From 63634d0a2679f275a8916f76ada4b8a9dc91e5c6 Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 13:22:37 -0500 Subject: [PATCH 01/24] Add BreakingState and ReviewState to ListLabelHistoryResponse --- .../module/v1beta1/label_service.proto | 48 ++++++++++++++++++- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 37f751f..d6cfeee 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -157,12 +157,56 @@ message ListLabelHistoryRequest { } message ListLabelHistoryResponse { + // Whether the Commit was a breaking change. + enum BreakingState { + BREAKING_STATE_UNSPECIFIED = 0; + // The Commit did not represent a breaking change. + BREAKING_STATE_NONE = 1; + // The Commit represented a breaking change at the WIRE level. + BREAKING_STATE_WIRE = 2; + // The Commit represented a breaking change at the WIRE_JSON level. + BREAKING_STATE_WIRE_JSON = 3; + // The Commit represented a breaking change at the PACKAGE level. + BREAKING_STATE_PACKAGE = 4; + // The Commit represented a breaking change at the FILE level. + BREAKING_STATE_FILE = 5; + } + // The Commit's state in the review flow. + enum ReviewState { + REVIEW_STATE_UNSPECIFIED = 0; + // Review was not enabled at the time this Commit was uploaded. + REVIEW_STATE_DISABLED = 1; + // The Commit was reviewed and was accepted. + REVIEW_STATE_ACCEPTED = 2; + // The Commit was reviewed and was rejected. + REVIEW_STATE_REJECTED = 3; + // The Commit has not yet been reviewed and is pending. + REVIEW_STATE_PENDING = 4; + } + message Value { + // The Commit. + Commit commit = 1 [(buf.validate.field).required = true]; + // The Commit's breaking state. + // + // This field will only be returned if breaking change detection is enabled. + // + // Breaking change detection is an enteprise-only feature - contact us to + // learn more! + BreakingState breaking_state = 2 [(buf.validate.field).enum.defined_only = true]; + // The Commit's review state. + // + // The field will only be returned if review flow is enabled. + // + // Review flow is an enteprise-only feature - contact us to + // learn more! + ReviewState review_state = 3 [(buf.validate.field).enum.defined_only = true]; + } // The next page token. // /// If empty, there are no more pages. string next_page_token = 1 [(buf.validate.field).string.max_len = 4096]; - // The listed Commits that represent the history of the Label. - repeated Commit commits = 2; + // The ordered history of the Label. + repeated Value values = 2; } message CreateOrUpdateLabelsRequest { From e346d7593065a2ca48dbb74779c65f097deceb7c Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:23:28 -0500 Subject: [PATCH 02/24] Take two --- buf/registry/module/v1beta1/label.proto | 28 +++++++++- .../module/v1beta1/label_service.proto | 56 ++++++------------- .../module/v1beta1/upload_service.proto | 2 + 3 files changed, 46 insertions(+), 40 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index d5b7f30..32c2669 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -59,8 +59,9 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // The id of the Commit currently associated with the Label. + // The id of the currently passed or accepted Commit currently associated with the Label. // + // Labels will only point to passed or accepted commits, and never point to rejected or pending Commits. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, @@ -71,8 +72,33 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; + + // Whether or not governance is enabled for this Label. + // + // Governance is an enterprise-only feature - contact us to learn more! + bool governance_enabled = 10; + // The current review state of the Label. + // + // This field will only be set if governance is enabled. + LabelReviewState review_state = 11 [(buf.validate.field).enum.defined_only = true]; } +// The label state in the governance review flow. +// +// Governance is an enterprise-only feature - contact us to learn more! +enum LabelReviewState { + LABEL_REVIEW_STATE_UNSPECIFIED = 0; + // The last Commit pushed to the Label did not fail any governance checks and therefore did not need review. + LABEL_REVIEW_STATE_PASSED = 1; + // The last Commit pushed to the Label was reviewed after failing governance checks and was accepted. + LABEL_REVIEW_STATE_ACCEPTED = 2; + // The last Commit pushed to the Label was reviewed after failing governance checks and was rejected. + LABEL_REVIEW_STATE_REJECTED = 3; + // The last Commit pushed to the Label has not yet been reviewed after failing governance checks and is pending. + LABEL_REVIEW_STATE_PENDING = 4; +} + + // LabelRef is a reference to a Label, either an id or a fully-qualified name. // // This is used in requests. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index d6cfeee..7dcdd21 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -21,6 +21,7 @@ import "buf/registry/module/v1beta1/digest.proto"; import "buf/registry/module/v1beta1/label.proto"; import "buf/registry/module/v1beta1/resource.proto"; import "buf/validate/validate.proto"; +import "google/protobuf/timestamp.proto"; option go_package = "buf.build/gen/go/bufbuild/registry/protocolbuffers/go/buf/registry/module/v1beta1"; @@ -96,7 +97,9 @@ message ListLabelsRequest { // Once the resource is resolved, the following Labels are listed: // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. - // - If a Commit is referenced, all Labels for the Commit are returned. + // - If a Commit is referenced, all Labels for the Commit are returned. Note that this will + // not return any Labels where the Commit is currently rejected or pending, it will only + // return Labels for Commits that are passed or accepted. