From fd5381746867ae4317902af90557a22df3dfbc97 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 11:34:49 +0200 Subject: [PATCH 01/25] automate-cli/dev: add cmd to create IAM dev users (viewer, editor) Reusing the logic we've had for resetting admin access. Signed-off-by: Stephan Renatus --- .../automate-cli/cmd/chef-automate/dev.go | 44 +++++++++++++++++ .../automate-cli/pkg/adminmgmt/adminmgmt.go | 49 ++++++++++++------- 2 files changed, 75 insertions(+), 18 deletions(-) diff --git a/components/automate-cli/cmd/chef-automate/dev.go b/components/automate-cli/cmd/chef-automate/dev.go index f5be9d42225..4ae2265d764 100644 --- a/components/automate-cli/cmd/chef-automate/dev.go +++ b/components/automate-cli/cmd/chef-automate/dev.go @@ -20,6 +20,8 @@ import ( dc "github.com/chef/automate/api/config/deployment" w "github.com/chef/automate/api/config/shared/wrappers" api "github.com/chef/automate/api/interservice/deployment" + "github.com/chef/automate/components/automate-cli/pkg/adminmgmt" + "github.com/chef/automate/components/automate-cli/pkg/client/apiclient" "github.com/chef/automate/components/automate-cli/pkg/dev/hab" "github.com/chef/automate/components/automate-cli/pkg/docs" "github.com/chef/automate/components/automate-cli/pkg/status" @@ -81,6 +83,7 @@ func init() { devCmd.AddCommand(newVerifyPackagesCmd()) devCmd.AddCommand(newEnablePrometheusCmd()) devCmd.AddCommand(newDisablePrometheusCmd()) + devCmd.AddCommand(newCreateIAMDevUsersCmd()) RootCmd.AddCommand(devCmd) } @@ -940,6 +943,15 @@ func newDisablePrometheusCmd() *cobra.Command { } } +func newCreateIAMDevUsersCmd() *cobra.Command { + return &cobra.Command{ + Use: "create-iam-dev-users", + RunE: runCreateIAMDevUsersCmd, + Short: `Create IAM v2 dev users ("viewer" and "editor")`, + Args: cobra.NoArgs, + } +} + // Equivalent to patching the config with the following toml: // [deployment.v1.svc] // enable_dev_monitoring = true @@ -974,3 +986,35 @@ func runDisablePrometheusCmd(*cobra.Command, []string) error { } return nil } + +func runCreateIAMDevUsersCmd(*cobra.Command, []string) error { + ctx := context.TODO() + apiClient, err := apiclient.OpenConnection(ctx) + if err != nil { + return err + } + for username, data := range map[string]struct { + displayName, password, team string + }{ + "viewer": {"Viewer User", "chefautomate", "viewers"}, + "editor": {"Editor User", "chefautomate", "editors"}, + } { + userID, _, err := adminmgmt.CreateUserOrUpdatePassword(ctx, + apiClient, username, data.displayName, data.password, false /* dry run */) + if err != nil { + return err + } + // Note: the teams SHOULD exist. But since you never know what happens in a + // long running acceptance env, we'll better ensure them: + teamID, _, err := adminmgmt.EnsureTeam(ctx, data.team, data.team /* description */, apiClient, false /* dry run */) + if err != nil { + return err + } + _, err = adminmgmt.AddUserToTeam(ctx, apiClient, teamID, userID, false /* dry run */) + if err != nil { + return err + } + } + + return nil +} diff --git a/components/automate-cli/pkg/adminmgmt/adminmgmt.go b/components/automate-cli/pkg/adminmgmt/adminmgmt.go index 88fe8996903..0c0e1f5a62a 100644 --- a/components/automate-cli/pkg/adminmgmt/adminmgmt.go +++ b/components/automate-cli/pkg/adminmgmt/adminmgmt.go @@ -26,12 +26,20 @@ import ( // boolean representing whether the user was found or created. func CreateAdminUserOrUpdatePassword(ctx context.Context, apiClient client.APIClient, newAdminPassword string, dryRun bool) (string, bool, error) { + return CreateUserOrUpdatePassword(ctx, apiClient, "admin", "Local Administrator", newAdminPassword, dryRun) +} + +// CreateUserOrUpdatePassword either creates a new user with the supplied +// username or updates the existing user's password. In either case, it returns +// the ID and a boolean representing whether the user was found or created. +func CreateUserOrUpdatePassword(ctx context.Context, + apiClient client.APIClient, username, displayName, newPassword string, dryRun bool) (string, bool, error) { var userID string var found bool getUserResp, err := apiClient.UsersClient().GetUserByUsername(ctx, &users_req.Username{ - Username: "admin", + Username: username, }) s := grpc_status.Convert(err) @@ -41,12 +49,12 @@ func CreateAdminUserOrUpdatePassword(ctx context.Context, if !dryRun { createUserResp, err := apiClient.UsersClient().CreateUser(ctx, &users_req.CreateUser{ - Name: "Local Administrator", - Username: "admin", - Password: newAdminPassword, + Name: displayName, + Username: username, + Password: newPassword, }) if err != nil { - return "", false, wrapUnexpectedError(err, "Failed to create the admin user") + return "", false, wrapUnexpectedError(err, "Failed to create the user") } userID = createUserResp.Id } @@ -58,18 +66,18 @@ func CreateAdminUserOrUpdatePassword(ctx context.Context, if !dryRun { _, err = apiClient.UsersClient().UpdateUser(ctx, &users_req.UpdateUser{ Id: userID, - Name: "Local Administrator", - Username: "admin", - Password: newAdminPassword, + Name: displayName, + Username: username, + Password: newPassword, }) if err != nil { // The first two args are not-to-be-looked-at by convention, as the err is // NOT nil; so, we don't bother returning the userID and true. - return "", false, wrapUnexpectedError(err, "Failed to update admin user's password") + return "", false, wrapUnexpectedError(err, "Failed to update user's password") } } default: // some error occurred querying the user - return "", false, wrapUnexpectedError(err, "Failed to check if admin user exists") + return "", false, wrapUnexpectedError(err, "Failed to check if user exists") } return userID, found, nil @@ -84,27 +92,32 @@ func CreateAdminTeamIfMissing(ctx context.Context, return EnsureTeam(ctx, "admins", descr, apiClient, dryRun) } -// AddAdminUserToTeam adds the admin user to the admins team by its ID, -// unless the admin is already in the team. It returns a boolean representing -// whether or not the user needed to be added. func AddAdminUserToTeam(ctx context.Context, - apiClient client.APIClient, adminsTeamID, userID string, dryRun bool) (bool, error) { + apiClient client.APIClient, adminTeamID, adminUserID string, dryRun bool) (bool, error) { + return AddUserToTeam(ctx, apiClient, adminTeamID, adminUserID, dryRun) +} + +// AddUserToTeam adds the user to a team by its ID, unless they are already in +// the team. It returns a boolean representing whether or not the user needed to +// be added. +func AddUserToTeam(ctx context.Context, + apiClient client.APIClient, teamID, userID string, dryRun bool) (bool, error) { getUsersResp, err := apiClient.TeamsClient().GetUsers(ctx, &teams_req.GetUsersReq{ - Id: adminsTeamID, + Id: teamID, }) if err != nil { - return false, wrapUnexpectedError(err, "Failed to check admins team membership") + return false, wrapUnexpectedError(err, "Failed to check team membership") } addUser := !stringutils.SliceContains(getUsersResp.UserIds, userID) if addUser && !dryRun { _, err := apiClient.TeamsClient().AddUsers(ctx, &teams_req.AddUsersReq{ - Id: adminsTeamID, + Id: teamID, UserIds: []string{userID}, }) if err != nil { - return false, wrapUnexpectedError(err, "Failed to add admin user to admins team") + return false, wrapUnexpectedError(err, "Failed to add user to team") } } From 5d928c9b59798e5d1495888435eaa03d2b7413ac Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 11:40:36 +0200 Subject: [PATCH 02/25] start_all_services: create IAM v2 dev users This hooks in the call to the new dev command. The resulting logins will be: - viewer:chefautomate - editor:chefautomate Signed-off-by: Stephan Renatus --- .studiorc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.studiorc b/.studiorc index fd9fda186e5..d2b1c1336a4 100644 --- a/.studiorc +++ b/.studiorc @@ -128,6 +128,7 @@ fi document "start_all_services" < Date: Wed, 22 May 2019 11:44:04 +0200 Subject: [PATCH 03/25] terraform: create iam dev users in test envs Signed-off-by: Stephan Renatus --- .../templates/install_chef_automate_cli.sh.tpl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl b/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl index 5510f658028..e35d90f112d 100644 --- a/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl +++ b/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl @@ -131,10 +131,12 @@ if [[ ! -f /root/a2-iamv2-enabled ]]; then case "${iam_version}" in "v2.1") chef-automate iam upgrade-to-v2 --beta2.1 + chef-automate dev create-iam-dev-users touch /root/a2-iamv2-enabled ;; "v2") chef-automate iam upgrade-to-v2 + chef-automate dev create-iam-dev-users touch /root/a2-iamv2-enabled ;; *) From d448ad22be482d39656013b55b37820035c4406d Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 11:44:51 +0200 Subject: [PATCH 04/25] automate-cli/dev: mention that the command can be run many times Signed-off-by: Stephan Renatus --- components/automate-cli/cmd/chef-automate/dev.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/automate-cli/cmd/chef-automate/dev.go b/components/automate-cli/cmd/chef-automate/dev.go index 4ae2265d764..cffe3be664e 100644 --- a/components/automate-cli/cmd/chef-automate/dev.go +++ b/components/automate-cli/cmd/chef-automate/dev.go @@ -947,7 +947,7 @@ func newCreateIAMDevUsersCmd() *cobra.Command { return &cobra.Command{ Use: "create-iam-dev-users", RunE: runCreateIAMDevUsersCmd, - Short: `Create IAM v2 dev users ("viewer" and "editor")`, + Short: `Create IAM v2 dev users ("viewer" and "editor") idempotently`, Args: cobra.NoArgs, } } From 6f084f7aa809583741806c141d9fb7ede0ccf530 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 13:37:08 +0200 Subject: [PATCH 05/25] inspec/a2-iam-v2-only-integration: rely on automate-cli for user creation Signed-off-by: Stephan Renatus --- .../controls/role_access.rb | 63 +++---------------- integration/tests/iam_v2_only.sh | 2 + 2 files changed, 9 insertions(+), 56 deletions(-) diff --git a/inspec/a2-iam-v2-only-integration/controls/role_access.rb b/inspec/a2-iam-v2-only-integration/controls/role_access.rb index 5a28a4520d6..bcfda6e601c 100644 --- a/inspec/a2-iam-v2-only-integration/controls/role_access.rb +++ b/inspec/a2-iam-v2-only-integration/controls/role_access.rb @@ -8,8 +8,8 @@ title 'v2-only access' desc 'role-based access for editor and viewer when v1 policies are purged' - VIEWER_USERNAME = 'inspec_test_viewer' - EDITOR_USERNAME = 'inspec_test_editor' + VIEWER_USERNAME = 'viewer' + EDITOR_USERNAME = 'editor' describe 'migrated legacy v1 policies' do it 'legacy policies can be deleted' do @@ -26,60 +26,11 @@ end describe 'viewer and editor access' do - before(:all) do - create_editor_request = automate_api_request( - '/apis/iam/v2beta/users', - http_method: 'POST', - request_body: { - id: EDITOR_USERNAME, - name: EDITOR_USERNAME, - password: ENV['AUTOMATE_API_DEFAULT_PASSWORD'] || 'chefautomate', - }.to_json - ) - expect(create_editor_request.http_status.to_s).to match(/200|409/) - - create_viewer_request = automate_api_request( - '/apis/iam/v2beta/users', - http_method: 'POST', - request_body: { - id: VIEWER_USERNAME, - name: VIEWER_USERNAME, - password: ENV['AUTOMATE_API_DEFAULT_PASSWORD'] || 'chefautomate', - }.to_json - ) - expect(create_viewer_request.http_status.to_s).to match(/200|409/) - - add_editor_request = automate_api_request( - '/apis/iam/v2beta/policies/editor-access/members:add', - http_method: 'POST', - request_body: { - members: [ "user:local:#{EDITOR_USERNAME}" ] - }.to_json - ) - expect(add_editor_request.http_status.to_s).to match(/200|409/) - - add_viewer_request = automate_api_request( - '/apis/iam/v2beta/policies/viewer-access/members:add', - http_method: 'POST', - request_body: { - members: [ "user:local:#{VIEWER_USERNAME}" ] - }.to_json - ) - expect(add_viewer_request.http_status.to_s).to match(/200|409/) - end - - after(:all) do - delete_editor_request = automate_api_request( - "/apis/iam/v2beta/users/#{EDITOR_USERNAME}", - http_method: 'DELETE', - ) - expect(delete_editor_request.http_status.to_s).to match(/200|404/) - - delete_viewer_request = automate_api_request( - "/apis/iam/v2beta/users/#{VIEWER_USERNAME}", - http_method: 'DELETE', - ) - expect(delete_viewer_request.http_status.to_s).to match(/200|404/) + [ VIEWER_USERNAME, EDITOR_USERNAME ].each do |username| + it "user #{username} exists" do + user_read_request = automate_api_request("/apis/iam/v2beta/users/#{username}") + expect(user_read_request.http_status).to eq 200 + end end describe "reading compliance data" do diff --git a/integration/tests/iam_v2_only.sh b/integration/tests/iam_v2_only.sh index ccbd67d3609..ad60430a6c7 100644 --- a/integration/tests/iam_v2_only.sh +++ b/integration/tests/iam_v2_only.sh @@ -41,5 +41,7 @@ do_deploy() { do_test_deploy() { log_info "run chef-automate iam upgrade-to-v2" chef-automate iam upgrade-to-v2 || return 1 + log_info "creating test users with automate-cli" + chef-automate dev create-iam-dev-users || return 1 do_test_deploy_default } From 7230d15c63a3e7e75426e6dc10004c44271bd463 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:04:53 +0200 Subject: [PATCH 06/25] automate-cli/iam: add --skip-legacy-upgrade flag (hidden) Signed-off-by: Stephan Renatus --- .../automate-cli/cmd/chef-automate/iam.go | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/components/automate-cli/cmd/chef-automate/iam.go b/components/automate-cli/cmd/chef-automate/iam.go index 833d9b69733..3e83b8daeff 100644 --- a/components/automate-cli/cmd/chef-automate/iam.go +++ b/components/automate-cli/cmd/chef-automate/iam.go @@ -7,6 +7,7 @@ import ( "strings" "github.com/spf13/cobra" + "github.com/spf13/pflag" "google.golang.org/grpc/codes" grpc_status "google.golang.org/grpc/status" @@ -20,10 +21,11 @@ import ( ) var iamCmdFlags = struct { - dryRun bool - adminToken bool - tokenID string - betaVersion bool + dryRun bool + adminToken bool + tokenID string + betaVersion bool + skipLegacyUpgrade bool }{} func newIAMCommand() *cobra.Command { @@ -93,17 +95,20 @@ func newIAMUpgradeToV2Cmd() *cobra.Command { RunE: runIAMUpgradeToV2Cmd, Args: cobra.ExactArgs(0), } + cmd.PersistentFlags().BoolVar( + &iamCmdFlags.skipLegacyUpgrade, + "skip-legacy-upgrade", + false, + "Do not migrate policies from IAM v1.") cmd.PersistentFlags().BoolVar( &iamCmdFlags.betaVersion, "beta2.1", false, "Upgrade to version 2.1 with beta project authorization.") - err := cmd.PersistentFlags().MarkHidden("beta2.1") - // we could also ignore the lint error :shrug: - if err != nil { - fmt.Printf("failed configuring cobra: %s\n", err.Error()) - panic(err.Error()) - } + + // all flags are hidden right now + cmd.PersistentFlags().VisitAll(func(f *pflag.Flag) { f.Hidden = true }) + return cmd } From 35e1d6e13863471a6b48aff930790f8bc442e94e Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:06:08 +0200 Subject: [PATCH 07/25] automate-gateway/api: add migrate_v1_policies to UpdateToV2Req Signed-off-by: Stephan Renatus --- components/automate-gateway/api/iam/v2beta/request/policy.proto | 1 + 1 file changed, 1 insertion(+) diff --git a/components/automate-gateway/api/iam/v2beta/request/policy.proto b/components/automate-gateway/api/iam/v2beta/request/policy.proto index 3d7af3c4fcc..6996e7bcf38 100644 --- a/components/automate-gateway/api/iam/v2beta/request/policy.proto +++ b/components/automate-gateway/api/iam/v2beta/request/policy.proto @@ -41,6 +41,7 @@ message UpdatePolicyReq { message UpgradeToV2Req { Flag flag = 1; + bool migrate_v1_policies = 2; } message GetPolicyVersionReq {} From a3f140b5ccfde05c2c838c4ff085a61fe5b1f2d0 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:06:22 +0200 Subject: [PATCH 08/25] automate-gateway/api: add migrate_v1_policies to UpdateToV2Req [protobuf] Signed-off-by: Stephan Renatus --- .../api/iam/v2beta/request/policy.pb.go | 122 ++++++++++-------- 1 file changed, 66 insertions(+), 56 deletions(-) diff --git a/components/automate-gateway/api/iam/v2beta/request/policy.pb.go b/components/automate-gateway/api/iam/v2beta/request/policy.pb.go index af5f514de9a..cb951540e68 100644 --- a/components/automate-gateway/api/iam/v2beta/request/policy.pb.go +++ b/components/automate-gateway/api/iam/v2beta/request/policy.pb.go @@ -35,7 +35,7 @@ func (m *CreatePolicyReq) Reset() { *m = CreatePolicyReq{} } func (m *CreatePolicyReq) String() string { return proto.CompactTextString(m) } func (*CreatePolicyReq) ProtoMessage() {} func (*CreatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{0} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{0} } func (m *CreatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreatePolicyReq.Unmarshal(m, b) @@ -101,7 +101,7 @@ func (m *DeletePolicyReq) Reset() { *m = DeletePolicyReq{} } func (m *DeletePolicyReq) String() string { return proto.CompactTextString(m) } func (*DeletePolicyReq) ProtoMessage() {} func (*DeletePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{1} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{1} } func (m *DeletePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyReq.Unmarshal(m, b) @@ -138,7 +138,7 @@ func (m *ListPoliciesReq) Reset() { *m = ListPoliciesReq{} } func (m *ListPoliciesReq) String() string { return proto.CompactTextString(m) } func (*ListPoliciesReq) ProtoMessage() {} func (*ListPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{2} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{2} } func (m *ListPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesReq.Unmarshal(m, b) @@ -170,7 +170,7 @@ func (m *AddPolicyMembersReq) Reset() { *m = AddPolicyMembersReq{} } func (m *AddPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersReq) ProtoMessage() {} func (*AddPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{3} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{3} } func (m *AddPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersReq.Unmarshal(m, b) @@ -215,7 +215,7 @@ func (m *GetPolicyReq) Reset() { *m = GetPolicyReq{} } func (m *GetPolicyReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyReq) ProtoMessage() {} func (*GetPolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{4} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{4} } func (m *GetPolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyReq.Unmarshal(m, b) @@ -258,7 +258,7 @@ func (m *UpdatePolicyReq) Reset() { *m = UpdatePolicyReq{} } func (m *UpdatePolicyReq) String() string { return proto.CompactTextString(m) } func (*UpdatePolicyReq) ProtoMessage() {} func (*UpdatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{5} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{5} } func (m *UpdatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdatePolicyReq.Unmarshal(m, b) @@ -315,6 +315,7 @@ func (m *UpdatePolicyReq) GetProjects() []string { type UpgradeToV2Req struct { Flag common.Flag `protobuf:"varint,1,opt,name=flag,proto3,enum=chef.automate.api.iam.v2beta.Flag" json:"flag,omitempty"` + MigrateV1Policies bool `protobuf:"varint,2,opt,name=migrate_v1_policies,json=migrateV1Policies,proto3" json:"migrate_v1_policies,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -324,7 +325,7 @@ func (m *UpgradeToV2Req) Reset() { *m = UpgradeToV2Req{} } func (m *UpgradeToV2Req) String() string { return proto.CompactTextString(m) } func (*UpgradeToV2Req) ProtoMessage() {} func (*UpgradeToV2Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{6} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{6} } func (m *UpgradeToV2Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpgradeToV2Req.Unmarshal(m, b) @@ -351,6 +352,13 @@ func (m *UpgradeToV2Req) GetFlag() common.Flag { return common.Flag_VERSION_2_0 } +func (m *UpgradeToV2Req) GetMigrateV1Policies() bool { + if m != nil { + return m.MigrateV1Policies + } + return false +} + type GetPolicyVersionReq struct { XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -361,7 +369,7 @@ func (m *GetPolicyVersionReq) Reset() { *m = GetPolicyVersionReq{} } func (m *GetPolicyVersionReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionReq) ProtoMessage() {} func (*GetPolicyVersionReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{7} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{7} } func (m *GetPolicyVersionReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionReq.Unmarshal(m, b) @@ -391,7 +399,7 @@ func (m *ResetToV1Req) Reset() { *m = ResetToV1Req{} } func (m *ResetToV1Req) String() string { return proto.CompactTextString(m) } func (*ResetToV1Req) ProtoMessage() {} func (*ResetToV1Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{8} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{8} } func (m *ResetToV1Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Req.Unmarshal(m, b) @@ -422,7 +430,7 @@ func (m *ListPolicyMembersReq) Reset() { *m = ListPolicyMembersReq{} } func (m *ListPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersReq) ProtoMessage() {} func (*ListPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{9} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{9} } func (m *ListPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersReq.Unmarshal(m, b) @@ -461,7 +469,7 @@ func (m *ReplacePolicyMembersReq) Reset() { *m = ReplacePolicyMembersReq func (m *ReplacePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersReq) ProtoMessage() {} func (*ReplacePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{10} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{10} } func (m *ReplacePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersReq.Unmarshal(m, b) @@ -507,7 +515,7 @@ func (m *RemovePolicyMembersReq) Reset() { *m = RemovePolicyMembersReq{} func (m *RemovePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersReq) ProtoMessage() {} func (*RemovePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{11} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{11} } func (m *RemovePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersReq.Unmarshal(m, b) @@ -556,7 +564,7 @@ func (m *CreateRoleReq) Reset() { *m = CreateRoleReq{} } func (m *CreateRoleReq) String() string { return proto.CompactTextString(m) } func (*CreateRoleReq) ProtoMessage() {} func (*CreateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{12} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{12} } func (m *CreateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRoleReq.Unmarshal(m, b) @@ -615,7 +623,7 @@ func (m *GetRoleReq) Reset() { *m = GetRoleReq{} } func (m *GetRoleReq) String() string { return proto.CompactTextString(m) } func (*GetRoleReq) ProtoMessage() {} func (*GetRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{13} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{13} } func (m *GetRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetRoleReq.Unmarshal(m, b) @@ -653,7 +661,7 @@ func (m *DeleteRoleReq) Reset() { *m = DeleteRoleReq{} } func (m *DeleteRoleReq) String() string { return proto.CompactTextString(m) } func (*DeleteRoleReq) ProtoMessage() {} func (*DeleteRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{14} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{14} } func (m *DeleteRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleReq.Unmarshal(m, b) @@ -694,7 +702,7 @@ func (m *UpdateRoleReq) Reset() { *m = UpdateRoleReq{} } func (m *UpdateRoleReq) String() string { return proto.CompactTextString(m) } func (*UpdateRoleReq) ProtoMessage() {} func (*UpdateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{15} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{15} } func (m *UpdateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRoleReq.Unmarshal(m, b) @@ -752,7 +760,7 @@ func (m *ListRolesReq) Reset() { *m = ListRolesReq{} } func (m *ListRolesReq) String() string { return proto.CompactTextString(m) } func (*ListRolesReq) ProtoMessage() {} func (*ListRolesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{16} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{16} } func (m *ListRolesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesReq.Unmarshal(m, b) @@ -783,7 +791,7 @@ func (m *GetProjectReq) Reset() { *m = GetProjectReq{} } func (m *GetProjectReq) String() string { return proto.CompactTextString(m) } func (*GetProjectReq) ProtoMessage() {} func (*GetProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{17} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{17} } func (m *GetProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetProjectReq.Unmarshal(m, b) @@ -820,7 +828,7 @@ func (m *ListProjectsReq) Reset() { *m = ListProjectsReq{} } func (m *ListProjectsReq) String() string { return proto.CompactTextString(m) } func (*ListProjectsReq) ProtoMessage() {} func (*ListProjectsReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{18} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{18} } func (m *ListProjectsReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListProjectsReq.Unmarshal(m, b) @@ -852,7 +860,7 @@ func (m *CreateProjectReq) Reset() { *m = CreateProjectReq{} } func (m *CreateProjectReq) String() string { return proto.CompactTextString(m) } func (*CreateProjectReq) ProtoMessage() {} func (*CreateProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{19} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{19} } func (m *CreateProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateProjectReq.Unmarshal(m, b) @@ -898,7 +906,7 @@ func (m *UpdateProjectReq) Reset() { *m = UpdateProjectReq{} } func (m *UpdateProjectReq) String() string { return proto.CompactTextString(m) } func (*UpdateProjectReq) ProtoMessage() {} func (*UpdateProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{20} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{20} } func (m *UpdateProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateProjectReq.Unmarshal(m, b) @@ -943,7 +951,7 @@ func (m *DeleteProjectReq) Reset() { *m = DeleteProjectReq{} } func (m *DeleteProjectReq) String() string { return proto.CompactTextString(m) } func (*DeleteProjectReq) ProtoMessage() {} func (*DeleteProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_a15a519e01facaa9, []int{21} + return fileDescriptor_policy_8a3dd8540a11dac6, []int{21} } func (m *DeleteProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteProjectReq.Unmarshal(m, b) @@ -996,41 +1004,43 @@ func init() { } func init() { - proto.RegisterFile("components/automate-gateway/api/iam/v2beta/request/policy.proto", fileDescriptor_policy_a15a519e01facaa9) + proto.RegisterFile("components/automate-gateway/api/iam/v2beta/request/policy.proto", fileDescriptor_policy_8a3dd8540a11dac6) } -var fileDescriptor_policy_a15a519e01facaa9 = []byte{ - // 511 bytes of a gzipped FileDescriptorProto +var fileDescriptor_policy_8a3dd8540a11dac6 = []byte{ + // 537 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x54, 0x4d, 0x6f, 0xd3, 0x40, - 0x10, 0x55, 0x93, 0x00, 0xcd, 0x90, 0x38, 0xc5, 0xe5, 0xc3, 0xaa, 0x2a, 0x1a, 0xf6, 0x00, 0xb9, - 0x60, 0x8b, 0x20, 0xf5, 0x48, 0x45, 0x8b, 0x08, 0x12, 0x54, 0x42, 0x4b, 0x9b, 0x03, 0xb7, 0x8d, - 0x3d, 0x75, 0x17, 0x79, 0xbd, 0x8e, 0x77, 0x53, 0xd4, 0xff, 0xc5, 0x0f, 0x44, 0xbb, 0x76, 0xac, - 0x24, 0xaa, 0x2d, 0x85, 0x8a, 0x5b, 0xc6, 0x99, 0x37, 0xf3, 0xe6, 0xbd, 0x9d, 0x81, 0x93, 0x50, - 0x8a, 0x4c, 0xa6, 0x98, 0x6a, 0x15, 0xb0, 0x85, 0x96, 0x82, 0x69, 0x7c, 0x1b, 0x33, 0x8d, 0xbf, - 0xd9, 0x6d, 0xc0, 0x32, 0x1e, 0x70, 0x26, 0x82, 0x9b, 0xf1, 0x0c, 0x35, 0x0b, 0x72, 0x9c, 0x2f, - 0x50, 0xe9, 0x20, 0x93, 0x09, 0x0f, 0x6f, 0xfd, 0x2c, 0x97, 0x5a, 0xba, 0x87, 0xe1, 0x35, 0x5e, - 0xf9, 0x4b, 0xa8, 0xcf, 0x32, 0xee, 0x73, 0x26, 0xfc, 0x02, 0x72, 0xf0, 0x61, 0x8b, 0xf2, 0xa1, - 0x14, 0x42, 0xa6, 0x6b, 0xd5, 0xc9, 0x9f, 0x1d, 0x18, 0x9c, 0xe5, 0xc8, 0x34, 0x7e, 0xb7, 0x9f, - 0x29, 0xce, 0x5d, 0x07, 0x5a, 0x3c, 0xf2, 0x76, 0x86, 0x3b, 0xa3, 0x2e, 0x6d, 0xf1, 0xc8, 0x75, - 0xa1, 0x93, 0x32, 0x81, 0x5e, 0xcb, 0x7e, 0xb1, 0xbf, 0x5d, 0x0f, 0x1e, 0x09, 0x14, 0x33, 0xcc, - 0x95, 0xd7, 0x1e, 0xb6, 0x47, 0x5d, 0xba, 0x0c, 0xdd, 0x09, 0x80, 0xd2, 0x4c, 0xa3, 0x30, 0x9c, - 0xbc, 0xce, 0xb0, 0x3d, 0x7a, 0x3c, 0x7e, 0xe3, 0x37, 0x0d, 0xe1, 0xff, 0x58, 0xe6, 0xd3, 0x15, - 0xa8, 0x7b, 0x00, 0xbb, 0x59, 0x2e, 0x7f, 0x61, 0xa8, 0x95, 0xf7, 0xc0, 0xf6, 0xa8, 0x62, 0xf2, - 0x0a, 0x06, 0x9f, 0x30, 0xc1, 0x06, 0xd6, 0xe4, 0x09, 0x0c, 0xbe, 0x71, 0xa5, 0x6d, 0x02, 0x47, - 0x45, 0x71, 0x4e, 0x4e, 0x60, 0xff, 0x63, 0x14, 0x15, 0x90, 0xf3, 0x82, 0xee, 0x5d, 0xf3, 0xae, - 0xcc, 0xd6, 0x5a, 0x9b, 0x8d, 0xbc, 0x84, 0xde, 0x04, 0x75, 0x7d, 0x4f, 0xa3, 0xe6, 0x65, 0x16, - 0x35, 0xaa, 0x59, 0x5b, 0x7d, 0x43, 0xb9, 0xf6, 0xbf, 0x2b, 0xb7, 0x34, 0x6c, 0x77, 0xc5, 0xb0, - 0x55, 0x35, 0xbb, 0x1b, 0x6a, 0x7e, 0x01, 0xe7, 0x32, 0x8b, 0x73, 0x16, 0xe1, 0x85, 0x9c, 0x8e, - 0x0d, 0xe9, 0x63, 0xe8, 0x5c, 0x25, 0x2c, 0xb6, 0xb4, 0x9d, 0x31, 0x69, 0x26, 0xf1, 0x39, 0x61, - 0x31, 0xb5, 0xf9, 0xe4, 0x19, 0xec, 0x57, 0x02, 0x4d, 0x31, 0x57, 0x5c, 0xa6, 0x46, 0x78, 0x07, - 0x7a, 0x14, 0x15, 0xea, 0x0b, 0x39, 0x7d, 0x67, 0xe2, 0xd7, 0xf0, 0xb4, 0xf2, 0xa6, 0xc1, 0x09, - 0x72, 0x06, 0x2f, 0x28, 0x66, 0x09, 0x0b, 0xf1, 0x1e, 0xa6, 0x9d, 0xc2, 0x73, 0x8a, 0x42, 0xde, - 0xdc, 0xa7, 0x06, 0x87, 0x7e, 0xb1, 0x25, 0x54, 0x26, 0xb8, 0xc5, 0x8e, 0xb0, 0x50, 0x73, 0x99, - 0x56, 0x3b, 0x52, 0x86, 0x6b, 0x66, 0x74, 0x36, 0xcc, 0x38, 0x04, 0x98, 0xa0, 0xae, 0xe9, 0x43, - 0x8e, 0xa0, 0x5f, 0x3c, 0xfc, 0xba, 0x04, 0x0e, 0xfd, 0xe2, 0x05, 0xfe, 0x7f, 0xa6, 0x0e, 0xf4, - 0x8c, 0x8b, 0xa6, 0x91, 0x5d, 0xaf, 0x23, 0xe8, 0x1b, 0xf3, 0x8b, 0xbf, 0x9b, 0x56, 0xb2, 0x2c, - 0x60, 0x30, 0xc7, 0xb0, 0x57, 0x9e, 0x9f, 0x5a, 0xd8, 0x5d, 0x8c, 0x0d, 0xae, 0x5c, 0xb4, 0xed, - 0x70, 0x04, 0xf6, 0xca, 0xc3, 0x51, 0x8b, 0x3b, 0x3d, 0xff, 0xf9, 0x35, 0xe6, 0xfa, 0x7a, 0x31, - 0xf3, 0x43, 0x29, 0x02, 0xf3, 0xf4, 0xab, 0xd3, 0x1a, 0x6c, 0x7f, 0xcd, 0x67, 0x0f, 0xed, 0xa5, - 0x7d, 0xff, 0x37, 0x00, 0x00, 0xff, 0xff, 0xec, 0xda, 0xd7, 0xec, 0x0a, 0x06, 0x00, 0x00, + 0x10, 0x55, 0x93, 0x00, 0xc9, 0x90, 0x8f, 0xd6, 0xe1, 0xc3, 0xaa, 0x2a, 0x1a, 0x7c, 0x80, 0x5c, + 0xb0, 0x95, 0x20, 0xf5, 0x48, 0x45, 0x8b, 0xc8, 0x01, 0x2a, 0xa1, 0xa5, 0xcd, 0x81, 0x4b, 0xb5, + 0xb1, 0xa7, 0xee, 0x22, 0xaf, 0x77, 0x63, 0x6f, 0x02, 0xfd, 0x5f, 0xfc, 0x40, 0xb4, 0x6b, 0xc7, + 0x4a, 0xa2, 0xda, 0x52, 0xa8, 0xb8, 0x79, 0xed, 0x7d, 0x33, 0x6f, 0xde, 0xf3, 0x1b, 0x38, 0xf5, + 0x05, 0x97, 0x22, 0xc6, 0x58, 0xa5, 0x1e, 0x5d, 0x28, 0xc1, 0xa9, 0xc2, 0x77, 0x21, 0x55, 0xf8, + 0x8b, 0xde, 0x79, 0x54, 0x32, 0x8f, 0x51, 0xee, 0x2d, 0xc7, 0x33, 0x54, 0xd4, 0x4b, 0x70, 0xbe, + 0xc0, 0x54, 0x79, 0x52, 0x44, 0xcc, 0xbf, 0x73, 0x65, 0x22, 0x94, 0xb0, 0x8e, 0xfc, 0x5b, 0xbc, + 0x71, 0x57, 0x50, 0x97, 0x4a, 0xe6, 0x32, 0xca, 0xdd, 0x0c, 0x72, 0xf8, 0x61, 0x87, 0xf2, 0xbe, + 0xe0, 0x5c, 0xc4, 0x1b, 0xd5, 0x9d, 0x3f, 0x7b, 0xd0, 0x3b, 0x4f, 0x90, 0x2a, 0xfc, 0x66, 0x5e, + 0x13, 0x9c, 0x5b, 0x5d, 0xa8, 0xb1, 0xc0, 0xde, 0x1b, 0xec, 0x0d, 0x5b, 0xa4, 0xc6, 0x02, 0xcb, + 0x82, 0x46, 0x4c, 0x39, 0xda, 0x35, 0xf3, 0xc6, 0x3c, 0x5b, 0x36, 0x3c, 0xe1, 0xc8, 0x67, 0x98, + 0xa4, 0x76, 0x7d, 0x50, 0x1f, 0xb6, 0xc8, 0xea, 0x68, 0x4d, 0x00, 0x52, 0x45, 0x15, 0x72, 0xcd, + 0xc9, 0x6e, 0x0c, 0xea, 0xc3, 0xa7, 0xe3, 0xb7, 0x6e, 0xd5, 0x10, 0xee, 0xf7, 0xd5, 0x7d, 0xb2, + 0x06, 0xb5, 0x0e, 0xa1, 0x29, 0x13, 0xf1, 0x13, 0x7d, 0x95, 0xda, 0x8f, 0x4c, 0x8f, 0xe2, 0xec, + 0xbc, 0x86, 0xde, 0x27, 0x8c, 0xb0, 0x82, 0xb5, 0x73, 0x00, 0xbd, 0xaf, 0x2c, 0x55, 0xe6, 0x02, + 0xc3, 0x94, 0xe0, 0xdc, 0x39, 0x85, 0xfe, 0xc7, 0x20, 0xc8, 0x20, 0x17, 0x19, 0xdd, 0xfb, 0xe6, + 0x5d, 0x9b, 0xad, 0xb6, 0x31, 0x9b, 0xf3, 0x0a, 0xda, 0x13, 0x54, 0xe5, 0x3d, 0xb5, 0x9a, 0x57, + 0x32, 0xa8, 0x54, 0xb3, 0xb4, 0xfa, 0x96, 0x72, 0xf5, 0x7f, 0x57, 0x6e, 0x65, 0x58, 0x73, 0xcd, + 0xb0, 0x75, 0x35, 0x5b, 0x5b, 0x6a, 0xfe, 0x86, 0xee, 0x95, 0x0c, 0x13, 0x1a, 0xe0, 0xa5, 0x98, + 0x8e, 0x35, 0xe9, 0x13, 0x68, 0xdc, 0x44, 0x34, 0x34, 0xb4, 0xbb, 0x63, 0xa7, 0x9a, 0xc4, 0xe7, + 0x88, 0x86, 0xc4, 0xdc, 0xb7, 0x5c, 0xe8, 0x73, 0x16, 0x26, 0x54, 0xe1, 0xf5, 0x72, 0x74, 0x2d, + 0x73, 0xed, 0xcd, 0x9f, 0xd3, 0x24, 0x07, 0xf9, 0xa7, 0xe9, 0x68, 0x65, 0x8a, 0xf3, 0x1c, 0xfa, + 0x85, 0xa0, 0x53, 0x4c, 0x52, 0x26, 0x62, 0x6d, 0x54, 0x17, 0xda, 0x04, 0x53, 0x54, 0x97, 0x62, + 0x3a, 0xd2, 0xe7, 0x37, 0xf0, 0xac, 0xf0, 0xb2, 0xc2, 0x39, 0xe7, 0x1c, 0x5e, 0x12, 0x94, 0x11, + 0xf5, 0xf1, 0x01, 0x26, 0x9f, 0xc1, 0x0b, 0x82, 0x5c, 0x2c, 0x1f, 0x52, 0x83, 0x41, 0x27, 0x4b, + 0x15, 0x11, 0x11, 0xee, 0x90, 0x29, 0xea, 0x2b, 0x26, 0xe2, 0x22, 0x53, 0xf9, 0x71, 0xc3, 0xbc, + 0xc6, 0x96, 0x79, 0x47, 0x00, 0x13, 0x54, 0x25, 0x7d, 0x9c, 0x63, 0xe8, 0x64, 0x41, 0x29, 0xbb, + 0xc0, 0xa0, 0x93, 0xfd, 0xb1, 0xff, 0x9f, 0x69, 0x17, 0xda, 0xda, 0x45, 0xdd, 0xc8, 0xc4, 0xf1, + 0x18, 0x3a, 0xda, 0xfc, 0xec, 0x73, 0x55, 0x84, 0xf3, 0x02, 0x1a, 0x73, 0x02, 0xfb, 0xf9, 0xba, + 0x2a, 0x85, 0xdd, 0xc7, 0x58, 0xe3, 0xf2, 0x60, 0xee, 0x86, 0x73, 0x60, 0x3f, 0x5f, 0x34, 0xa5, + 0xb8, 0xb3, 0x8b, 0x1f, 0x5f, 0x42, 0xa6, 0x6e, 0x17, 0x33, 0xd7, 0x17, 0xdc, 0xd3, 0x51, 0x29, + 0x56, 0xb1, 0xb7, 0xfb, 0xf6, 0x9f, 0x3d, 0x36, 0x9b, 0xf9, 0xfd, 0xdf, 0x00, 0x00, 0x00, 0xff, + 0xff, 0x6f, 0x68, 0xe6, 0x47, 0x3a, 0x06, 0x00, 0x00, } From 1fee8f281c1a81b8e1b32c5709b6afd1d89a8a51 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:06:30 +0200 Subject: [PATCH 09/25] automate-cli/iam: set migrate_v1_policies according to provided flag Signed-off-by: Stephan Renatus --- .../automate-cli/cmd/chef-automate/iam.go | 28 ++++++++++--------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/components/automate-cli/cmd/chef-automate/iam.go b/components/automate-cli/cmd/chef-automate/iam.go index 3e83b8daeff..ff37a8fd2d1 100644 --- a/components/automate-cli/cmd/chef-automate/iam.go +++ b/components/automate-cli/cmd/chef-automate/iam.go @@ -158,18 +158,28 @@ const alreadyMigratedMessage = `You have already upgraded to IAM %s. Then re-run this command.` func runIAMUpgradeToV2Cmd(cmd *cobra.Command, args []string) error { + label := map[bool]string{ + true: "v2.1", + false: "v2", + } + + migrateV1Policies := !iamCmdFlags.skipLegacyUpgrade upgradeReq := &policies_req.UpgradeToV2Req{ - Flag: policies_common.Flag_VERSION_2_0, + Flag: policies_common.Flag_VERSION_2_0, + MigrateV1Policies: migrateV1Policies, } - isBetaVersion := iamCmdFlags.betaVersion + isBetaVersion := iamCmdFlags.betaVersion if isBetaVersion { upgradeReq.Flag = policies_common.Flag_VERSION_2_1 writer.Title("Enabling IAM v2.1") } else { writer.Title("Upgrading to IAM v2") } - writer.Println("Migrating v1 policies...") + + if migrateV1Policies { + writer.Println("Migrating v1 policies...") + } ctx := context.Background() apiClient, err := apiclient.OpenConnection(ctx) @@ -193,11 +203,7 @@ func runIAMUpgradeToV2Cmd(cmd *cobra.Command, args []string) error { return status.Wrap(err, status.IAMUpgradeV2DatabaseError, "Migration to IAM v2 already in progress") case codes.AlreadyExists: - if isBetaVersion { - writer.Failf(alreadyMigratedMessage, "v2.1") - } else { - writer.Failf(alreadyMigratedMessage, "v2") - } + writer.Failf(alreadyMigratedMessage, label[isBetaVersion]) return nil default: // something else: fail return status.Wrap(err, status.IAMUpgradeV2DatabaseError, @@ -227,10 +233,6 @@ func runIAMUpgradeToV2Cmd(cmd *cobra.Command, args []string) error { "Failed to migrate teams service") } - label := map[bool]string{ - true: "v2.1", - false: "v2", - } writer.Successf("Enabled IAM %s", label[isBetaVersion]) return nil } @@ -239,7 +241,7 @@ func outputReport(report string) { // if it's got ":" in it, split on the first parts := strings.SplitN(report, ":", 2) writer.Body(parts[0]) - if parts[1] != "" { + if len(parts) >= 2 { writer.Body(strings.TrimSpace(parts[1])) } } From 2861676d69f5a26e27535e05d32534460fc2b309 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:09:51 +0200 Subject: [PATCH 10/25] api/interservice/authz: add migrate_v1_policies to MigrateToV2Req Signed-off-by: Stephan Renatus --- api/interservice/authz/v2/policy.proto | 1 + 1 file changed, 1 insertion(+) diff --git a/api/interservice/authz/v2/policy.proto b/api/interservice/authz/v2/policy.proto index d114191e0a7..ebe8fc9de59 100644 --- a/api/interservice/authz/v2/policy.proto +++ b/api/interservice/authz/v2/policy.proto @@ -225,6 +225,7 @@ enum Flag { message MigrateToV2Req { Flag flag = 1; + bool migrate_v1_policies = 2; } message MigrateToV2Resp { repeated string reports = 1; From d0bedb781b5e74559fbe02de8983a93107d87409 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:11:19 +0200 Subject: [PATCH 11/25] api/interservice/authz: add migrate_v1_policies to MigrateToV2Req [protobuf] Signed-off-by: Stephan Renatus --- api/interservice/authz/v2/policy.pb.go | 286 +++++++++--------- .../authz/v2/policy.pb.validate.go | 2 + 2 files changed, 150 insertions(+), 138 deletions(-) diff --git a/api/interservice/authz/v2/policy.pb.go