diff --git a/client/src/raw.rs b/client/src/raw.rs index 53bae6e6e..1d3dbe04b 100644 --- a/client/src/raw.rs +++ b/client/src/raw.rs @@ -1231,6 +1231,11 @@ proxier! { (create_api_key, cloudreq::CreateApiKeyRequest, cloudreq::CreateApiKeyResponse); (update_api_key, cloudreq::UpdateApiKeyRequest, cloudreq::UpdateApiKeyResponse); (delete_api_key, cloudreq::DeleteApiKeyRequest, cloudreq::DeleteApiKeyResponse); + (get_nexus_endpoints, cloudreq::GetNexusEndpointsRequest, cloudreq::GetNexusEndpointsResponse); + (get_nexus_endpoint, cloudreq::GetNexusEndpointRequest, cloudreq::GetNexusEndpointResponse); + (create_nexus_endpoint, cloudreq::CreateNexusEndpointRequest, cloudreq::CreateNexusEndpointResponse); + (update_nexus_endpoint, cloudreq::UpdateNexusEndpointRequest, cloudreq::UpdateNexusEndpointResponse); + (delete_nexus_endpoint, cloudreq::DeleteNexusEndpointRequest, cloudreq::DeleteNexusEndpointResponse); (get_user_groups, cloudreq::GetUserGroupsRequest, cloudreq::GetUserGroupsResponse); (get_user_group, cloudreq::GetUserGroupRequest, cloudreq::GetUserGroupResponse); (create_user_group, cloudreq::CreateUserGroupRequest, cloudreq::CreateUserGroupResponse); @@ -1242,6 +1247,15 @@ proxier! { (get_service_accounts, cloudreq::GetServiceAccountsRequest, cloudreq::GetServiceAccountsResponse); (update_service_account, cloudreq::UpdateServiceAccountRequest, cloudreq::UpdateServiceAccountResponse); (delete_service_account, cloudreq::DeleteServiceAccountRequest, cloudreq::DeleteServiceAccountResponse); + (get_usage, cloudreq::GetUsageRequest, cloudreq::GetUsageResponse); + (get_account, cloudreq::GetAccountRequest, cloudreq::GetAccountResponse); + (update_account, cloudreq::UpdateAccountRequest, cloudreq::UpdateAccountResponse); + (create_namespace_export_sink, cloudreq::CreateNamespaceExportSinkRequest, cloudreq::CreateNamespaceExportSinkResponse); + (get_namespace_export_sink, cloudreq::GetNamespaceExportSinkRequest, cloudreq::GetNamespaceExportSinkResponse); + (get_namespace_export_sinks, cloudreq::GetNamespaceExportSinksRequest, cloudreq::GetNamespaceExportSinksResponse); + (update_namespace_export_sink, cloudreq::UpdateNamespaceExportSinkRequest, cloudreq::UpdateNamespaceExportSinkResponse); + (delete_namespace_export_sink, cloudreq::DeleteNamespaceExportSinkRequest, cloudreq::DeleteNamespaceExportSinkResponse); + (validate_namespace_export_sink, cloudreq::ValidateNamespaceExportSinkRequest, cloudreq::ValidateNamespaceExportSinkResponse); } proxier! { diff --git a/sdk-core-protos/protos/api_cloud_upstream/VERSION b/sdk-core-protos/protos/api_cloud_upstream/VERSION index b54cee095..22520b51d 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/VERSION +++ b/sdk-core-protos/protos/api_cloud_upstream/VERSION @@ -1 +1 @@ -2024-05-13-00 +2024-10-01-00 diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/account/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/account/v1/message.proto new file mode 100644 index 000000000..3412eefe1 --- /dev/null +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/account/v1/message.proto @@ -0,0 +1,46 @@ +syntax = "proto3"; + +package temporal.api.cloud.account.v1; + +option go_package = "go.temporal.io/api/cloud/account/v1;account"; +option java_package = "io.temporal.api.cloud.account.v1"; +option java_multiple_files = true; +option java_outer_classname = "MessageProto"; +option ruby_package = "Temporalio::Api::Cloud::Account::V1"; +option csharp_namespace = "Temporalio.Api.Cloud.Account.V1"; + +import "temporal/api/cloud/resource/v1/message.proto"; + +message MetricsSpec { + // The ca cert(s) in PEM format that clients connecting to the metrics endpoint can use for authentication. + // This must only be one value, but the CA can have a chain. + bytes accepted_client_ca = 2; +} + +message AccountSpec { + // The metrics specification for this account. + // If not specified, metrics will not be enabled. + MetricsSpec metrics = 1; +} + +message Metrics { + // The prometheus metrics endpoint uri. + // This is only populated when the metrics is enabled in the metrics specification. + string uri = 1; +} + +message Account { + // The id of the account. + string id = 1; + // The account specification. + AccountSpec spec = 2; + // The current version of the account specification. + // The next update operation will have to include this version. + string resource_version = 3; + // The current state of the account. + temporal.api.cloud.resource.v1.ResourceState state = 4; + // The id of the async operation that is updating the account, if any. + string async_operation_id = 5; + // Information related to metrics. + Metrics metrics = 6; +} diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/request_response.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/request_response.proto index 9149e6db4..07c024822 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/request_response.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/request_response.proto @@ -9,10 +9,15 @@ option java_outer_classname = "RequestResponseProto"; option ruby_package = "Temporalio::Api::Cloud::CloudService::V1"; option csharp_namespace = "Temporalio.Api.Cloud.CloudService.V1"; +import "google/protobuf/timestamp.proto"; + import "temporal/api/cloud/operation/v1/message.proto"; import "temporal/api/cloud/identity/v1/message.proto"; import "temporal/api/cloud/namespace/v1/message.proto"; +import "temporal/api/cloud/nexus/v1/message.proto"; import "temporal/api/cloud/region/v1/message.proto"; +import "temporal/api/cloud/account/v1/message.proto"; +import "temporal/api/cloud/usage/v1/message.proto"; message GetUsersRequest { // The requested size of the page to retrieve - optional. @@ -269,7 +274,6 @@ message GetRegionResponse { temporal.api.cloud.region.v1.Region region = 1; } - message GetApiKeysRequest { // The requested size of the page to retrieve - optional. // Cannot exceed 1000. Defaults to 100. @@ -280,12 +284,16 @@ message GetApiKeysRequest { string owner_id = 3; // Filter api keys by owner type - optional. // Possible values: user, service-account - string owner_type = 4; + string owner_type_deprecated = 4 [deprecated = true]; + // Filter api keys by owner type - optional. + // temporal:enums:replaces=owner_type_deprecated + temporal.api.cloud.identity.v1.OwnerType owner_type = 5; } message GetApiKeysResponse { // The list of api keys in ascending id order. repeated temporal.api.cloud.identity.v1.ApiKey api_keys = 1; + // The next page's token. string next_page_token = 2; } @@ -304,6 +312,7 @@ message CreateApiKeyRequest { // The spec for the api key to create. // Create api key only supports service-account owner type for now. temporal.api.cloud.identity.v1.ApiKeySpec spec = 1; + // The id to use for this async operation - optional. string async_operation_id = 2; } @@ -311,7 +320,7 @@ message CreateApiKeyRequest { message CreateApiKeyResponse { // The id of the api key created. string key_id = 1; - // The token of the api key created. + // The token of the api key created. // This is a secret and should be stored securely. // It will not be retrievable after this response. string token = 2; @@ -327,6 +336,7 @@ message UpdateApiKeyRequest { // The version of the api key for which this update is intended for. // The latest version can be found in the GetApiKey operation response. string resource_version = 3; + // The id to use for this async operation - optional. string async_operation_id = 4; } @@ -342,6 +352,7 @@ message DeleteApiKeyRequest { // The version of the api key for which this delete is intended for. // The latest version can be found in the GetApiKey operation response. string resource_version = 2; + // The id to use for this async operation - optional. string async_operation_id = 3; } @@ -351,6 +362,95 @@ message DeleteApiKeyResponse { temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; } +message GetNexusEndpointsRequest { + // The requested size of the page to retrieve - optional. + // Cannot exceed 1000. Defaults to 100. + int32 page_size = 1; + + // The page token if this is continuing from another response - optional. + string page_token = 2; + + // optional, treated as an AND if specified + string target_namespace_id = 3; + + // optional, treated as an AND if specified + string target_task_queue = 4; + + // Filter endpoints by their name - optional, treated as an AND if specified. Specifying this will result in zero or one results. + string name = 5; +} + +message GetNexusEndpointsResponse { + // The list of endpoints in ascending id order. + repeated temporal.api.cloud.nexus.v1.Endpoint endpoints = 1; + + // The next page's token. + string next_page_token = 2; +} + +message GetNexusEndpointRequest { + // The id of the nexus endpoint to get. + string endpoint_id = 1; +} + +message GetNexusEndpointResponse { + // The nexus endpoint. + temporal.api.cloud.nexus.v1.Endpoint endpoint = 1; +} + +message CreateNexusEndpointRequest { + // The spec for the nexus endpoint. + temporal.api.cloud.nexus.v1.EndpointSpec spec = 1; + + // The id to use for this async operation - optional. + string async_operation_id = 2; +} + +message CreateNexusEndpointResponse { + // The id of the endpoint that was created. + string endpoint_id = 1; + + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 2; +} + +message UpdateNexusEndpointRequest { + // The id of the nexus endpoint to update. + string endpoint_id = 1; + + // The updated nexus endpoint specification. + temporal.api.cloud.nexus.v1.EndpointSpec spec = 2; + + // The version of the nexus endpoint for which this update is intended for. + // The latest version can be found in the GetNexusEndpoint operation response. + string resource_version = 3; + + // The id to use for this async operation - optional. + string async_operation_id = 4; +} + +message UpdateNexusEndpointResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message DeleteNexusEndpointRequest { + // The id of the nexus endpoint to delete. + string endpoint_id = 1; + + // The version of the endpoint for which this delete is intended for. + // The latest version can be found in the GetNexusEndpoint operation response. + string resource_version = 2; + + // The id to use for this async operation - optional. + string async_operation_id = 3; +} + +message DeleteNexusEndpointResponse { + // The async operation + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + message GetUserGroupsRequest { // The requested size of the page to retrieve - optional. // Cannot exceed 1000. Defaults to 100. @@ -359,8 +459,15 @@ message GetUserGroupsRequest { string page_token = 2; // Filter groups by the namespace they have access to - optional. string namespace = 3; - // Filter groups by their name - optional. - string group_name = 4; + // Filter groups by the display name - optional. + string display_name = 4; + // Filter groups by the google group specification - optional. + GoogleGroupFilter google_group = 5; + + message GoogleGroupFilter { + // Filter groups by the google group email - optional. + string email_address = 1; + } } message GetUserGroupsResponse { @@ -391,6 +498,7 @@ message CreateUserGroupRequest { message CreateUserGroupResponse { // The id of the group that was created. string group_id = 1; + // The async operation. temporal.api.cloud.operation.v1.AsyncOperation async_operation = 2; } @@ -518,3 +626,144 @@ message DeleteServiceAccountResponse { // The async operation. temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; } + +message GetUsageRequest { + // Filter for UTC time >= - optional. + // Defaults to: start of the current month. + // Must be: within the last 90 days from the current date. + // Must be: midnight UTC time. + google.protobuf.Timestamp start_time_inclusive = 1; + + // Filter for UTC time < - optional. + // Defaults to: start of the next UTC day. + // Must be: within the last 90 days from the