/tagger.proto b/proto/tagger.proto new file mode 100644 index 0000000..71a0a28 --- /dev/null +++ b/proto/tagger.proto @@ -0,0 +1,18 @@ +syntax = "proto3"; + +package tagger; + +import "google/protobuf/descriptor.proto"; + +option go_package = "github.com/srikrsna/protoc-gen-gotag/tagger;tagger"; + +// Tags are applied at the field level +extend google.protobuf.FieldOptions { + // Multiple Tags can be specified. + string tags = 847939; +} + +extend google.protobuf.OneofOptions { + // Multiple Tags can be specified. + string oneof_tags = 847939; +} diff --git a/proto/validate.proto b/proto/validate.proto new file mode 100644 index 0000000..705d382 --- /dev/null +++ b/proto/validate.proto @@ -0,0 +1,862 @@ +syntax = "proto2"; +package validate; + +option go_package = "github.com/envoyproxy/protoc-gen-validate/validate"; +option java_package = "io.envoyproxy.pgv.validate"; + +import "google/protobuf/descriptor.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/timestamp.proto"; + +// Validation rules applied at the message level +extend google.protobuf.MessageOptions { + // Disabled nullifies any validation rules for this message, including any + // message fields associated with it that do support validation. + optional bool disabled = 1071; + // Ignore skips generation of validation methods for this message. + optional bool ignored = 1072; +} + +// Validation rules applied at the oneof level +extend google.protobuf.OneofOptions { + // Required ensures that exactly one the field options in a oneof is set; + // validation fails if no fields in the oneof are set. + optional bool required = 1071; +} + +// Validation rules applied at the field level +extend google.protobuf.FieldOptions { + // Rules specify the validations to be performed on this field. By default, + // no validation is performed against a field. + optional FieldRules rules = 1071; +} + +// FieldRules encapsulates the rules for each type of field. Depending on the +// field, the correct set should be used to ensure proper validations. +message FieldRules { + optional MessageRules message = 17; + oneof type { + // Scalar Field Types + FloatRules float = 1; + DoubleRules double = 2; + Int32Rules int32 = 3; + Int64Rules int64 = 4; + UInt32Rules uint32 = 5; + UInt64Rules uint64 = 6; + SInt32Rules sint32 = 7; + SInt64Rules sint64 = 8; + Fixed32Rules fixed32 = 9; + Fixed64Rules fixed64 = 10; + SFixed32Rules sfixed32 = 11; + SFixed64Rules sfixed64 = 12; + BoolRules bool = 13; + StringRules string = 14; + BytesRules bytes = 15; + + // Complex Field Types + EnumRules enum = 16; + RepeatedRules repeated = 18; + MapRules map = 19; + + // Well-Known Field Types + AnyRules any = 20; + DurationRules duration = 21; + TimestampRules timestamp = 22; + } +} + +// FloatRules describes the constraints applied to `float` values +message FloatRules { + // Const specifies that this field must be exactly the specified value + optional float const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional float lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional float lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional float gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional float gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated float in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated float not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// DoubleRules describes the constraints applied to `double` values +message DoubleRules { + // Const specifies that this field must be exactly the specified value + optional double const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional double lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional double lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional double gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional double gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated double in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated double not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Int32Rules describes the constraints applied to `int32` values +message Int32Rules { + // Const specifies that this field must be exactly the specified value + optional int32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional int32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional int32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional int32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional int32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated int32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Int64Rules describes the constraints applied to `int64` values +message Int64Rules { + // Const specifies that this field must be exactly the specified value + optional int64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional int64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional int64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional int64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional int64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated int64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// UInt32Rules describes the