b/api/interservice/authz/v2/policy.pb.go index 6b1b692d599..75ffd36bcb2 100644 --- a/api/interservice/authz/v2/policy.pb.go +++ b/api/interservice/authz/v2/policy.pb.go @@ -44,7 +44,7 @@ func (x Flag) String() string { return proto.EnumName(Flag_name, int32(x)) } func (Flag) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{0} + return fileDescriptor_policy_dd71a1296131b8b5, []int{0} } type Statement_Effect int32 @@ -67,7 +67,7 @@ func (x Statement_Effect) String() string { return proto.EnumName(Statement_Effect_name, int32(x)) } func (Statement_Effect) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{5, 0} + return fileDescriptor_policy_dd71a1296131b8b5, []int{5, 0} } type Version_VersionNumber int32 @@ -93,7 +93,7 @@ func (x Version_VersionNumber) String() string { return proto.EnumName(Version_VersionNumber_name, int32(x)) } func (Version_VersionNumber) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{14, 0} + return fileDescriptor_policy_dd71a1296131b8b5, []int{14, 0} } type Policy struct { @@ -112,7 +112,7 @@ func (m *Policy) Reset() { *m = Policy{} } func (m *Policy) String() string { return proto.CompactTextString(m) } func (*Policy) ProtoMessage() {} func (*Policy) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{0} + return fileDescriptor_policy_dd71a1296131b8b5, []int{0} } func (m *Policy) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Policy.Unmarshal(m, b) @@ -189,7 +189,7 @@ func (m *Role) Reset() { *m = Role{} } func (m *Role) String() string { return proto.CompactTextString(m) } func (*Role) ProtoMessage() {} func (*Role) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{1} + return fileDescriptor_policy_dd71a1296131b8b5, []int{1} } func (m *Role) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Role.Unmarshal(m, b) @@ -259,7 +259,7 @@ func (m *CreatePolicyReq) Reset() { *m = CreatePolicyReq{} } func (m *CreatePolicyReq) String() string { return proto.CompactTextString(m) } func (*CreatePolicyReq) ProtoMessage() {} func (*CreatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{2} + return fileDescriptor_policy_dd71a1296131b8b5, []int{2} } func (m *CreatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreatePolicyReq.Unmarshal(m, b) @@ -325,7 +325,7 @@ func (m *DeletePolicyReq) Reset() { *m = DeletePolicyReq{} } func (m *DeletePolicyReq) String() string { return proto.CompactTextString(m) } func (*DeletePolicyReq) ProtoMessage() {} func (*DeletePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{3} + return fileDescriptor_policy_dd71a1296131b8b5, []int{3} } func (m *DeletePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyReq.Unmarshal(m, b) @@ -362,7 +362,7 @@ func (m *DeletePolicyResp) Reset() { *m = DeletePolicyResp{} } func (m *DeletePolicyResp) String() string { return proto.CompactTextString(m) } func (*DeletePolicyResp) ProtoMessage() {} func (*DeletePolicyResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{4} + return fileDescriptor_policy_dd71a1296131b8b5, []int{4} } func (m *DeletePolicyResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyResp.Unmarshal(m, b) @@ -400,7 +400,7 @@ func (m *Statement) Reset() { *m = Statement{} } func (m *Statement) String() string { return proto.CompactTextString(m) } func (*Statement) ProtoMessage() {} func (*Statement) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{5} + return fileDescriptor_policy_dd71a1296131b8b5, []int{5} } func (m *Statement) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Statement.Unmarshal(m, b) @@ -465,7 +465,7 @@ func (m *ListPoliciesReq) Reset() { *m = ListPoliciesReq{} } func (m *ListPoliciesReq) String() string { return proto.CompactTextString(m) } func (*ListPoliciesReq) ProtoMessage() {} func (*ListPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{6} + return fileDescriptor_policy_dd71a1296131b8b5, []int{6} } func (m *ListPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesReq.Unmarshal(m, b) @@ -496,7 +496,7 @@ func (m *ListPoliciesResp) Reset() { *m = ListPoliciesResp{} } func (m *ListPoliciesResp) String() string { return proto.CompactTextString(m) } func (*ListPoliciesResp) ProtoMessage() {} func (*ListPoliciesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{7} + return fileDescriptor_policy_dd71a1296131b8b5, []int{7} } func (m *ListPoliciesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesResp.Unmarshal(m, b) @@ -534,7 +534,7 @@ func (m *GetPolicyReq) Reset() { *m = GetPolicyReq{} } func (m *GetPolicyReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyReq) ProtoMessage() {} func (*GetPolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{8} + return fileDescriptor_policy_dd71a1296131b8b5, []int{8} } func (m *GetPolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyReq.Unmarshal(m, b) @@ -578,7 +578,7 @@ func (m *UpdatePolicyReq) Reset() { *m = UpdatePolicyReq{} } func (m *UpdatePolicyReq) String() string { return proto.CompactTextString(m) } func (*UpdatePolicyReq) ProtoMessage() {} func (*UpdatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{9} + return fileDescriptor_policy_dd71a1296131b8b5, []int{9} } func (m *UpdatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdatePolicyReq.Unmarshal(m, b) @@ -645,7 +645,7 @@ func (m *ReplacePolicyMembersReq) Reset() { *m = ReplacePolicyMembersReq func (m *ReplacePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersReq) ProtoMessage() {} func (*ReplacePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{10} + return fileDescriptor_policy_dd71a1296131b8b5, []int{10} } func (m *ReplacePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersReq.Unmarshal(m, b) @@ -690,7 +690,7 @@ func (m *ReplacePolicyMembersResp) Reset() { *m = ReplacePolicyMembersRe func (m *ReplacePolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersResp) ProtoMessage() {} func (*ReplacePolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{11} + return fileDescriptor_policy_dd71a1296131b8b5, []int{11} } func (m *ReplacePolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersResp.Unmarshal(m, b) @@ -729,7 +729,7 @@ func (m *AddPolicyMembersReq) Reset() { *m = AddPolicyMembersReq{} } func (m *AddPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersReq) ProtoMessage() {} func (*AddPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{12} + return fileDescriptor_policy_dd71a1296131b8b5, []int{12} } func (m *AddPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersReq.Unmarshal(m, b) @@ -774,7 +774,7 @@ func (m *AddPolicyMembersResp) Reset() { *m = AddPolicyMembersResp{} } func (m *AddPolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersResp) ProtoMessage() {} func (*AddPolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{13} + return fileDescriptor_policy_dd71a1296131b8b5, []int{13} } func (m *AddPolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersResp.Unmarshal(m, b) @@ -814,7 +814,7 @@ func (m *Version) Reset() { *m = Version{} } func (m *Version) String() string { return proto.CompactTextString(m) } func (*Version) ProtoMessage() {} func (*Version) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{14} + return fileDescriptor_policy_dd71a1296131b8b5, []int{14} } func (m *Version) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Version.Unmarshal(m, b) @@ -858,7 +858,7 @@ func (m *GetPolicyVersionReq) Reset() { *m = GetPolicyVersionReq{} } func (m *GetPolicyVersionReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionReq) ProtoMessage() {} func (*GetPolicyVersionReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{15} + return fileDescriptor_policy_dd71a1296131b8b5, []int{15} } func (m *GetPolicyVersionReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionReq.Unmarshal(m, b) @@ -889,7 +889,7 @@ func (m *GetPolicyVersionResp) Reset() { *m = GetPolicyVersionResp{} } func (m *GetPolicyVersionResp) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionResp) ProtoMessage() {} func (*GetPolicyVersionResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{16} + return fileDescriptor_policy_dd71a1296131b8b5, []int{16} } func (m *GetPolicyVersionResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionResp.Unmarshal(m, b) @@ -926,7 +926,7 @@ func (m *ListRolesReq) Reset() { *m = ListRolesReq{} } func (m *ListRolesReq) String() string { return proto.CompactTextString(m) } func (*ListRolesReq) ProtoMessage() {} func (*ListRolesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{17} + return fileDescriptor_policy_dd71a1296131b8b5, []int{17} } func (m *ListRolesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesReq.Unmarshal(m, b) @@ -957,7 +957,7 @@ func (m *ListRolesResp) Reset() { *m = ListRolesResp{} } func (m *ListRolesResp) String() string { return proto.CompactTextString(m) } func (*ListRolesResp) ProtoMessage() {} func (*ListRolesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{18} + return fileDescriptor_policy_dd71a1296131b8b5, []int{18} } func (m *ListRolesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesResp.Unmarshal(m, b) @@ -995,7 +995,7 @@ func (m *DeleteRoleReq) Reset() { *m = DeleteRoleReq{} } func (m *DeleteRoleReq) String() string { return proto.CompactTextString(m) } func (*DeleteRoleReq) ProtoMessage() {} func (*DeleteRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{19} + return fileDescriptor_policy_dd71a1296131b8b5, []int{19} } func (m *DeleteRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleReq.Unmarshal(m, b) @@ -1032,7 +1032,7 @@ func (m *DeleteRoleResp) Reset() { *m = DeleteRoleResp{} } func (m *DeleteRoleResp) String() string { return proto.CompactTextString(m) } func (*DeleteRoleResp) ProtoMessage() {} func (*DeleteRoleResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{20} + return fileDescriptor_policy_dd71a1296131b8b5, []int{20} } func (m *DeleteRoleResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleResp.Unmarshal(m, b) @@ -1066,7 +1066,7 @@ func (m *UpdateRoleReq) Reset() { *m = UpdateRoleReq{} } func (m *UpdateRoleReq) String() string { return proto.CompactTextString(m) } func (*UpdateRoleReq) ProtoMessage() {} func (*UpdateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{21} + return fileDescriptor_policy_dd71a1296131b8b5, []int{21} } func (m *UpdateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRoleReq.Unmarshal(m, b) @@ -1125,7 +1125,7 @@ func (m *ListPolicyMembersReq) Reset() { *m = ListPolicyMembersReq{} } func (m *ListPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersReq) ProtoMessage() {} func (*ListPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{22} + return fileDescriptor_policy_dd71a1296131b8b5, []int{22} } func (m *ListPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersReq.Unmarshal(m, b) @@ -1163,7 +1163,7 @@ func (m *ListPolicyMembersResp) Reset() { *m = ListPolicyMembersResp{} } func (m *ListPolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersResp) ProtoMessage() {} func (*ListPolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{23} + return fileDescriptor_policy_dd71a1296131b8b5, []int{23} } func (m *ListPolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersResp.Unmarshal(m, b) @@ -1202,7 +1202,7 @@ func (m *RemovePolicyMembersReq) Reset() { *m = RemovePolicyMembersReq{} func (m *RemovePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersReq) ProtoMessage() {} func (*RemovePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{24} + return fileDescriptor_policy_dd71a1296131b8b5, []int{24} } func (m *RemovePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersReq.Unmarshal(m, b) @@ -1247,7 +1247,7 @@ func (m *RemovePolicyMembersResp) Reset() { *m = RemovePolicyMembersResp func (m *RemovePolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersResp) ProtoMessage() {} func (*RemovePolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{25} + return fileDescriptor_policy_dd71a1296131b8b5, []int{25} } func (m *RemovePolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersResp.Unmarshal(m, b) @@ -1276,6 +1276,7 @@ func (m *RemovePolicyMembersResp) GetMembers() []string { type MigrateToV2Req struct { Flag Flag `protobuf:"varint,1,opt,name=flag,proto3,enum=chef.automate.domain.authz.v2.Flag" json:"flag,omitempty" toml:"flag,omitempty" mapstructure:"flag,omitempty"` + MigrateV1Policies bool `protobuf:"varint,2,opt,name=migrate_v1_policies,json=migrateV1Policies,proto3" json:"migrate_v1_policies,omitempty" toml:"migrate_v1_policies,omitempty" mapstructure:"migrate_v1_policies,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-" toml:"-" mapstructure:"-,omitempty"` XXX_unrecognized []byte `json:"-" toml:"-" mapstructure:"-,omitempty"` XXX_sizecache int32 `json:"-" toml:"-" mapstructure:"-,omitempty"` @@ -1285,7 +1286,7 @@ func (m *MigrateToV2Req) Reset() { *m = MigrateToV2Req{} } func (m *MigrateToV2Req) String() string { return proto.CompactTextString(m) } func (*MigrateToV2Req) ProtoMessage() {} func (*MigrateToV2Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{26} + return fileDescriptor_policy_dd71a1296131b8b5, []int{26} } func (m *MigrateToV2Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_MigrateToV2Req.Unmarshal(m, b) @@ -1312,6 +1313,13 @@ func (m *MigrateToV2Req) GetFlag() Flag { return Flag_VERSION_2_0 } +func (m *MigrateToV2Req) GetMigrateV1Policies() bool { + if m != nil { + return m.MigrateV1Policies + } + return false +} + type MigrateToV2Resp struct { Reports []string `protobuf:"bytes,1,rep,name=reports,proto3" json:"reports,omitempty" toml:"reports,omitempty" mapstructure:"reports,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-" toml:"-" mapstructure:"-,omitempty"` @@ -1323,7 +1331,7 @@ func (m *MigrateToV2Resp) Reset() { *m = MigrateToV2Resp{} } func (m *MigrateToV2Resp) String() string { return proto.CompactTextString(m) } func (*MigrateToV2Resp) ProtoMessage() {} func (*MigrateToV2Resp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{27} + return fileDescriptor_policy_dd71a1296131b8b5, []int{27} } func (m *MigrateToV2Resp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_MigrateToV2Resp.Unmarshal(m, b) @@ -1360,7 +1368,7 @@ func (m *ResetToV1Req) Reset() { *m = ResetToV1Req{} } func (m *ResetToV1Req) String() string { return proto.CompactTextString(m) } func (*ResetToV1Req) ProtoMessage() {} func (*ResetToV1Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{28} + return fileDescriptor_policy_dd71a1296131b8b5, []int{28} } func (m *ResetToV1Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Req.Unmarshal(m, b) @@ -1390,7 +1398,7 @@ func (m *ResetToV1Resp) Reset() { *m = ResetToV1Resp{} } func (m *ResetToV1Resp) String() string { return proto.CompactTextString(m) } func (*ResetToV1Resp) ProtoMessage() {} func (*ResetToV1Resp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{29} + return fileDescriptor_policy_dd71a1296131b8b5, []int{29} } func (m *ResetToV1Resp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Resp.Unmarshal(m, b) @@ -1421,7 +1429,7 @@ func (m *GetRoleReq) Reset() { *m = GetRoleReq{} } func (m *GetRoleReq) String() string { return proto.CompactTextString(m) } func (*GetRoleReq) ProtoMessage() {} func (*GetRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{30} + return fileDescriptor_policy_dd71a1296131b8b5, []int{30} } func (m *GetRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetRoleReq.Unmarshal(m, b) @@ -1462,7 +1470,7 @@ func (m *CreateRoleReq) Reset() { *m = CreateRoleReq{} } func (m *CreateRoleReq) String() string { return proto.CompactTextString(m) } func (*CreateRoleReq) ProtoMessage() {} func (*CreateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{31} + return fileDescriptor_policy_dd71a1296131b8b5, []int{31} } func (m *CreateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRoleReq.Unmarshal(m, b) @@ -1523,7 +1531,7 @@ func (m *PurgeSubjectFromPoliciesReq) Reset() { *m = PurgeSubjectFromPol func (m *PurgeSubjectFromPoliciesReq) String() string { return proto.CompactTextString(m) } func (*PurgeSubjectFromPoliciesReq) ProtoMessage() {} func (*PurgeSubjectFromPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{32} + return fileDescriptor_policy_dd71a1296131b8b5, []int{32} } func (m *PurgeSubjectFromPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PurgeSubjectFromPoliciesReq.Unmarshal(m, b) @@ -1561,7 +1569,7 @@ func (m *PurgeSubjectFromPoliciesResp) Reset() { *m = PurgeSubjectFromPo func (m *PurgeSubjectFromPoliciesResp) String() string { return proto.CompactTextString(m) } func (*PurgeSubjectFromPoliciesResp) ProtoMessage() {} func (*PurgeSubjectFromPoliciesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_e6568c44066cf9fd, []int{33} + return fileDescriptor_policy_dd71a1296131b8b5, []int{33} } func (m *PurgeSubjectFromPoliciesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PurgeSubjectFromPoliciesResp.Unmarshal(m, b) @@ -2262,109 +2270,111 @@ var _Policies_serviceDesc = grpc.ServiceDesc{ } func init() { - proto.RegisterFile("api/interservice/authz/v2/policy.proto", fileDescriptor_policy_e6568c44066cf9fd) + proto.RegisterFile("api/interservice/authz/v2/policy.proto", fileDescriptor_policy_dd71a1296131b8b5) } -var fileDescriptor_policy_e6568c44066cf9fd = []byte{ - // 1597 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdb, 0x6f, 0x1b, 0x45, - 0x17, 0xcf, 0xd8, 0x9b, 0x8b, 0x4f, 0x6e, 0xee, 0x24, 0x6d, 0xf7, 0xdb, 0xaf, 0xd1, 0x97, 0x6f, - 0x09, 0xc5, 0x76, 0x63, 0x3b, 0xd9, 0x84, 0x5e, 0x5c, 0x55, 0x21, 0xa1, 0x17, 0x5a, 0xf5, 0xa6, - 0x4d, 0x1a, 0xa0, 0xa9, 0x53, 0x6d, 0xec, 0x89, 0xb3, 0xed, 0xda, 0xbb, 0xd9, 0x5d, 0x47, 0x6a, +var fileDescriptor_policy_dd71a1296131b8b5 = []byte{ + // 1622 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdb, 0x6f, 0x1b, 0xc5, + 0x1a, 0xcf, 0xd8, 0xce, 0xc5, 0x5f, 0x6e, 0xce, 0x24, 0x6d, 0xf7, 0xf8, 0x34, 0x3a, 0x39, 0x7b, + 0x72, 0x8a, 0xed, 0xc6, 0x76, 0xbc, 0x09, 0xbd, 0xb8, 0xaa, 0x42, 0x42, 0x2f, 0x50, 0xf5, 0xa6, + 0x4d, 0x1a, 0xa0, 0xa9, 0x13, 0x6d, 0xec, 0x89, 0xb3, 0xed, 0xda, 0xbb, 0xd9, 0x5d, 0x47, 0x4a, 0x71, 0x25, 0x90, 0x00, 0x89, 0x07, 0x24, 0x08, 0x20, 0x2e, 0x82, 0x17, 0x24, 0x54, 0x09, 0x09, 0x1e, 0x78, 0x40, 0x08, 0x81, 0xc4, 0x33, 0xff, 0x00, 0xfc, 0x03, 0x3c, 0xf0, 0x07, 0xf0, 0x8e, - 0x66, 0x76, 0x6d, 0xef, 0x3a, 0x76, 0xd6, 0x76, 0x01, 0x09, 0xca, 0x93, 0x77, 0x26, 0xf3, 0x3b, - 0x33, 0xe7, 0xf6, 0x3b, 0x67, 0x26, 0x70, 0x54, 0x31, 0xd4, 0xb4, 0x5a, 0xb2, 0x89, 0x69, 0x11, - 0x73, 