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // @@ -106,6 +109,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; + // Only return Labels that have these governance review states. + // + // By default, Labels with any governance review state are returned. + repeated LabelReviewState governance_review_states = 5; } message ListLabelsResponse { @@ -157,50 +164,21 @@ message ListLabelHistoryRequest { } message ListLabelHistoryResponse { - // Whether the Commit was a breaking change. - enum BreakingState { - BREAKING_STATE_UNSPECIFIED = 0; - // The Commit did not represent a breaking change. - BREAKING_STATE_NONE = 1; - // The Commit represented a breaking change at the WIRE level. - BREAKING_STATE_WIRE = 2; - // The Commit represented a breaking change at the WIRE_JSON level. - BREAKING_STATE_WIRE_JSON = 3; - // The Commit represented a breaking change at the PACKAGE level. - BREAKING_STATE_PACKAGE = 4; - // The Commit represented a breaking change at the FILE level. - BREAKING_STATE_FILE = 5; - } - // The Commit's state in the review flow. - enum ReviewState { - REVIEW_STATE_UNSPECIFIED = 0; - // Review was not enabled at the time this Commit was uploaded. - REVIEW_STATE_DISABLED = 1; - // The Commit was reviewed and was accepted. - REVIEW_STATE_ACCEPTED = 2; - // The Commit was reviewed and was rejected. - REVIEW_STATE_REJECTED = 3; - // The Commit has not yet been reviewed and is pending. - REVIEW_STATE_PENDING = 4; - } + message Value { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The Commit's breaking state. - // - // This field will only be returned if breaking change detection is enabled. - // - // Breaking change detection is an enteprise-only feature - contact us to - // learn more! - BreakingState breaking_state = 2 [(buf.validate.field).enum.defined_only = true]; - // The Commit's review state. + + // The Label's review state. // - // The field will only be returned if review flow is enabled. + // This field will only be set if governance is enabled for the Label. + LabelReviewState review_state = 2 [(buf.validate.field).enum.defined_only = true]; + // When the review state was last updated. // - // Review flow is an enteprise-only feature - contact us to - // learn more! - ReviewState review_state = 3 [(buf.validate.field).enum.defined_only = true]; + // This field will only be set if governance is enabled for the Label. + google.protobuf.Timestamp review_state_updated_at = 3; } + // The next page token. // /// If empty, there are no more pages. diff --git a/buf/registry/module/v1beta1/upload_service.proto b/buf/registry/module/v1beta1/upload_service.proto index 36ff377..86a33f2 100644 --- a/buf/registry/module/v1beta1/upload_service.proto +++ b/buf/registry/module/v1beta1/upload_service.proto @@ -42,6 +42,8 @@ message UploadRequest { // // If the ModuleRef refers to a Module that has associated Content, this field should *not* // be set, and setting it is an error. + // + // The commit_id must point to a passed or accepted Commit. string commit_id = 2 [(buf.validate.field).string.uuid = true]; } // Content to upload for a given reference. From abae8aedf2448f546ac5e01f5641e54309441ec4 Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:26:39 -0500 Subject: [PATCH 03/24] format --- buf/registry/module/v1beta1/label.proto | 1 - buf/registry/module/v1beta1/label_service.proto | 1 - 2 files changed, 2 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 32c2669..810d9bf 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -98,7 +98,6 @@ enum LabelReviewState { LABEL_REVIEW_STATE_PENDING = 4; } - // LabelRef is a reference to a Label, either an id or a fully-qualified name. // // This is used in requests. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 7dcdd21..af2496e 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -164,7 +164,6 @@ message ListLabelHistoryRequest { } message ListLabelHistoryResponse { - message Value { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; From 451ee8ca4206161cbd65775baa197731b87bd3bc Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:28:05 -0500 Subject: [PATCH 04/24] fixes --- buf/registry/module/v1beta1/label.proto | 4 ++-- buf/registry/module/v1beta1/label_service.proto | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 810d9bf..ff81809 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -73,10 +73,10 @@ message Label { (buf.validate.field).string.uuid = true ]; - // Whether or not governance is enabled for this Label. + // Whether or not governance review is enabled for this Label. // // Governance is an enterprise-only feature - contact us to learn more! - bool governance_enabled = 10; + bool review_enabled = 10; // The current review state of the Label. // // This field will only be set if governance is enabled. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index af2496e..0db0a95 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -112,7 +112,7 @@ message ListLabelsRequest { // Only return Labels that have these governance review states. // // By default, Labels with any governance review state are returned. - repeated LabelReviewState governance_review_states = 5; + repeated LabelReviewState review_states = 5; } message ListLabelsResponse { From 88530ad636025665ac480ad3dd92934eef13ccc5 Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:30:20 -0500 Subject: [PATCH 05/24] fix --- buf/registry/module/v1beta1/upload_service.proto | 2 -- 1 file changed, 2 deletions(-) diff --git a/buf/registry/module/v1beta1/upload_service.proto b/buf/registry/module/v1beta1/upload_service.proto index 86a33f2..36ff377 100644 --- a/buf/registry/module/v1beta1/upload_service.proto +++ b/buf/registry/module/v1beta1/upload_service.proto @@ -42,8 +42,6 @@ message UploadRequest { // // If the ModuleRef refers to a Module that has associated Content, this field should *not* // be set, and setting it is an error. - // - // The commit_id must point to a passed or accepted Commit. string commit_id = 2 [(buf.validate.field).string.uuid = true]; } // Content to upload for a given reference. From 94a8cfdb24cec67d3a2c9b0182d0a8257b12390e Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:38:41 -0500 Subject: [PATCH 06/24] newline --- buf/registry/module/v1beta1/label.proto | 1 - 1 file changed, 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index ff81809..c71338f 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -72,7 +72,6 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // Whether or not governance review is enabled for this Label. // // Governance is an enterprise-only feature - contact us to learn more! From b0403a8626594e0f5af3f92307094dd29ec92aea Mon Sep 17 00:00:00 2001 From: bufdev Date: Tue, 13 Feb 2024 17:39:14 -0500 Subject: [PATCH 07/24] comment --- buf/registry/module/v1beta1/label.