Chromium Code Reviews Chromium Code Reviews
Issue 2689483004:
swarming: Add server-side implementation for supplemental bot_config (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The LUCI Authors. All rights reserved. | 1 // Copyright 2016 The LUCI Authors. All rights reserved. |
| 2 // Use of this source code is governed under the Apache License, Version 2.0 | 2 // Use of this source code is governed under the Apache License, Version 2.0 |
| 3 // that can be found in the LICENSE file. | 3 // that can be found in the LICENSE file. |
| 4 | 4 |
| 5 syntax = "proto2"; | 5 syntax = "proto2"; |
| 6 | 6 |
| 7 | 7 |
| 8 // Schema for bots.cfg service config file in luci-config. | 8 // Schema for bots.cfg service config file in luci-config. |
| 9 // | 9 // |
| 10 // It defines a function bot_id => (required credentials, trusted_dimensions), | 10 // It defines a function bot_id => (required credentials, trusted_dimensions), |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 109 // If missing or empty, bot connections are rejected. | 109 // If missing or empty, bot connections are rejected. |
| 110 optional BotAuth auth = 20; | 110 optional BotAuth auth = 20; |
| 111 | 111 |
| 112 // Emails of owners of these bots. Optional. | 112 // Emails of owners of these bots. Optional. |
| 113 repeated string owners = 21; | 113 repeated string owners = 21; |
| 114 | 114 |
| 115 // List of dimensions to assign to these bots. | 115 // List of dimensions to assign to these bots. |
| 116 // | 116 // |
| 117 // Each dimension is a "<key>:<value>" pair. | 117 // Each dimension is a "<key>:<value>" pair. |
| 118 repeated string dimensions = 22; | 118 repeated string dimensions = 22; |
| 119 | |
| 120 // Additional config script to inject into the swarming bot upon handshake. | |
| 121 optional string bot_config_script = 23; | |
|
Vadim Sh.
2017/02/14 22:51:16
can you extract *.proto change (and perhaps valida
M-A Ruel
2017/02/15 00:36:32
This was done in 80856c2cca3fb44796a66ed5bc50e3d16
| |
| 119 } | 122 } |
| 120 | 123 |
| 121 | 124 |
| 122 // Defines what kind of authentication to perform when handling requests from | 125 // Defines what kind of authentication to perform when handling requests from |
| 123 // bots belonging to some bot group. | 126 // bots belonging to some bot group. |
| 124 message BotAuth { | 127 message BotAuth { |
| 125 // If true, the bot should provide valid X-Luci-Machine-Token header. | 128 // If true, the bot should provide valid X-Luci-Machine-Token header. |
| 126 // | 129 // |
| 127 // The machine FQDN embedded in the token should have hostname equal to the | 130 // The machine FQDN embedded in the token should have hostname equal to the |
| 128 // bot_id. | 131 // bot_id. |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 147 // valid X-Luci-Machine-Token and whitelisted IP are needed to successfully | 150 // valid X-Luci-Machine-Token and whitelisted IP are needed to successfully |
| 148 // authenticate. | 151 // authenticate. |
| 149 // | 152 // |
| 150 // Can also be used on its own (when both require_luci_machine_token and | 153 // Can also be used on its own (when both require_luci_machine_token and |
| 151 // require_service_account are false). In that case IP whitelist is the | 154 // require_service_account are false). In that case IP whitelist is the |
| 152 // primary authentication mechanism. Note that in this case all bots that | 155 // primary authentication mechanism. Note that in this case all bots that |
| 153 // share the IP whitelist are effectively in a single trust domain (any bots | 156 // share the IP whitelist are effectively in a single trust domain (any bots |
| 154 // can pretend to be some other bot). | 157 // can pretend to be some other bot). |
| 155 optional string ip_whitelist = 3; | 158 optional string ip_whitelist = 3; |
| 156 } | 159 } |
| OLD | NEW |