0x47, 0xcd, 0x91, 0xb4, 0x52, 0xb6, 0xb7, 0xee, 0xa7, 0x77, 0xa4, 0xb4, 0xa1, 0x6b, 0x6a, - 0xee, 0x5e, 0xca, 0x30, 0x75, 0x5b, 0xc7, 0x13, 0xb9, 0x2d, 0xb2, 0x99, 0x52, 0xca, 0xb6, 0x5e, - 0x54, 0x6c, 0x92, 0xca, 0xeb, 0x45, 0x45, 0x2d, 0xa5, 0xd8, 0xda, 0xd4, 0x8e, 0x24, 0x1c, 0xde, - 0x51, 0x34, 0x35, 0xaf, 0xd8, 0x24, 0x5d, 0xfd, 0x70, 0x70, 0xc2, 0x54, 0x6b, 0xf9, 0xf6, 0x3d, - 0xc3, 0x5d, 0x25, 0xfe, 0x82, 0xa0, 0xef, 0x3a, 0xdb, 0x0e, 0x63, 0xe0, 0x4a, 0x4a, 0x91, 0xf0, - 0x68, 0x12, 0xc5, 0x22, 0x32, 0xfb, 0xc6, 0x23, 0x10, 0x52, 0xf3, 0x7c, 0x88, 0xcd, 0x84, 0xd4, - 0x3c, 0x3e, 0x01, 0x1c, 0x05, 0xf3, 0xe1, 0x49, 0x14, 0x1b, 0x91, 0x9e, 0x48, 0xed, 0x7b, 0xb6, - 0xd4, 0xca, 0x3d, 0x83, 0xc8, 0x0c, 0x80, 0x79, 0xe8, 0x2f, 0x92, 0xe2, 0x06, 0x31, 0x2d, 0x9e, - 0x9b, 0x0c, 0xc7, 0x22, 0x72, 0x75, 0x88, 0x9f, 0x03, 0xb0, 0x6c, 0xc5, 0x26, 0x45, 0x52, 0xb2, - 0x2d, 0xbe, 0x77, 0x32, 0x1c, 0x1b, 0x94, 0x62, 0x01, 0x82, 0x97, 0xab, 0x00, 0xd9, 0x83, 0xc5, - 0x02, 0x0c, 0x18, 0xa6, 0x7e, 0x87, 0xe4, 0x6c, 0x8b, 0xef, 0x63, 0x9b, 0xd4, 0xc6, 0xe2, 0x87, - 0x08, 0x38, 0x59, 0xd7, 0xc8, 0x9f, 0xae, 0xa5, 0x92, 0xb3, 0x55, 0xbd, 0x54, 0xd3, 0xd2, 0x1d, - 0xfa, 0xce, 0xd6, 0xdb, 0x70, 0xb6, 0xcf, 0xc2, 0x30, 0xfa, 0xac, 0x49, 0x14, 0x9b, 0x38, 0x9e, - 0x90, 0xc9, 0x36, 0x4e, 0xb0, 0x23, 0xb1, 0x43, 0x2e, 0x09, 0xdf, 0xfe, 0xfa, 0x43, 0xf8, 0xa0, - 0x39, 0x26, 0x1d, 0x58, 0x5f, 0x53, 0x92, 0xf7, 0x67, 0x92, 0xa7, 0x92, 0xd9, 0x97, 0x66, 0xa7, - 0x8f, 0xcf, 0x3f, 0x98, 0x62, 0xc7, 0x9d, 0x70, 0x55, 0x62, 0x0a, 0x2c, 0x45, 0xe8, 0x6a, 0xce, - 0x0c, 0x45, 0x91, 0xab, 0xdd, 0xf7, 0xa8, 0x6e, 0xfb, 0x30, 0xdd, 0x7a, 0xe9, 0x53, 0x44, 0xd7, - 0x7c, 0x8c, 0x76, 0xd1, 0x07, 0x88, 0x47, 0xe2, 0x3b, 0xc8, 0x7c, 0x0b, 0x49, 0x6f, 0xa2, 0xf5, - 0xd8, 0x42, 0xc6, 0x26, 0x4a, 0xb1, 0x52, 0xb6, 0x88, 0x19, 0xcf, 0xc4, 0x16, 0x32, 0x9a, 0x9e, - 0x53, 0xb4, 0x8a, 0x96, 0x57, 0x8c, 0x8a, 0xa5, 0x14, 0x35, 0x36, 0xb7, 0xb6, 0x9e, 0x49, 0x64, - 0x8f, 0x55, 0xd6, 0x12, 0xd9, 0xf8, 0x54, 0x85, 0x42, 0xbc, 0xa8, 0x8a, 0xad, 0xdf, 0x25, 0xa5, - 0x8a, 0xad, 0x59, 0xf1, 0x4c, 0x7c, 0x61, 0x2d, 0x91, 0x9d, 0xaa, 0xac, 0xb3, 0x29, 0x17, 0x46, - 0x87, 0x9a, 0x95, 0x71, 0x23, 0xb2, 0x2e, 0x2e, 0x13, 0x5f, 0x68, 0x10, 0xdd, 0x2a, 0x40, 0xb8, - 0x47, 0x08, 0x90, 0x33, 0x8d, 0x4e, 0x58, 0xfa, 0x3f, 0x35, 0xc4, 0x91, 0x5d, 0xf4, 0x1f, 0x1e, - 0x89, 0x2d, 0x2c, 0x5c, 0xf7, 0xd3, 0x19, 0x18, 0x3d, 0x4b, 0x34, 0xd2, 0xa5, 0x9b, 0x44, 0x0c, - 0x51, 0x3f, 0xdc, 0x32, 0xc4, 0x2f, 0x39, 0x88, 0xd4, 0xce, 0x8a, 0x2f, 0x40, 0x1f, 0xd9, 0xdc, - 0x24, 0x39, 0x9b, 0x49, 0x1c, 0x91, 0xd2, 0xed, 0x6a, 0x99, 0x3a, 0xc7, 0x60, 0xb2, 0x0b, 0xc7, - 0xab, 0x10, 0x31, 0x89, 0xa5, 0x97, 0xcd, 0x1c, 0xb1, 0xf8, 0x10, 0xd3, 0xf4, 0x24, 0x3d, 0xdd, - 0xdc, 0x2e, 0x9a, 0xe1, 0x91, 0x38, 0x6d, 0x26, 0xa4, 0x18, 0x3b, 0x64, 0x96, 0x99, 0x3c, 0x11, - 0x5b, 0xc8, 0xb8, 0xc6, 0x8f, 0x3b, 0xdf, 0x89, 0x6c, 0x7c, 0x61, 0xaa, 0xb2, 0x4e, 0x1d, 0x28, - 0xd7, 0x45, 0xe1, 0x9f, 0x50, 0x3d, 0xc0, 0x9d, 0x50, 0xfa, 0x8e, 0x85, 0xd2, 0xd7, 0x68, 0x17, - 0x7d, 0x45, 0x43, 0xe9, 0x0b, 0x64, 0x7e, 0x8e, 0xa4, 0x87, 0x68, 0xdd, 0x71, 0xfd, 0x5a, 0x22, - 0x9b, 0x71, 0xb6, 0x49, 0x2a, 0xc9, 0xfb, 0x8b, 0xc9, 0x9b, 0xd9, 0x04, 0x9d, 0x65, 0x33, 0xd5, - 0x89, 0xcc, 0xbe, 0xc3, 0x26, 0xcb, 0x1d, 0xc9, 0x7b, 0x26, 0x83, 0x81, 0x7b, 0xe5, 0xd4, 0xf3, - 0x73, 0x16, 0x38, 0x53, 0xd7, 0x08, 0xcf, 0x31, 0x57, 0x4e, 0x50, 0xa5, 0x78, 0xf3, 0x90, 0x34, - 0xbe, 0xee, 0xca, 0xf1, 0x79, 0x93, 0x2d, 0xc5, 0x2b, 0x7b, 0xa2, 0xa9, 0x89, 0x8d, 0xd9, 0x61, - 0x6f, 0xc5, 0xca, 0x25, 0xc5, 0xb2, 0xd4, 0x42, 0x89, 0xe4, 0x6f, 0xc5, 0x9b, 0x49, 0xac, 0x07, - 0xd9, 0x04, 0xf4, 0x39, 0xce, 0xc4, 0x11, 0xe8, 0x5d, 0xbc, 0x7c, 0xf9, 0xda, 0xf3, 0xd1, 0x1e, - 0x3c, 0x00, 0xdc, 0xd9, 0x73, 0x57, 0x5f, 0x8c, 0x22, 0xf1, 0x00, 0x8c, 0x5e, 0x56, 0x2d, 0x9b, - 0x85, 0x90, 0x4a, 0x2c, 0x99, 0x6c, 0x8b, 0x37, 0x20, 0xea, 0x9f, 0xb2, 0x0c, 0xbc, 0x08, 0x03, - 0x86, 0x3b, 0xe6, 0x11, 0xcb, 0x98, 0x27, 0x03, 0x62, 0xc9, 0x0d, 0xca, 0x1a, 0x4c, 0xcc, 0xc0, - 0xd0, 0x05, 0x62, 0x77, 0x17, 0xea, 0x1f, 0x85, 0x61, 0xf4, 0x86, 0x91, 0xef, 0x9a, 0xd1, 0xbc, - 0x94, 0x15, 0xfa, 0xdb, 0x53, 0x56, 0xf8, 0x11, 0x28, 0xab, 0x5a, 0xae, 0x06, 0x3c, 0xe5, 0xca, - 0x4b, 0x63, 0x91, 0xce, 0x69, 0xec, 0xb5, 0x10, 0x1c, 0x96, 0x89, 0xa1, 0x29, 0x39, 0xd7, 0x3b, - 0x57, 0x9c, 0x53, 0x3f, 0x66, 0x4e, 0x12, 0xe7, 0x81, 0x6f, 0x6e, 0x06, 0xcb, 0xf0, 0xb6, 0x2b, - 0xc8, 0xd7, 0xae, 0x88, 0xaf, 0x84, 0x60, 0x6c, 0x31, 0x9f, 0x7f, 0xac, 0x2d, 0x37, 0x03, 0xe3, - 0x7b, 0x4d, 0xe0, 0xb7, 0x5a, 0xc8, 0x6f, 0xb5, 0x1f, 0x11, 0xf4, 0xaf, 0x12, 0xd3, 0x52, 0xf5, - 0x12, 0xbe, 0x04, 0xbd, 0x45, 0xe5, 0x8e, 0x6e, 0xba, 0x45, 0x6e, 0x3e, 0x20, 0x2f, 0x5c, 0x58, - 0xf5, 0xf7, 0x6a, 0x99, 0x4a, 0x94, 0x1d, 0x11, 0x4c, 0x96, 0x5a, 0xd2, 0x4d, 0xd6, 0xfb, 0x74, - 0x2f, 0x8b, 0x8a, 0x10, 0x9f, 0x82, 0x61, 0xdf, 0x3c, 0xee, 0x83, 0xd0, 0xea, 0x4c, 0xb4, 0x87, - 0xfd, 0xce, 0x46, 0x11, 0xfb, 0x95, 0xa2, 0x21, 0xf1, 0x20, 0x8c, 0xd5, 0x98, 0xd1, 0x45, 0x50, - 0x1e, 0x7e, 0x01, 0xc6, 0xf7, 0x4e, 0x5b, 0x06, 0x7e, 0x06, 0xfa, 0x77, 0x9c, 0x21, 0xd3, 0x78, - 0x50, 0x3a, 0xda, 0xde, 0x29, 0xe5, 0x2a, 0x4c, 0x1c, 0x81, 0x21, 0xca, 0xf0, 0xb4, 0x7f, 0x65, - 0x8c, 0x7f, 0x09, 0x86, 0x3d, 0x63, 0xcb, 0xc0, 0xa7, 0xa0, 0x97, 0x96, 0xa4, 0x2a, 0xd7, 0x07, - 0x75, 0xac, 0x14, 0x28, 0x3b, 0x08, 0xf1, 0x34, 0x0c, 0x3b, 0x5d, 0x09, 0x9b, 0xec, 0x90, 0xe7, - 0xa3, 0x30, 0xe2, 0x05, 0x5b, 0x86, 0xf8, 0x5b, 0x08, 0x86, 0x1d, 0xe6, 0xef, 0x42, 0x1e, 0xfe, - 0x9f, 0xaf, 0x93, 0x1d, 0xa4, 0xab, 0xfb, 0x4c, 0x4e, 0x0a, 0xdd, 0x5a, 0x76, 0xa9, 0xef, 0x9f, - 0xdb, 0x80, 0x78, 0x49, 0x9d, 0xeb, 0x9c, 0xd4, 0x97, 0x60, 0xbc, 0xd6, 0x04, 0x74, 0x49, 0x4b, - 0xe2, 0x2c, 0x1c, 0x6c, 0x22, 0x63, 0x5f, 0x36, 0x7c, 0x35, 0x04, 0x87, 0x64, 0x52, 0xd4, 0x77, - 0x1e, 0xef, 0x52, 0x32, 0x47, 0x2b, 0x6a, 0x13, 0x2b, 0xec, 0xcb, 0x89, 0x17, 0x61, 0xe4, 0x8a, - 0x5a, 0x30, 0x15, 0x9b, 0xac, 0xe8, 0xab, 0x12, 0x35, 0xd9, 0x09, 0xe0, 0x36, 0x35, 0xa5, 0xe0, - 0x12, 0x63, 0x50, 0x16, 0x9f, 0xd7, 0x94, 0x82, 0xcc, 0x00, 0xe2, 0x31, 0x18, 0xf5, 0x89, 0x72, - 0xf6, 0x35, 0x89, 0xa1, 0x9b, 0x76, 0xcd, 0x67, 0xee, 0x90, 0xb2, 0x89, 0x4c, 0x2c, 0x62, 0xaf, - 0xe8, 0xab, 0xb3, 0x94, 0x4d, 0x46, 0x61, 0xd8, 0x33, 0xb6, 0x0c, 0xf1, 0x24, 0xc0, 0x05, 0x62, - 0x77, 0xc3, 0x07, 0x34, 0xfb, 0x9d, 0x9b, 0xec, 0xbf, 0xd9, 0xff, 0x57, 0x66, 0xff, 0xcf, 0x08, - 0xfe, 0x7b, 0xbd, 0x6c, 0x16, 0xc8, 0x72, 0x79, 0x83, 0xce, 0x9c, 0x37, 0xf5, 0xa2, 0xe7, 0x8a, - 0x80, 0xbf, 0x41, 0xd0, 0x6f, 0x39, 0x7f, 0x72, 0x7d, 0xf1, 0x09, 0x33, 0xdc, 0xfb, 0xc8, 0x7c, - 0x17, 0x49, 0x6f, 0xff, 0x81, 0x69, 0xe5, 0xa6, 0xcd, 0xa3, 0xa7, 0x96, 0x7b, 0x5c, 0x71, 0x06, - 0x8e, 0xb4, 0xd6, 0xcc, 0x32, 0x70, 0x14, 0xc2, 0x6a, 0xbe, 0x1a, 0xe3, 0xf4, 0x33, 0x11, 0x03, - 0x8e, 0xa6, 0x06, 0x1e, 0x85, 0xc1, 0xd5, 0x73, 0xf2, 0xf2, 0xc5, 0x6b, 0x57, 0x6f, 0x4b, 0xb7, - 0x69, 0x1d, 0xf7, 0x4d, 0xcc, 0x46, 0x91, 0xf4, 0x30, 0x0a, 0x03, 0x55, 0x61, 0xf8, 0x0d, 0x04, - 0xe3, 0xcd, 0xfa, 0x41, 0x7c, 0x3c, 0xa8, 0x9a, 0x36, 0xef, 0xa5, 0x85, 0x13, 0x5d, 0xe1, 0x2c, - 0x43, 0xec, 0xc1, 0x05, 0x18, 0xf2, 0x3e, 0x08, 0xe1, 0x54, 0x80, 0xa8, 0x86, 0xd7, 0x23, 0xa1, - 0xbd, 0xcb, 0x9e, 0xd8, 0x83, 0xb7, 0x61, 0xc8, 0xfb, 0x26, 0x11, 0xb8, 0x51, 0xc3, 0xfb, 0x87, - 0x90, 0xee, 0x68, 0x3d, 0xd3, 0x6d, 0xdb, 0x69, 0x66, 0x6a, 0x76, 0x0f, 0xda, 0xb2, 0xe1, 0xba, - 0x1b, 0xb8, 0x65, 0xe3, 0x5d, 0x58, 0xec, 0xc1, 0x0a, 0x44, 0x6a, 0x9d, 0x19, 0x3e, 0x16, 0x80, - 0xf7, 0x5e, 0x7a, 0xdb, 0x37, 0x64, 0x01, 0x86, 0xbc, 0x17, 0xde, 0x40, 0xad, 0x1a, 0x6e, 0xc7, - 0xed, 0x6f, 0x54, 0x82, 0x41, 0x0f, 0xd5, 0xe3, 0x64, 0x00, 0xce, 0x5f, 0x61, 0x84, 0x54, 0x27, - 0xcb, 0x99, 0xed, 0x1e, 0x40, 0xb4, 0xb1, 0xab, 0xc5, 0x52, 0xbb, 0x26, 0xac, 0x77, 0xc7, 0xc2, - 0x5c, 0xc7, 0x18, 0xb6, 0xfd, 0x16, 0x44, 0x6a, 0xc5, 0x29, 0xd0, 0x75, 0xde, 0xb2, 0x26, 0x4c, - 0xb7, 0xbf, 0xd8, 0x0d, 0x12, 0xa8, 0x97, 0x2e, 0x3c, 0xdd, 0x56, 0xc6, 0xb9, 0x55, 0x4e, 0x68, - 0xa7, 0xe1, 0x76, 0x94, 0xa9, 0xf5, 0xed, 0x81, 0xca, 0x78, 0x3b, 0xfe, 0x40, 0x65, 0x7c, 0xd7, - 0x01, 0xb1, 0x07, 0xaf, 0x41, 0xbf, 0x5b, 0xc2, 0x71, 0x3c, 0xd8, 0xf0, 0x1d, 0xaa, 0x71, 0x17, - 0xa0, 0xde, 0xf5, 0x07, 0x5a, 0xca, 0x77, 0xbb, 0x10, 0x92, 0x1d, 0xac, 0xae, 0xba, 0xa5, 0x7e, - 0x9f, 0x08, 0xdc, 0xcc, 0x77, 0xf5, 0x68, 0x57, 0x9f, 0x97, 0x11, 0x1c, 0xd8, 0xd3, 0xf8, 0xe2, - 0xb9, 0x76, 0x79, 0xc6, 0xcb, 0xf9, 0xf3, 0x9d, 0x83, 0x98, 0x96, 0xaf, 0x23, 0x18, 0x6b, 0xd2, - 0x41, 0xe2, 0xa7, 0x03, 0x83, 0xb8, 0x59, 0xef, 0x2d, 0x1c, 0xef, 0x06, 0x56, 0x4d, 0xf7, 0xc6, - 0xab, 0x7d, 0x60, 0xba, 0x37, 0x79, 0x0e, 0x09, 0x4c, 0xf7, 0x66, 0xef, 0x07, 0x62, 0x0f, 0x7e, - 0x0f, 0x01, 0xdf, 0xaa, 0xdc, 0xe3, 0x4c, 0x10, 0x47, 0xb6, 0xee, 0x80, 0x84, 0xd3, 0x5d, 0x63, - 0xe9, 0xb9, 0x96, 0xe6, 0x6f, 0x4a, 0x05, 0xd5, 0xde, 0x2a, 0x6f, 0xa4, 0x72, 0x7a, 0x31, 0x4d, - 0x45, 0xa5, 0xab, 0xa2, 0xd2, 0x2d, 0xff, 0xcf, 0xb6, 0xd1, 0xc7, 0xfe, 0xc7, 0x36, 0xf7, 0x7b, - 0x00, 0x00, 0x00, 0xff, 0xff, 0xe2, 0x7f, 0xe5, 0x95, 0xeb, 0x1b, 0x00, 0x00, + 0x66, 0x76, 0xd7, 0xde, 0x75, 0xec, 0xac, 0xed, 0x02, 0x12, 0x94, 0x27, 0xef, 0x4c, 0xe6, 0xf7, + 0xcd, 0x77, 0x9b, 0xdf, 0xf7, 0xcd, 0x04, 0x4e, 0x48, 0x9a, 0x9c, 0x96, 0xcb, 0x26, 0xd1, 0x0d, + 0xa2, 0xef, 0xca, 0x79, 0x92, 0x96, 0x2a, 0xe6, 0xf6, 0xfd, 0xf4, 0xae, 0x90, 0xd6, 0x54, 0x45, + 0xce, 0xef, 0xa5, 0x34, 0x5d, 0x35, 0x55, 0x3c, 0x99, 0xdf, 0x26, 0x5b, 0x29, 0xa9, 0x62, 0xaa, + 0x25, 0xc9, 0x24, 0xa9, 0x82, 0x5a, 0x92, 0xe4, 0x72, 0x8a, 0xad, 0x4d, 0xed, 0x0a, 0xd1, 0x63, + 0xbb, 0x92, 0x22, 0x17, 0x24, 0x93, 0xa4, 0x9d, 0x0f, 0x0b, 0x17, 0x9d, 0x6e, 0x2d, 0xdf, 0xdc, + 0xd3, 0xec, 0x55, 0xfc, 0xcf, 0x08, 0xfa, 0x6e, 0xb2, 0xed, 0x30, 0x86, 0x50, 0x59, 0x2a, 0x11, + 0x0e, 0x4d, 0xa1, 0x58, 0x58, 0x64, 0xdf, 0x78, 0x04, 0x02, 0x72, 0x81, 0x0b, 0xb0, 0x99, 0x80, + 0x5c, 0xc0, 0xa7, 0x21, 0x44, 0xc1, 0x5c, 0x70, 0x0a, 0xc5, 0x46, 0x84, 0xff, 0xa5, 0x0e, 0xd5, + 0x2d, 0xb5, 0xb2, 0xa7, 0x11, 0x91, 0x01, 0x30, 0x07, 0xfd, 0x25, 0x52, 0xda, 0x24, 0xba, 0xc1, + 0x85, 0xa6, 0x82, 0xb1, 0xb0, 0xe8, 0x0c, 0xf1, 0x33, 0x00, 0x86, 0x29, 0x99, 0xa4, 0x44, 0xca, + 0xa6, 0xc1, 0xf5, 0x4e, 0x05, 0x63, 0x83, 0x42, 0xcc, 0x47, 0xf0, 0xb2, 0x03, 0x10, 0x5d, 0x58, + 0x1c, 0x85, 0x01, 0x4d, 0x57, 0xef, 0x92, 0xbc, 0x69, 0x70, 0x7d, 0x6c, 0x93, 0xda, 0x98, 0xff, + 0x00, 0x41, 0x48, 0x54, 0x15, 0xf2, 0x87, 0x5b, 0x29, 0xe5, 0x4d, 0x59, 0x2d, 0xd7, 0xac, 0xb4, + 0x87, 0x1e, 0xdd, 0x7a, 0x1b, 0x74, 0xfb, 0x34, 0x08, 0xa3, 0x4f, 0xeb, 0x44, 0x32, 0x89, 0x15, + 0x09, 0x91, 0xec, 0xe0, 0x04, 0x53, 0x89, 0x29, 0xb9, 0x14, 0xfd, 0xe6, 0x97, 0xef, 0x83, 0x47, + 0xf4, 0x71, 0x61, 0x6c, 0x7d, 0x4d, 0x4a, 0xde, 0x9f, 0x4d, 0x9e, 0x4d, 0xe6, 0x5e, 0xcc, 0xcc, + 0x9c, 0x9a, 0x7f, 0x30, 0xcd, 0xd4, 0x9d, 0xb4, 0x4d, 0x62, 0x06, 0x2c, 0x85, 0xe9, 0xea, 0x90, + 0x1e, 0x88, 0x20, 0xdb, 0xba, 0xef, 0x50, 0xdd, 0xf7, 0x41, 0xba, 0xf5, 0xd2, 0x27, 0x88, 0xae, + 0xf9, 0x08, 0xed, 0xa3, 0xf7, 0x11, 0x87, 0xf8, 0xb7, 0x91, 0xfe, 0x26, 0x12, 0xde, 0x40, 0xeb, + 0xb1, 0x85, 0xac, 0x49, 0xa4, 0x52, 0xb5, 0x62, 0x10, 0x3d, 0x9e, 0x8d, 0x2d, 0x64, 0x15, 0x35, + 0x2f, 0x29, 0x55, 0xa5, 0x20, 0x69, 0x55, 0x43, 0x2a, 0x29, 0x6c, 0x6e, 0x6d, 0x3d, 0x9b, 0xc8, + 0x9d, 0xac, 0xae, 0x25, 0x72, 0xf1, 0xe9, 0x2a, 0x85, 0xb8, 0x51, 0x55, 0x53, 0xbd, 0x47, 0xca, + 0x55, 0x53, 0x31, 0xe2, 0xd9, 0xf8, 0xc2, 0x5a, 0x22, 0x37, 0x5d, 0x5d, 0x67, 0x53, 0x36, 0x8c, + 0x0e, 0x15, 0x23, 0x6b, 0x67, 0x64, 0x5d, 0x5c, 0x36, 0xbe, 0xd0, 0x20, 0xba, 0x55, 0x82, 0x84, + 0x1e, 0x21, 0x41, 0xce, 0x37, 0x06, 0x61, 0xe9, 0xbf, 0xd4, 0x11, 0xc7, 0xf7, 0xd1, 0xbf, 0x38, + 0xc4, 0xb7, 0xf0, 0x70, 0x3d, 0x4e, 0xe7, 0x61, 0xf4, 0x02, 0x51, 0x48, 0x97, 0x61, 0xe2, 0x31, + 0x44, 0xbc, 0x70, 0x43, 0xe3, 0xbf, 0x08, 0x41, 0xb8, 0xa6, 0x2b, 0xbe, 0x0c, 0x7d, 0x64, 0x6b, + 0x8b, 0xe4, 0x4d, 0x26, 0x71, 0x44, 0x48, 0xb7, 0x6b, 0x65, 0xea, 0x22, 0x83, 0x89, 0x36, 0x1c, + 0xaf, 0x42, 0x58, 0x27, 0x86, 0x5a, 0xd1, 0xf3, 0xc4, 0xe0, 0x02, 0xcc, 0xd2, 0x33, 0x54, 0xbb, + 0xb9, 0x7d, 0x34, 0xcb, 0x21, 0x7e, 0x46, 0x4f, 0x08, 0x31, 0xa6, 0x64, 0x8e, 0xb9, 0x3c, 0x11, + 0x5b, 0xc8, 0xda, 0xce, 0x8f, 0x5b, 0xdf, 0x89, 0x5c, 0x7c, 0x61, 0xba, 0xba, 0x4e, 0x03, 0x28, + 0xd6, 0x45, 0xe1, 0x1f, 0x51, 0x3d, 0xc1, 0xad, 0x54, 0xfa, 0x96, 0xa5, 0xd2, 0x57, 0x68, 0x1f, + 0x7d, 0x49, 0x53, 0xe9, 0x73, 0xa4, 0x7f, 0x86, 0x84, 0x87, 0x68, 0xdd, 0x0a, 0xfd, 0x5a, 0x22, + 0x97, 0xb5, 0xb6, 0x49, 0x4a, 0xc9, 0xfb, 0x8b, 0xc9, 0xdb, 0xb9, 0x04, 0x9d, 0x65, 0x33, 0xce, + 0x44, 0xf6, 0xd0, 0x61, 0x93, 0xe5, 0x96, 0xe4, 0x03, 0x93, 0xfe, 0xc0, 0x83, 0x72, 0xea, 0xe7, + 0x33, 0x03, 0x21, 0x5d, 0x55, 0x08, 0x17, 0x62, 0xa1, 0x9c, 0xa4, 0x46, 0x71, 0xfa, 0x51, 0x61, + 0x62, 0xdd, 0x96, 0xe3, 0x89, 0x26, 0x5b, 0x8a, 0x57, 0x0e, 0x64, 0x53, 0x13, 0x1f, 0x33, 0x65, + 0xef, 0xc4, 0x2a, 0x65, 0xc9, 0x30, 0xe4, 0x62, 0x99, 0x14, 0xee, 0xc4, 0x9b, 0x49, 0xac, 0x27, + 0xd9, 0x24, 0xf4, 0x59, 0xc1, 0xc4, 0x61, 0xe8, 0x5d, 0xbc, 0x7a, 0xf5, 0xc6, 0x73, 0x91, 0x1e, + 0x3c, 0x00, 0xa1, 0x0b, 0x17, 0xaf, 0xbf, 0x10, 0x41, 0xfc, 0x18, 0x8c, 0x5e, 0x95, 0x0d, 0x93, + 0xa5, 0x90, 0x4c, 0x0c, 0x91, 0xec, 0xf0, 0xb7, 0x20, 0xe2, 0x9d, 0x32, 0x34, 0xbc, 0x08, 0x03, + 0x9a, 0x3d, 0xe6, 0x10, 0x3b, 0x31, 0xff, 0xf7, 0xc9, 0x25, 0x3b, 0x29, 0x6b, 0x30, 0x3e, 0x0b, + 0x43, 0x97, 0x89, 0xd9, 0x5d, 0xaa, 0x7f, 0x18, 0x84, 0xd1, 0x5b, 0x5a, 0xa1, 0x6b, 0x46, 0x73, + 0x53, 0x56, 0xe0, 0x2f, 0x4f, 0x59, 0xc1, 0x47, 0xa0, 0x2c, 0xa7, 0x5c, 0x0d, 0xb8, 0xca, 0x95, + 0x9b, 0xc6, 0xc2, 0x9d, 0xd3, 0xd8, 0xab, 0x01, 0x38, 0x26, 0x12, 0x4d, 0x91, 0xf2, 0x76, 0x74, + 0xae, 0x59, 0x5a, 0x3f, 0x66, 0x41, 0xe2, 0xe7, 0x81, 0x6b, 0xee, 0x06, 0x43, 0x73, 0xb7, 0x2b, + 0xc8, 0xd3, 0xae, 0xf0, 0x2f, 0x07, 0x60, 0x7c, 0xb1, 0x50, 0x78, 0xac, 0x3d, 0x37, 0x0b, 0x13, + 0x07, 0x5d, 0xe0, 0xf5, 0x5a, 0xc0, 0xeb, 0xb5, 0x1f, 0x10, 0xf4, 0xaf, 0x12, 0xdd, 0x90, 0xd5, + 0x32, 0xbe, 0x02, 0xbd, 0x25, 0xe9, 0xae, 0xaa, 0xdb, 0x45, 0x6e, 0xde, 0xe7, 0x5c, 0xd8, 0x30, + 0xe7, 0xf7, 0x7a, 0x85, 0x4a, 0x14, 0x2d, 0x11, 0x4c, 0x96, 0x5c, 0x56, 0x75, 0xd6, 0xfb, 0x74, + 0x2f, 0x8b, 0x8a, 0xe0, 0x9f, 0x80, 0x61, 0xcf, 0x3c, 0xee, 0x83, 0xc0, 0xea, 0x6c, 0xa4, 0x87, + 0xfd, 0x66, 0x22, 0x88, 0xfd, 0x0a, 0x91, 0x00, 0x7f, 0x04, 0xc6, 0x6b, 0xcc, 0x68, 0x23, 0x28, + 0x0f, 0x3f, 0x0f, 0x13, 0x07, 0xa7, 0x0d, 0x0d, 0x3f, 0x05, 0xfd, 0xbb, 0xd6, 0x90, 0x59, 0x3c, + 0x28, 0x9c, 0x68, 0x4f, 0x4b, 0xd1, 0x81, 0xf1, 0x23, 0x30, 0x44, 0x19, 0x9e, 0xf6, 0xaf, 0x8c, + 0xf1, 0xaf, 0xc0, 0xb0, 0x6b, 0x6c, 0x68, 0xf8, 0x2c, 0xf4, 0xd2, 0x92, 0xe4, 0x70, 0xbd, 0x5f, + 0xc7, 0x4a, 0x81, 0xa2, 0x85, 0xe0, 0xcf, 0xc1, 0xb0, 0xd5, 0x95, 0xb0, 0xc9, 0x0e, 0x79, 0x3e, + 0x02, 0x23, 0x6e, 0xb0, 0xa1, 0xf1, 0xbf, 0x06, 0x60, 0xd8, 0x62, 0xfe, 0x2e, 0xe4, 0xe1, 0xff, + 0x78, 0x3a, 0xd9, 0x41, 0xba, 0xba, 0x4f, 0x0f, 0x09, 0x81, 0x3b, 0xcb, 0x36, 0xf5, 0xfd, 0x7d, + 0x1b, 0x10, 0x37, 0xa9, 0x87, 0x3a, 0x27, 0xf5, 0x25, 0x98, 0xa8, 0x35, 0x01, 0x5d, 0xd2, 0x12, + 0x9f, 0x81, 0x23, 0x4d, 0x64, 0x1c, 0xca, 0x86, 0xaf, 0x04, 0xe0, 0xa8, 0x48, 0x4a, 0xea, 0xee, + 0xe3, 0x5d, 0x4a, 0xe6, 0x68, 0x45, 0x6d, 0xe2, 0x85, 0x43, 0x39, 0x71, 0x0f, 0x46, 0xae, 0xc9, + 0x45, 0x5d, 0x32, 0xc9, 0x8a, 0xba, 0x2a, 0x50, 0x97, 0x9d, 0x86, 0xd0, 0x96, 0x22, 0x15, 0x6d, + 0x62, 0xf4, 0x3b, 0xc5, 0x97, 0x14, 0xa9, 0x28, 0x32, 0x00, 0x4e, 0xc1, 0x78, 0xc9, 0x12, 0xb5, + 0xb1, 0x9b, 0xd9, 0xa8, 0x75, 0x7e, 0xf4, 0x18, 0x0d, 0x88, 0x63, 0xf6, 0x9f, 0x56, 0x33, 0x4e, + 0x8b, 0xc8, 0x9f, 0x84, 0x51, 0xcf, 0xd6, 0x96, 0x9e, 0x3a, 0xd1, 0x54, 0xdd, 0xac, 0xc5, 0xd8, + 0x1e, 0x52, 0xf6, 0x11, 0x89, 0x41, 0xcc, 0x15, 0x75, 0x35, 0x43, 0xd9, 0x67, 0x14, 0x86, 0x5d, + 0x63, 0x43, 0xe3, 0xcf, 0x00, 0x5c, 0x26, 0x66, 0x37, 0xfc, 0x41, 0xd9, 0xc2, 0xba, 0xf9, 0xfe, + 0xc3, 0x16, 0x7f, 0x26, 0x5b, 0xfc, 0x84, 0xe0, 0xdf, 0x37, 0x2b, 0x7a, 0x91, 0x2c, 0x57, 0x36, + 0xe9, 0xcc, 0x25, 0x5d, 0x2d, 0xb9, 0xae, 0x14, 0xf8, 0x6b, 0x04, 0xfd, 0x86, 0xf5, 0x27, 0x3b, + 0x16, 0x1f, 0x33, 0xc7, 0xbd, 0x87, 0xf4, 0x77, 0x90, 0xf0, 0xd6, 0xef, 0x78, 0x0c, 0xed, 0x63, + 0xf6, 0xe8, 0x47, 0xd1, 0x56, 0x97, 0x9f, 0x85, 0xe3, 0xad, 0x2d, 0x33, 0x34, 0x1c, 0x81, 0xa0, + 0x5c, 0x70, 0x72, 0x9c, 0x7e, 0x26, 0x62, 0x10, 0xa2, 0x47, 0x09, 0x8f, 0xc2, 0xe0, 0xea, 0x45, + 0x71, 0xf9, 0xd9, 0x1b, 0xd7, 0x37, 0x84, 0x0d, 0x5a, 0xf7, 0x3d, 0x13, 0x99, 0x08, 0x12, 0x1e, + 0x46, 0x60, 0xc0, 0x11, 0x86, 0x5f, 0x47, 0x30, 0xd1, 0xac, 0x7f, 0xc4, 0xa7, 0xfc, 0xaa, 0x6f, + 0xf3, 0xde, 0x3b, 0x7a, 0xba, 0x2b, 0x9c, 0xa1, 0xf1, 0x3d, 0xb8, 0x08, 0x43, 0xee, 0x07, 0x24, + 0x9c, 0xf2, 0x11, 0xd5, 0xf0, 0xda, 0x14, 0x6d, 0xef, 0x72, 0xc8, 0xf7, 0xe0, 0x1d, 0x18, 0x72, + 0xbf, 0x61, 0xf8, 0x6e, 0xd4, 0xf0, 0x5e, 0x12, 0x4d, 0x77, 0xb4, 0x9e, 0xd9, 0xb6, 0x63, 0x35, + 0x3f, 0x35, 0xbf, 0xfb, 0x6d, 0xd9, 0x70, 0x3d, 0xf6, 0xdd, 0xb2, 0xf1, 0xee, 0xcc, 0xf7, 0x60, + 0x09, 0xc2, 0xb5, 0x4e, 0x0e, 0x9f, 0xf4, 0xc1, 0xbb, 0x2f, 0xc9, 0xed, 0x3b, 0xb2, 0x08, 0x43, + 0xee, 0x0b, 0xb2, 0xaf, 0x55, 0x0d, 0xb7, 0xe9, 0xf6, 0x37, 0x2a, 0xc3, 0xa0, 0x8b, 0xea, 0x71, + 0xd2, 0x07, 0xe7, 0xad, 0x48, 0xd1, 0x54, 0x27, 0xcb, 0x99, 0xef, 0x1e, 0x40, 0xa4, 0xb1, 0x0b, + 0xc6, 0x42, 0xbb, 0x2e, 0xac, 0x77, 0xd3, 0xd1, 0xb9, 0x8e, 0x31, 0x6c, 0xfb, 0x6d, 0x08, 0xd7, + 0x8a, 0x93, 0x6f, 0xe8, 0xdc, 0x65, 0x2d, 0x3a, 0xd3, 0xfe, 0x62, 0x3b, 0x49, 0xa0, 0x5e, 0xba, + 0xf0, 0x4c, 0x5b, 0x27, 0xce, 0xae, 0x72, 0xd1, 0x76, 0x1a, 0x74, 0xcb, 0x98, 0x5a, 0x9f, 0xef, + 0x6b, 0x8c, 0xfb, 0x86, 0xe0, 0x6b, 0x8c, 0xe7, 0xfa, 0xc0, 0xf7, 0xe0, 0x35, 0xe8, 0xb7, 0x4b, + 0x38, 0x8e, 0xfb, 0x3b, 0xbe, 0x43, 0x33, 0xee, 0x01, 0xd4, 0x6f, 0x09, 0xbe, 0x9e, 0xf2, 0xdc, + 0x46, 0xa2, 0xc9, 0x0e, 0x56, 0x3b, 0x61, 0xa9, 0xdf, 0x3f, 0x7c, 0x37, 0xf3, 0x5c, 0x55, 0xda, + 0xb5, 0xe7, 0x25, 0x04, 0x63, 0x07, 0x1a, 0x65, 0x3c, 0xd7, 0x2e, 0xcf, 0xb8, 0x39, 0x7f, 0xbe, + 0x73, 0x10, 0xb3, 0xf2, 0x35, 0x04, 0xe3, 0x4d, 0x3a, 0x4e, 0xfc, 0xa4, 0x6f, 0x12, 0x37, 0xeb, + 0xd5, 0xa3, 0xa7, 0xba, 0x81, 0x39, 0xc7, 0xbd, 0xf1, 0x29, 0xc0, 0xf7, 0xb8, 0x37, 0x79, 0x3e, + 0xf1, 0x3d, 0xee, 0xcd, 0xde, 0x1b, 0xf8, 0x1e, 0xfc, 0x2e, 0x02, 0xae, 0x55, 0xb9, 0xc7, 0x59, + 0x3f, 0x8e, 0x6c, 0xdd, 0x01, 0x45, 0xcf, 0x75, 0x8d, 0xa5, 0x7a, 0x2d, 0xcd, 0xdf, 0x16, 0x8a, + 0xb2, 0xb9, 0x5d, 0xd9, 0x4c, 0xe5, 0xd5, 0x52, 0x9a, 0x8a, 0x4a, 0x3b, 0xa2, 0xd2, 0x2d, 0xff, + 0x2f, 0xb7, 0xd9, 0xc7, 0xfe, 0x27, 0x37, 0xf7, 0x5b, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7e, 0xea, + 0xd1, 0x59, 0x1b, 0x1c, 0x00, 0x00, } diff --git a/api/interservice/authz/v2/policy.pb.validate.go b/api/interservice/authz/v2/policy.pb.validate.go index 807cfb870d1..7292d01b327 100644 --- a/api/interservice/authz/v2/policy.pb.validate.go +++ b/api/interservice/authz/v2/policy.pb.validate.go @@ -2269,6 +2269,8 @@ func (m *MigrateToV2Req) Validate() error { // no validation rules for Flag + // no validation rules for MigrateV1Policies + return nil } From a94090c982ae05714e0d9860de0f439e81d9594e Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:11:35 +0200 Subject: [PATCH 12/25] automate-gateway/authz: pass migrate_v1_policies along Signed-off-by: Stephan Renatus --- .../automate-gateway/handler/iam/v2beta/policy/policy.