current date. + // Must be: midnight UTC time. + google.protobuf.Timestamp end_time_exclusive = 2; + + // The requested size of the page to retrieve - optional. + // Each count corresponds to a single object - per day per namespace + // Cannot exceed 1000. Defaults to 100. + int32 page_size = 3; + + // The page token if this is continuing from another response - optional. + string page_token = 4; +} + +message GetUsageResponse { + // The list of data based on granularity (per Day for now) + // Ordered by: time range in ascending order + repeated temporal.api.cloud.usage.v1.Summary summaries = 1; + // The next page's token. + string next_page_token = 2; +} + +message GetAccountRequest { +} + +message GetAccountResponse { + // The account. + temporal.api.cloud.account.v1.Account account = 1; +} + +message UpdateAccountRequest { + // The updated account specification to apply. + temporal.api.cloud.account.v1.AccountSpec spec = 1; + // The version of the account for which this update is intended for. + // The latest version can be found in the GetAccount operation response. + string resource_version = 2; + // The id to use for this async operation. + // Optional, if not provided a random id will be generated. + string async_operation_id = 3; +} + +message UpdateAccountResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message CreateNamespaceExportSinkRequest { + // The namespace under which the sink is configured. + string namespace = 1; + // The specification for the export sink. + temporal.api.cloud.namespace.v1.ExportSinkSpec spec = 2; + // Optional. The ID to use for this async operation. + string async_operation_id = 3; +} + +message CreateNamespaceExportSinkResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message GetNamespaceExportSinkRequest { + // The namespace to which the sink belongs. + string namespace = 1; + // The name of the sink to retrieve. + string name = 2; +} + +message GetNamespaceExportSinkResponse { + // The export sink retrieved. + temporal.api.cloud.namespace.v1.ExportSink sink = 1; +} + +message GetNamespaceExportSinksRequest { + // The namespace to which the sinks belong. + string namespace = 1; + // The requested size of the page to retrieve. Cannot exceed 1000. + // Defaults to 100 if not specified. + int32 page_size = 2; + // The page token if this is continuing from another response - optional. + string page_token = 3; +} + +message GetNamespaceExportSinksResponse { + // The list of export sinks retrieved. + repeated temporal.api.cloud.namespace.v1.ExportSink sinks = 1; + // The next page token, set if there is another page. + string next_page_token = 2; +} + +message UpdateNamespaceExportSinkRequest { + // The namespace to which the sink belongs. + string namespace = 1; + // The updated export sink specification. + temporal.api.cloud.namespace.v1.ExportSinkSpec spec = 2; + // The version of the sink to update. The latest version can be + // retrieved using the GetNamespaceExportSink call. + string resource_version = 3; + // The ID to use for this async operation - optional. + string async_operation_id = 4; +} + +message UpdateNamespaceExportSinkResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message DeleteNamespaceExportSinkRequest { + // The namespace to which the sink belongs. + string namespace = 1; + // The name of the sink to delete. + string name = 2; + // The version of the sink to delete. The latest version can be + // retrieved using the GetNamespaceExportSink call. + string resource_version = 3; + // The ID to use for this async operation - optional. + string async_operation_id = 4; +} + +message DeleteNamespaceExportSinkResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message ValidateNamespaceExportSinkRequest { + // The namespace to which the sink belongs. + string namespace = 1; + // The export sink specification to validate. + temporal.api.cloud.namespace.v1.ExportSinkSpec spec = 2; +} + +message ValidateNamespaceExportSinkResponse { +} diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/service.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/service.proto index f37e6731f..a3e86071b 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/service.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/cloudservice/v1/service.proto @@ -74,7 +74,7 @@ service CloudService { body: "*" }; } - + // Get all namespaces rpc GetNamespaces (GetNamespacesRequest) returns (GetNamespacesResponse) { option (google.api.http) = { @@ -179,6 +179,43 @@ service CloudService { }; } + // Gets nexus endpoints + rpc GetNexusEndpoints(GetNexusEndpointsRequest) returns (GetNexusEndpointsResponse) { + option (google.api.http) = { + get: "/cloud/nexus/endpoints", + }; + } + + // Get a nexus endpoint + rpc GetNexusEndpoint(GetNexusEndpointRequest) returns (GetNexusEndpointResponse) { + option (google.api.http) = { + get: "/cloud/nexus/endpoints/{endpoint_id}", + }; + } + + // Create a nexus endpoint + rpc CreateNexusEndpoint(CreateNexusEndpointRequest) returns (CreateNexusEndpointResponse) { + option (google.api.http) = { + post: "/cloud/nexus/endpoints", + body: "*" + }; + } + + // Update a nexus endpoint + rpc UpdateNexusEndpoint(UpdateNexusEndpointRequest) returns (UpdateNexusEndpointResponse) { + option (google.api.http) = { + post: "/cloud/nexus/endpoints/{endpoint_id}", + body: "*" + }; + } + + // Delete a nexus endpoint + rpc DeleteNexusEndpoint(DeleteNexusEndpointRequest) returns (DeleteNexusEndpointResponse) { + option (google.api.http) = { + delete: "/cloud/nexus/endpoints/{endpoint_id}", + }; + } + // Get all user groups rpc GetUserGroups (GetUserGroupsRequest) returns (GetUserGroupsResponse) { option (google.api.http) = { @@ -260,4 +297,73 @@ service CloudService { delete: "/cloud/service-accounts/{service_account_id}", }; } -} + + // WARNING: Pre-Release Feature + // Get usage data across namespaces + rpc GetUsage(GetUsageRequest) returns (GetUsageResponse) { + option (google.api.http) = { + get: "/cloud/usage", + }; + } + + // Get account information. + rpc GetAccount (GetAccountRequest) returns (GetAccountResponse) { + option (google.api.http) = { + get: "/cloud/account", + }; + } + + // Update account information. + rpc UpdateAccount (UpdateAccountRequest) returns (UpdateAccountResponse) { + option (google.api.http) = { + post: "/cloud/account", + body: "*" + }; + } + + // Create an export sink + rpc CreateNamespaceExportSink(CreateNamespaceExportSinkRequest) returns (CreateNamespaceExportSinkResponse) { + option (google.api.http) = { + post: "/cloud/namespaces/{namespace}/export-sinks", + body: "*" + }; + } + + // Get an export sink + rpc GetNamespaceExportSink(GetNamespaceExportSinkRequest) returns (GetNamespaceExportSinkResponse) { + option (google.api.http) = { + get: "/cloud/namespaces/{namespace}/export-sinks/{name}" + }; + } + + // Get export sinks + rpc GetNamespaceExportSinks(GetNamespaceExportSinksRequest) returns (GetNamespaceExportSinksResponse) { + option (google.api.http) = { + get: "/cloud/namespaces/{namespace}/export-sinks" + }; + } + + // Update an export sink + rpc UpdateNamespaceExportSink(UpdateNamespaceExportSinkRequest) returns (UpdateNamespaceExportSinkResponse) { + option (google.api.http) = { + post: "/cloud/namespaces/{namespace}/export-sinks/{spec.name}", + body: "*" + }; + } + + // Delete an export sink + rpc DeleteNamespaceExportSink(DeleteNamespaceExportSinkRequest) returns (DeleteNamespaceExportSinkResponse) { + option (google.api.http) = { + delete: "/cloud/namespaces/{namespace}/export-sinks/{name}" + }; + } + + // Validates an export sink configuration by delivering an empty test file to the specified sink. + // This operation verifies that the sink is correctly configured, accessible, and ready for data export. + rpc ValidateNamespaceExportSink(ValidateNamespaceExportSinkRequest) returns (ValidateNamespaceExportSinkResponse) { + option (google.api.http) = { + post: "/cloud/namespaces/{namespace}/export-sinks/validate", + body: "*" + }; + } +} \ No newline at end of file diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/identity/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/identity/v1/message.proto index 5fb617901..dbb749016 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/identity/v1/message.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/identity/v1/message.proto @@ -9,14 +9,32 @@ option java_outer_classname = "MessageProto"; option ruby_package = "Temporalio::Api::Cloud::Identity::V1"; option csharp_namespace = "Temporalio.Api.Cloud.Identity.V1"; +import "temporal/api/cloud/resource/v1/message.proto"; import "google/protobuf/timestamp.proto"; message AccountAccess { - // The role on the account, should be one of [admin, developer, read] + // The role on the account, should be one of [owner, admin, developer, financeadmin, read] + // owner - gives full access to the account, including users, namespaces, and billing // admin - gives full access the account, including users and namespaces // developer - gives access to create namespaces on the account + // financeadmin - gives read only access and write access for billing // read - gives read only access to the account - string role = 1; + // Deprecated: Not supported after 2024-10-01-00 api version. Use role instead. + // temporal:versioning:max_version=2024-10-01-00 + string role_deprecated = 1 [deprecated = true]; + // The role on the account. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=role_deprecated + Role role = 2; + + enum Role { + ROLE_UNSPECIFIED = 0; + ROLE_OWNER = 1; // Gives full access to the account, including users, namespaces, and billing. + ROLE_ADMIN = 2; // Gives full access to the account, including users and namespaces. + ROLE_DEVELOPER = 3; // Gives access to create namespaces on the account. + ROLE_FINANCE_ADMIN = 4; // Gives read only access and write access for billing. + ROLE_READ = 5; // Gives read only access to the account. + } } message NamespaceAccess { @@ -24,7 +42,27 @@ message NamespaceAccess { // admin - gives full access to the namespace, including assigning namespace access to other users // write - gives write access to the namespace configuration and workflows within the namespace // read - gives read only access to the namespace configuration and workflows within the namespace - string permission = 1; + // Deprecated: Not supported after 2024-10-01-00 api version. Use permission instead. + // temporal:versioning:max_version=2024-10-01-00 + string permission_deprecated = 1 [deprecated = true]; + + // The permission to the namespace. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=permission_deprecated + Permission permission = 2; + + enum Permission { + PERMISSION_UNSPECIFIED = 0; + PERMISSION_ADMIN = 1; // Gives full access to the namespace, including assigning namespace access to other users. + PERMISSION_WRITE = 2; // Gives write access to the namespace configuration and workflows within the namespace. + PERMISSION_READ = 3; // Gives read only access to the namespace configuration and workflows within the namespace. + } +} + +enum OwnerType { + OWNER_TYPE_UNSPECIFIED = 0; + OWNER_TYPE_USER = 1; // The owner is a user. + OWNER_TYPE_SERVICE_ACCOUNT = 2; // The owner is a service account. } message Access { @@ -58,7 +96,14 @@ message User { // The user specification UserSpec spec = 3; // The current state of the user - string state = 4; + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 4 [deprecated = true]; + // The current state of the user. + // For any failed state, reach out to Temporal Cloud support for remediation. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + temporal.api.cloud.resource.v1.ResourceState state = 9; // The id of the async operation that is creating/updating/deleting the user, if any string async_operation_id = 5; // The details of the open invitation sent to the user, if any @@ -70,12 +115,20 @@ message User { google.protobuf.Timestamp last_modified_time = 8; } +message GoogleGroupSpec { + // The email address of the Google group. + // The email address is immutable. Once set during creation, it cannot be changed. + string email_address = 1; +} + message UserGroupSpec { - // The name of the group as defined in the customer's IdP (e.g. Google group name in Google Workspace) - // The name is immutable. Once set, it cannot be changed - string name = 1; - // The access assigned to the group + // The display name of the group. + string display_name = 1; + // The access assigned to the group. Access access = 2; + // The specification of the google group that this group is associated with. + // For now only google groups are supported, and this field is required. + GoogleGroupSpec google_group = 3; } message UserGroup { @@ -86,8 +139,15 @@ message UserGroup { string resource_version = 2; // The group specification UserGroupSpec spec = 3; - // The current state of the group - string state = 4; + // The current state of the group. + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 4 [deprecated = true]; + // The current state of the group. + // For any failed state, reach out to Temporal Cloud support for remediation. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + temporal.api.cloud.resource.v1.ResourceState state = 8; // The id of the async operation that is creating/updating/deleting the group, if any string async_operation_id = 5; // The date and time when the group was created @@ -108,7 +168,14 @@ message ServiceAccount { // The current state of the service account. // Possible values: activating, activationfailed, active, updating, updatefailed, deleting, deletefailed, deleted, suspending, suspendfailed, suspended. // For any failed state, reach out to Temporal Cloud support for remediation. - string state = 4; + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 4 [deprecated = true]; + // The current state of the service account. + // For any failed state, reach out to Temporal Cloud support for remediation. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + temporal.api.cloud.resource.v1.ResourceState state = 8; // The id of the async operation that is creating/updating/deleting the service account, if any. string async_operation_id = 5; // The date and time when the service account was created. @@ -142,7 +209,13 @@ message ApiKey { // The current state of the API key. // Possible values: activating, activationfailed, active, updating, updatefailed, deleting, deletefailed, deleted, suspending, suspendfailed, suspended. // For any failed state, reach out to Temporal Cloud support for remediation. - string state = 4; + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 4 [deprecated = true]; + // The current state of the API key. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + temporal.api.cloud.resource.v1.ResourceState state = 8; // The id of the async operation that is creating/updating/deleting the API key, if any. string async_operation_id = 5; // The date and time when the API key was created. @@ -155,13 +228,19 @@ message ApiKey { message ApiKeySpec { // The id of the owner to create the API key for. // The owner id is immutable. Once set during creation, it cannot be changed. - // The owner id is the id of the user when the owner type is 'user'. - // The owner id is the id of the service account when the owner type is 'service-account'. + // The owner id is the id of the user when the owner type is user. + // The owner id is the id of the service account when the owner type is service account. string owner_id = 1; // The type of the owner to create the API key for. // The owner type is immutable. Once set during creation, it cannot be changed. // Possible values: user, service-account. - string owner_type = 2; + // Deprecated: Not supported after 2024-10-01-00 api version. Use owner_type instead. + // temporal:versioning:max_version=2024-10-01-00 + string owner_type_deprecated = 2 [deprecated = true]; + // The type of the owner to create the API key for. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=owner_type_deprecated + OwnerType owner_type = 7; // The display name of the API key. string display_name = 3; // The description of the API key. diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/namespace/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/namespace/v1/message.proto index 4fec2bb56..c82ee260c 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/namespace/v1/message.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/namespace/v1/message.proto @@ -9,7 +9,9 @@ option java_outer_classname = "MessageProto"; option ruby_package = "Temporalio::Api::Cloud::Namespace::V1"; option csharp_namespace = "Temporalio.Api.Cloud.Namespace.V1"; +import "temporal/api/cloud/resource/v1/message.proto"; import "google/protobuf/timestamp.proto"; +import "temporal/api/cloud/sink/v1/message.proto"; message CertificateFilterSpec { // The common_name in the certificate. @@ -31,7 +33,13 @@ message MtlsAuthSpec { // This must only be one value, but the CA can have a chain. // // (-- api-linter: core::0140::base64=disabled --) - string accepted_client_ca = 1; + // Deprecated: Not supported after 2024-05-13-00 api version. Use accepted_client_ca instead. + // temporal:versioning:max_version=2024-05-13-00 + string accepted_client_ca_deprecated = 1; + // The ca cert(s) in PEM format that the clients can use for authentication and authorization. + // This must only be one value, but the CA can have a chain. + // temporal:versioning:min_version=2024-05-13-00 + bytes accepted_client_ca = 4; // Certificate filters which, if specified, only allow connections from client certificates whose distinguished name properties match at least one of the filters. // This allows limiting access to specific end-entity certificates. // Optional, default is empty. @@ -87,10 +95,30 @@ message NamespaceSpec { // Supported attribute types: text, keyword, int, double, bool, datetime, keyword_list. // NOTE: currently deleting a search attribute is not supported. // Optional, default is empty. - map custom_search_attributes = 5; + // Deprecated: Not supported after 2024-10-01-00 api version. Use search_attributes instead. + // temporal:versioning:max_version=2024-10-01-00 + map custom_search_attributes = 5 [deprecated = true]; + // The custom search attributes to use for the namespace. + // The name of the attribute is the key and the type is the value. + // Note: currently deleting a search attribute is not supported. + // Optional, default is empty. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=custom_search_attributes + map search_attributes = 8; // Codec server spec used by UI to decode payloads for all users interacting with this namespace. // Optional, default is unset. CodecServerSpec codec_server = 6; + + enum SearchAttributeType { + SEARCH_ATTRIBUTE_TYPE_UNSPECIFIED = 0; + SEARCH_ATTRIBUTE_TYPE_TEXT = 1; + SEARCH_ATTRIBUTE_TYPE_KEYWORD = 2; + SEARCH_ATTRIBUTE_TYPE_INT = 3; + SEARCH_ATTRIBUTE_TYPE_DOUBLE = 4; + SEARCH_ATTRIBUTE_TYPE_BOOL = 5; + SEARCH_ATTRIBUTE_TYPE_DATETIME = 6; + SEARCH_ATTRIBUTE_TYPE_KEYWORD_LIST = 7; + } } message Endpoints { @@ -133,7 +161,14 @@ message Namespace { // The namespace specification. NamespaceSpec spec = 3; // The current state of the namespace. - string state = 4; + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 4 [deprecated = true]; + // The current state of the namespace. + // For any failed state, reach out to Temporal Cloud support for remediation. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + temporal.api.cloud.resource.v1.ResourceState state = 13; // The id of the async operation that is creating/updating/deleting the namespace, if any. string async_operation_id = 5; // The endpoints for the namespace. @@ -158,7 +193,70 @@ message NamespaceRegionStatus { // The current state of the namespace region. // Possible values: adding, active, passive, removing, failed. // For any failed state, reach out to Temporal Cloud support for remediation. - string state = 1; + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 1 [deprecated = true]; + // The current state of the namespace region. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + State state = 3; // The id of the async operation that is making changes to where the namespace is available, if any. string async_operation_id = 2; + + enum State { + STATE_UNSPECIFIED = 0; + STATE_ADDING= 1; // The region is being added to the namespace. + STATE_ACTIVE= 2; // The namespace is active in this region. + STATE_PASSIVE = 3; // The namespace is passive in this region. + STATE_REMOVING = 4; // The region is being removed from the namespace. + STATE_FAILED = 5; // The region failed to be added/removed, check failure_reason in the last async_operation status for more details. + } +} + +message ExportSinkSpec { + // The unique name of the export sink, it can't be changed once set. + string name = 1; + + // A flag indicating whether the export sink is enabled or not. + bool enabled = 2; + + // The S3 configuration details when destination_type is S3. + temporal.api.cloud.sink.v1.S3Spec s3 = 3; + + // This is a feature under development. We will allow GCS sink support for GCP Namespaces. + // The GCS configuration details when destination_type is GCS. + temporal.api.cloud.sink.v1.GCSSpec gcs = 4; +} + +message ExportSink { + // The unique name of the export sink. + string name = 1; + + // The version of the export sink resource. + string resource_version = 2; + + // The current state of the export sink. + temporal.api.cloud.resource.v1.ResourceState state = 3; + + // The specification details of the export sink. + ExportSinkSpec spec = 4; + + // The health status of the export sink. + Health health = 5; + + // An error message describing any issues with the export sink, if applicable. + string error_message = 6; + + // The timestamp of the latest successful data export. + google.protobuf.Timestamp latest_data_export_time = 7; + + // The timestamp of the last health check performed on the export sink. + google.protobuf.Timestamp last_health_check_time = 8; + + enum Health { + HEALTH_UNSPECIFIED = 0; + HEALTH_OK = 1; + HEALTH_ERROR_INTERNAL = 2; + HEALTH_ERROR_USER_CONFIGURATION = 3; + } } diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/nexus/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/nexus/v1/message.proto new file mode 100644 index 000000000..358fb2068 --- /dev/null +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/nexus/v1/message.proto @@ -0,0 +1,84 @@ +syntax = "proto3"; + +package temporal.api.cloud.nexus.v1; + +option go_package = "go.temporal.io/api/cloud/nexus/v1;nexus"; +option java_package = "io.temporal.api.cloud.nexus.v1"; +option java_multiple_files = true; +option java_outer_classname = "MessageProto"; +option ruby_package = "Temporalio::Api::Cloud::Nexus::V1"; +option csharp_namespace = "Temporalio.Api.Cloud.Nexus.V1"; + +import "temporal/api/cloud/resource/v1/message.proto"; +import "google/protobuf/timestamp.proto"; + +message EndpointSpec { + // The name of the endpoint. Must be unique within an account. + // The name must match `^[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9]$`. + // This field is mutable. + string name = 1; + + // Indicates where the endpoint should forward received nexus requests to. + EndpointTargetSpec target_spec = 2; + + // The set of policies (e.g. authorization) for the endpoint. Each request's caller + // must match with at least one of the specs to be accepted by the endpoint. + // This field is mutable. + repeated EndpointPolicySpec policy_specs = 3; + + // The markdown description of the endpoint - optional. + string description = 4; +} + +message EndpointTargetSpec { + oneof variant { + // A target spec for routing nexus requests