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index c71338f..991b251 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -78,7 +78,7 @@ message Label { bool review_enabled = 10; // The current review state of the Label. // - // This field will only be set if governance is enabled. + // This field will only be set if review is enabled. LabelReviewState review_state = 11 [(buf.validate.field).enum.defined_only = true]; } From 9b136e4ba12bda0a31f378cee930d95f163a3f42 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 15:09:45 -0800 Subject: [PATCH 08/24] LabelReviewState -> CommitReviewState and update docs CommitReviewState is a better name because LabelReviewState seems to imply a label has only one such state. The number of review states is 1:1 with number of commits (not labels). Update docs to clarify that review state information is returned depending on whether review state was enabled at the time of push for a given commit (not whether it is enabled currently). --- buf/registry/module/v1beta1/label.proto | 28 +++++++++---------- .../module/v1beta1/label_service.proto | 16 +++++------ 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 991b251..5edef34 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -76,25 +76,25 @@ message Label { // // Governance is an enterprise-only feature - contact us to learn more! bool review_enabled = 10; - // The current review state of the Label. + // The review state of the Commit the Label points to. // - // This field will only be set if review is enabled. - LabelReviewState review_state = 11 [(buf.validate.field).enum.defined_only = true]; + // This field will only be set if the review flow was enabled on this label when this commit was pushed. + CommitReviewState commit_review_state = 11 [(buf.validate.field).enum.defined_only = true]; } -// The label state in the governance review flow. +// The state of a Commit in the governance review flow for a particular Label. // // Governance is an enterprise-only feature - contact us to learn more! -enum LabelReviewState { - LABEL_REVIEW_STATE_UNSPECIFIED = 0; - // The last Commit pushed to the Label did not fail any governance checks and therefore did not need review. - LABEL_REVIEW_STATE_PASSED = 1; - // The last Commit pushed to the Label was reviewed after failing governance checks and was accepted. - LABEL_REVIEW_STATE_ACCEPTED = 2; - // The last Commit pushed to the Label was reviewed after failing governance checks and was rejected. - LABEL_REVIEW_STATE_REJECTED = 3; - // The last Commit pushed to the Label has not yet been reviewed after failing governance checks and is pending. - LABEL_REVIEW_STATE_PENDING = 4; +enum CommitReviewState { + COMMIT_REVIEW_STATE_UNSPECIFIED = 0; + // The Commit did not fail any governance checks and therefore did not need review. + COMMIT_REVIEW_STATE_PASSED = 2; + // The Commit was reviewed after failing governance checks and was accepted. + COMMIT_REVIEW_STATE_ACCEPTED = 3; + // The Commit was reviewed after failing governance checks and was rejected. + COMMIT_REVIEW_STATE_REJECTED = 4; + // The Commit has not yet been reviewed after failing governance checks and is pending. + COMMIT_REVIEW_STATE_PENDING = 5; } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 0db0a95..d181e8c 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -109,10 +109,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that have these governance review states. + // Only return Labels that point to a Commit with these governance review states. // - // By default, Labels with any governance review state are returned. - repeated LabelReviewState review_states = 5; + // If not set, Labels that point to a Commit with any governance review state are returned. + repeated CommitReviewState commit_review_states = 5; } message ListLabelsResponse { @@ -168,14 +168,14 @@ message ListLabelHistoryResponse { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The Label's review state. + // The Commit's review state for this Label. // - // This field will only be set if governance is enabled for the Label. - LabelReviewState review_state = 2 [(buf.validate.field).enum.defined_only = true]; + // This field will only be set if the governance review flow was enabled on this label when this commit was pushed. + CommitReviewState commit_review_state = 2 [(buf.validate.field).enum.defined_only = true]; // When the review state was last updated. // - // This field will only be set if governance is enabled for the Label. - google.protobuf.Timestamp review_state_updated_at = 3; + // This field will only be set if the governance review flow was enabled on this label when this commit was pushed. + google.protobuf.Timestamp commit_review_state_updated_at = 3; } // The next page token. From dc29366142200b9f4a420cdfc5f0da1a94810bed Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 15:11:33 -0800 Subject: [PATCH 09/24] commit -> Commit --- buf/registry/module/v1beta1/label.proto | 2 +- buf/registry/module/v1beta1/label_service.proto | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 5edef34..5bc9a19 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -78,7 +78,7 @@ message Label { bool review_enabled = 10; // The review state of the Commit the Label points to. // - // This field will only be set if the review flow was enabled on this label when this commit was pushed. + // This field will only be set if the review flow was enabled on this label when this Commit was pushed. CommitReviewState commit_review_state = 11 [(buf.validate.field).enum.defined_only = true]; } diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index d181e8c..e114b16 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -170,11 +170,11 @@ message ListLabelHistoryResponse { // The Commit's review state for this Label. // - // This field will only be set if the governance review flow was enabled on this label when this commit was pushed. + // This field will only be set if the governance review flow was enabled on this label when this Commit was pushed. CommitReviewState commit_review_state = 2 [(buf.validate.field).enum.defined_only = true]; // When the review state was last updated. // - // This field will only be set if the governance review flow was enabled on this label when this commit was pushed. + // This field will only be set if the governance review flow was enabled on this label when this Commit was pushed. google.protobuf.Timestamp commit_review_state_updated_at = 3; } From 855d3d0d71f3c234c27c66a6164902bc5cc98b83 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 15:16:09 -0800 Subject: [PATCH 10/24] lint --- buf/registry/module/v1beta1/label_service.