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/automate-gateway/handler/iam/v2beta/policy/policy.go b/components/automate-gateway/handler/iam/v2beta/policy/policy.go index e715a79eb3b..a522ac8d200 100644 --- a/components/automate-gateway/handler/iam/v2beta/policy/policy.go +++ b/components/automate-gateway/handler/iam/v2beta/policy/policy.go @@ -213,7 +213,8 @@ func (p *Server) RemovePolicyMembers( func (p *Server) UpgradeToV2( ctx context.Context, in *pb_req.UpgradeToV2Req) (*pb_resp.UpgradeToV2Resp, error) { upgradeReq := &authz.MigrateToV2Req{ - Flag: authz.Flag_VERSION_2_0, + Flag: authz.Flag_VERSION_2_0, + MigrateV1Policies: in.MigrateV1Policies, } if in.Flag == pb_common.Flag_VERSION_2_1 { upgradeReq.Flag = authz.Flag_VERSION_2_1 From 5cbf498b0bb5f169ffdbfccd13b2f164c167aa01 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:49:40 +0200 Subject: [PATCH 13/25] authz-service/migration: nitpicks Signed-off-by: Stephan Renatus --- components/authz-service/server/v2/migration.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/components/authz-service/server/v2/migration.go b/components/authz-service/server/v2/migration.go index 2fc52f4a71b..6c7766d3471 100644 --- a/components/authz-service/server/v2/migration.go +++ b/components/authz-service/server/v2/migration.go @@ -3,7 +3,6 @@ package v2 import ( "context" "fmt" - "regexp" "strings" "github.com/pkg/errors" @@ -54,7 +53,7 @@ func (s *policyServer) migrateV1Policies(ctx context.Context) ([]error, error) { if err := s.addTokenToAdminPolicy(ctx, adminTokenPolicy.Subjects[0]); err != nil { errs = append(errs, errors.Wrapf(err, "adding members %q for admin policy %q", pol.Subjects, pol.ID.String())) } - continue //don't migrate admin policies with single token + continue // don't migrate admin policies with single token } storagePol, err := migrateV1Policy(pol) if err != nil { @@ -100,8 +99,7 @@ func (s *policyServer) addTokenToAdminPolicy(ctx context.Context, tok string) er } func checkForAdminTokenPolicy(pol *storage_v1.Policy) (*storage_v1.Policy, error) { - var tokenRE = regexp.MustCompile(`^token`) - if pol.Action == "*" && pol.Resource == "*" && len(pol.Subjects) == 1 && tokenRE.MatchString(pol.Subjects[0]) { + if pol.Action == "*" && pol.Resource == "*" && len(pol.Subjects) == 1 && strings.HasPrefix(pol.Subjects[0], "token:") { return pol, nil } return nil, nil From 1ce70455e872775cb80ce895576930a11030f4d1 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 14:50:10 +0200 Subject: [PATCH 14/25] authz-service/upgrade-to-v2: respect migrate_v1_policies flag Signed-off-by: Stephan Renatus --- components/authz-service/server/v2/policy.go | 28 ++++++++++++++------ 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/components/authz-service/server/v2/policy.go b/components/authz-service/server/v2/policy.go index a2b2cd190d7..d2aaebf17e0 100644 --- a/components/authz-service/server/v2/policy.go +++ b/components/authz-service/server/v2/policy.go @@ -556,14 +556,26 @@ func (s *policyServer) MigrateToV2(ctx context.Context, } } - errs, err := s.migrateV1Policies(ctx) - if err != nil { - recordFailure() - return nil, status.Errorf(codes.Internal, "migrate v1 policies: %s", err.Error()) - } - reports := make([]string, len(errs)) - for i, e := range errs { - reports[i] = e.Error() + var reports []string + if req.MigrateV1Policies { + errs, err := s.migrateV1Policies(ctx) + if err != nil { + recordFailure() + return nil, status.Errorf(codes.Internal, "migrate v1 policies: %s", err.Error()) + } + for _, e := range errs { + reports = append(reports, e.Error()) + } + } else { + pols, err := s.v1.ListPoliciesWithSubjects(ctx) + if err != nil { + recordFailure() + return nil, status.Errorf(codes.Internal, "list v1 policies: %s", err.Error()) + } + for _, pol := range pols { + reports = append(reports, pol.ID.String()) + } + } err = s.store.ApplyV2DataMigrations(ctx) From 2501bfe724f3545083b45256294f94901fb00ca9 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:06:19 +0200 Subject: [PATCH 15/25] authz-service/upgrade-to-v2: report number of skipped policies, not IDs Signed-off-by: Stephan Renatus --- components/authz-service/server/v2/policy.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/authz-service/server/v2/policy.go b/components/authz-service/server/v2/policy.go index d2aaebf17e0..2a6a0f577ef 100644 --- a/components/authz-service/server/v2/policy.go +++ b/components/authz-service/server/v2/policy.go @@ -2,6 +2,7 @@ package v2 import ( "context" + "fmt" "strings" "github.com/pkg/errors" @@ -567,14 +568,15 @@ func (s *policyServer) MigrateToV2(ctx context.Context, reports = append(reports, e.Error()) } } else { + // Note 2019/05/22 (sr): policies without subjects are silently ignored -- this + // is to be in line with the migration case, that does the same. However, this + // could be worth revisiting? pols, err := s.v1.ListPoliciesWithSubjects(ctx) if err != nil { recordFailure() return nil, status.Errorf(codes.Internal, "list v1 policies: %s", err.Error()) } - for _, pol := range pols { - reports = append(reports, pol.ID.String()) - } + reports = append(reports, fmt.Sprintf("%d v1 policies", len(pols))) } From f745c6838eca748fa8283b7487ca43b2b9d935b4 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:21:28 +0200 Subject: [PATCH 16/25] integration/tests/iam_v2p1_only: rely on skip flag to skip legacy policies Signed-off-by: Stephan Renatus --- integration/tests/iam_v2p1_only.sh | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/integration/tests/iam_v2p1_only.sh b/integration/tests/iam_v2p1_only.sh index 2d23b6b9443..18f728c642f 100644 --- a/integration/tests/iam_v2p1_only.sh +++ b/integration/tests/iam_v2p1_only.sh @@ -39,15 +39,15 @@ do_deploy() { } do_test_deploy() { - log_info "run chef-automate iam upgrade-to-v2 --beta2.1" - chef-automate iam upgrade-to-v2 --beta2.1 || return 1 + log_info "run chef-automate iam upgrade-to-v2 --beta2.1 --skip-legacy-upgrade" + chef-automate iam upgrade-to-v2 --beta2.1 --skip-legacy-upgrade || return 1 - remove_legacy_policies + verify_legacy_policies_not_migrated do_test_deploy_default } -remove_legacy_policies() { +verify_legacy_policies_not_migrated() { local token=$(chef-automate iam token create ADMIN_TEST --admin) local legacy_policies=(secrets-access-legacy events-access-legacy @@ -61,7 +61,9 @@ remove_legacy_policies() { for id in "${legacy_policies[@]}" do - echo "Deleting legacy policy $id..." - curl -sSkH "api-token: $token" -X DELETE https://localhost/apis/iam/v2beta/policies/$id + echo "checking legacy policy $id..." + # only capture the response code + local code=$(hab_curl -s -o /dev/null -k -w '%{http_code}' -H "api-token: $token" https://localhost/apis/iam/v2beta/policies/$id) + [[ $code -eq 404 ]] || return 1 done } From c65a1474ea42c44f4d91fde012e228a8ff545ab3 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:23:56 +0200 Subject: [PATCH 17/25] studio: upgrade to IAM v2 in start_all_services Signed-off-by: Stephan Renatus --- .studiorc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.studiorc b/.studiorc index d2b1c1336a4..ebbee6f39ab 100644 --- a/.studiorc +++ b/.studiorc @@ -128,7 +128,7 @@ fi document "start_all_services" < Date: Wed, 22 May 2019 15:30:50 +0200 Subject: [PATCH 18/25] terraform: add --skip-legacy-upgrade to iam upgrade-to-v2 command Since this call only happens once (the second time it's run, the existance of the a2-iamv2-enabled file will block execution), it will only affect our short-lived environments. Should we ever re-deploy our long-lived ones, then this _would_ also skip their legacy policies. However, I'm not sure why we'd like to avoid that. Signed-off-by: Stephan Renatus --- .../templates/install_chef_automate_cli.sh.tpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl b/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl index e35d90f112d..0eae5facfed 100644 --- a/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl +++ b/terraform/test-environments/modules/chef_automate_install/templates/install_chef_automate_cli.sh.tpl @@ -130,12 +130,12 @@ hab pkg binlink core/hab --force if [[ ! -f /root/a2-iamv2-enabled ]]; then case "${iam_version}" in "v2.1") - chef-automate iam upgrade-to-v2 --beta2.1 + chef-automate iam upgrade-to-v2 --beta2.1 --skip-legacy-upgrade chef-automate dev create-iam-dev-users touch /root/a2-iamv2-enabled ;; "v2") - chef-automate iam upgrade-to-v2 + chef-automate iam upgrade-to-v2 --skip-legacy-upgrade chef-automate dev create-iam-dev-users touch /root/a2-iamv2-enabled ;; From 613f37f50f9187d19e7ba62c1a00ca6ad63386e8 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:53:32 +0200 Subject: [PATCH 19/25] api: flip migrate_v1_policies -> skip_v1_policies Now, the zero value reflects the current behaviour. Without this, existing caller (tests!) would have requested the v1 policies to be ignored. Signed-off-by: Stephan Renatus --- api/interservice/authz/v2/policy.proto | 2 +- components/automate-gateway/api/iam/v2beta/request/policy.proto | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/api/interservice/authz/v2/policy.proto b/api/interservice/authz/v2/policy.proto index ebe8fc9de59..277298a1299 100644 --- a/api/interservice/authz/v2/policy.proto +++ b/api/interservice/authz/v2/policy.proto @@ -225,7 +225,7 @@ enum Flag { message MigrateToV2Req { Flag flag = 1; - bool migrate_v1_policies = 2; + bool skip_v1_policies = 2; } message MigrateToV2Resp { repeated string reports = 1; diff --git a/components/automate-gateway/api/iam/v2beta/request/policy.proto b/components/automate-gateway/api/iam/v2beta/request/policy.proto index 6996e7bcf38..e8eb9798d7b 100644 --- a/components/automate-gateway/api/iam/v2beta/request/policy.proto +++ b/components/automate-gateway/api/iam/v2beta/request/policy.proto @@ -41,7 +41,7 @@ message UpdatePolicyReq { message UpgradeToV2Req { Flag flag = 1; - bool migrate_v1_policies = 2; + bool skip_v1_policies = 2; } message GetPolicyVersionReq {} From 7fa7955b793ab3ca0077a661cf57cf82ba58bdb3 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:55:03 +0200 Subject: [PATCH 20/25] api: flip migrate_v1_policies -> skip_v1_policies [protobuf] Signed-off-by: Stephan Renatus --- api/interservice/authz/v2/policy.pb.go | 294 +++++++++--------- .../authz/v2/policy.pb.validate.go | 2 +- .../api/iam/v2beta/request/policy.pb.go | 128 ++++---- 3 files changed, 212 insertions(+), 212 deletions(-) diff --git a/api/interservice/authz/v2/policy.pb.go b/api/interservice/authz/v2/policy.pb.go index 75ffd36bcb2..54c35099ae0 100644 --- a/api/interservice/authz/v2/policy.pb.go +++ b/api/interservice/authz/v2/policy.pb.go @@ -44,7 +44,7 @@ func (x Flag) String() string { return proto.EnumName(Flag_name, int32(x)) } func (Flag) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{0} + return fileDescriptor_policy_ce6f408bde50212a, []int{0} } type Statement_Effect int32 @@ -67,7 +67,7 @@ func (x Statement_Effect) String() string { return proto.EnumName(Statement_Effect_name, int32(x)) } func (Statement_Effect) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{5, 0} + return fileDescriptor_policy_ce6f408bde50212a, []int{5, 0} } type Version_VersionNumber int32 @@ -93,7 +93,7 @@ func (x Version_VersionNumber) String() string { return proto.EnumName(Version_VersionNumber_name, int32(x)) } func (Version_VersionNumber) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{14, 0} + return fileDescriptor_policy_ce6f408bde50212a, []int{14, 0} } type Policy struct { @@ -112,7 +112,7 @@ func (m *Policy) Reset() { *m = Policy{} } func (m *Policy) String() string { return proto.CompactTextString(m) } func (*Policy) ProtoMessage() {} func (*Policy) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{0} + return fileDescriptor_policy_ce6f408bde50212a, []int{0} } func (m *Policy) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Policy.Unmarshal(m, b) @@ -189,7 +189,7 @@ func (m *Role) Reset() { *m = Role{} } func (m *Role) String() string { return proto.CompactTextString(m) } func (*Role) ProtoMessage() {} func (*Role) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{1} + return fileDescriptor_policy_ce6f408bde50212a, []int{1} } func (m *Role) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Role.Unmarshal(m, b) @@ -259,7 +259,7 @@ func (m *CreatePolicyReq) Reset() { *m = CreatePolicyReq{} } func (m *CreatePolicyReq) String() string { return proto.CompactTextString(m) } func (*CreatePolicyReq) ProtoMessage() {} func (*CreatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{2} + return fileDescriptor_policy_ce6f408bde50212a, []int{2} } func (m *CreatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreatePolicyReq.Unmarshal(m, b) @@ -325,7 +325,7 @@ func (m *DeletePolicyReq) Reset() { *m = DeletePolicyReq{} } func (m *DeletePolicyReq) String() string { return proto.CompactTextString(m) } func (*DeletePolicyReq) ProtoMessage() {} func (*DeletePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{3} + return fileDescriptor_policy_ce6f408bde50212a, []int{3} } func (m *DeletePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyReq.Unmarshal(m, b) @@ -362,7 +362,7 @@ func (m *DeletePolicyResp) Reset() { *m = DeletePolicyResp{} } func (m *DeletePolicyResp) String() string { return proto.CompactTextString(m) } func (*DeletePolicyResp) ProtoMessage() {} func (*DeletePolicyResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{4} + return fileDescriptor_policy_ce6f408bde50212a, []int{4} } func (m *DeletePolicyResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyResp.Unmarshal(m, b) @@ -400,7 +400,7 @@ func (m *Statement) Reset() { *m = Statement{} } func (m *Statement) String() string { return proto.CompactTextString(m) } func (*Statement) ProtoMessage() {} func (*Statement) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{5} + return fileDescriptor_policy_ce6f408bde50212a, []int{5} } func (m *Statement) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Statement.Unmarshal(m, b) @@ -465,7 +465,7 @@ func (m *ListPoliciesReq) Reset() { *m = ListPoliciesReq{} } func (m *ListPoliciesReq) String() string { return proto.CompactTextString(m) } func (*ListPoliciesReq) ProtoMessage() {} func (*ListPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{6} + return fileDescriptor_policy_ce6f408bde50212a, []int{6} } func (m *ListPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesReq.Unmarshal(m, b) @@ -496,7 +496,7 @@ func (m *ListPoliciesResp) Reset() { *m = ListPoliciesResp{} } func (m *ListPoliciesResp) String() string { return proto.CompactTextString(m) } func (*ListPoliciesResp) ProtoMessage() {} func (*ListPoliciesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{7} + return fileDescriptor_policy_ce6f408bde50212a, []int{7} } func (m *ListPoliciesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesResp.Unmarshal(m, b) @@ -534,7 +534,7 @@ func (m *GetPolicyReq) Reset() { *m = GetPolicyReq{} } func (m *GetPolicyReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyReq) ProtoMessage() {} func (*GetPolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{8} + return fileDescriptor_policy_ce6f408bde50212a, []int{8} } func (m *GetPolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyReq.Unmarshal(m, b) @@ -578,7 +578,7 @@ func (m *UpdatePolicyReq) Reset() { *m = UpdatePolicyReq{} } func (m *UpdatePolicyReq) String() string { return proto.CompactTextString(m) } func (*UpdatePolicyReq) ProtoMessage() {} func (*UpdatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{9} + return fileDescriptor_policy_ce6f408bde50212a, []int{9} } func (m *UpdatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdatePolicyReq.Unmarshal(m, b) @@ -645,7 +645,7 @@ func (m *ReplacePolicyMembersReq) Reset() { *m = ReplacePolicyMembersReq func (m *ReplacePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersReq) ProtoMessage() {} func (*ReplacePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{10} + return fileDescriptor_policy_ce6f408bde50212a, []int{10} } func (m *ReplacePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersReq.Unmarshal(m, b) @@ -690,7 +690,7 @@ func (m *ReplacePolicyMembersResp) Reset() { *m = ReplacePolicyMembersRe func (m *ReplacePolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersResp) ProtoMessage() {} func (*ReplacePolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{11} + return fileDescriptor_policy_ce6f408bde50212a, []int{11} } func (m *ReplacePolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersResp.Unmarshal(m, b) @@ -729,7 +729,7 @@ func (m *AddPolicyMembersReq) Reset() { *m = AddPolicyMembersReq{} } func (m *AddPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersReq) ProtoMessage() {} func (*AddPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{12} + return fileDescriptor_policy_ce6f408bde50212a, []int{12} } func (m *AddPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersReq.Unmarshal(m, b) @@ -774,7 +774,7 @@ func (m *AddPolicyMembersResp) Reset() { *m = AddPolicyMembersResp{} } func (m *AddPolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersResp) ProtoMessage() {} func (*AddPolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{13} + return fileDescriptor_policy_ce6f408bde50212a, []int{13} } func (m *AddPolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersResp.Unmarshal(m, b) @@ -814,7 +814,7 @@ func (m *Version) Reset() { *m = Version{} } func (m *Version) String() string { return proto.CompactTextString(m) } func (*Version) ProtoMessage() {} func (*Version) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{14} + return