to a specific cloud namespace worker. + WorkerTargetSpec worker_target_spec = 1; + } +} + +message WorkerTargetSpec { + // The target cloud namespace to route requests to. Namespace must be in same account as the endpoint. This field is mutable. + string namespace_id = 1; + + // The task queue on the cloud namespace to route requests to. This field is mutable. + string task_queue = 2; +} + +message EndpointPolicySpec { + oneof variant { + // A policy spec that allows one caller namespace to access the endpoint. + AllowedCloudNamespacePolicySpec allowed_cloud_namespace_policy_spec = 1; + } +} + +message AllowedCloudNamespacePolicySpec { + // The namespace that is allowed to call into this endpoint. Calling namespace must be in same account as the endpoint. + string namespace_id = 1; +} + +// An endpoint that receives and then routes Nexus requests +message Endpoint { + // The id of the endpoint. This is generated by the server and is immutable. + string id = 1; + + // The current version of the endpoint specification. + // The next update operation must include this version. + string resource_version = 2; + + // The endpoint specification. + EndpointSpec spec = 3; + + // The current state of the endpoint. + // For any failed state, reach out to Temporal Cloud support for remediation. + temporal.api.cloud.resource.v1.ResourceState state = 4; + + // The id of any ongoing async operation that is creating, updating, or deleting the endpoint, if any. + string async_operation_id = 5; + + // The date and time when the endpoint was created. + google.protobuf.Timestamp created_time = 6; + + // The date and time when the endpoint was last modified. + google.protobuf.Timestamp last_modified_time = 7; +} diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/operation/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/operation/v1/message.proto index 8d0e89edf..7cd79fd02 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/operation/v1/message.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/operation/v1/message.proto @@ -14,23 +14,38 @@ import "google/protobuf/timestamp.proto"; import "google/protobuf/any.proto"; message AsyncOperation { - // The operation id + // The operation id. string id = 1; - // The current state of this operation - // Possible values are: pending, in_progress, failed, cancelled, fulfilled - string state = 2; - // The recommended duration to check back for an update in the operation's state + // The current state of this operation. + // Possible values are: pending, in_progress, failed, cancelled, fulfilled. + // Deprecated: Not supported after 2024-10-01-00 api version. Use state instead. + // temporal:versioning:max_version=2024-10-01-00 + string state_deprecated = 2 [deprecated = true]; + // The current state of this operation. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=state_deprecated + State state = 9; + // The recommended duration to check back for an update in the operation's state. google.protobuf.Duration check_duration = 3; - // The type of operation being performed + // The type of operation being performed. string operation_type = 4; - // The input to the operation being performed + // The input to the operation being performed. // // (-- api-linter: core::0146::any=disabled --) google.protobuf.Any operation_input = 5; - // If the operation failed, the reason for the failure + // If the operation failed, the reason for the failure. string failure_reason = 6; - // The date and time when the operation initiated + // The date and time when the operation initiated. google.protobuf.Timestamp started_time = 7; - // The date and time when the operation completed + // The date and time when the operation completed. google.protobuf.Timestamp finished_time = 8; + + enum State { + STATE_UNSPECIFIED = 0; + STATE_PENDING = 1; // The operation is pending. + STATE_IN_PROGRESS = 2; // The operation is in progress. + STATE_FAILED = 3; // The operation failed, check failure_reason for more details. + STATE_CANCELLED = 4; // The operation was cancelled. + STATE_FULFILLED = 5; // The operation was fulfilled. + } } diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/region/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/region/v1/message.proto index 25c8b13ed..7a7be52fb 100644 --- a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/region/v1/message.proto +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/region/v1/message.proto @@ -14,9 +14,22 @@ message Region { string id = 1; // The name of the cloud provider that's hosting the region. // Currently only "aws" is supported. - string cloud_provider = 2; + // Deprecated: Not supported after 2024-10-01-00 api version. Use cloud_provider instead. + // temporal:versioning:max_version=2024-10-01-00 + string cloud_provider_deprecated = 2 [deprecated = true]; + // The cloud provider that's hosting the region. + // temporal:versioning:min_version=2024-10-01-00 + // temporal:enums:replaces=cloud_provider_deprecated + CloudProvider cloud_provider = 5; // The region identifier as defined by the cloud provider. string cloud_provider_region = 3; // The human readable location of the region. string location = 4; + + // The cloud provider that's hosting the region. + enum CloudProvider { + CLOUD_PROVIDER_UNSPECIFIED = 0; + CLOUD_PROVIDER_AWS = 1; + CLOUD_PROVIDER_GCP = 2; + } } diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/resource/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/resource/v1/message.proto new file mode 100644 index 000000000..eb1572547 --- /dev/null +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/resource/v1/message.proto @@ -0,0 +1,25 @@ +syntax = "proto3"; + +package temporal.api.cloud.resource.v1; + +option go_package = "go.temporal.io/api/cloud/resource/v1;resource"; +option java_package = "io.temporal.api.cloud.resource.v1"; +option java_multiple_files = true; +option java_outer_classname = "MessageProto"; +option