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index e114b16..78341d9 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -111,7 +111,7 @@ message ListLabelsRequest { Order order = 4 [(buf.validate.field).enum.defined_only = true]; // Only return Labels that point to a Commit with these governance review states. // - // If not set, Labels that point to a Commit with any governance review state are returned. + // If not set, Labels that point to a Commit with any governance review state are returned. repeated CommitReviewState commit_review_states = 5; } From f2007cd76a594bd7d4418268b95e26e73accfb16 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 15:31:36 -0800 Subject: [PATCH 11/24] clarify docs for Label.commit_id --- buf/registry/module/v1beta1/label.proto | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 5bc9a19..799e247 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -59,9 +59,9 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // The id of the currently passed or accepted Commit currently associated with the Label. + // The id of the Commit currently associated with the Label. // - // Labels will only point to passed or accepted commits, and never point to rejected or pending Commits. + // If governance review is enabled, this will point to the most recent passed or accepted Commit. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, From b8264840f257a2423ae94f429d3bcbe78b921caa Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 16:21:25 -0800 Subject: [PATCH 12/24] Standardize on "governance workflow" --- buf/registry/module/v1beta1/label.proto | 16 ++++++++-------- buf/registry/module/v1beta1/label_service.proto | 8 ++++---- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 799e247..34c0398 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -61,7 +61,7 @@ message Label { ]; // The id of the Commit currently associated with the Label. // - // If governance review is enabled, this will point to the most recent passed or accepted Commit. + // If governance workflow is enabled, this will point to the most recent Commit that passed or accepted Commit. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, @@ -72,19 +72,19 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // Whether or not governance review is enabled for this Label. + // Whether or not governance workflow is enabled for this Label. // - // Governance is an enterprise-only feature - contact us to learn more! - bool review_enabled = 10; - // The review state of the Commit the Label points to. + // Governance workflow is an enterprise-only feature - contact us to learn more! + bool governance_workflow_enabled = 10; + // The governance workflow review state of the Commit the Label points to. // - // This field will only be set if the review flow was enabled on this label when this Commit was pushed. + // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. CommitReviewState commit_review_state = 11 [(buf.validate.field).enum.defined_only = true]; } -// The state of a Commit in the governance review flow for a particular Label. +// The state of a Commit in the governance workflow for a particular Label. // -// Governance is an enterprise-only feature - contact us to learn more! +// Governance workflow is an enterprise-only feature - contact us to learn more! enum CommitReviewState { COMMIT_REVIEW_STATE_UNSPECIFIED = 0; // The Commit did not fail any governance checks and therefore did not need review. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 78341d9..5dd339f 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -109,9 +109,9 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with these governance review states. + // Only return Labels that point to a Commit with these governance workflow review states. // - // If not set, Labels that point to a Commit with any governance review state are returned. + // If not set, Labels that point to a Commit with any governance workflow review state are returned. repeated CommitReviewState commit_review_states = 5; } @@ -170,11 +170,11 @@ message ListLabelHistoryResponse { // The Commit's review state for this Label. // - // This field will only be set if the governance review flow was enabled on this label when this Commit was pushed. + // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. CommitReviewState commit_review_state = 2 [(buf.validate.field).enum.defined_only = true]; // When the review state was last updated. // - // This field will only be set if the governance review flow was enabled on this label when this Commit was pushed. + // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. google.protobuf.Timestamp commit_review_state_updated_at = 3; } From 4368113316393819f23dd1aa0733d6742fb268e1 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 16:53:23 -0800 Subject: [PATCH 13/24] CommitReviewState -> GovernanceWorkflowState --- buf/registry/module/v1beta1/label.proto | 20 ++++++++++--------- .../module/v1beta1/label_service.proto | 18 ++++++++--------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 34c0398..04bf895 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -76,25 +76,27 @@ message Label { // // Governance workflow is an enterprise-only feature - contact us to learn more! bool governance_workflow_enabled = 10; - // The governance workflow review state of the Commit the Label points to. + // The governance workflow state of the Commit the Label points to. // - // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. - CommitReviewState commit_review_state = 11 [(buf.validate.field).enum.defined_only = true]; + // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. + GovernanceWorkflowState governance_workflow_state = 11 [(buf.validate.field).enum.defined_only = true]; } // The state of a Commit in the governance workflow for a particular Label. // // Governance workflow is an enterprise-only feature - contact us to learn more! -enum CommitReviewState { - COMMIT_REVIEW_STATE_UNSPECIFIED = 0; +enum GovernanceWorkflowState { + GOVERNANCE_WORKFLOW_STATE_UNSPECIFIED = 0; // The Commit did not fail any governance