fileDescriptor_policy_ce6f408bde50212a, []int{14} } func (m *Version) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_Version.Unmarshal(m, b) @@ -858,7 +858,7 @@ func (m *GetPolicyVersionReq) Reset() { *m = GetPolicyVersionReq{} } func (m *GetPolicyVersionReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionReq) ProtoMessage() {} func (*GetPolicyVersionReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{15} + return fileDescriptor_policy_ce6f408bde50212a, []int{15} } func (m *GetPolicyVersionReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionReq.Unmarshal(m, b) @@ -889,7 +889,7 @@ func (m *GetPolicyVersionResp) Reset() { *m = GetPolicyVersionResp{} } func (m *GetPolicyVersionResp) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionResp) ProtoMessage() {} func (*GetPolicyVersionResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{16} + return fileDescriptor_policy_ce6f408bde50212a, []int{16} } func (m *GetPolicyVersionResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionResp.Unmarshal(m, b) @@ -926,7 +926,7 @@ func (m *ListRolesReq) Reset() { *m = ListRolesReq{} } func (m *ListRolesReq) String() string { return proto.CompactTextString(m) } func (*ListRolesReq) ProtoMessage() {} func (*ListRolesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{17} + return fileDescriptor_policy_ce6f408bde50212a, []int{17} } func (m *ListRolesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesReq.Unmarshal(m, b) @@ -957,7 +957,7 @@ func (m *ListRolesResp) Reset() { *m = ListRolesResp{} } func (m *ListRolesResp) String() string { return proto.CompactTextString(m) } func (*ListRolesResp) ProtoMessage() {} func (*ListRolesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{18} + return fileDescriptor_policy_ce6f408bde50212a, []int{18} } func (m *ListRolesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesResp.Unmarshal(m, b) @@ -995,7 +995,7 @@ func (m *DeleteRoleReq) Reset() { *m = DeleteRoleReq{} } func (m *DeleteRoleReq) String() string { return proto.CompactTextString(m) } func (*DeleteRoleReq) ProtoMessage() {} func (*DeleteRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{19} + return fileDescriptor_policy_ce6f408bde50212a, []int{19} } func (m *DeleteRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleReq.Unmarshal(m, b) @@ -1032,7 +1032,7 @@ func (m *DeleteRoleResp) Reset() { *m = DeleteRoleResp{} } func (m *DeleteRoleResp) String() string { return proto.CompactTextString(m) } func (*DeleteRoleResp) ProtoMessage() {} func (*DeleteRoleResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{20} + return fileDescriptor_policy_ce6f408bde50212a, []int{20} } func (m *DeleteRoleResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleResp.Unmarshal(m, b) @@ -1066,7 +1066,7 @@ func (m *UpdateRoleReq) Reset() { *m = UpdateRoleReq{} } func (m *UpdateRoleReq) String() string { return proto.CompactTextString(m) } func (*UpdateRoleReq) ProtoMessage() {} func (*UpdateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{21} + return fileDescriptor_policy_ce6f408bde50212a, []int{21} } func (m *UpdateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRoleReq.Unmarshal(m, b) @@ -1125,7 +1125,7 @@ func (m *ListPolicyMembersReq) Reset() { *m = ListPolicyMembersReq{} } func (m *ListPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersReq) ProtoMessage() {} func (*ListPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{22} + return fileDescriptor_policy_ce6f408bde50212a, []int{22} } func (m *ListPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersReq.Unmarshal(m, b) @@ -1163,7 +1163,7 @@ func (m *ListPolicyMembersResp) Reset() { *m = ListPolicyMembersResp{} } func (m *ListPolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersResp) ProtoMessage() {} func (*ListPolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{23} + return fileDescriptor_policy_ce6f408bde50212a, []int{23} } func (m *ListPolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersResp.Unmarshal(m, b) @@ -1202,7 +1202,7 @@ func (m *RemovePolicyMembersReq) Reset() { *m = RemovePolicyMembersReq{} func (m *RemovePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersReq) ProtoMessage() {} func (*RemovePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{24} + return fileDescriptor_policy_ce6f408bde50212a, []int{24} } func (m *RemovePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersReq.Unmarshal(m, b) @@ -1247,7 +1247,7 @@ func (m *RemovePolicyMembersResp) Reset() { *m = RemovePolicyMembersResp func (m *RemovePolicyMembersResp) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersResp) ProtoMessage() {} func (*RemovePolicyMembersResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{25} + return fileDescriptor_policy_ce6f408bde50212a, []int{25} } func (m *RemovePolicyMembersResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersResp.Unmarshal(m, b) @@ -1276,7 +1276,7 @@ func (m *RemovePolicyMembersResp) GetMembers() []string { type MigrateToV2Req struct { Flag Flag `protobuf:"varint,1,opt,name=flag,proto3,enum=chef.automate.domain.authz.v2.Flag" json:"flag,omitempty" toml:"flag,omitempty" mapstructure:"flag,omitempty"` - MigrateV1Policies bool `protobuf:"varint,2,opt,name=migrate_v1_policies,json=migrateV1Policies,proto3" json:"migrate_v1_policies,omitempty" toml:"migrate_v1_policies,omitempty" mapstructure:"migrate_v1_policies,omitempty"` + SkipV1Policies bool `protobuf:"varint,2,opt,name=skip_v1_policies,json=skipV1Policies,proto3" json:"skip_v1_policies,omitempty" toml:"skip_v1_policies,omitempty" mapstructure:"skip_v1_policies,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-" toml:"-" mapstructure:"-,omitempty"` XXX_unrecognized []byte `json:"-" toml:"-" mapstructure:"-,omitempty"` XXX_sizecache int32 `json:"-" toml:"-" mapstructure:"-,omitempty"` @@ -1286,7 +1286,7 @@ func (m *MigrateToV2Req) Reset() { *m = MigrateToV2Req{} } func (m *MigrateToV2Req) String() string { return proto.CompactTextString(m) } func (*MigrateToV2Req) ProtoMessage() {} func (*MigrateToV2Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{26} + return fileDescriptor_policy_ce6f408bde50212a, []int{26} } func (m *MigrateToV2Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_MigrateToV2Req.Unmarshal(m, b) @@ -1313,9 +1313,9 @@ func (m *MigrateToV2Req) GetFlag() Flag { return Flag_VERSION_2_0 } -func (m *MigrateToV2Req) GetMigrateV1Policies() bool { +func (m *MigrateToV2Req) GetSkipV1Policies() bool { if m != nil { - return m.MigrateV1Policies + return m.SkipV1Policies } return false } @@ -1331,7 +1331,7 @@ func (m *MigrateToV2Resp) Reset() { *m = MigrateToV2Resp{} } func (m *MigrateToV2Resp) String() string { return proto.CompactTextString(m) } func (*MigrateToV2Resp) ProtoMessage() {} func (*MigrateToV2Resp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{27} + return fileDescriptor_policy_ce6f408bde50212a, []int{27} } func (m *MigrateToV2Resp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_MigrateToV2Resp.Unmarshal(m, b) @@ -1368,7 +1368,7 @@ func (m *ResetToV1Req) Reset() { *m = ResetToV1Req{} } func (m *ResetToV1Req) String() string { return proto.CompactTextString(m) } func (*ResetToV1Req) ProtoMessage() {} func (*ResetToV1Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{28} + return fileDescriptor_policy_ce6f408bde50212a, []int{28} } func (m *ResetToV1Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Req.Unmarshal(m, b) @@ -1398,7 +1398,7 @@ func (m *ResetToV1Resp) Reset() { *m = ResetToV1Resp{} } func (m *ResetToV1Resp) String() string { return proto.CompactTextString(m) } func (*ResetToV1Resp) ProtoMessage() {} func (*ResetToV1Resp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{29} + return fileDescriptor_policy_ce6f408bde50212a, []int{29} } func (m *ResetToV1Resp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Resp.Unmarshal(m, b) @@ -1429,7 +1429,7 @@ func (m *GetRoleReq) Reset() { *m = GetRoleReq{} } func (m *GetRoleReq) String() string { return proto.CompactTextString(m) } func (*GetRoleReq) ProtoMessage() {} func (*GetRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{30} + return fileDescriptor_policy_ce6f408bde50212a, []int{30} } func (m *GetRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetRoleReq.Unmarshal(m, b) @@ -1470,7 +1470,7 @@ func (m *CreateRoleReq) Reset() { *m = CreateRoleReq{} } func (m *CreateRoleReq) String() string { return proto.CompactTextString(m) } func (*CreateRoleReq) ProtoMessage() {} func (*CreateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{31} + return fileDescriptor_policy_ce6f408bde50212a, []int{31} } func (m *CreateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRoleReq.Unmarshal(m, b) @@ -1531,7 +1531,7 @@ func (m *PurgeSubjectFromPoliciesReq) Reset() { *m = PurgeSubjectFromPol func (m *PurgeSubjectFromPoliciesReq) String() string { return proto.CompactTextString(m) } func (*PurgeSubjectFromPoliciesReq) ProtoMessage() {} func (*PurgeSubjectFromPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{32} + return fileDescriptor_policy_ce6f408bde50212a, []int{32} } func (m *PurgeSubjectFromPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PurgeSubjectFromPoliciesReq.Unmarshal(m, b) @@ -1569,7 +1569,7 @@ func (m *PurgeSubjectFromPoliciesResp) Reset() { *m = PurgeSubjectFromPo func (m *PurgeSubjectFromPoliciesResp) String() string { return proto.CompactTextString(m) } func (*PurgeSubjectFromPoliciesResp) ProtoMessage() {} func (*PurgeSubjectFromPoliciesResp) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_dd71a1296131b8b5, []int{33} + return fileDescriptor_policy_ce6f408bde50212a, []int{33} } func (m *PurgeSubjectFromPoliciesResp) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PurgeSubjectFromPoliciesResp.Unmarshal(m, b) @@ -2270,111 +2270,111 @@ var _Policies_serviceDesc = grpc.ServiceDesc{ } func init() { - proto.RegisterFile("api/interservice/authz/v2/policy.proto", fileDescriptor_policy_dd71a1296131b8b5) -} - -var fileDescriptor_policy_dd71a1296131b8b5 = []byte{ - // 1622 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdb, 0x6f, 0x1b, 0xc5, - 0x1a, 0xcf, 0xd8, 0xce, 0xc5, 0x5f, 0x6e, 0xce, 0x24, 0x6d, 0xf7, 0xf8, 0x34, 0x3a, 0x39, 0x7b, - 0x72, 0x8a, 0xed, 0xc6, 0x76, 0xbc, 0x09, 0xbd, 0xb8, 0xaa, 0x42, 0x42, 0x2f, 0x50, 0xf5, 0xa6, - 0x4d, 0x1a, 0xa0, 0xa9, 0x13, 0x6d, 0xec, 0x89, 0xb3, 0xed, 0xda, 0xbb, 0xd9, 0x5d, 0x47, 0x4a, - 0x71, 0x25, 0x90, 0x00, 0x89, 0x07, 0x24, 0x08, 0x20, 0x2e, 0x82, 0x17, 0x24, 0x54, 0x09, 0x09, - 0x1e, 0x78, 0x40, 0x08, 0x81, 0xc4, 0x33, 0xff, 0x00, 0xfc, 0x03, 0x3c, 0xf0, 0x07, 0xf0, 0x8e, - 0x66, 0x76, 0xd7, 0xde, 0x75, 0xec, 0xac, 0xed, 0x02, 0x12, 0x94, 0x27, 0xef, 0x4c, 0xe6, 0xf7, - 0xcd, 0x77, 0x9b, 0xdf, 0xf7, 0xcd, 0x04, 0x4e, 0x48, 0x9a, 0x9c, 0x96, 0xcb, 0x26, 0xd1, 0x0d, - 0xa2, 0xef, 0xca, 0x79, 0x92, 0x96, 0x2a, 0xe6, 0xf6, 0xfd, 0xf4, 0xae, 0x90, 0xd6, 0x54, 0x45, - 0xce, 0xef, 0xa5, 0x34, 0x5d, 0x35, 0x55, 0x3c, 0x99, 0xdf, 0x26, 0x5b, 0x29, 0xa9, 0x62, 0xaa, - 0x25, 0xc9, 0x24, 0xa9, 0x82, 0x5a, 0x92, 0xe4, 0x72, 0x8a, 0xad, 0x4d, 0xed, 0x0a, 0xd1, 0x63, - 0xbb, 0x92, 0x22, 0x17, 0x24, 0x93, 0xa4, 0x9d, 0x0f, 0x0b, 0x17, 0x9d, 0x6e, 0x2d, 0xdf, 0xdc, - 0xd3, 0xec, 0x55, 0xfc, 0xcf, 0x08, 0xfa, 0x6e, 0xb2, 0xed, 0x30, 0x86, 0x50, 0x59, 0x2a, 0x11, - 0x0e, 0x4d, 0xa1, 0x58, 0x58, 0x64, 0xdf, 0x78, 0x04, 0x02, 0x72, 0x81, 0x0b, 0xb0, 0x99, 0x80, - 0x5c, 0xc0, 0xa7, 0x21, 0x44, 0xc1, 0x5c, 0x70, 0x0a, 0xc5, 0x46, 0x84, 0xff, 0xa5, 0x0e, 0xd5, - 0x2d, 0xb5, 0xb2, 0xa7, 0x11, 0x91, 0x01, 0x30, 0x07, 0xfd, 0x25, 0x52, 0xda, 0x24, 0xba, 0xc1, - 0x85, 0xa6, 0x82, 0xb1, 0xb0, 0xe8, 0x0c, 0xf1, 0x33, 0x00, 0x86, 0x29, 0x99, 0xa4, 0x44, 0xca, - 0xa6, 0xc1, 0xf5, 0x4e, 0x05, 0x63, 0x83, 0x42, 0xcc, 0x47, 0xf0, 0xb2, 0x03, 0x10, 0x5d, 0x58, - 0x1c, 0x85, 0x01, 0x4d, 0x57, 0xef, 0x92, 0xbc, 0x69, 0x70, 0x7d, 0x6c, 0x93, 0xda, 0x98, 0xff, - 0x00, 0x41, 0x48, 0x54, 0x15, 0xf2, 0x87, 0x5b, 0x29, 0xe5, 0x4d, 0x59, 0x2d, 0xd7, 0xac, 0xb4, - 0x87, 0x1e, 0xdd, 0x7a, 0x1b, 0x74, 0xfb, 0x34, 0x08, 0xa3, 0x4f, 0xeb, 0x44, 0x32, 0x89, 0x15, - 0x09, 0x91, 0xec, 0xe0, 0x04, 0x53, 0x89, 0x29, 0xb9, 0x14, 0xfd, 0xe6, 0x97, 0xef, 0x83, 0x47, - 0xf4, 0x71, 0x61, 0x6c, 0x7d, 0x4d, 0x4a, 0xde, 0x9f, 0x4d, 0x9e, 0x4d, 0xe6, 0x5e, 0xcc, 0xcc, - 0x9c, 0x9a, 0x7f, 0x30, 0xcd, 0xd4, 0x9d, 0xb4, 0x4d, 0x62, 0x06, 0x2c, 0x85, 0xe9, 0xea, 0x90, - 0x1e, 0x88, 0x20, 0xdb, 0xba, 0xef, 0x50, 0xdd, 0xf7, 0x41, 0xba, 0xf5, 0xd2, 0x27, 0x88, 0xae, - 0xf9, 0x08, 0xed, 0xa3, 0xf7, 0x11, 0x87, 0xf8, 0xb7, 0x91, 0xfe, 0x26, 0x12, 0xde, 0x40, 0xeb, - 0xb1, 0x85, 0xac, 0x49, 0xa4, 0x52, 0xb5, 0x62, 0x10, 0x3d, 0x9e, 0x8d, 0x2d, 0x64, 0x15, 0x35, - 0x2f, 0x29, 0x55, 0xa5, 0x20, 0x69, 0x55, 0x43, 0x2a, 0x29, 0x6c, 0x6e, 0x6d, 0x3d, 0x9b, 0xc8, - 0x9d, 0xac, 0xae, 0x25, 0x72, 0xf1, 0xe9, 0x2a, 0x85, 0xb8, 0x51, 0x55, 0x53, 0xbd, 0x47, 0xca, - 0x55, 0x53, 0x31, 0xe2, 0xd9, 0xf8, 0xc2, 0x5a, 0x22, 0x37, 0x5d, 0x5d, 0x67, 0x53, 0x36, 0x8c, - 0x0e, 0x15, 0x23, 0x6b, 0x67, 0x64, 0x5d, 0x5c, 0x36, 0xbe, 0xd0, 0x20, 0xba, 0x55, 0x82, 0x84, - 0x1e, 0x21, 0x41, 0xce, 0x37, 0x06, 0x61, 0xe9, 0xbf, 0xd4, 0x11, 0xc7, 0xf7, 0xd1, 0xbf, 0x38, - 0xc4, 0xb7, 0xf0, 0x70, 0x3d, 0x4e, 0xe7, 0x61, 0xf4, 0x02, 0x51, 0x48, 0x97, 0x61, 0xe2, 0x31, - 0x44, 0xbc, 0x70, 0x43, 0xe3, 0xbf, 0x08, 0x41, 0xb8, 0xa6, 0x2b, 0xbe, 0x0c, 0x7d, 0x64, 0x6b, - 0x8b, 0xe4, 0x4d, 0x26, 0x71, 0x44, 0x48, 0xb7, 0x6b, 0x65, 0xea, 0x22, 0x83, 0x89, 0x36, 0x1c, - 0xaf, 0x42, 0x58, 0x27, 0x86, 0x5a, 0xd1, 0xf3, 0xc4, 0xe0, 0x02, 0xcc, 0xd2, 0x33, 0x54, 0xbb, - 0xb9, 0x7d, 0x34, 0xcb, 0x21, 0x7e, 0x46, 0x4f, 0x08, 0x31, 0xa6, 0x64, 0x8e, 0xb9, 0x3c, 0x11, - 0x5b, 0xc8, 0xda, 0xce, 0x8f, 0x5b, 0xdf, 0x89, 0x5c, 0x7c, 0x61, 0xba, 0xba, 0x4e, 0x03, 0x28, - 0xd6, 0x45, 0xe1, 0x1f, 0x51, 0x3d, 0xc1, 0xad, 0x54, 0xfa, 0x96, 0xa5, 0xd2, 0x57, 0x68, 0x1f, - 0x7d, 0x49, 0x53, 0xe9, 0x73, 0xa4, 0x7f, 0x86, 0x84, 0x87, 0x68, 0xdd, 0x0a, 0xfd, 0x5a, 0x22, - 0x97, 0xb5, 0xb6, 0x49, 0x4a, 0xc9, 0xfb, 0x8b, 0xc9, 0xdb, 0xb9, 0x04, 0x9d, 0x65, 0x33, 0xce, - 0x44, 0xf6, 0xd0, 0x61, 0x93, 0xe5, 0x96, 0xe4, 0x03, 0x93, 0xfe, 0xc0, 0x83, 0x72, 0xea, 0xe7, - 0x33, 0x03, 0x21, 0x5d, 0x55, 0x08, 0x17, 0x62, 0xa1, 0x9c, 0xa4, 0x46, 0x71, 0xfa, 0x51, 0x61, - 0x62, 0xdd, 0x96, 0xe3, 0x89, 0x26, 0x5b, 0x8a, 0x57, 0x0e, 0x64, 0x53, 0x13, 0x1f, 0x33, 0x65, - 0xef, 0xc4, 0x2a, 0x65, 0xc9, 0x30, 0xe4, 0x62, 0x99, 0x14, 0xee, 0xc4, 0x9b, 0x49, 0xac, 0x27, - 0xd9, 0x24, 0xf4, 0x59, 0xc1, 0xc4, 0x61, 0xe8, 0x5d, 0xbc, 0x7a, 0xf5, 0xc6, 0x73, 0x91, 0x1e, - 0x3c, 0x00, 0xa1, 0x0b, 0x17, 0xaf, 0xbf, 0x10, 0x41, 0xfc, 0x18, 0x8c, 0x5e, 0x95, 0x0d, 0x93, - 0xa5, 0x90, 0x4c, 0x0c, 0x91, 0xec, 0xf0, 0xb7, 0x20, 0xe2, 0x9d, 0x32, 0x34, 0xbc, 0x08, 0x03, - 0x9a, 0x3d, 0xe6, 0x10, 0x3b, 0x31, 0xff, 0xf7, 0xc9, 0x25, 0x3b, 0x29, 0x6b, 0x30, 0x3e, 0x0b, - 0x43, 0x97, 0x89, 0xd9, 0x5d, 0xaa, 0x7f, 0x18, 0x84, 0xd1, 0x5b, 0x5a, 0xa1, 0x6b, 0x46, 0x73, - 0x53, 0x56, 0xe0, 0x2f, 0x4f, 0x59, 0xc1, 0x47, 0xa0, 0x2c, 0xa7, 0x5c, 0x0d, 0xb8, 0xca, 0x95, - 0x9b, 0xc6, 0xc2, 0x9d, 0xd3, 0xd8, 0xab, 0x01, 0x38, 0x26, 0x12, 0x4d, 0x91, 0xf2, 0x76, 0x74, - 0xae, 0x59, 0x5a, 0x3f, 0x66, 0x41, 0xe2, 0xe7, 0x81, 0x6b, 0xee, 0x06, 0x43, 0x73, 0xb7, 0x2b, - 0xc8, 0xd3, 0xae, 0xf0, 0x2f, 0x07, 0x60, 0x7c, 0xb1, 0x50, 0x78, 0xac, 0x3d, 0x37, 0x0b, 0x13, - 0x07, 0x5d, 0xe0, 0xf5, 0x5a, 0xc0, 0xeb, 0xb5, 0x1f, 0x10, 0xf4, 0xaf, 0x12, 0xdd, 0x90, 0xd5, - 0x32, 0xbe, 0x02, 0xbd, 0x25, 0xe9, 0xae, 0xaa, 0xdb, 0x45, 0x6e, 0xde, 0xe7, 0x5c, 0xd8, 0x30, - 0xe7, 0xf7, 0x7a, 0x85, 0x4a, 0x14, 0x2d, 0x11, 0x4c, 0x96, 0x5c, 0x56, 0x75, 0xd6, 0xfb, 0x74, - 0x2f, 0x8b, 0x8a, 0xe0, 0x9f, 0x80, 0x61, 0xcf, 0x3c, 0xee, 0x83, 0xc0, 0xea, 0x6c, 0xa4, 0x87, - 0xfd, 0x66, 0x22, 0x88, 0xfd, 0x0a, 0x91, 0x00, 0x7f, 0x04, 0xc6, 0x6b, 0xcc, 0x68, 0x23, 0x28, - 0x0f, 0x3f, 0x0f, 0x13, 0x07, 0xa7, 0x0d, 0x0d, 0x3f, 0x05, 0xfd, 0xbb, 0xd6, 0x90, 0x59, 0x3c, - 0x28, 0x9c, 0x68, 0x4f, 0x4b, 0xd1, 0x81, 0xf1, 0x23, 0x30, 0x44, 0x19, 0x9e, 0xf6, 0xaf, 0x8c, - 0xf1, 0xaf, 0xc0, 0xb0, 0x6b, 0x6c, 0x68, 0xf8, 0x2c, 0xf4, 0xd2, 0x92, 0xe4, 0x70, 0xbd, 0x5f, - 0xc7, 0x4a, 0x81, 0xa2, 0x85, 0xe0, 0xcf, 0xc1, 0xb0, 0xd5, 0x95, 0xb0, 0xc9, 0x0e, 0x79, 0x3e, - 0x02, 0x23, 0x6e, 0xb0, 0xa1, 0xf1, 0xbf, 0x06, 0x60, 0xd8, 0x62, 0xfe, 0x2e, 0xe4, 0xe1, 0xff, - 0x78, 0x3a, 0xd9, 0x41, 0xba, 0xba, 0x4f, 0x0f, 0x09, 0x81, 0x3b, 0xcb, 0x36, 0xf5, 0xfd, 0x7d, - 0x1b, 0x10, 0x37, 0xa9, 0x87, 0x3a, 0x27, 0xf5, 0x25, 0x98, 0xa8, 0x35, 0x01, 0x5d, 0xd2, 0x12, - 0x9f, 0x81, 0x23, 0x4d, 0x64, 0x1c, 0xca, 0x86, 0xaf, 0x04, 0xe0, 0xa8, 0x48, 0x4a, 0xea, 0xee, - 0xe3, 0x5d, 0x4a, 0xe6, 0x68, 0x45, 0x6d, 0xe2, 0x85, 0x43, 0x39, 0x71, 0x0f, 0x46, 0xae, 0xc9, - 0x45, 0x5d, 0x32, 0xc9, 0x8a, 0xba, 0x2a, 0x50, 0x97, 0x9d, 0x86, 0xd0, 0x96, 0x22, 0x15, 0x6d, - 0x62, 0xf4, 0x3b, 0xc5, 0x97, 0x14, 0xa9, 0x28, 0x32, 0x00, 0x4e, 0xc1, 0x78, 0xc9, 0x12, 0xb5, - 0xb1, 0x9b, 0xd9, 0xa8, 0x75, 0x7e, 0xf4, 0x18, 0x0d, 0x88, 0x63, 0xf6, 0x9f, 0x56, 0x33, 0x4e, - 0x8b, 0xc8, 0x9f, 0x84, 0x51, 0xcf, 0xd6, 0x96, 0x9e, 0x3a, 0xd1, 0x54, 0xdd, 0xac, 0xc5, 0xd8, - 0x1e, 0x52, 0xf6, 0x11, 0x89, 0x41, 0xcc, 0x15, 0x75, 0x35, 0x43, 0xd9, 0x67, 0x14, 0x86, 0x5d, - 0x63, 0x43, 0xe3, 0xcf, 0x00, 0x5c, 0x26, 0x66, 0x37, 0xfc, 0x41, 0xd9, 0xc2, 0xba, 0xf9, 0xfe, - 0xc3, 0x16, 0x7f, 0x26, 0x5b, 0xfc, 0x84, 0xe0, 0xdf, 0x37, 0x2b, 0x7a, 0x91, 0x2c, 0x57, 0x36, - 0xe9, 0xcc, 0x25, 0x5d, 0x2d, 0xb9, 0xae, 0x14, 0xf8, 0x6b, 0x04, 0xfd, 0x86, 0xf5, 0x27, 0x3b, - 0x16, 0x1f, 0x33, 0xc7, 0xbd, 0x87, 0xf4, 0x77, 0x90, 0xf0, 0xd6, 0xef, 0x78, 0x0c, 0xed, 0x63, - 0xf6, 0xe8, 0x47, 0xd1, 0x56, 0x97, 0x9f, 0x85, 0xe3, 0xad, 0x2d, 0x33, 0x34, 0x1c, 0x81, 0xa0, - 0x5c, 0x70, 0x72, 0x9c, 0x7e, 0x26, 0x62, 0x10, 0xa2, 0x47, 0x09, 0x8f, 0xc2, 0xe0, 0xea, 0x45, - 0x71, 0xf9, 0xd9, 0x1b, 0xd7, 0x37, 0x84, 0x0d, 0x5a, 0xf7, 0x3d, 0x13, 0x99, 0x08, 0x12, 0x1e, - 0x46, 0x60, 0xc0, 0x11, 0x86, 0x5f, 0x47, 0x30, 0xd1, 0xac, 0x7f, 0xc4, 0xa7, 0xfc, 0xaa, 0x6f, - 0xf3, 0xde, 0x3b, 0x7a, 0xba, 0x2b, 0x9c, 0xa1, 0xf1, 0x3d, 0xb8, 0x08, 0x43, 0xee, 0x07, 0x24, - 0x9c, 0xf2, 0x11, 0xd5, 0xf0, 0xda, 0x14, 0x6d, 0xef, 0x72, 0xc8, 0xf7, 0xe0, 0x1d, 0x18, 0x72, - 0xbf, 0x61, 0xf8, 0x6e, 0xd4, 0xf0, 0x5e, 0x12, 0x4d, 0x77, 0xb4, 0x9e, 0xd9, 0xb6, 0x63, 0x35, - 0x3f, 0x35, 0xbf, 0xfb, 0x6d, 0xd9, 0x70, 0x3d, 0xf6, 0xdd, 0xb2, 0xf1, 0xee, 0xcc, 0xf7, 0x60, - 0x09, 0xc2, 0xb5, 0x4e, 0x0e, 0x9f, 