constraints applied to `uint32` values +message UInt32Rules { + // Const specifies that this field must be exactly the specified value + optional uint32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional uint32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional uint32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional uint32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional uint32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated uint32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated uint32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// UInt64Rules describes the constraints applied to `uint64` values +message UInt64Rules { + // Const specifies that this field must be exactly the specified value + optional uint64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional uint64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional uint64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional uint64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional uint64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated uint64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated uint64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SInt32Rules describes the constraints applied to `sint32` values +message SInt32Rules { + // Const specifies that this field must be exactly the specified value + optional sint32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sint32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sint32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sint32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sint32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sint32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sint32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SInt64Rules describes the constraints applied to `sint64` values +message SInt64Rules { + // Const specifies that this field must be exactly the specified value + optional sint64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sint64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sint64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sint64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sint64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sint64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sint64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Fixed32Rules describes the constraints applied to `fixed32` values +message Fixed32Rules { + // Const specifies that this field must be exactly the specified value + optional fixed32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional fixed32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional fixed32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional fixed32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional fixed32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated fixed32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated fixed32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Fixed64Rules describes the constraints applied to `fixed64` values +message Fixed64Rules { + // Const specifies that this field must be exactly the specified value + optional fixed64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional fixed64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional fixed64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional fixed64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional fixed64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated fixed64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated fixed64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SFixed32Rules describes the constraints applied to `sfixed32` values +message SFixed32Rules { + // Const specifies that this field must be exactly the specified value + optional sfixed32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sfixed32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sfixed32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sfixed32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sfixed32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sfixed32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sfixed32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SFixed64Rules describes the constraints applied to `sfixed64` values +message SFixed64Rules { + // Const specifies that this field must be exactly the specified value + optional sfixed64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sfixed64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sfixed64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sfixed64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sfixed64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sfixed64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sfixed64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// BoolRules describes the constraints applied to `bool` values +message BoolRules { + // Const specifies that this field must be exactly the specified value + optional bool const = 1; +} + +// StringRules describe the constraints applied to `string` values +message StringRules { + // Const specifies that this field must be exactly the specified value + optional string const = 1; + + // Len specifies that this field must be the specified number of + // characters (Unicode code points). Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 len = 19; + + // MinLen specifies that this field must be the specified number of + // characters (Unicode code points) at a minimum. Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 min_len = 2; + + // MaxLen specifies that this field must be the specified number of + // characters (Unicode code points) at a maximum. Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 max_len = 3; + + // LenBytes specifies that this field must be the specified number of bytes + optional uint64 len_bytes = 20; + + // MinBytes specifies that this field must be the specified number of bytes + // at a minimum + optional uint64 min_bytes = 4; + + // MaxBytes specifies that this field must be the specified number of bytes + // at a maximum + optional uint64 max_bytes = 5; + + // Pattern specifes that this field must match against the specified + // regular expression (RE2 syntax). The included expression should elide + // any delimiters. + optional string pattern = 6; + + // Prefix specifies that this field must have the specified substring at + // the beginning of the string. + optional string prefix = 7; + + // Suffix specifies that this field must have the specified substring at + // the end of the string. + optional string suffix = 8; + + // Contains specifies that this field must have the specified substring + // anywhere in the string. + optional string contains = 9; + + // NotContains specifies that this field cannot have the specified substring + // anywhere in the string. + optional string not_contains = 23; + + // In specifies that this field must be equal to one of the specified + // values + repeated string in = 10; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated string not_in = 11; + + // WellKnown rules provide advanced constraints against common string + // patterns + oneof well_known { + // Email specifies that the field must be a valid email address as + // defined by RFC 5322 + bool email = 12; + + // Hostname specifies that the field must be a valid hostname as + // defined by RFC 1034. This constraint does not support + // internationalized domain names (IDNs). + bool hostname = 13; + + // Ip specifies that the field must be a valid IP (v4 or v6) address. + // Valid IPv6 addresses should not include surrounding square brackets. + bool ip = 14; + + // Ipv4 specifies that the field must be a valid IPv4 address. + bool ipv4 = 15; + + // Ipv6 specifies that the field must be a valid IPv6 address. Valid + // IPv6 addresses should not include surrounding square brackets. + bool ipv6 = 16; + + // Uri specifies that the field must be a valid, absolute URI as defined + // by RFC 3986 + bool uri = 17; + + // UriRef specifies that the field must be a valid URI as defined by RFC + // 3986 and may be relative or absolute. + bool uri_ref = 18; + + // Address specifies that the field must be either a valid hostname as + // defined by RFC 1034 (which does not support internationalized domain + // names or IDNs), or it can be a valid IP (v4 or v6). + bool address = 21; + + // Uuid specifies that the field must be a valid UUID as defined by + // RFC 4122 + bool uuid = 22; + + // WellKnownRegex specifies a common well known pattern defined as a regex. + KnownRegex well_known_regex = 24; + } + + // This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable + // strict header validation. + // By default, this is true, and HTTP header validations are RFC-compliant. + // Setting to false will enable a looser validations that only disallows + // \r\n\0 characters, which can be used to bypass header matching rules. + optional bool strict = 25 [default = true]; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 26; +} + +// WellKnownRegex contain some well-known patterns. +enum KnownRegex { + UNKNOWN = 0; + + // HTTP header name as defined by RFC 7230. + HTTP_HEADER_NAME = 1; + + // HTTP header value as defined by RFC 7230. + HTTP_HEADER_VALUE = 2; +} + +// BytesRules describe the constraints applied to `bytes` values +message BytesRules { + // Const specifies that this field must be exactly the specified value + optional bytes const = 1; + + // Len specifies that this field must be the specified number of bytes + optional uint64 len = 13; + + // MinLen specifies that this field must be the specified number of bytes + // at a minimum + optional uint64 min_len = 2; + + // MaxLen specifies that this field must be the specified number of bytes + // at a maximum + optional uint64 max_len = 3; + + // Pattern specifes that this field must match against the specified + // regular expression (RE2 syntax). The included expression should elide + // any delimiters. + optional string pattern = 4; + + // Prefix specifies that this field must have the specified bytes at the + // beginning of the string. + optional bytes prefix = 5; + + // Suffix specifies that this field must have the specified bytes at the + // end of the string. + optional