ruby_package = "Temporalio::Api::Cloud::Resource::V1"; +option csharp_namespace = "Temporalio.Api.Cloud.Resource.V1"; + + +enum ResourceState { + RESOURCE_STATE_UNSPECIFIED = 0; + RESOURCE_STATE_ACTIVATING = 1; // The resource is being activated. + RESOURCE_STATE_ACTIVATION_FAILED = 2; // The resource failed to activate. This is an error state. Reach out to support for remediation. + RESOURCE_STATE_ACTIVE = 3; // The resource is active and ready to use. + RESOURCE_STATE_UPDATING = 4; // The resource is being updated. + RESOURCE_STATE_UPDATE_FAILED = 5; // The resource failed to update. This is an error state. Reach out to support for remediation. + RESOURCE_STATE_DELETING = 6; // The resource is being deleted. + RESOURCE_STATE_DELETE_FAILED = 7; // The resource failed to delete. This is an error state. Reach out to support for remediation. + RESOURCE_STATE_DELETED = 8; // The resource has been deleted. + RESOURCE_STATE_SUSPENDED = 9; // The resource is suspended and not available for use. Reach out to support for remediation. + RESOURCE_STATE_EXPIRED = 10; // The resource has expired and is no longer available for use. +} diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/sink/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/sink/v1/message.proto new file mode 100644 index 000000000..d9ca7730c --- /dev/null +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/sink/v1/message.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; + +package temporal.api.cloud.sink.v1; + +option go_package = "go.temporal.io/api/cloud/sink/v1;sink"; +option java_package = "io.temporal.api.cloud.sink.v1"; +option java_multiple_files = true; +option java_outer_classname = "MessageProto"; +option ruby_package = "Temporalio::Api::Cloud::Sink::V1"; +option csharp_namespace = "Temporalio.Api.Cloud.Sink.V1"; + +message S3Spec { + // The IAM role that Temporal Cloud assumes for writing records to the customer's S3 bucket. + string role_name = 1; + + // The name of the destination S3 bucket where Temporal will send data. + string bucket_name = 2; + + // The region where the S3 bucket is located. + string region = 3; + + // The AWS Key Management Service (KMS) ARN used for encryption. + string kms_arn = 4; + + // The AWS account ID associated with the S3 bucket and the assumed role. + string aws_account_id = 5; +} + +message GCSSpec { + // The customer service account ID that Temporal Cloud impersonates for writing records to the customer's GCS bucket. + string sa_id = 1; + + // The name of the destination GCS bucket where Temporal will send data. + string bucket_name = 2; + + // The GCP project ID associated with the GCS bucket and service account. + string gcp_project_id = 3; + + // The region of the gcs bucket + string region = 4; +} \ No newline at end of file diff --git a/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/usage/v1/message.proto b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/usage/v1/message.proto new file mode 100644 index 000000000..b65b88bd6 --- /dev/null +++ b/sdk-core-protos/protos/api_cloud_upstream/temporal/api/cloud/usage/v1/message.proto @@ -0,0 +1,59 @@ +syntax = "proto3"; + +package temporal.api.cloud.usage.v1; + +option go_package = "go.temporal.io/api/cloud/usage/v1;usage"; +option java_package = "io.temporal.api.cloud.usage.v1"; +option java_multiple_files = true; +option java_outer_classname = "MessageProto"; +option ruby_package = "Temporalio::Api::Cloud::Usage::V1"; +option csharp_namespace = "Temporalio.Api.Cloud.Usage.V1"; + +import "google/protobuf/timestamp.proto"; + +message Summary { + // Start of UTC day for now (inclusive) + google.protobuf.Timestamp start_time = 1; + // End of UTC day for now (exclusive) + google.protobuf.Timestamp end_time = 2; + // Records grouped by namespace + repeated RecordGroup record_groups = 3; + // True if data for given time window is not fully available yet (e.g. delays) + // When true, records for the given time range could still be added/updated in the future (until false) + bool incomplete = 4; +} + +message RecordGroup { + // GroupBy keys and their values for this record group. Multiple fields are combined with logical AND. + repeated GroupBy group_bys = 1; + repeated Record records = 2; +} + +message GroupBy { + GroupByKey key = 1; + string value = 2; +} + +message Record { + RecordType type = 1; + RecordUnit unit = 2; + double value = 3; +} + +enum RecordType { + RECORD_TYPE_UNSPECIFIED = 0; + RECORD_TYPE_ACTIONS = 1; + RECORD_TYPE_ACTIVE_STORAGE = 2; + RECORD_TYPE_RETAINED_STORAGE = 3; +} + +enum RecordUnit { + RECORD_UNIT_UNSPECIFIED = 0; + RECORD_UNIT_NUMBER = 1; + RECORD_UNIT_BYTE_SECONDS = 2; +} + +enum GroupByKey { + GROUP_BY_KEY_UNSPECIFIED = 0; + GROUP_BY_KEY_NAMESPACE = 1; +} \ No newline at end of file diff --git a/sdk-core-protos/src/lib.rs b/sdk-core-protos/src/lib.rs index 32bcbfaf0..82e158b44 100644 --- a/sdk-core-protos/src/lib.rs +++ b/sdk-core-protos/src/lib.rs @@ -1793,6 +1793,11 @@ pub mod temporal { } } pub mod cloud { + pub mod account { + pub mod v1 { + tonic::include_proto!("temporal.api.cloud.account.v1"); + } + } pub mod cloudservice { pub mod v1 { tonic::include_proto!("temporal.api.cloud.cloudservice.v1"); @@ -1808,6 +1813,11 @@ pub mod temporal { tonic::include_proto!("temporal.api.cloud.namespace.v1"); } } + pub mod nexus { + pub mod v1 { + tonic::include_proto!("temporal.api.cloud.nexus.v1"); + } + } pub mod operation { pub mod v1 { tonic::include_proto!("temporal.api.cloud.operation.v1"); @@ -1818,6 +1828,21 @@ pub mod temporal { tonic::include_proto!("temporal.api.cloud.region.v1"); } } + pub mod resource { + pub mod v1 { + tonic::include_proto!("temporal.api.cloud.resource.v1"); + } + } + pub mod sink { + pub mod v1 { + tonic::include_proto!("temporal.api.cloud.sink.v1"); + } + } + pub mod usage { + pub mod v1 { + tonic::include_proto!("temporal.api.cloud.usage.v1"); + } + } } pub mod common { pub mod v1 {