0xf4, 0xc1, 0xbb, 0x2f, 0xc9, 0xed, 0x3b, 0xb2, 0x08, 0x43, - 0xee, 0x0b, 0xb2, 0xaf, 0x55, 0x0d, 0xb7, 0xe9, 0xf6, 0x37, 0x2a, 0xc3, 0xa0, 0x8b, 0xea, 0x71, - 0xd2, 0x07, 0xe7, 0xad, 0x48, 0xd1, 0x54, 0x27, 0xcb, 0x99, 0xef, 0x1e, 0x40, 0xa4, 0xb1, 0x0b, - 0xc6, 0x42, 0xbb, 0x2e, 0xac, 0x77, 0xd3, 0xd1, 0xb9, 0x8e, 0x31, 0x6c, 0xfb, 0x6d, 0x08, 0xd7, - 0x8a, 0x93, 0x6f, 0xe8, 0xdc, 0x65, 0x2d, 0x3a, 0xd3, 0xfe, 0x62, 0x3b, 0x49, 0xa0, 0x5e, 0xba, - 0xf0, 0x4c, 0x5b, 0x27, 0xce, 0xae, 0x72, 0xd1, 0x76, 0x1a, 0x74, 0xcb, 0x98, 0x5a, 0x9f, 0xef, - 0x6b, 0x8c, 0xfb, 0x86, 0xe0, 0x6b, 0x8c, 0xe7, 0xfa, 0xc0, 0xf7, 0xe0, 0x35, 0xe8, 0xb7, 0x4b, - 0x38, 0x8e, 0xfb, 0x3b, 0xbe, 0x43, 0x33, 0xee, 0x01, 0xd4, 0x6f, 0x09, 0xbe, 0x9e, 0xf2, 0xdc, - 0x46, 0xa2, 0xc9, 0x0e, 0x56, 0x3b, 0x61, 0xa9, 0xdf, 0x3f, 0x7c, 0x37, 0xf3, 0x5c, 0x55, 0xda, - 0xb5, 0xe7, 0x25, 0x04, 0x63, 0x07, 0x1a, 0x65, 0x3c, 0xd7, 0x2e, 0xcf, 0xb8, 0x39, 0x7f, 0xbe, - 0x73, 0x10, 0xb3, 0xf2, 0x35, 0x04, 0xe3, 0x4d, 0x3a, 0x4e, 0xfc, 0xa4, 0x6f, 0x12, 0x37, 0xeb, - 0xd5, 0xa3, 0xa7, 0xba, 0x81, 0x39, 0xc7, 0xbd, 0xf1, 0x29, 0xc0, 0xf7, 0xb8, 0x37, 0x79, 0x3e, - 0xf1, 0x3d, 0xee, 0xcd, 0xde, 0x1b, 0xf8, 0x1e, 0xfc, 0x2e, 0x02, 0xae, 0x55, 0xb9, 0xc7, 0x59, - 0x3f, 0x8e, 0x6c, 0xdd, 0x01, 0x45, 0xcf, 0x75, 0x8d, 0xa5, 0x7a, 0x2d, 0xcd, 0xdf, 0x16, 0x8a, - 0xb2, 0xb9, 0x5d, 0xd9, 0x4c, 0xe5, 0xd5, 0x52, 0x9a, 0x8a, 0x4a, 0x3b, 0xa2, 0xd2, 0x2d, 0xff, - 0x2f, 0xb7, 0xd9, 0xc7, 0xfe, 0x27, 0x37, 0xf7, 0x5b, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7e, 0xea, - 0xd1, 0x59, 0x1b, 0x1c, 0x00, 0x00, + proto.RegisterFile("api/interservice/authz/v2/policy.proto", fileDescriptor_policy_ce6f408bde50212a) +} + +var fileDescriptor_policy_ce6f408bde50212a = []byte{ + // 1621 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdb, 0x6f, 0x1b, 0x45, + 0x17, 0xcf, 0xd8, 0xce, 0xc5, 0x27, 0x37, 0x77, 0x92, 0xb6, 0xfb, 0xf9, 0x6b, 0xf4, 0xe5, 0xdb, + 0x2f, 0x5f, 0xb1, 0xdd, 0xd8, 0x8e, 0x37, 0xa1, 0x17, 0x57, 0x55, 0x48, 0xe8, 0x05, 0xaa, 0xde, + 0xb4, 0x49, 0x03, 0x34, 0x75, 0xa2, 0x8d, 0x3d, 0x71, 0xb6, 0xb5, 0xbd, 0x9b, 0x9d, 0x75, 0xa4, + 0x16, 0x57, 0x02, 0x09, 0x90, 0x78, 0x40, 0x82, 0x00, 0xe2, 0x22, 0x78, 0x41, 0x42, 0x95, 0x90, + 0xe0, 0x81, 0x07, 0x84, 0x10, 0x48, 0x3c, 0xf3, 0x0f, 0xc0, 0x3f, 0xc0, 0x03, 0x7f, 0x00, 0xef, + 0x68, 0x66, 0x77, 0xed, 0x5d, 0xc7, 0xc9, 0xda, 0x2e, 0x20, 0x41, 0x79, 0xf2, 0xce, 0xc9, 0x9c, + 0x33, 0xe7, 0x36, 0xbf, 0x73, 0xce, 0x04, 0x8e, 0x2b, 0xba, 0x9a, 0x56, 0x2b, 0x26, 0x31, 0x28, + 0x31, 0x76, 0xd4, 0x3c, 0x49, 0x2b, 0x55, 0x73, 0xeb, 0x7e, 0x7a, 0x47, 0x4a, 0xeb, 0x5a, 0x49, + 0xcd, 0xdf, 0x4b, 0xe9, 0x86, 0x66, 0x6a, 0x78, 0x22, 0xbf, 0x45, 0x36, 0x53, 0x4a, 0xd5, 0xd4, + 0xca, 0x8a, 0x49, 0x52, 0x05, 0xad, 0xac, 0xa8, 0x95, 0x14, 0xdf, 0x9b, 0xda, 0x91, 0xa2, 0x47, + 0x77, 0x94, 0x92, 0x5a, 0x50, 0x4c, 0x92, 0x76, 0x3e, 0x2c, 0xbe, 0xe8, 0xd4, 0xfe, 0xf2, 0xcd, + 0x7b, 0xba, 0xbd, 0x4b, 0xfc, 0x19, 0x41, 0xdf, 0x0d, 0x7e, 0x1c, 0xc6, 0x10, 0xaa, 0x28, 0x65, + 0x22, 0xa0, 0x49, 0x14, 0x0b, 0xcb, 0xfc, 0x1b, 0x8f, 0x40, 0x40, 0x2d, 0x08, 0x01, 0x4e, 0x09, + 0xa8, 0x05, 0x7c, 0x0a, 0x42, 0x8c, 0x59, 0x08, 0x4e, 0xa2, 0xd8, 0x88, 0xf4, 0xbf, 0xd4, 0x81, + 0xba, 0xa5, 0x96, 0xef, 0xe9, 0x44, 0xe6, 0x0c, 0x58, 0x80, 0xfe, 0x32, 0x29, 0x6f, 0x10, 0x83, + 0x0a, 0xa1, 0xc9, 0x60, 0x2c, 0x2c, 0x3b, 0x4b, 0xfc, 0x0c, 0x00, 0x35, 0x15, 0x93, 0x94, 0x49, + 0xc5, 0xa4, 0x42, 0xef, 0x64, 0x30, 0x36, 0x28, 0xc5, 0x7c, 0x04, 0x2f, 0x39, 0x0c, 0xb2, 0x8b, + 0x17, 0x47, 0x61, 0x40, 0x37, 0xb4, 0x3b, 0x24, 0x6f, 0x52, 0xa1, 0x8f, 0x1f, 0x52, 0x5f, 0x8b, + 0x1f, 0x20, 0x08, 0xc9, 0x5a, 0x89, 0xfc, 0xe1, 0x56, 0x2a, 0x79, 0x53, 0xd5, 0x2a, 0x75, 0x2b, + 0xed, 0xa5, 0x47, 0xb7, 0xde, 0x26, 0xdd, 0x3e, 0x0d, 0xc2, 0xe8, 0xd3, 0x06, 0x51, 0x4c, 0x62, + 0x45, 0x42, 0x26, 0xdb, 0x38, 0xc1, 0x55, 0xe2, 0x4a, 0x2e, 0x46, 0xbf, 0xf9, 0xe5, 0xfb, 0xe0, + 0x61, 0x63, 0x4c, 0x3a, 0xb4, 0xb6, 0xaa, 0x24, 0xef, 0xcf, 0x24, 0xcf, 0x24, 0x73, 0x2f, 0x66, + 0xa6, 0x4f, 0xce, 0x3d, 0x98, 0xe2, 0xea, 0x4e, 0xd8, 0x26, 0x71, 0x03, 0x16, 0xc3, 0x6c, 0x77, + 0xc8, 0x08, 0x44, 0x90, 0x6d, 0xdd, 0x77, 0xa8, 0xe1, 0xfb, 0x20, 0x3b, 0x7a, 0xf1, 0x13, 0xc4, + 0xf6, 0x7c, 0x84, 0x76, 0xd1, 0xfb, 0x48, 0x40, 0xe2, 0xdb, 0xc8, 0x78, 0x13, 0x49, 0x6f, 0xa0, + 0xb5, 0xd8, 0x7c, 0xd6, 0x24, 0x4a, 0xb9, 0x56, 0xa5, 0xc4, 0x88, 0x67, 0x63, 0xf3, 0xd9, 0x92, + 0x96, 0x57, 0x4a, 0xb5, 0x52, 0x41, 0xd1, 0x6b, 0x54, 0x29, 0x97, 0x38, 0x6d, 0x75, 0x2d, 0x9b, + 0xc8, 0x9d, 0xa8, 0xad, 0x26, 0x72, 0xf1, 0xa9, 0x1a, 0x63, 0x71, 0x73, 0xd5, 0x4c, 0xed, 0x2e, + 0xa9, 0xd4, 0xcc, 0x12, 0x8d, 0x67, 0xe3, 0xf3, 0xab, 0x89, 0xdc, 0x54, 0x6d, 0x8d, 0x93, 0x6c, + 0x36, 0xb6, 0x2c, 0xd1, 0xac, 0x9d, 0x91, 0x0d, 0x71, 0xd9, 0xf8, 0x7c, 0x93, 0xe8, 0xfd, 0x12, + 0x24, 0xf4, 0x08, 0x09, 0x72, 0xae, 0x39, 0x08, 0x8b, 0xff, 0x65, 0x8e, 0x38, 0xb6, 0x8b, 0xfe, + 0x25, 0x20, 0x71, 0x1f, 0x0f, 0x37, 0xe2, 0x74, 0x0e, 0x46, 0xcf, 0x93, 0x12, 0xe9, 0x32, 0x4c, + 0x22, 0x86, 0x88, 0x97, 0x9d, 0xea, 0xe2, 0x17, 0x21, 0x08, 0xd7, 0x75, 0xc5, 0x97, 0xa0, 0x8f, + 0x6c, 0x6e, 0x92, 0xbc, 0xc9, 0x25, 0x8e, 0x48, 0xe9, 0x76, 0xad, 0x4c, 0x5d, 0xe0, 0x6c, 0xb2, + 0xcd, 0x8e, 0x57, 0x20, 0x6c, 0x10, 0xaa, 0x55, 0x8d, 0x3c, 0xa1, 0x42, 0x80, 0x5b, 0x7a, 0x9a, + 0x69, 0x37, 0xbb, 0x8b, 0x66, 0x04, 0x24, 0x4e, 0x1b, 0x09, 0x29, 0xc6, 0x95, 0xcc, 0x71, 0x97, + 0x27, 0x62, 0xf3, 0x59, 0xdb, 0xf9, 0x71, 0xeb, 0x3b, 0x91, 0x8b, 0xcf, 0x4f, 0xd5, 0xd6, 0x58, + 0x00, 0xe5, 0x86, 0x28, 0xfc, 0x23, 0x6a, 0x24, 0xb8, 0x95, 0x4a, 0xdf, 0xf2, 0x54, 0xfa, 0x0a, + 0xed, 0xa2, 0x2f, 0x59, 0x2a, 0x7d, 0x8e, 0x8c, 0xcf, 0x90, 0xf4, 0x10, 0xad, 0x59, 0xa1, 0x5f, + 0x4d, 0xe4, 0xb2, 0xd6, 0x31, 0x49, 0x25, 0x79, 0x7f, 0x21, 0x79, 0x2b, 0x97, 0x60, 0x54, 0x4e, + 0x71, 0x08, 0xd9, 0x03, 0x97, 0x2d, 0xb6, 0x5b, 0x92, 0xf7, 0x10, 0xfd, 0x19, 0xf7, 0xca, 0x69, + 0xdc, 0xcf, 0x0c, 0x84, 0x0c, 0xad, 0x44, 0x84, 0x10, 0x0f, 0xe5, 0x04, 0x33, 0x4a, 0x30, 0x8e, + 0x48, 0xe3, 0x6b, 0xb6, 0x1c, 0x4f, 0x34, 0xf9, 0x56, 0xbc, 0xbc, 0x27, 0x9b, 0x5a, 0xf8, 0x98, + 0x2b, 0x7b, 0x3b, 0x56, 0xad, 0x28, 0x94, 0xaa, 0xc5, 0x0a, 0x29, 0xdc, 0x8e, 0xb7, 0x92, 0xd8, + 0x48, 0xb2, 0x09, 0xe8, 0xb3, 0x82, 0x89, 0xc3, 0xd0, 0xbb, 0x70, 0xe5, 0xca, 0xf5, 0xe7, 0x22, + 0x3d, 0x78, 0x00, 0x42, 0xe7, 0x2f, 0x5c, 0x7b, 0x21, 0x82, 0xc4, 0x43, 0x30, 0x7a, 0x45, 0xa5, + 0x26, 0x4f, 0x21, 0x95, 0x50, 0x99, 0x6c, 0x8b, 0x37, 0x21, 0xe2, 0x25, 0x51, 0x1d, 0x2f, 0xc0, + 0x80, 0x6e, 0xaf, 0x05, 0xc4, 0x6f, 0xcc, 0xff, 0x7d, 0x72, 0xc9, 0x4e, 0xca, 0x3a, 0x9b, 0x98, + 0x85, 0xa1, 0x4b, 0xc4, 0xec, 0x2e, 0xd5, 0x3f, 0x0c, 0xc2, 0xe8, 0x4d, 0xbd, 0xd0, 0x35, 0xa2, + 0xb9, 0x21, 0x2b, 0xf0, 0x97, 0x87, 0xac, 0xe0, 0x23, 0x40, 0x96, 0x53, 0xae, 0x06, 0x5c, 0xe5, + 0xca, 0x0d, 0x63, 0xe1, 0xce, 0x61, 0xec, 0xd5, 0x00, 0x1c, 0x95, 0x89, 0x5e, 0x52, 0xf2, 0x76, + 0x74, 0xae, 0x5a, 0x5a, 0x3f, 0x66, 0x41, 0x12, 0xe7, 0x40, 0x68, 0xed, 0x06, 0xaa, 0xbb, 0xdb, + 0x15, 0xe4, 0x69, 0x57, 0xc4, 0x97, 0x03, 0x30, 0xb6, 0x50, 0x28, 0x3c, 0xd6, 0x9e, 0x9b, 0x81, + 0xf1, 0xbd, 0x2e, 0xf0, 0x7a, 0x2d, 0xe0, 0xf5, 0xda, 0x0f, 0x08, 0xfa, 0x57, 0x88, 0x41, 0x55, + 0xad, 0x82, 0x2f, 0x43, 0x6f, 0x59, 0xb9, 0xa3, 0x19, 0x76, 0x91, 0x9b, 0xf3, 0xb9, 0x17, 0x36, + 0x9b, 0xf3, 0x7b, 0xad, 0xca, 0x24, 0xca, 0x96, 0x08, 0x2e, 0x4b, 0xad, 0x68, 0x06, 0xef, 0x7d, + 0xba, 0x97, 0xc5, 0x44, 0x88, 0x4f, 0xc0, 0xb0, 0x87, 0x8e, 0xfb, 0x20, 0xb0, 0x32, 0x13, 0xe9, + 0xe1, 0xbf, 0x99, 0x08, 0xe2, 0xbf, 0x52, 0x24, 0x20, 0x1e, 0x86, 0xb1, 0x3a, 0x32, 0xda, 0x1c, + 0x0c, 0x87, 0x9f, 0x87, 0xf1, 0xbd, 0x64, 0xaa, 0xe3, 0xa7, 0xa0, 0x7f, 0xc7, 0x5a, 0x72, 0x8b, + 0x07, 0xa5, 0xe3, 0xed, 0x69, 0x29, 0x3b, 0x6c, 0xe2, 0x08, 0x0c, 0x31, 0x84, 0x67, 0xfd, 0x2b, + 0x47, 0xfc, 0xcb, 0x30, 0xec, 0x5a, 0x53, 0x1d, 0x9f, 0x81, 0x5e, 0x56, 0x92, 0x1c, 0xac, 0xf7, + 0xeb, 0x58, 0x19, 0xa3, 0x6c, 0x71, 0x88, 0x67, 0x61, 0xd8, 0xea, 0x4a, 0x38, 0xb1, 0x43, 0x9c, + 0x8f, 0xc0, 0x88, 0x9b, 0x99, 0xea, 0xe2, 0xaf, 0x01, 0x18, 0xb6, 0x90, 0xbf, 0x0b, 0x79, 0xf8, + 0x3f, 0x9e, 0x4e, 0x76, 0x90, 0xed, 0xee, 0x33, 0x42, 0x52, 0xe0, 0xf6, 0x92, 0x0d, 0x7d, 0x7f, + 0xdf, 0x06, 0xc4, 0x0d, 0xea, 0xa1, 0xce, 0x41, 0x7d, 0x11, 0xc6, 0xeb, 0x4d, 0x40, 0x97, 0xb0, + 0x24, 0x66, 0xe0, 0x70, 0x0b, 0x19, 0x07, 0xa2, 0xe1, 0x2b, 0x01, 0x38, 0x22, 0x93, 0xb2, 0xb6, + 0xf3, 0x78, 0x97, 0x92, 0x59, 0x56, 0x51, 0x5b, 0x78, 0xe1, 0x40, 0x4c, 0xa4, 0x30, 0x72, 0x55, + 0x2d, 0x1a, 0x8a, 0x49, 0x96, 0xb5, 0x15, 0x89, 0xb9, 0xec, 0x14, 0x84, 0x36, 0x4b, 0x4a, 0xd1, + 0x06, 0x46, 0xbf, 0x5b, 0x7c, 0xb1, 0xa4, 0x14, 0x65, 0xce, 0x80, 0x63, 0x10, 0xa1, 0x77, 0x55, + 0x7d, 0x7d, 0x27, 0xb3, 0x5e, 0x6f, 0xfb, 0xd8, 0x1d, 0x1a, 0x90, 0x47, 0x18, 0x7d, 0x25, 0xe3, + 0x34, 0x87, 0xe2, 0x09, 0x18, 0xf5, 0x1c, 0x6a, 0x69, 0x68, 0x10, 0x5d, 0x33, 0xcc, 0x7a, 0x74, + 0xed, 0x25, 0xc3, 0x1d, 0x99, 0x50, 0x62, 0x2e, 0x6b, 0x2b, 0x19, 0x86, 0x3b, 0xa3, 0x30, 0xec, + 0x5a, 0x53, 0x5d, 0x3c, 0x0d, 0x70, 0x89, 0x98, 0xdd, 0x20, 0x07, 0xc3, 0x09, 0x6b, 0xe6, 0xfd, + 0x07, 0x27, 0xfe, 0x4c, 0x9c, 0xf8, 0x09, 0xc1, 0xbf, 0x6f, 0x54, 0x8d, 0x22, 0x59, 0xaa, 0x6e, + 0x30, 0xca, 0x45, 0x43, 0x2b, 0xbb, 0x86, 0x09, 0xfc, 0x35, 0x82, 0x7e, 0x6a, 0xfd, 0xc9, 0x8e, + 0xc5, 0xc7, 0xdc, 0x71, 0xef, 0x21, 0xe3, 0x1d, 0x24, 0xbd, 0xf5, 0x3b, 0x5e, 0x40, 0xfb, 0x82, + 0x3d, 0xfa, 0x25, 0xb4, 0xd5, 0x15, 0x67, 0xe0, 0xd8, 0xfe, 0x96, 0x51, 0x1d, 0x47, 0x20, 0xa8, + 0x16, 0x9c, 0x1c, 0x67, 0x9f, 0x89, 0x18, 0x84, 0xd8, 0x25, 0xc2, 0xa3, 0x30, 0xb8, 0x72, 0x41, + 0x5e, 0x7a, 0xf6, 0xfa, 0xb5, 0x75, 0x69, 0x9d, 0x55, 0x7c, 0x0f, 0x21, 0x13, 0x41, 0xd2, 0xc3, + 0x08, 0x0c, 0x38, 0xc2, 0xf0, 0xeb, 0x08, 0xc6, 0x5b, 0x75, 0x8e, 0xf8, 0xa4, 0x5f, 0xdd, 0x6d, + 0xdd, 0x75, 0x47, 0x4f, 0x75, 0xc5, 0x47, 0x75, 0xb1, 0x07, 0x17, 0x61, 0xc8, 0xfd, 0x74, 0x84, + 0x53, 0x3e, 0xa2, 0x9a, 0xde, 0x99, 0xa2, 0xed, 0x8d, 0x85, 0x62, 0x0f, 0xde, 0x86, 0x21, 0xf7, + 0xeb, 0x85, 0xef, 0x41, 0x4d, 0x2f, 0x25, 0xd1, 0x74, 0x47, 0xfb, 0xb9, 0x6d, 0xdb, 0x56, 0xdb, + 0x53, 0xf7, 0xbb, 0xdf, 0x91, 0x4d, 0x83, 0xb1, 0xef, 0x91, 0xcd, 0x53, 0xb3, 0xd8, 0x83, 0x15, + 0x08, 0xd7, 0x7b, 0x38, 0x7c, 0xc2, 0x87, 0xdf, 0x3d, 0x1e, 0xb7, 0xef, 0xc8, 0x22, 0x0c, 0xb9, + 0x47, 0x63, 0x5f, 0xab, 0x9a, 0xe6, 0xe8, 0xf6, 0x0f, 0xaa, 0xc0, 0xa0, 0x0b, 0xea, 0x71, 0xd2, + 0x87, 0xcf, 0x5b, 0x8b, 0xa2, 0xa9, 0x4e, 0xb6, 0x73, 0xdf, 0x3d, 0x80, 0x48, 0x73, 0xff, 0x8b, + 0xa5, 0x76, 0x5d, 0xd8, 0xe8, 0xa3, 0xa3, 0xb3, 0x1d, 0xf3, 0xf0, 0xe3, 0xb7, 0x20, 0x5c, 0x2f, + 0x4e, 0xbe, 0xa1, 0x73, 0x97, 0xb5, 0xe8, 0x74, 0xfb, 0x9b, 0xed, 0x24, 0x81, 0x46, 0xe9, 0xc2, + 0xd3, 0x6d, 0xdd, 0x38, 0xbb, 0xca, 0x45, 0xdb, 0x69, 0xcd, 0x2d, 0x63, 0xea, 0x1d, 0xbe, 0xaf, + 0x31, 0xee, 0xd9, 0xc0, 0xd7, 0x18, 0xcf, 0xe0, 0x20, 0xf6, 0xe0, 0x55, 0xe8, 0xb7, 0x4b, 0x38, + 0x8e, 0xfb, 0x3b, 0xbe, 0x43, 0x33, 0xee, 0x02, 0x34, 0xe6, 0x03, 0x5f, 0x4f, 0x79, 0xe6, 0x90, + 0x68, 0xb2, 0x83, 0xdd, 0x4e, 0x58, 0x1a, 0x93, 0x87, 0xef, 0x61, 0x9e, 0x21, 0xa5, 0x5d, 0x7b, + 0x5e, 0x42, 0x70, 0x68, 0x4f, 0x8b, 0x8c, 0x67, 0xdb, 0xc5, 0x19, 0x37, 0xe6, 0xcf, 0x75, 0xce, + 0xc4, 0xad, 0x7c, 0x0d, 0xc1, 0x58, 0x8b, 0x5e, 0x13, 0x3f, 0xe9, 0x9b, 0xc4, 0xad, 0xba, 0xf4, + 0xe8, 0xc9, 0x6e, 0xd8, 0x9c, 0xeb, 0xde, 0xfc, 0x08, 0xe0, 0x7b, 0xdd, 0x5b, 0x3c, 0x9c, 0xf8, + 0x5e, 0xf7, 0x56, 0x2f, 0x0d, 0x62, 0x0f, 0x7e, 0x17, 0x81, 0xb0, 0x5f, 0xb9, 0xc7, 0x59, 0x3f, + 0x8c, 0xdc, 0xbf, 0x03, 0x8a, 0x9e, 0xed, 0x9a, 0x97, 0xe9, 0xb5, 0x38, 0x77, 0x4b, 0x2a, 0xaa, + 0xe6, 0x56, 0x75, 0x23, 0x95, 0xd7, 0xca, 0x69, 0x26, 0x2a, 0xed, 0x88, 0x4a, 0xef, 0xfb, 0x1f, + 0xb9, 0x8d, 0x3e, 0xfe, 0xdf, 0xb8, 0xd9, 0xdf, 0x02, 0x00, 0x00, 0xff, 0xff, 0x42, 0x35, 0x29, + 0x33, 0x15, 0x1c, 0x00, 0x00, } diff --git a/api/interservice/authz/v2/policy.pb.validate.go b/api/interservice/authz/v2/policy.pb.validate.go index 7292d01b327..4b34b4f302e 100644 --- a/api/interservice/authz/v2/policy.pb.validate.go +++ b/api/interservice/authz/v2/policy.pb.validate.go @@ -2269,7 +2269,7 @@ func (m *MigrateToV2Req) Validate() error { // no validation rules for Flag - // no validation rules for MigrateV1Policies + // no validation rules for SkipV1Policies return nil } diff --git a/components/automate-gateway/api/iam/v2beta/request/policy.pb.go b/components/automate-gateway/api/iam/v2beta/request/policy.pb.go index cb951540e68..c39a70c66f5 100644 --- a/components/automate-gateway/api/iam/v2beta/request/policy.pb.go +++ b/components/automate-gateway/api/iam/v2beta/request/policy.pb.go @@ -35,7 +35,7 @@ func (m *CreatePolicyReq) Reset() { *m = CreatePolicyReq{} } func (m *CreatePolicyReq) String() string { return proto.CompactTextString(m) } func (*CreatePolicyReq) ProtoMessage() {} func (*CreatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{0} + return fileDescriptor_policy_fb68220c204a2245, []int{0} } func (m *CreatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreatePolicyReq.Unmarshal(m, b) @@ -101,7 +101,7 @@ func (m *DeletePolicyReq) Reset() { *m = DeletePolicyReq{} } func (m *DeletePolicyReq) String() string { return proto.CompactTextString(m) } func (*DeletePolicyReq) ProtoMessage() {} func (*DeletePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{1} + return fileDescriptor_policy_fb68220c204a2245, []int{1} } func (m *DeletePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeletePolicyReq.Unmarshal(m, b) @@ -138,7 +138,7 @@ func (m *ListPoliciesReq) Reset() { *m = ListPoliciesReq{} } func (m *ListPoliciesReq) String() string { return proto.CompactTextString(m) } func (*ListPoliciesReq) ProtoMessage() {} func (*ListPoliciesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{2} + return fileDescriptor_policy_fb68220c204a2245, []int{2} } func (m *ListPoliciesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPoliciesReq.Unmarshal(m, b) @@ -170,7 +170,7 @@ func (m *AddPolicyMembersReq) Reset() { *m = AddPolicyMembersReq{} } func (m *AddPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*AddPolicyMembersReq) ProtoMessage() {} func (*AddPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{3} + return fileDescriptor_policy_fb68220c204a2245, []int{3} } func (m *AddPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AddPolicyMembersReq.Unmarshal(m, b) @@ -215,7 +215,7 @@ func (m *GetPolicyReq) Reset() { *m = GetPolicyReq{} } func (m *GetPolicyReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyReq) ProtoMessage() {} func (*GetPolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{4} + return fileDescriptor_policy_fb68220c204a2245, []int{4} } func (m *GetPolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyReq.Unmarshal(m, b) @@ -258,7 +258,7 @@ func (m *UpdatePolicyReq) Reset() { *m = UpdatePolicyReq{} } func (m *UpdatePolicyReq) String() string { return proto.CompactTextString(m) } func (*UpdatePolicyReq) ProtoMessage() {} func (*UpdatePolicyReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{5} + return fileDescriptor_policy_fb68220c204a2245, []int{5} } func (m *UpdatePolicyReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdatePolicyReq.Unmarshal(m, b) @@ -315,7 +315,7 @@ func (m *UpdatePolicyReq) GetProjects() []string { type UpgradeToV2Req struct { Flag common.Flag `protobuf:"varint,1,opt,name=flag,proto3,enum=chef.automate.api.iam.v2beta.Flag" json:"flag,omitempty"` - MigrateV1Policies bool `protobuf:"varint,2,opt,name=migrate_v1_policies,json=migrateV1Policies,proto3" json:"migrate_v1_policies,omitempty"` + SkipV1Policies bool `protobuf:"varint,2,opt,name=skip_v1_policies,json=skipV1Policies,proto3" json:"skip_v1_policies,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -325,7 +325,7 @@ func (m *UpgradeToV2Req) Reset() { *m = UpgradeToV2Req{} } func (m *UpgradeToV2Req) String() string { return proto.CompactTextString(m) } func (*UpgradeToV2Req) ProtoMessage() {} func (*UpgradeToV2Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{6} + return fileDescriptor_policy_fb68220c204a2245, []int{6} } func (m *UpgradeToV2Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpgradeToV2Req.Unmarshal(m, b) @@ -352,9 +352,9 @@ func (m *UpgradeToV2Req) GetFlag() common.Flag { return common.Flag_VERSION_2_0 } -func (m *UpgradeToV2Req) GetMigrateV1Policies() bool { +func (m *UpgradeToV2Req) GetSkipV1Policies() bool { if m != nil { - return m.MigrateV1Policies + return m.SkipV1Policies } return false } @@ -369,7 +369,7 @@ func (m *GetPolicyVersionReq) Reset() { *m = GetPolicyVersionReq{} } func (m *GetPolicyVersionReq) String() string { return proto.CompactTextString(m) } func (*GetPolicyVersionReq) ProtoMessage() {} func (*GetPolicyVersionReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{7} + return fileDescriptor_policy_fb68220c204a2245, []int{7} } func (m *GetPolicyVersionReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetPolicyVersionReq.Unmarshal(m, b) @@ -399,7 +399,7 @@ func (m *ResetToV1Req) Reset() { *m = ResetToV1Req{} } func (m *ResetToV1Req) String() string { return proto.CompactTextString(m) } func (*ResetToV1Req) ProtoMessage() {} func (*ResetToV1Req) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{8} + return fileDescriptor_policy_fb68220c204a2245, []int{8} } func (m *ResetToV1Req) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ResetToV1Req.Unmarshal(m, b) @@ -430,7 +430,7 @@ func (m *ListPolicyMembersReq) Reset() { *m = ListPolicyMembersReq{} } func (m *ListPolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ListPolicyMembersReq) ProtoMessage() {} func (*ListPolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{9} + return fileDescriptor_policy_fb68220c204a2245, []int{9} } func (m *ListPolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListPolicyMembersReq.Unmarshal(m, b) @@ -469,7 +469,7 @@ func (m *ReplacePolicyMembersReq) Reset() { *m = ReplacePolicyMembersReq func (m *ReplacePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*ReplacePolicyMembersReq) ProtoMessage() {} func (*ReplacePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{10} + return fileDescriptor_policy_fb68220c204a2245, []int{10} } func (m *ReplacePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ReplacePolicyMembersReq.Unmarshal(m, b) @@ -515,7 +515,7 @@ func (m *RemovePolicyMembersReq) Reset() { *m = RemovePolicyMembersReq{} func (m *RemovePolicyMembersReq) String() string { return proto.CompactTextString(m) } func (*RemovePolicyMembersReq) ProtoMessage() {} func (*RemovePolicyMembersReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{11} + return fileDescriptor_policy_fb68220c204a2245, []int{11} } func (m *RemovePolicyMembersReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_RemovePolicyMembersReq.Unmarshal(m, b) @@ -564,7 +564,7 @@ func (m *CreateRoleReq) Reset() { *m = CreateRoleReq{} } func (m *CreateRoleReq) String() string { return proto.CompactTextString(m) } func (*CreateRoleReq) ProtoMessage() {} func (*CreateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{12} + return fileDescriptor_policy_fb68220c204a2245, []int{12} } func (m *CreateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRoleReq.Unmarshal(m, b) @@ -623,7 +623,7 @@ func (m *GetRoleReq) Reset() { *m = GetRoleReq{} } func (m *GetRoleReq) String() string { return proto.CompactTextString(m) } func (*GetRoleReq) ProtoMessage() {} func (*GetRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{13} + return fileDescriptor_policy_fb68220c204a2245, []int{13} } func (m *GetRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetRoleReq.Unmarshal(m, b) @@ -661,7 +661,7 @@ func (m *DeleteRoleReq) Reset() { *m = DeleteRoleReq{} } func (m *DeleteRoleReq) String() string { return proto.CompactTextString(m) } func (*DeleteRoleReq) ProtoMessage() {} func (*DeleteRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{14} + return fileDescriptor_policy_fb68220c204a2245, []int{14} } func (m *DeleteRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRoleReq.Unmarshal(m, b) @@ -702,7 +702,7 @@ func (m *UpdateRoleReq) Reset() { *m = UpdateRoleReq{} } func (m *UpdateRoleReq) String() string { return proto.CompactTextString(m) } func (*UpdateRoleReq) ProtoMessage() {} func (*UpdateRoleReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{15} + return fileDescriptor_policy_fb68220c204a2245, []int{15} } func (m *UpdateRoleReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRoleReq.Unmarshal(m, b) @@ -760,7 +760,7 @@ func (m *ListRolesReq) Reset() { *m = ListRolesReq{} } func (m *ListRolesReq) String() string { return proto.CompactTextString(m) } func (*ListRolesReq) ProtoMessage() {} func (*ListRolesReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{16} + return fileDescriptor_policy_fb68220c204a2245, []int{16} } func (m *ListRolesReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRolesReq.Unmarshal(m, b) @@ -791,7 +791,7 @@ func (m *GetProjectReq) Reset() { *m = GetProjectReq{} } func (m *GetProjectReq) String() string { return proto.CompactTextString(m) } func (*GetProjectReq) ProtoMessage() {} func (*GetProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{17} + return fileDescriptor_policy_fb68220c204a2245, []int{17} } func (m *GetProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetProjectReq.Unmarshal(m, b) @@ -828,7 +828,7 @@ func (m *ListProjectsReq) Reset() { *m = ListProjectsReq{} } func (m *ListProjectsReq) String() string { return proto.CompactTextString(m) } func (*ListProjectsReq) ProtoMessage() {} func (*ListProjectsReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{18} + return fileDescriptor_policy_fb68220c204a2245, []int{18} } func (m *ListProjectsReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListProjectsReq.Unmarshal(m, b) @@ -860,7 +860,7 @@ func (m *CreateProjectReq) Reset() { *m = CreateProjectReq{} } func (m *CreateProjectReq) String() string { return proto.CompactTextString(m) } func (*CreateProjectReq) ProtoMessage() {} func (*CreateProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{19} + return fileDescriptor_policy_fb68220c204a2245, []int{19} } func (m *CreateProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateProjectReq.Unmarshal(m, b) @@ -906,7 +906,7 @@ func (m *UpdateProjectReq) Reset() { *m = UpdateProjectReq{} } func (m *UpdateProjectReq) String() string { return proto.CompactTextString(m) } func (*UpdateProjectReq) ProtoMessage() {} func (*UpdateProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{20} + return fileDescriptor_policy_fb68220c204a2245, []int{20} } func (m *UpdateProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateProjectReq.Unmarshal(m, b) @@ -951,7 +951,7 @@ func (m *DeleteProjectReq) Reset() { *m = DeleteProjectReq{} } func (m *DeleteProjectReq) String() string { return proto.CompactTextString(m) } func (*DeleteProjectReq) ProtoMessage() {} func (*DeleteProjectReq) Descriptor() ([]byte, []int) { - return fileDescriptor_policy_8a3dd8540a11dac6, []int{21} + return fileDescriptor_policy_fb68220c204a2245, []int{21} } func (m *DeleteProjectReq) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteProjectReq.Unmarshal(m, b) @@ -1004,43 +1004,43 @@ func init() { } func init() { - proto.RegisterFile("components/automate-gateway/api/iam/v2beta/request/policy.proto", fileDescriptor_policy_8a3dd8540a11dac6) -} - -var fileDescriptor_policy_8a3dd8540a11dac6 = []byte{ - // 537 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x54, 0x4d, 0x6f, 0xd3, 0x40, - 0x10, 0x55, 0x93, 0x00, 0xc9, 0x90, 0x8f, 0xd6, 0xe1, 0xc3, 0xaa, 0x2a, 0x1a, 0x7c, 0x80, 0x5c, - 0xb0, 0x95, 0x20, 0xf5, 0x48, 0x45, 0x8b, 0xc8, 0x01, 0x2a, 0xa1, 0xa5, 0xcd, 0x81, 0x4b, 0xb5, - 0xb1, 0xa7, 0xee, 0x22, 0xaf, 0x77, 0x63, 0x6f, 0x02, 0xfd, 0x5f, 0xfc, 0x40, 0xb4, 0x6b, 0xc7, - 0x4a, 0xa2, 0xda, 0x52, 0xa8, 0xb8, 0x79, 0xed, 0x7d, 0x33, 0x6f, 0xde, 0xf3, 0x1b, 0x38, 0xf5, - 0x05, 0x97, 0x22, 0xc6, 0x58, 0xa5, 0x1e, 0x5d, 0x28, 0xc1, 0xa9, 0xc2, 0x77, 0x21, 0x55, 0xf8, - 0x8b, 0xde, 0x79, 0x54, 0x32, 0x8f, 0x51, 0xee, 0x2d, 0xc7, 0x33, 0x54, 0xd4, 0x4b, 0x70, 0xbe, - 0xc0, 0x54, 0x79, 0x52, 0x44, 0xcc, 0xbf, 0x73, 0x65, 0x22, 0x94, 0xb0, 0x8e, 0xfc, 0x5b, 0xbc, - 0x71, 0x57, 0x50, 0x97, 0x4a, 0xe6, 0x32, 0xca, 0xdd, 0x0c, 0x72, 0xf8, 0x61, 0x87, 0xf2, 0xbe, - 0xe0, 0x5c, 0xc4, 0x1b, 0xd5, 0x9d, 0x3f, 0x7b, 0xd0, 0x3b, 0x4f, 0x90, 0x2a, 0xfc, 0x66, 0x5e, - 0x13, 0x9c, 0x5b, 0x5d, 0xa8, 0xb1, 0xc0, 0xde, 0x1b, 0xec, 0x0d, 0x5b, 0xa4, 0xc6, 0x02, 0xcb, - 0x82, 0x46, 0x4c, 0x39, 0xda, 0x35, 0xf3, 0xc6, 0x3c, 0x5b, 0x36, 0x3c, 0xe1, 0xc8, 0x67, 0x98, - 0xa4, 0x76, 0x7d, 0x50, 0x1f, 0xb6, 0xc8, 0xea, 0x68, 0x4d, 0x00, 0x52, 0x45, 0x15, 0x72, 0xcd, - 0xc9, 0x6e, 0x0c, 0xea, 0xc3, 0xa7, 0xe3, 0xb7, 0x6e, 0xd5, 0x10, 0xee, 0xf7, 0xd5, 0x7d, 0xb2, - 0x06, 0xb5, 0x0e, 0xa1, 0x29, 0x13, 0xf1, 0x13, 0x7d, 0x95, 0xda, 0x8f, 0x4c, 0x8f, 0xe2, 0xec, - 0xbc, 0x86, 0xde, 0x27, 0x8c, 0xb0, 0x82, 0xb5, 0x73, 0x00, 0xbd, 0xaf, 0x2c, 0x55, 0xe6, 0x02, - 0xc3, 0x94, 0xe0, 0xdc, 0x39, 0x85, 0xfe, 0xc7, 0x20, 0xc8, 0x20, 0x17, 0x19, 0xdd, 0xfb, 0xe6, - 0x5d, 0x9b, 0xad, 0xb6, 0x31, 0x9b, 0xf3, 0x0a, 0xda, 0x13, 0x54, 0xe5, 0x3d, 0xb5, 0x9a, 0x57, - 0x32, 0xa8, 0x54, 0xb3, 0xb4, 0xfa, 0x96, 0x72, 0xf5, 0x7f, 0x57, 0x6e, 0x65, 0x58, 0x73, 0xcd, - 0xb0, 0x75, 0x35, 0x5b, 0x5b, 0x6a, 0xfe, 0x86, 0xee, 0x95, 0x0c, 0x13, 0x1a, 0xe0, 0xa5, 0x98, - 0x8e, 0x35, 0xe9, 0x13, 0x68, 0xdc, 0x44, 0x34, 0x34, 0xb4, 0xbb, 0x63, 0xa7, 0x9a, 0xc4, 0xe7, - 0x88, 0x86, 0xc4, 0xdc, 0xb7, 0x5c, 0xe8, 0x73, 0x16, 0x26, 0x54, 0xe1, 0xf5, 0x72, 0x74, 0x2d, - 0x73, 0xed, 0xcd, 0x9f, 0xd3, 0x24, 0x07, 0xf9, 0xa7, 0xe9, 0x68, 0x65, 0x8a, 0xf3, 0x1c, 0xfa, - 0x85, 0xa0, 0x53, 0x4c, 0x52, 0x26, 0x62, 0x6d, 0x54, 0x17, 0xda, 0x04, 0x53, 0x54, 0x97, 0x62, - 0x3a, 0xd2, 0xe7, 0x37, 0xf0, 0xac, 0xf0, 0xb2, 0xc2, 0x39, 0xe7, 0x1c, 0x5e, 0x12, 0x94, 0x11, - 0xf5, 0xf1, 0x01, 0x26, 0x9f, 0xc1, 0x0b, 0x82, 0x5c, 0x2c, 0x1f, 0x52, 0x83, 0x41, 0x27, 0x4b, - 0x15, 0x11, 0x11, 0xee, 0x90, 0x29, 0xea, 0x2b, 0x26, 0xe2, 0x22, 0x53, 0xf9, 0x71, 0xc3, 0xbc, - 0xc6, 0x96, 0x79, 0x47, 0x00, 0x13, 0x54, 0x25, 0x7d, 0x9c, 0x63, 0xe8, 0x64, 0x41, 0x29, 0xbb, - 0xc0, 0xa0, 0x93, 0xfd, 0xb1, 0xff, 0x9f, 0x69, 0x17, 0xda, 0xda, 0x45, 0xdd, 0xc8, 0xc4, 0xf1, - 0x18, 0x3a, 0xda, 0xfc, 0xec, 0x73, 0x55, 0x84, 0xf3, 0x02, 0x1a, 0x73, 0x02, 0xfb, 0xf9, 0xba, - 0x2a, 0x85, 0xdd, 0xc7, 0x58, 0xe3, 0xf2, 0x60, 0xee, 0x86, 0x73, 0x60, 0x3f, 0x5f, 0x34, 0xa5, - 0xb8, 0xb3, 0x8b, 0x1f, 0x5f, 0x42, 0xa6, 0x6e, 0x17, 0x33, 0xd7, 0x17, 0xdc, 0xd3, 0x51, 0x29, - 0x56, 0xb1, 0xb7, 0xfb, 0xf6, 0x9f, 0x3d, 0x36, 0x9b, 0xf9, 0xfd, 0xdf, 0x00, 0x00, 0x00, 0xff, - 0xff, 0x6f, 0x68, 0xe6, 0x47, 0x3a, 0x06, 0x00, 0x00, + proto.RegisterFile("components/automate-gateway/api/iam/v2beta/request/policy.proto", fileDescriptor_policy_fb68220c204a2245) +} + +var fileDescriptor_policy_fb68220c204a2245 = []byte{ + // 536 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x54, 0x4f, 0x6f, 0xd3, 0x4e, + 0x10, 0x55, 0xfe, 0xfc, 0x7e, 0x24, 0x43, 0xe2, 0x04, 0x97, 0x3f, 0x56, 0x55, 0xd1, 0xe0, 0x03, + 0xe4, 0x82, 0xad, 0x04, 0xa9, 0x47, 0x2a, 0x5a, 0x44, 0x0e, 0x50, 0x09, 0x2d, 0x6d, 0x0e, 0x5c, + 0xaa, 0x8d, 0x3d, 0x4d, 0x17, 0xbc, 0xde, 0x8d, 0xbd, 0x09, 0xea, 0xf7, 0xe2, 0x03, 0xa2, 0x5d, + 0x3b, 0x56, 0x12, 0xd5, 0x96, 0x42, 0xc5, 0x2d, 0xbb, 0xd9, 0x37, 0xf3, 0xe6, 0x3d, 0xbf, 0x81, + 0xd3, 0x40, 0x70, 0x29, 0x62, 0x8c, 0x55, 0xea, 0xd3, 0xa5, 0x12, 0x9c, 0x2a, 0x7c, 0x3b, 0xa7, + 0x0a, 0x7f, 0xd1, 0x3b, 0x9f, 0x4a, 0xe6, 0x33, 0xca, 0xfd, 0xd5, 0x78, 0x86, 0x8a, 0xfa, 0x09, + 0x2e, 0x96, 0x98, 0x2a, 0x5f, 0x8a, 0x88, 0x05, 0x77, 0x9e, 0x4c, 0x84, 0x12, 0xf6, 0x51, 0x70, + 0x8b, 0x37, 0xde, 0x1a, 0xea, 0x51, 0xc9, 0x3c, 0x46, 0xb9, 0x97, 0x41, 0x0e, 0xdf, 0xef, 0x51, + 0x3e, 0x10, 0x9c, 0x8b, 0x78, 0xab, 0xba, 0xfb, 0xbb, 0x06, 0xbd, 0xf3, 0x04, 0xa9, 0xc2, 0xaf, + 0xe6, 0x9a, 0xe0, 0xc2, 0xb6, 0xa0, 0xce, 0x42, 0xa7, 0x36, 0xa8, 0x0d, 0xdb, 0xa4, 0xce, 0x42, + 0xdb, 0x86, 0x66, 0x4c, 0x39, 0x3a, 0x75, 0x73, 0x63, 0x7e, 0xdb, 0x0e, 0x3c, 0xe2, 0xc8, 0x67, + 0x98, 0xa4, 0x4e, 0x63, 0xd0, 0x18, 0xb6, 0xc9, 0xfa, 0x68, 0x4f, 0x00, 0x52, 0x45, 0x15, 0x72, + 0xcd, 0xc9, 0x69, 0x0e, 0x1a, 0xc3, 0xc7, 0xe3, 0x37, 0x5e, 0xd5, 0x10, 0xde, 0xb7, 0xf5, 0x7b, + 0xb2, 0x01, 0xb5, 0x0f, 0xa1, 0x25, 0x13, 0xf1, 0x03, 0x03, 0x95, 0x3a, 0xff, 0x99, 0x1e, 0xc5, + 0xd9, 0x7d, 0x05, 0xbd, 0x8f, 0x18, 0x61, 0x05, 0x6b, 0xf7, 0x09, 0xf4, 0xbe, 0xb0, 0x54, 0x99, + 0x07, 0x0c, 0x53, 0x82, 0x0b, 0xf7, 0x14, 0x0e, 0x3e, 0x84, 0x61, 0x06, 0xb9, 0xc8, 0xe8, 0xde, + 0x37, 0xef, 0xc6, 0x6c, 0xf5, 0xad, 0xd9, 0xdc, 0x97, 0xd0, 0x99, 0xa0, 0x2a, 0xef, 0xa9, 0xd5, + 0xbc, 0x92, 0x61, 0xa5, 0x9a, 0xa5, 0xd5, 0x77, 0x94, 0x6b, 0xfc, 0xbd, 0x72, 0x6b, 0xc3, 0x5a, + 0x1b, 0x86, 0x6d, 0xaa, 0xd9, 0xde, 0x51, 0x33, 0x01, 0xeb, 0x4a, 0xce, 0x13, 0x1a, 0xe2, 0xa5, + 0x98, 0x8e, 0x35, 0xe9, 0x13, 0x68, 0xde, 0x44, 0x74, 0x6e, 0x68, 0x5b, 0x63, 0xb7, 0x9a, 0xc4, + 0xa7, 0x88, 0xce, 0x89, 0x79, 0x6f, 0x0f, 0xa1, 0x9f, 0xfe, 0x64, 0xf2, 0x7a, 0x35, 0xba, 0x96, + 0xb9, 0xf0, 0xe6, 0xb3, 0x69, 0x11, 0x4b, 0xdf, 0x4f, 0x47, 0x6b, 0x3b, 0xdc, 0x67, 0x70, 0x50, + 0x48, 0x39, 0xc5, 0x24, 0x65, 0x22, 0xd6, 0x16, 0x59, 0xd0, 0x21, 0x98, 0xa2, 0xba, 0x14, 0xd3, + 0x91, 0x3e, 0xbf, 0x86, 0xa7, 0x85, 0x8b, 0x15, 0x9e, 0xb9, 0xe7, 0xf0, 0x82, 0xa0, 0x8c, 0x68, + 0x80, 0x0f, 0xb0, 0xf7, 0x0c, 0x9e, 0x13, 0xe4, 0x62, 0xf5, 0x90, 0x1a, 0x0c, 0xba, 0x59, 0x9e, + 0x88, 0x88, 0x70, 0x8f, 0x34, 0xd1, 0x40, 0x31, 0x11, 0x17, 0x69, 0xca, 0x8f, 0x5b, 0xb6, 0x35, + 0x77, 0x6c, 0x3b, 0x02, 0x98, 0xa0, 0x2a, 0xe9, 0xe3, 0x1e, 0x43, 0x37, 0x8b, 0x48, 0xd9, 0x03, + 0x06, 0xdd, 0xec, 0x5b, 0xfd, 0xf7, 0x4c, 0x2d, 0xe8, 0x68, 0x17, 0x75, 0x23, 0x13, 0xc4, 0x63, + 0xe8, 0x6a, 0xf3, 0xb3, 0xbf, 0xab, 0xc2, 0x9b, 0x17, 0xd0, 0x98, 0x13, 0xe8, 0xe7, 0x8b, 0xaa, + 0x14, 0x76, 0x1f, 0x63, 0x8d, 0xcb, 0x23, 0xb9, 0x1f, 0xce, 0x85, 0x7e, 0xbe, 0x62, 0x4a, 0x71, + 0x67, 0x17, 0xdf, 0x3f, 0xcf, 0x99, 0xba, 0x5d, 0xce, 0xbc, 0x40, 0x70, 0x5f, 0x87, 0xa4, 0x58, + 0xc2, 0xfe, 0xfe, 0x7b, 0x7f, 0xf6, 0xbf, 0xd9, 0xc9, 0xef, 0xfe, 0x04, 0x00, 0x00, 0xff, 0xff, + 0xb7, 0xe3, 0xdd, 0x19, 0x34, 0x06, 0x00, 0x00, } From 49ce217c2675ba3b141170a5c8ddab6d4abe3675 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 15:56:42 +0200 Subject: [PATCH 21/25] api: flip migrate_v1_policies -> skip_v1_policies (adapt code) Signed-off-by: Stephan Renatus --- components/authz-service/server/v2/policy.go | 2 +- components/automate-cli/cmd/chef-automate/iam.go | 7 +++---- .../automate-gateway/handler/iam/v2beta/policy/policy.go | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/components/authz-service/server/v2/policy.go b/components/authz-service/server/v2/policy.go index 2a6a0f577ef..2e09c341212 100644 --- a/components/authz-service/server/v2/policy.go +++ b/components/authz-service/server/v2/policy.go @@ -558,7 +558,7 @@ func (s *policyServer) MigrateToV2(ctx context.Context, } var reports []string - if req.MigrateV1Policies { + if !req.SkipV1Policies { errs, err := s.migrateV1Policies(ctx) if err != nil { recordFailure() diff --git a/components/automate-cli/cmd/chef-automate/iam.go b/components/automate-cli/cmd/chef-automate/iam.go index ff37a8fd2d1..69eb40daf25 100644 --- a/components/automate-cli/cmd/chef-automate/iam.go +++ b/components/automate-cli/cmd/chef-automate/iam.go @@ -163,10 +163,9 @@ func runIAMUpgradeToV2Cmd(cmd *cobra.Command, args []string) error { false: "v2", } - migrateV1Policies := !iamCmdFlags.skipLegacyUpgrade upgradeReq := &policies_req.UpgradeToV2Req{ - Flag: policies_common.Flag_VERSION_2_0, - MigrateV1Policies: migrateV1Policies, + Flag: policies_common.Flag_VERSION_2_0, + SkipV1Policies: iamCmdFlags.skipLegacyUpgrade, } isBetaVersion := iamCmdFlags.betaVersion @@ -177,7 +176,7 @@ func runIAMUpgradeToV2Cmd(cmd *cobra.Command, args []string) error { writer.Title("Upgrading to IAM v2") } - if migrateV1Policies { + if !iamCmdFlags.skipLegacyUpgrade { writer.Println("Migrating v1 policies...") } diff --git a/components/automate-gateway/handler/iam/v2beta/policy/policy.go b/components/automate-gateway/handler/iam/v2beta/policy/policy.go index a522ac8d200..76614bf1816 100644 --- a/components/automate-gateway/handler/iam/v2beta/policy/policy.go +++ b/components/automate-gateway/handler/iam/v2beta/policy/policy.go @@ -213,8 +213,8 @@ func (p *Server) RemovePolicyMembers( func (p *Server) UpgradeToV2( ctx context.Context, in *pb_req.UpgradeToV2Req) (*pb_resp.UpgradeToV2Resp, error) { upgradeReq := &authz.MigrateToV2Req{ - Flag: authz.Flag_VERSION_2_0, - MigrateV1Policies: in.MigrateV1Policies, + Flag: authz.Flag_VERSION_2_0, + SkipV1Policies: in.SkipV1Policies, } if in.Flag == pb_common.Flag_VERSION_2_1 { upgradeReq.Flag = authz.Flag_VERSION_2_1 From aeeed92bda921f0ff4799c991186ed11b0cde675 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 16:06:31 +0200 Subject: [PATCH 22/25] authz-service/migration: add test case Signed-off-by: Stephan Renatus --- .../authz-service/server/v2/policy_test.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/components/authz-service/server/v2/policy_test.go b/components/authz-service/server/v2/policy_test.go index 59e7d2f8e93..bd0c7870042 100644 --- a/components/authz-service/server/v2/policy_test.go +++ b/components/authz-service/server/v2/policy_test.go @@ -2226,6 +2226,23 @@ func TestMigrateToV2(t *testing.T) { pol := getPolicyFromStore(t, policyStore, constants_v2.ComplianceTokenPolicyID) assert.Equal(t, "[Legacy] Compliance Profile Access", pol.Name) }, + "legacy default and custom v1 policies are skipped when asked to skip them": func(t *testing.T) { + polID := genUUID(t) + v1List = v1Lister{pols: []*storage_v1.Policy{ + wellknown(t, constants_v1.ComplianceTokenReadProfilesPolicyID), + { + ID: polID, + Subjects: []string{"user:ldap:bob", "team:ldap:ops"}, + Action: "create", + Resource: "ingest:nodes", + }, + }} + + resp, err := cl.MigrateToV2(ctx, &api_v2.MigrateToV2Req{SkipV1Policies: true}) + require.NoError(t, err) + assert.NotNil(t, resp) + assert.Equal(t, defaultPolicyCount, policyStore.ItemCount()) // nothing extra + }, // --------- migration status related tests --------- "when no migration has been run, migration status is set to v1": func(t *testing.T) { s, err := status.MigrationStatus(ctx) From 8c2849f010e57d5b089fb72addd759f662cc47c3 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Wed, 22 May 2019 17:32:15 +0200 Subject: [PATCH 23/25] studiorc: free a cat Signed-off-by: Stephan Renatus --- .studiorc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.studiorc b/.studiorc index ebbee6f39ab..7b2977c926f 100644 --- a/.studiorc +++ b/.studiorc @@ -117,7 +117,7 @@ GETTING_STARTED # Memory check. Because we all always forget to change the docker preferences # when we re-install it -total_memory_kb=$(cat /proc/meminfo | grep MemTotal | grep -o -E '[[:digit:]]+') +total_memory_kb=$(grep MemTotal /proc/meminfo | grep -o -E '[[:digit:]]+') # 8 gigs == 8164340kb, subtract a few kb so we can just do a less than comp if (( $total_memory_kb < 8164000 )); then warn "!!!" From 61ccc53346f74b7efa098ceb791b9fc2c70a1099 Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Thu, 23 May 2019 11:32:42 +0200 Subject: [PATCH 24/25] rename flag: --skip-policy-migration git grep skip-legacy-upgrade |\ gawk -F: '!a[$1]++{ print $1 }' |\ xargs -- gsed -i s/skip-policy-upgrade/skip-policy-migration/g Signed-off-by: Stephan Renatus --- .studiorc | 2 +- components/automate-cli/cmd/chef-automate/iam.go | 2 +- integration/tests/iam_v2p1_only.sh | 4 ++-- .../templates/install_chef_automate_cli.sh.tpl | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.studiorc b/.studiorc index 7b2977c926f..132fac8ae35 100644 --- a/.studiorc +++ b/.studiorc @@ -137,7 +137,7 @@ function start_all_services() { chef-automate license apply "/src/dev/license.jwt" fi chef-automate dev create-iam-dev-users - chef-automate iam upgrade-to-v2 --skip-legacy-upgrade + chef-automate iam upgrade-to-v2 --skip-policy-migration } document "get_admin_token" < Date: Thu, 23 May 2019 14:45:44 +0200 Subject: [PATCH 25/25] automate-cli/iam: unhide upgrade-to-v2 flags in dev mode Signed-off-by: Stephan Renatus --- components/automate-cli/cmd/chef-automate/iam.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/automate-cli/cmd/chef-automate/iam.go b/components/automate-cli/cmd/chef-automate/iam.go index 2f8da7a5787..985c5bbe583 100644 --- a/components/automate-cli/cmd/chef-automate/iam.go +++ b/components/automate-cli/cmd/chef-automate/iam.go @@ -107,7 +107,7 @@ func newIAMUpgradeToV2Cmd() *cobra.Command { "Upgrade to version 2.1 with beta project authorization.") // all flags are hidden right now - cmd.PersistentFlags().VisitAll(func(f *pflag.Flag) { f.Hidden = true }) + cmd.PersistentFlags().VisitAll(func(f *pflag.Flag) { f.Hidden = !isDevMode() }) return cmd }