bytes suffix = 6; + + // Contains specifies that this field must have the specified bytes + // anywhere in the string. + optional bytes contains = 7; + + // In specifies that this field must be equal to one of the specified + // values + repeated bytes in = 8; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated bytes not_in = 9; + + // WellKnown rules provide advanced constraints against common byte + // patterns + oneof well_known { + // Ip specifies that the field must be a valid IP (v4 or v6) address in + // byte format + bool ip = 10; + + // Ipv4 specifies that the field must be a valid IPv4 address in byte + // format + bool ipv4 = 11; + + // Ipv6 specifies that the field must be a valid IPv6 address in byte + // format + bool ipv6 = 12; + } + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 14; +} + +// EnumRules describe the constraints applied to enum values +message EnumRules { + // Const specifies that this field must be exactly the specified value + optional int32 const = 1; + + // DefinedOnly specifies that this field must be only one of the defined + // values for this enum, failing on any undefined value. + optional bool defined_only = 2; + + // In specifies that this field must be equal to one of the specified + // values + repeated int32 in = 3; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int32 not_in = 4; +} + +// MessageRules describe the constraints applied to embedded message values. +// For message-type fields, validation is performed recursively. +message MessageRules { + // Skip specifies that the validation rules of this field should not be + // evaluated + optional bool skip = 1; + + // Required specifies that this field must be set + optional bool required = 2; +} + +// RepeatedRules describe the constraints applied to `repeated` values +message RepeatedRules { + // MinItems specifies that this field must have the specified number of + // items at a minimum + optional uint64 min_items = 1; + + // MaxItems specifies that this field must have the specified number of + // items at a maximum + optional uint64 max_items = 2; + + // Unique specifies that all elements in this field must be unique. This + // contraint is only applicable to scalar and enum types (messages are not + // supported). + optional bool unique = 3; + + // Items specifies the contraints to be applied to each item in the field. + // Repeated message fields will still execute validation against each item + // unless skip is specified here. + optional FieldRules items = 4; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 5; +} + +// MapRules describe the constraints applied to `map` values +message MapRules { + // MinPairs specifies that this field must have the specified number of + // KVs at a minimum + optional uint64 min_pairs = 1; + + // MaxPairs specifies that this field must have the specified number of + // KVs at a maximum + optional uint64 max_pairs = 2; + + // NoSparse specifies values in this field cannot be unset. This only + // applies to map's with message value types. + optional bool no_sparse = 3; + + // Keys specifies the constraints to be applied to each key in the field. + optional FieldRules keys = 4; + + // Values specifies the constraints to be applied to the value of each key + // in the field. Message values will still have their validations evaluated + // unless skip is specified here. + optional FieldRules values = 5; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 6; +} + +// AnyRules describe constraints applied exclusively to the +// `google.protobuf.Any` well-known type +message AnyRules { + // Required specifies that this field must be set + optional bool required = 1; + + // In specifies that this field's `type_url` must be equal to one of the + // specified values. + repeated string in = 2; + + // NotIn specifies that this field's `type_url` must not be equal to any of + // the specified values. + repeated string not_in = 3; +} + +// DurationRules describe the constraints applied exclusively to the +// `google.protobuf.Duration` well-known type +message DurationRules { + // Required specifies that this field must be set + optional bool required = 1; + + // Const specifies that this field must be exactly the specified value + optional google.protobuf.Duration const = 2; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional google.protobuf.Duration lt = 3; + + // Lt specifies that this field must be less than the specified value, + // inclusive + optional google.protobuf.Duration lte = 4; + + // Gt specifies that this field must be greater than the specified value, + // exclusive + optional google.protobuf.Duration gt = 5; + + // Gte specifies that this field must be greater than the specified value, + // inclusive + optional google.protobuf.Duration gte = 6; + + // In specifies that this field must be equal to one of the specified + // values + repeated google.protobuf.Duration in = 7; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated google.protobuf.Duration not_in = 8; +} + +// TimestampRules describe the constraints applied exclusively to the +// `google.protobuf.Timestamp` well-known type +message