gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/pkg/sentry/control/control.proto

// Copyright 2021 The gVisor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package gvisor;

import "google/protobuf/timestamp.proto";

// ControlConfig configures the permission of controls.
message ControlConfig {
  // Names for individual control URPC service objects.
  // Any new service object that should be given conditional access should be
  // named here and conditionally added based on presence in allowed_controls.
  enum Endpoint {
    UNKNOWN = 0;
    EVENTS = 1;
    FS = 2;
    LIFECYCLE = 3;
    LOGGING = 4;
    PROFILE = 5;
    USAGE = 6;
    PROC = 7;
    STATE = 8;
    DEBUG = 9;
    CGROUPS = 10;
  }

  // allowed_controls represents which endpoints may be registered to the
  // server.
  repeated Endpoint allowed_controls = 1;
}

// ContainerStartedEvent is emitted when a container starts.
// It also keeps a track of the time elapsed when a container
// start request is received and the container actually starts.
message ContainerStartedEvent {
  bool started = 1;
  string container_id = 2;
  google.protobuf.Timestamp request_received = 3;
  google.protobuf.Timestamp request_completed = 4;
}

// ContainerExitEvent is emitted when a container's init task exits. Duplicate
// exit events may be emitted for the same container.
message ContainerExitEvent {
  string container_id = 1;
  uint32 exit_status = 2;
}