go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/provenance/api/spikepb/ids/inspect.proto

go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/provenance/api/spikepb/ids/inspect.proto (about)

     1  // Copyright 2022 The LUCI Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  syntax = "proto3";
    16  
    17  package spike.ids;
    18  
    19  option go_package = "go.chromium.org/luci/provenance/api/spikepb/ids;idspb";
    20  
    21  import "google/protobuf/empty.proto";
    22  import "google/protobuf/timestamp.proto";
    23  
    24  // Inspect supports exporting identified "interesting" events happening on a
    25  // machine as captured by a policy. A policy's design will define what is an
    26  // interesting event, e.g. it can be a network call.
    27  service Inspect {
    28    // InspectionReport is the endpoint used by policies to report events to
    29    // Spike, which is used in Spike as IDS indicators.
    30    rpc InspectionReport(InspectionReportRequest) returns (google.protobuf.Empty);
    31  }
    32  
    33  // InspectionReportRequest encapsulates a policies inspect report to Spike.
    34  message InspectionReportRequest {
    35    // An identifier for Spike to use to associate a report to a policy.
    36    // Since there might be multiple policies running at the same time,
    37    // Spike needs to know which policy is reporting what.
    38    string policy_signature = 1;
    39    // Details will have the information policy wants to export. It will
    40    // have unique information depending upon the policy.
    41    //
    42    // For example, network proxy will have `NetworkActivityLog `information
    43    // from google3/security/bcid/proto/software/network_proxy.proto.
    44    // Processing of this information will be at Spike, i.e. Spike will
    45    // learn how to interpret a particular type of report.
    46    Details details = 2;
    47    // Identifier of a build.
    48    string build_id = 3;
    49    google.protobuf.Timestamp timestamp = 4;
    50    // Provenance critical dictates whether this inspection report needs is
    51    // needed for generating provenance.
    52    bool provenance_critical = 5;
    53  }
    54  
    55  // Details will have the information policy wants to export. It will have unique
    56  // information depending upon the policy.
    57  message Details {
    58    oneof material {
    59      // Sample is an example policy for SPEE demonstration.
    60      Sample sample = 1;
    61      // NetworkProxy is BCID owned network proxy tool capable of enforcing
    62      // network isolation policies.
    63      NetworkProxy network_proxy = 2;
    64    }
    65  }
    66  
    67  // NetworkProxy provides a transparent proxy between build process and the
    68  // internet. Read more at: go/luci-network-proxy (Google-internal).
    69  //
    70  // Information received from this policy will be included in SLSA provenance.
    71  message NetworkProxy {
    72    // URI of the request observed at the proxy.
    73    string uri = 1;
    74    // Optional digest of a material downloaded with the network request.
    75    string digest = 2;
    76  }
    77  
    78  message Sample {
    79    bool ping = 1;
    80  }