TimestampRules { + // Required specifies that this field must be set + optional bool required = 1; + + // Const specifies that this field must be exactly the specified value + optional google.protobuf.Timestamp const = 2; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional google.protobuf.Timestamp lt = 3; + + // Lte specifies that this field must be less than the specified value, + // inclusive + optional google.protobuf.Timestamp lte = 4; + + // Gt specifies that this field must be greater than the specified value, + // exclusive + optional google.protobuf.Timestamp gt = 5; + + // Gte specifies that this field must be greater than the specified value, + // inclusive + optional google.protobuf.Timestamp gte = 6; + + // LtNow specifies that this must be less than the current time. LtNow + // can only be used with the Within rule. + optional bool lt_now = 7; + + // GtNow specifies that this must be greater than the current time. GtNow + // can only be used with the Within rule. + optional bool gt_now = 8; + + // Within specifies that this field must be within this duration of the + // current time. This constraint can be used alone or with the LtNow and + // GtNow rules. + optional google.protobuf.Duration within = 9; +} diff --git a/requirements.txt b/requirements.txt index 42c1e01..fd9f0f0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,30 +1,30 @@ -cachetools==4.2.4 -certifi==2021.10.8 -charset-normalizer==2.0.9 -click==7.1.2 -configparser==5.1.0 -croniter==1.0.15 +cachetools==5.3.0 +certifi==2022.12.7 +charset-normalizer==3.0.1 +click==8.1.3 +configparser==5.3.0 +croniter==1.3.8 elasticsearch==7.13.4 elasticsearch-dsl==7.4.0 -google-api-core==2.3.0 -google-api-python-client==2.33.0 -google-auth==2.3.3 +google-api-core==2.11.0 +google-api-python-client==2.75.0 +google-auth==2.16.0 google-auth-httplib2==0.1.0 -googleapis-common-protos==1.54.0 -grpcio==1.42.0 -grpcio-tools==1.42.0 -httplib2==0.20.2 -idna==3.3 -protobuf==3.19.1 +googleapis-common-protos==1.58.0 +grpcio==1.51.1 +grpcio-tools==1.51.1 +httplib2==0.21.0 +idna==3.4 +protobuf==4.21.12 pyasn1==0.4.8 pyasn1-modules==0.2.8 -pyparsing==3.0.6 +pyparsing==3.0.9 python-dateutil==2.8.2 -redis==4.3.1 -requests==2.26.0 -rq==1.10.1 +redis==4.4.2 +requests==2.28.2 +rq==1.12.0 rq-scheduler==0.11.0 -rsa==4.8 +rsa==4.9 six==1.16.0 uritemplate==4.1.1 -urllib3==1.25.8 \ No newline at end of file +urllib3==1.26.14 diff --git a/scheduler/scheduler.py b/scheduler/scheduler.py index ed30c8c..0d3ca7f 100644 --- a/scheduler/scheduler.py +++ b/scheduler/scheduler.py @@ -4,14 +4,19 @@ import os from redis import Redis from rq import Queue from rq_scheduler import Scheduler +from vat_evidence_collector import vat_evidence_collector from wazuh_evidence_collector import wazuh_evidence_collector -from wazuh_evidence_collector.wazuh_evidence_collector import LOGGER +from log_conf.log_conf import LOGGER +from clouditor_interface.ids_provider import get_tool_id + +LOGGER.info("Starting " + get_tool_id()) REDIS_HOST = os.environ.get("redis_host") REDIS_PORT = int(os.environ.get("redis_port")) REDIS_QUEUE = os.environ.get("redis_queue") WAZUH_CHECK_INTERVAL = int(os.environ.get("wazuh_check_interval")) +VAT_CHECK_INTERVAL = int(os.environ.get("vat_check_interval")) def remove_jobs(scheduler): jobs = scheduler.get_jobs() @@ -21,16 +26,25 @@ def remove_jobs(scheduler): def print_jobs(scheduler): jobs = scheduler.get_jobs() for job in jobs: - LOGGER.info(job) + LOGGER.debug(job) redis = Redis(REDIS_HOST, REDIS_PORT) -q = Queue(REDIS_QUEUE, connection=redis) -scheduler = Scheduler(connection=redis) +queue = Queue(REDIS_QUEUE, connection=redis) +scheduler = Scheduler(connection=redis, queue=queue) remove_jobs(scheduler) scheduler.cron( - '*/' + str(int(WAZUH_CHECK_INTERVAL / 60)) + ' * * * * ', + '*/' + str(VAT_CHECK_INTERVAL) + ' * * * * ', + func=vat_evidence_collector.main, + args=[], + repeat=None, + queue_name=REDIS_QUEUE, + use_local_timezone=False +) + +scheduler.cron( + '*/' + str(WAZUH_CHECK_INTERVAL) + ' * * * * ', func=wazuh_evidence_collector.main, args=[], repeat=None, diff --git a/test/test.sh b/test/test.sh index f2f1693..432432d 100755 --- a/test/test.sh +++ b/test/test.sh @@ -7,7 +7,8 @@ redis2="Ready to accept connections" scheduler="Registering birth" worker1="Worker rq:worker:" worker2="Listening on " -oauth2token="Max retries exceeded with url: /v1/auth/token" +wazuh_error="Exception caught in Wazuh Evidence Collector run_collector()" +vat_error="Exception caught in VAT Evidence Collector create_new_scan()" if ! [[ $logs =~ $redis1 ]] then @@ -39,8 +40,14 @@ if ! [[ $logs =~ $worker2 ]] exit 1 fi -if ! [[ $logs =~ $oauth2token ]] +if ! [[ $logs =~ $schedule_wazuh ]] then - echo "OAuth2 token authentication not working" 1>&2 + echo "Failed to schedule Wazuh evidence collection job" 1>&2 + exit 1 +fi + +if ! [[ $logs =~ $schedule_vat ]] + then + echo "Failed to schedule VAT evidence collection job" 1>&2 exit 1 fi diff --git a/vat_evidence_collector/vat_client.py b/vat_evidence_collector/vat_client.py new file mode 100644 index 0000000..90ab597 --- /dev/null +++ b/vat_evidence_collector/vat_client.py @@ -0,0 +1,40 @@ +# SPDX-License-Identifier: Apache-2.0 + +import json +import urllib3 + +class VatClient: + + def __init__(self, protocol, ip, port, api_prefix, logger): + self._protocol = protocol + self._ip = ip + self._port = port + self._api_prefix = api_prefix + self.logger = logger + + def req(self, method, resource, data=None, headers={}, fields=None): + if self._protocol == "https": + c = urllib3.HTTPSConnectionPool(host=self._ip, port=self._port, cert_reqs='CERT_NONE', assert_hostname=False) + else: + c = urllib3.HTTPConnectionPool(host=self._ip, port=self._port) + + url = "%s://%s:%i%s/%s" % (self._protocol, self._ip, self._port, self._api_prefix, resource) + + try: + if not fields: + resp = c.request(method, url, headers=headers, body=data) + else: + resp = c.request(method, url, headers=headers, fields=fields) + + except (TimeoutError, urllib3.exceptions.NewConnectionError, + urllib3.exceptions.MaxRetryError, + urllib3.exceptions.ConnectTimeoutError, + urllib3.exceptions.TimeoutError) as err: + self.logger.exception("VAT not available: " + str(err), exc_info=False) + raise + else: + if resp.status in range(200, 300): + return json.loads(resp.data) + else: + self.logger.exception("VAT not available: got response code " + str(resp.status), exc_info=False) + raise diff --git a/vat_evidence_collector/vat_evidence_collector.py b/vat_evidence_collector/vat_evidence_collector.py new file mode 100644 index 0000000..227b88d --- /dev/null +++ b/vat_evidence_collector/vat_evidence_collector.py @@ -0,0 +1,210 @@ +# SPDX-License-Identifier: Apache-2.0 + +import os +import json +import random +import re +from datetime import timedelta +from redis import Redis +from rq import Queue +from rq_scheduler import Scheduler +from vat_evidence_collector.vat_client import VatClient +from clouditor_interface.assessment_interface import AssessmentInterface +from clouditor_interface.assessment_interface_messages import create_resource, create_assess_evidence_request, print_evidence +from clouditor_interface.clouditor_authentication import ClouditorAuthentication +from clouditor_interface.ids_provider import get_tool_id, get_cloud_service_id +import uuid +from log_conf.log_conf import LOGGER + +REDIS_HOST = os.environ.get("redis_host") +REDIS_PORT = int(os.environ.get("redis_port")) +REDIS_QUEUE = os.environ.get("redis_queue") + +VAT_PROTOCOL = os.environ.get("vat_protocol") +VAT_HOST = os.environ.get("vat_host") +VAT_PORT = int(os.environ.get("vat_port")) +VAT_API_PREFIX = os.environ.get("vat_api_prefix") +VAT_CHECK_HOSTS = (os.environ.get("vat_check_hosts")).split(',') +VAT_NMAP_CHECK_TIMEOUT = int(os.environ.get("vat_nmap_check_timeout")) +VAT_W3AF_CHECK_TIMEOUT = int(os.environ.get("vat_w3af_check_timeout")) + +VAT_VULNERABILITY_LEVEL = int(os.environ.get("vat_vulnerability_level")) + +DUMMY_VAT = os.environ.get("dummy_vat").lower() in ('true', '1', 't') + +vat = VatClient(VAT_PROTOCOL, VAT_HOST, VAT_PORT, VAT_API_PREFIX, LOGGER) + +oauth_client = ClouditorAuthentication(LOGGER) + +ai = AssessmentInterface(LOGGER) + +redis = Redis(REDIS_HOST, REDIS_PORT) +queue = Queue(REDIS_QUEUE, connection=redis) +scheduler = Scheduler(connection=redis, queue=queue) + +def create_new_nmap_scan(): + if not VAT_CHECK_HOSTS: + LOGGER.debug("No hosts to check with VAT") + return None + + with open('./vat_evidence_collector/vat_nmap_request_config.json', 'r') as f: + file_data = json.load(f) + + for vat_check_host in VAT_CHECK_HOSTS: + file_data["target"]["ip"] = str(vat_check_host) + + headers = {} + payload={'name': 'nmap scan: [' + file_data["target"]["ip"] + ']', + 'indicator_id': '', + 'type': 'vuln_scan', + 'tool': 'null', + 'timeout': str(VAT_NMAP_CHECK_TIMEOUT) + 'm', + 'files': ('config.json', json.dumps(file_data), 'application/json')} + + response = vat.req('POST', 'tasks/', headers=headers, fields=payload) + + new_scan_id = response["id"] + + new_job = scheduler.enqueue_in(timedelta(minutes=VAT_NMAP_CHECK_TIMEOUT), run_nmap_collector, new_scan_id) + + LOGGER.debug("New VAT Nmap scan analysis successfully scheduled: " + str(new_job)) + +def create_new_w3af_scan(ports): + with open('./vat_evidence_collector/vat_w3af_request_config.json', 'r') as f: + file_data = json.load(f) + + for vat_check_host in VAT_CHECK_HOSTS: + host_scans = [] + + for port in ports: + for prefix in ["http", "https"]: + file_data["target"]["url"] = prefix + "://" + vat_check_host + ":" + str(port) + + headers = {} + # Payload name formed as this due to VAT bug causing checks to fail if name includes URL + payload={'name': 'w3af scan: [' + prefix + ',' + vat_check_host + ',' + str(port) + ']', + 'indicator_id': '', + 'type': 'vuln_scan', + 'tool': 'null', + 'timeout': str(VAT_W3AF_CHECK_TIMEOUT) + 'm', + 'files': ('config.json', json.dumps(file_data), 'application/json')} + + response = vat.req('POST', 'tasks/', headers=headers, fields=payload) + + new_scan_id = response["id"] + + host_scans.append(new_scan_id) + + LOGGER.debug("New VAT w3af scan successfully requested for " + str(file_data["target"]["url"])) + + new_job = scheduler.enqueue_in(timedelta(minutes=VAT_W3AF_CHECK_TIMEOUT), run_w3af_collector_main, host_scans) + + LOGGER.debug("New VAT w3af scan analysis successfully scheduled: " + str(new_job)) + +def generate_evidence(raw_evidence, scanned_host, number_of_vulnerabilities_found): + vulnerability_discovery = { "numberOfVulnerabilitiesFound": number_of_vulnerabilities_found } + + resource = create_resource(scanned_host, None, vulnerability_discovery) + + return create_assess_evidence_request(uuid.uuid1(), get_cloud_service_id("vat"), get_tool_id(), raw_evidence, resource) + +def get_scan_details(vat, scan_id): + headers = {} + headers['Content-Type'] = 'application/json' + + body = vat.req('GET', 'tasks/' + scan_id + '/executions', headers=headers) + + try: + if body['items'][0]['result']['message'] == "Container finished execution": + return body + except Exception: + LOGGER.exception("VAT scan " + scan_id + " details not available: scan failed or timed out") + raise + +def run_nmap_collector(scan_id): + LOGGER.debug("Executing scheduled VAT Nmap scan analysis job: " + scan_id) + + raw_evidence = get_scan_details(vat, scan_id) + + scan_output = json.loads(raw_evidence['items'][0]['result']['output']) + + ports = [] + + for report in scan_output['reports']: + ports.append(int(re.findall(r'\b\d+\b', report['short_desc'])[0])) + + if len(ports) == 0: + scanned_host = scan_output['reports'][0]['target'] + LOGGER.debug("Scanned host " + str(scanned_host) + " has no open ports.") + + evidence = generate_evidence(raw_evidence, scanned_host, 0) + + ai.send_evidence(evidence, oauth_client.get_token()) + print_evidence(LOGGER, evidence.evidence) + else: + create_new_w3af_scan(ports) + +def run_w3af_collector(scans): + LOGGER.debug("Executing scheduled VAT w3af scans analysis job") + + raw_evidences = [] + scanned_host = None + number_of_vulnerabilities_found = 0 + + for scan in scans: + LOGGER.debug("Analysing w3af scan: " + scan) + + try: + raw_evidence = get_scan_details(vat, scan) + except Exception: + pass + continue + + raw_evidences.append(raw_evidence) + + scan_output = json.loads(raw_evidence['items'][0]['result']['output']) + + if len(scan_output['reports']) <= 0: + continue + + scanned_host = scan_output['reports'][0]['target'] + + for report in scan_output['reports']: + if int(report['w_risk_level']) >= VAT_VULNERABILITY_LEVEL: + number_of_vulnerabilities_found += 1 + + LOGGER.debug("Number of vulnerabilities (above severity level " + str(VAT_VULNERABILITY_LEVEL) + ") found for : " + str(number_of_vulnerabilities_found)) + + evidence = generate_evidence(raw_evidences, scanned_host, number_of_vulnerabilities_found) + + ai.send_evidence(evidence, oauth_client.get_token()) + print_evidence(LOGGER, evidence.evidence) + +def run_demo_collector(): + LOGGER.debug("Simulating VAT analysis job") + + evidence = generate_evidence("", "dummyVAT", random.randint(0,20)) + + ai.send_evidence(evidence, oauth_client.get_token()) + print_evidence(LOGGER, evidence.evidence) + +def run_w3af_collector_main(scan_id): + try: + run_w3af_collector(scan_id) + except Exception as err: + LOGGER.exception("Exception caught in VAT Evidence Collector run_w3af_collector(): " + str(err), exc_info=False) + +def main(): + if DUMMY_VAT: + try: + run_demo_collector() + except Exception as err: + LOGGER.exception("Exception caught in VAT Evidence Collector run_demo_collector(): " + str(err), exc_info=False) + else: + try: + create_new_nmap_scan() + except Exception as err: + LOGGER.exception("Exception caught in VAT Evidence Collector create_new_nmap_scan(): " + str(err), exc_info=False) + +if __name__ == "__main__": + main() diff --git a/vat_evidence_collector/vat_nmap_request_config.json b/vat_evidence_collector/vat_nmap_request_config.json new file mode 100644 index 0000000..8e34c60 --- /dev/null +++ b/vat_evidence_collector/vat_nmap_request_config.json @@ -0,0 +1,14 @@ +{ + "target": { + "ip": "127.0.0.1" + }, + "config": { + "nmap": { + "profile": "custom_parameters", + "parameters": { + "parameters": "-T4" + } + } + } + +} diff --git a/vat_evidence_collector/vat_w3af_request_config.json b/vat_evidence_collector/vat_w3af_request_config.json new file mode 100644 index 0000000..9ac0a01 --- /dev/null +++ b/vat_evidence_collector/vat_w3af_request_config.json @@ -0,0 +1,15 @@ +{ + "target": { + "url": "localhost" + }, + "config": { + "w3af": { + "profile": "fast_scan", + "parameters": {} + }, + "zap": { + "profile": "basic", + "parameters": {} + } + } +} diff --git a/wazuh_evidence_collector/checker.py b/wazuh_evidence_collector/checker.py index 69f532f..d5beca7 100644 --- a/wazuh_evidence_collector/checker.py +++ b/wazuh_evidence_collector/checker.py @@ -4,7 +4,7 @@ import elasticsearch import urllib3 from elasticsearch_dsl import Search import os -from forward_evidence.resource_id_mapper import map_resource_id +from clouditor_interface.ids_provider import map_resource_id WAZUH_CHECK_INTERVAL = os.environ.get("wazuh_check_interval") WAZUH_RULE_LEVEL = int(os.environ.get("wazuh_rule_level")) diff --git a/wazuh_evidence_collector/wazuh_client.py b/wazuh_evidence_collector/wazuh_client.py index a52cc77..3b53f1b 100644 --- a/wazuh_evidence_collector/wazuh_client.py +++ b/wazuh_evidence_collector/wazuh_client.py @@ -15,7 +15,7 @@ class WazuhClient: def req(self, method, resource, data=None, headers={}, auth_retry=True): # TODO: add cert verification - c = urllib3.HTTPSConnectionPool(self._ip, port=self._port, cert_reqs='CERT_NONE', assert_hostname=False) + c = urllib3.HTTPSConnectionPool(host=self._ip, port=self._port, cert_reqs='CERT_NONE', assert_hostname=False) url = "https://%s:%i/%s" % (self._ip, self._port, resource) headers['Content-Type'] = 'application/json' @@ -25,12 +25,16 @@ class WazuhClient: try: resp = c.request(method, url, headers=headers, body=data) except (TimeoutError, urllib3.exceptions.NewConnectionError, - urllib3.exceptions.MaxRetryError) as err: - self.logger.exception("Wazuh manager not available") + urllib3.exceptions.MaxRetryError, + urllib3.exceptions.ConnectTimeoutError, + urllib3.exceptions.TimeoutError) as err: + self.logger.exception("Wazuh manager not available: " + str(err), exc_info=False) + raise else: if resp.status == 401: if not auth_retry: - raise Exception("Authentication Error") + self.logger.exception("Wazuh authentication error: got response status 401", exc_info=False) + raise self._auth_token = None self._login() return self.req(method, resource, data, headers, auth_retry=False) diff --git a/wazuh_evidence_collector/wazuh_evidence_collector.py b/wazuh_evidence_collector/wazuh_evidence_collector.py index 232b888..3800d4b 100644 --- a/wazuh_evidence_collector/wazuh_evidence_collector.py +++ b/wazuh_evidence_collector/wazuh_evidence_collector.py @@ -3,17 +3,14 @@ import os from wazuh_evidence_collector.wazuh_client import WazuhClient from elasticsearch import Elasticsearch -from forward_evidence.forward_evidence import ForwardEvidence -from forward_evidence.generate_evidence import create_resource, create_assessevidence_request, print_evidence -from forward_evidence.clouditor_authentication import ClouditorAuthentication +from clouditor_interface.assessment_interface import AssessmentInterface +from clouditor_interface.assessment_interface_messages import create_resource, create_assess_evidence_request, print_evidence +from clouditor_interface.clouditor_authentication import ClouditorAuthentication +from clouditor_interface.ids_provider import get_tool_id, get_cloud_service_id from wazuh_evidence_collector.checker import Checker from wazuh_evidence_collector.demo_checker import DemoChecker import uuid -import configparser -import logging.config - -logging.config.fileConfig('logging.conf') -LOGGER = logging.getLogger('root') +from log_conf.log_conf import LOGGER DUMMY_WAZUH_MANAGER = os.environ.get("dummy_wazuh_manager").lower() in ('true', '1', 't') @@ -42,39 +39,21 @@ if not DUMMY_WAZUH_MANAGER: oauth_client = ClouditorAuthentication(LOGGER) -forwarder = ForwardEvidence(LOGGER) - -# Get ID (UUID) -def get_id(): - id = uuid.uuid1() - - return id - -# Get tool ID (SERVICE:VERSION format) -def get_tool_id(): - with open('MANIFEST', 'r') as f: - config_string = '[clouditor]\n' + f.read() - - config = configparser.ConfigParser() - config.read_string(config_string) - - version = '{}:{}'.format(config.get('clouditor', 'SERVICE'), config.get('clouditor', 'VERSION')) - - return version +ai = AssessmentInterface(LOGGER) def main(): try: run_collector() - except Exception: - LOGGER.exception("Exception caught in run_collector()") + except Exception as err: + LOGGER.exception("Exception caught in Wazuh Evidence Collector run_collector(): " + str(err), exc_info=False) # Wrapper function that runs all the checks (for every manager/agent) def run_collector(): if DUMMY_WAZUH_MANAGER is False: - LOGGER.debug("Using Checker to evaluate Wazuh logs.") + LOGGER.debug("Using Wazuh Evidence Collector Checker to evaluate Wazuh logs") checker = Checker(wc, es, LOGGER) else: - LOGGER.debug("Simulating evidence generation using Demo Checker.") + LOGGER.debug("Simulating evidence generation using Wazuh Evidence Collector Demo Checker") checker = DemoChecker() # Get list of all agent ids (including manager's) @@ -86,7 +65,8 @@ def run_collector(): for agent in body['data']['affected_items']: agent_list.append([agent['id'], agent['name']]) except TypeError: - LOGGER.exception("Invalid agent list.") + LOGGER.exception("Invalid agent list", exc_info=False) + raise return body, agent_list @@ -100,7 +80,7 @@ def run_collector(): LOGGER.debug("Forwarding " + str(len(ae_req_list)) + " evidences...") for ae_req in ae_req_list: - forwarder.send_evidence(ae_req, oauth_client.get_token()) + ai.send_evidence(ae_req, oauth_client.get_token()) print_evidence(LOGGER, ae_req.evidence) return ae_req_list @@ -146,7 +126,7 @@ def generate_evidence(agent, checker): malware_protection["malwareProtection"].update({ "applicationLogging": { "enabled": False, "loggingService": [], "retentionPeriod": None }}) resource = create_resource(agent[1], None, malware_protection) - return create_assessevidence_request(get_id(), "evidence_collector_service", get_tool_id(), raw_evidence, resource) + return create_assess_evidence_request(uuid.uuid1(), get_cloud_service_id("wazuh"), get_tool_id(), raw_evidence, resource) if __name__ == "__main__": main() -- GitLab