checks and therefore did not need review. - COMMIT_REVIEW_STATE_PASSED = 2; + GOVERNANCE_WORKFLOW_STATE_PASSED = 1; // The Commit was reviewed after failing governance checks and was accepted. - COMMIT_REVIEW_STATE_ACCEPTED = 3; + GOVERNANCE_WORKFLOW_STATE_ACCEPTED = 2; // The Commit was reviewed after failing governance checks and was rejected. - COMMIT_REVIEW_STATE_REJECTED = 4; + GOVERNANCE_WORKFLOW_STATE_REJECTED = 3; // The Commit has not yet been reviewed after failing governance checks and is pending. - COMMIT_REVIEW_STATE_PENDING = 5; + GOVERNANCE_WORKFLOW_STATE_PENDING = 4; + // TODO: decide how we want to handle the case where a commit is blocked on another commit that is either pending + // or rejected } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 5dd339f..93c2dca 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -109,10 +109,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with these governance workflow review states. + // Only return Labels that point to a Commit with these governance workflow states. // - // If not set, Labels that point to a Commit with any governance workflow review state are returned. - repeated CommitReviewState commit_review_states = 5; + // If not set, Labels that point to a Commit with any governance workflow state are returned. + repeated GovernanceWorkflowState governance_workflow_states = 5; } message ListLabelsResponse { @@ -168,14 +168,14 @@ message ListLabelHistoryResponse { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The Commit's review state for this Label. + // The Commit's governance workflow state for this Label. // - // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. - CommitReviewState commit_review_state = 2 [(buf.validate.field).enum.defined_only = true]; - // When the review state was last updated. + // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. + GovernanceWorkflowState governance_workflow_state = 2 [(buf.validate.field).enum.defined_only = true]; + // When the governance workflow state was last updated. // - // This field will only be set if the governance workflow was enabled on this Label when this Commit was pushed. - google.protobuf.Timestamp commit_review_state_updated_at = 3; + // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. + google.protobuf.Timestamp governance_workflow_state_updated_at = 3; } // The next page token. From 2f7a19904406a2cb81beb4ff33706cc9ddd6f976 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 16:53:40 -0800 Subject: [PATCH 14/24] lint --- buf/registry/module/v1beta1/label.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 04bf895..2a174b5 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -96,7 +96,7 @@ enum GovernanceWorkflowState { // The Commit has not yet been reviewed after failing governance checks and is pending. GOVERNANCE_WORKFLOW_STATE_PENDING = 4; // TODO: decide how we want to handle the case where a commit is blocked on another commit that is either pending - // or rejected + // or rejected } // LabelRef is a reference to a Label, either an id or a fully-qualified name. From 347ea32f3c6308e0757ad949a3764aac3fb943f2 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Thu, 15 Feb 2024 19:16:23 -0800 Subject: [PATCH 15/24] Support GovernanceWorkflowState being blocked on another governance workflow --- buf/registry/module/v1beta1/label.proto | 34 ++++++++++++++----- .../module/v1beta1/label_service.proto | 15 +++----- 2 files changed, 30 insertions(+), 19 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 2a174b5..5012460 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -79,24 +79,40 @@ message Label { // The governance workflow state of the Commit the Label points to. // // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. - GovernanceWorkflowState governance_workflow_state = 11 [(buf.validate.field).enum.defined_only = true]; + GovernanceWorkflowState governance_workflow_state = 11; } // The state of a Commit in the governance workflow for a particular Label. // // Governance workflow is an enterprise-only feature - contact us to learn more! -enum GovernanceWorkflowState { - GOVERNANCE_WORKFLOW_STATE_UNSPECIFIED = 0; +message GovernanceWorkflowState { + // The status of the workflow. + GovernanceWorkflowStatus status = 1 [(buf.validate.field).enum.defined_only = true]; + + // The time the status was last updated. + google.protobuf.Timestamp status_updated_at = 3 [(buf.validate.field).required = true]; + + // The ids of Commits that have governance workflows blocking this governance workflow. + // + // This field will only be set if the status is blocked. + repeated string blocked_on_commit_ids = 2 [(buf.validate.field).string.uuid = true]; +} + +// The status of a GovernanceWorkflowState. +// +// Governance workflow is an enterprise-only feature - contact us to learn more! +enum GovernanceWorkflowStatus { + GOVERNANCE_WORKFLOW_STATUS_UNSPECIFIED = 0; // The Commit did not fail any governance checks and therefore did not need review. - GOVERNANCE_WORKFLOW_STATE_PASSED = 1; + GOVERNANCE_WORKFLOW_STATUS_PASSED = 1; // The Commit was reviewed after failing governance checks and was accepted. - GOVERNANCE_WORKFLOW_STATE_ACCEPTED = 2; + GOVERNANCE_WORKFLOW_STATUS_ACCEPTED = 2; // The Commit was reviewed after failing governance checks and was rejected. - GOVERNANCE_WORKFLOW_STATE_REJECTED = 3; + GOVERNANCE_WORKFLOW_STATUS_REJECTED = 3; // The Commit has not yet been reviewed after failing governance checks and is pending. - GOVERNANCE_WORKFLOW_STATE_PENDING = 4; - // TODO: decide how we want to handle the case where a commit is blocked on another commit that is either pending - // or rejected + GOVERNANCE_WORKFLOW_STATUS_PENDING = 4; + // The governance workflow for this Commit is blocked on the governance workflow for another Commit. + GOVERNANCE_WORKFLOW_STATUS_BLOCKED = 5; } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 93c2dca..7c23d7d 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -21,7 +21,6 @@ import "buf/registry/module/v1beta1/digest.proto"; import "buf/registry/module/v1beta1/label.proto"; import "buf/registry/module/v1beta1/resource.proto"; import "buf/validate/validate.proto"; -import "google/protobuf/timestamp.proto"; option go_package = "buf.build/gen/go/bufbuild/registry/protocolbuffers/go/buf/registry/module/v1beta1"; @@ -109,10 +108,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with these governance workflow states. + // Only return Labels that point to a Commit with one of these GovernanceWorkflowStatus values. // - // If not set, Labels that point to a Commit with any governance workflow state are returned. - repeated GovernanceWorkflowState governance_workflow_states = 5; + // If not set, Labels that point to a Commit with any GovernanceWorkflowStatus value are returned. + repeated GovernanceWorkflowStatus governance_workflow_statuses = 5; } message ListLabelsResponse { @@ -168,14 +167,10 @@ message ListLabelHistoryResponse { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The Commit's governance workflow state for this Label. + // The GovernanceWorkflowState for this Commit on this Label. // // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. - GovernanceWorkflowState governance_workflow_state = 2 [(buf.validate.field).enum.defined_only = true]; - // When the governance workflow state was last updated. - // - // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. - google.protobuf.Timestamp governance_workflow_state_updated_at = 3; + GovernanceWorkflowState governance_workflow_state = 2; } // The next page token. From f3d9cb2f024fdc12041b7e0550b7a8eba919b2c0 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 08:40:10 -0800 Subject: [PATCH 16/24] clarify docs for blocked commits --- buf/registry/module/v1beta1/label_service.proto | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 7c23d7d..0a1372c 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -96,9 +96,8 @@ message ListLabelsRequest { // Once the resource is resolved, the following Labels are listed: // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. - // - If a Commit is referenced, all Labels for the Commit are returned. Note that this will - // not return any Labels where the Commit is currently rejected or pending, it will only - // return Labels for Commits that are passed or accepted. + // - If a Commit is referenced, all Labels that currently point to the Commit are returned. + // Labels where this Commit has a GovernanceFlowStatus that is neither accepted nor passed will not be returned. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // From a0a968af31c6a894d65c7d40bc4088582413d50b Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 11:47:48 -0500 Subject: [PATCH 17/24] Update buf/registry/module/v1beta1/label.proto Co-authored-by: Saquib Mian --- buf/registry/module/v1beta1/label.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 5012460..2943e56 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -61,7 +61,7 @@ message Label { ]; // The id of the Commit currently associated with the Label. // - // If governance workflow is enabled, this will point to the most recent Commit that passed or accepted Commit. + // If governance workflow is enabled, this will point to the most recent Commit that passed or was accepted. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, From 3eeb39c125d1fe9de4f8add6adc8cd8c8fac15cd Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 10:54:35 -0800 Subject: [PATCH 18/24] clarify behavior of blocked state --- buf/registry/module/v1beta1/label.proto | 12 ++++++++++-- buf/registry/module/v1beta1/label_service.proto | 4 +++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 2943e56..813587b 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -78,7 +78,9 @@ message Label { bool governance_workflow_enabled = 10; // The governance workflow state of the Commit the Label points to. // - // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. + // This field will be set if either: + // - Governance workflow was enabled on this Label when this Commit was pushed. + // - This Commit depends on a Commit that has a governance workflow state. GovernanceWorkflowState governance_workflow_state = 11; } @@ -111,7 +113,13 @@ enum GovernanceWorkflowStatus { GOVERNANCE_WORKFLOW_STATUS_REJECTED = 3; // The Commit has not yet been reviewed after failing governance checks and is pending. GOVERNANCE_WORKFLOW_STATUS_PENDING = 4; - // The governance workflow for this Commit is blocked on the governance workflow for another Commit. + // The governance workflow for this Commit is blocked on a pending governance workflow for at least one other Commit. + // + // If at least one dependent Commit is rejected, this commit will inherit the rejected status. + // If all dependent Commits are passed or approved, then the status for this Commit will transition to: + // - Passed if governance workflow is not enabled for this Label. + // - Passed if governance workflow is enabled for this Label and all checks passed. + // - Pending if governance workflow is enabled for this Label and some checks failed. GOVERNANCE_WORKFLOW_STATUS_BLOCKED = 5; } diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 0a1372c..e7dcaa1 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -168,7 +168,9 @@ message ListLabelHistoryResponse { // The GovernanceWorkflowState for this Commit on this Label. // - // This field will only be set if governance workflow was enabled on this Label when this Commit was pushed. + // This field will be set if either: + // - Governance workflow was enabled on this Label when this Commit was pushed. + // - This Commit depends on a Commit that has a governance workflow state. GovernanceWorkflowState governance_workflow_state = 2; } From f7687d988c01032c98c8b35ef4fc9550b4aaaa75 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 14:06:48 -0800 Subject: [PATCH 19/24] governance flow -> policy checks --- buf/registry/module/v1beta1/label.proto | 64 +++++++++---------- .../module/v1beta1/label_service.proto | 16 ++--- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 813587b..1715bbd 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -61,7 +61,7 @@ message Label { ]; // The id of the Commit currently associated with the Label. // - // If governance workflow is enabled, this will point to the most recent Commit that passed or was accepted. + // If policy checks are enabled, this will point to the most recent Commit that passed or was accepted. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, @@ -72,55 +72,55 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // Whether or not governance workflow is enabled for this Label. + // Whether or not policy checks are enabled for this Label. // - // Governance workflow is an enterprise-only feature - contact us to learn more! - bool governance_workflow_enabled = 10; - // The governance workflow state of the Commit the Label points to. + // Policy checks are an enterprise-only feature - contact us to learn more! + bool policy_checks_enabled = 10; + // The PolicyChecksState for the Commit the Label points to. // // This field will be set if either: - // - Governance workflow was enabled on this Label when this Commit was pushed. - // - This Commit depends on a Commit that has a governance workflow state. - GovernanceWorkflowState governance_workflow_state = 11; + // - Policy checks were enabled on this Label when this Commit was pushed. + // - This Commit transitively depends on a Commit that has a PolicyChecksState. + PolicyChecksState policy_checks_state = 11; } -// The state of a Commit in the governance workflow for a particular Label. +// The state of a Commit's policy checks for a particular Label. // -// Governance workflow is an enterprise-only feature - contact us to learn more! -message GovernanceWorkflowState { - // The status of the workflow. - GovernanceWorkflowStatus status = 1 [(buf.validate.field).enum.defined_only = true]; +// Policy checks are an enterprise-only feature - contact us to learn more! +message PolicyChecksState { + // The status of the policy checks. + PolicyChecksStatus status = 1 [(buf.validate.field).enum.defined_only = true]; // The time the status was last updated. google.protobuf.Timestamp status_updated_at = 3 [(buf.validate.field).required = true]; - // The ids of Commits that have governance workflows blocking this governance workflow. + // The ids of Commits that have policy checks blocking these policy checks. // // This field will only be set if the status is blocked. repeated string blocked_on_commit_ids = 2 [(buf.validate.field).string.uuid = true]; } -// The status of a GovernanceWorkflowState. +// The status of a PolicyChecksState. // -// Governance workflow is an enterprise-only feature - contact us to learn more! -enum GovernanceWorkflowStatus { - GOVERNANCE_WORKFLOW_STATUS_UNSPECIFIED = 0; - // The Commit did not fail any governance checks and therefore did not need review. - GOVERNANCE_WORKFLOW_STATUS_PASSED = 1; - // The Commit was reviewed after failing governance checks and was accepted. - GOVERNANCE_WORKFLOW_STATUS_ACCEPTED = 2; - // The Commit was reviewed after failing governance checks and was rejected. - GOVERNANCE_WORKFLOW_STATUS_REJECTED = 3; - // The Commit has not yet been reviewed after failing governance checks and is pending. - GOVERNANCE_WORKFLOW_STATUS_PENDING = 4; - // The governance workflow for this Commit is blocked on a pending governance workflow for at least one other Commit. +// Policy checks are an enterprise-only feature - contact us to learn more! +enum PolicyChecksStatus { + POLICY_CHECKS_STATUS_UNSPECIFIED = 0; + // The Commit did not fail any policy checks and therefore did not need review. + POLICY_CHECKS_STATUS_PASSED = 1; + // The Commit was reviewed after failing policy checks and was accepted. + POLICY_CHECKS_STATUS_ACCEPTED = 2; + // The Commit was reviewed after failing policy checks and was rejected. + POLICY_CHECKS_STATUS_REJECTED = 3; + // The Commit has not yet been reviewed after failing policy checks and is pending. + POLICY_CHECKS_STATUS_PENDING = 4; + // The policy checks for this Commit are blocked on pending policy checks for at least one other Commit. // - // If at least one dependent Commit is rejected, this commit will inherit the rejected status. + // If at least one dependent Commit is rejected, this Commit will inherit the rejected status. // If all dependent Commits are passed or approved, then the status for this Commit will transition to: - // - Passed if governance workflow is not enabled for this Label. - // - Passed if governance workflow is enabled for this Label and all checks passed. - // - Pending if governance workflow is enabled for this Label and some checks failed. - GOVERNANCE_WORKFLOW_STATUS_BLOCKED = 5; + // - Passed if policy checks are not enabled for this Label. + // - Passed if policy checks are enabled for this Label and all checks passed. + // - Pending if policy checks are enabled for this Label and some checks failed. + POLICY_CHECKS_STATUS_BLOCKED = 5; } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index e7dcaa1..7cf5ea5 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -97,7 +97,7 @@ message ListLabelsRequest { // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. // - If a Commit is referenced, all Labels that currently point to the Commit are returned. - // Labels where this Commit has a GovernanceFlowStatus that is neither accepted nor passed will not be returned. + // Labels where this Commit has a PolicyChecksStatus that is neither accepted nor passed will not be returned. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // @@ -107,10 +107,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with one of these GovernanceWorkflowStatus values. + // Only return Labels that point to a Commit with one of these PolicyChecksStatus values. // - // If not set, Labels that point to a Commit with any GovernanceWorkflowStatus value are returned. - repeated GovernanceWorkflowStatus governance_workflow_statuses = 5; + // If not set, Labels that point to a Commit with any PolicyChecksStatus value are returned. + repeated PolicyChecksStatus policy_checks_statuses = 5; } message ListLabelsResponse { @@ -166,12 +166,12 @@ message ListLabelHistoryResponse { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The GovernanceWorkflowState for this Commit on this Label. + // The PolicyChecksState for this Commit on this Label. // // This field will be set if either: - // - Governance workflow was enabled on this Label when this Commit was pushed. - // - This Commit depends on a Commit that has a governance workflow state. - GovernanceWorkflowState governance_workflow_state = 2; + // - Policy checks were enabled on this Label when this Commit was pushed. + // - This Commit transitively depends on a Commit that has a PolicyChecksState. + PolicyChecksState policy_checks_state = 2; } // The next page token. From 03c229fcd0c8ae7e9d273a18b4c346fd9c60a5d2 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 14:21:16 -0800 Subject: [PATCH 20/24] accepted -> approved --- buf/registry/module/v1beta1/label.proto | 6 +++--- buf/registry/module/v1beta1/label_service.proto | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 1715bbd..6886de9 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -61,7 +61,7 @@ message Label { ]; // The id of the Commit currently associated with the Label. // - // If policy checks are enabled, this will point to the most recent Commit that passed or was accepted. + // If policy checks are enabled, this will point to the most recent Commit that passed or was approved. // To get the history of the Commits that have been associated with a Label, use ListLabelHistory. string commit_id = 8 [ (buf.validate.field).required = true, @@ -107,8 +107,8 @@ enum PolicyChecksStatus { POLICY_CHECKS_STATUS_UNSPECIFIED = 0; // The Commit did not fail any policy checks and therefore did not need review. POLICY_CHECKS_STATUS_PASSED = 1; - // The Commit was reviewed after failing policy checks and was accepted. - POLICY_CHECKS_STATUS_ACCEPTED = 2; + // The Commit was reviewed after failing policy checks and was approved. + POLICY_CHECKS_STATUS_APPROVED = 2; // The Commit was reviewed after failing policy checks and was rejected. POLICY_CHECKS_STATUS_REJECTED = 3; // The Commit has not yet been reviewed after failing policy checks and is pending. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 7cf5ea5..8be4670 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -97,7 +97,7 @@ message ListLabelsRequest { // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. // - If a Commit is referenced, all Labels that currently point to the Commit are returned. - // Labels where this Commit has a PolicyChecksStatus that is neither accepted nor passed will not be returned. + // Labels where this Commit has a PolicyChecksStatus that is neither approved nor passed will not be returned. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // From ed33e9c097a5c0d348b68f4ee6b711a9cb46a90c Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Fri, 16 Feb 2024 14:37:38 -0800 Subject: [PATCH 21/24] validation rule --- buf/registry/module/v1beta1/label_service.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 8be4670..51e9650 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -110,7 +110,7 @@ message ListLabelsRequest { // Only return Labels that point to a Commit with one of these PolicyChecksStatus values. // // If not set, Labels that point to a Commit with any PolicyChecksStatus value are returned. - repeated PolicyChecksStatus policy_checks_statuses = 5; + repeated PolicyChecksStatus policy_checks_statuses = 5 [(buf.validate.field).repeated.items.enum.defined_only = true]; } message ListLabelsResponse { From f42ba0c440a700b0730f091137aa372e210b60e0 Mon Sep 17 00:00:00 2001 From: Nick Snyder Date: Mon, 26 Feb 2024 17:19:49 -0500 Subject: [PATCH 22/24] Rename PolicyChecks{State|Status} to PolicyCheck{State|Status} --- buf/registry/module/v1beta1/label.proto | 26 +++++++++---------- .../module/v1beta1/label_service.proto | 14 +++++----- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 6886de9..59c0d79 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -76,20 +76,20 @@ message Label { // // Policy checks are an enterprise-only feature - contact us to learn more! bool policy_checks_enabled = 10; - // The PolicyChecksState for the Commit the Label points to. + // The PolicyCheckState for the Commit the Label points to. // // This field will be set if either: // - Policy checks were enabled on this Label when this Commit was pushed. - // - This Commit transitively depends on a Commit that has a PolicyChecksState. - PolicyChecksState policy_checks_state = 11; + // - This Commit transitively depends on a Commit that has a PolicyCheckState. + PolicyCheckState policy_check_state = 11; } // The state of a Commit's policy checks for a particular Label. // // Policy checks are an enterprise-only feature - contact us to learn more! -message PolicyChecksState { +message PolicyCheckState { // The status of the policy checks. - PolicyChecksStatus status = 1 [(buf.validate.field).enum.defined_only = true]; + PolicyCheckStatus status = 1 [(buf.validate.field).enum.defined_only = true]; // The time the status was last updated. google.protobuf.Timestamp status_updated_at = 3 [(buf.validate.field).required = true]; @@ -100,19 +100,19 @@ message PolicyChecksState { repeated string blocked_on_commit_ids = 2 [(buf.validate.field).string.uuid = true]; } -// The status of a PolicyChecksState. +// The status of a PolicyCheckState. // // Policy checks are an enterprise-only feature - contact us to learn more! -enum PolicyChecksStatus { - POLICY_CHECKS_STATUS_UNSPECIFIED = 0; +enum PolicyCheckStatus { + POLICY_CHECK_STATUS_UNSPECIFIED = 0; // The Commit did not fail any policy checks and therefore did not need review. - POLICY_CHECKS_STATUS_PASSED = 1; + POLICY_CHECK_STATUS_PASSED = 1; // The Commit was reviewed after failing policy checks and was approved. - POLICY_CHECKS_STATUS_APPROVED = 2; + POLICY_CHECK_STATUS_APPROVED = 2; // The Commit was reviewed after failing policy checks and was rejected. - POLICY_CHECKS_STATUS_REJECTED = 3; + POLICY_CHECK_STATUS_REJECTED = 3; // The Commit has not yet been reviewed after failing policy checks and is pending. - POLICY_CHECKS_STATUS_PENDING = 4; + POLICY_CHECK_STATUS_PENDING = 4; // The policy checks for this Commit are blocked on pending policy checks for at least one other Commit. // // If at least one dependent Commit is rejected, this Commit will inherit the rejected status. @@ -120,7 +120,7 @@ enum PolicyChecksStatus { // - Passed if policy checks are not enabled for this Label. // - Passed if policy checks are enabled for this Label and all checks passed. // - Pending if policy checks are enabled for this Label and some checks failed. - POLICY_CHECKS_STATUS_BLOCKED = 5; + POLICY_CHECK_STATUS_BLOCKED = 5; } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 51e9650..12d7074 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -97,7 +97,7 @@ message ListLabelsRequest { // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. // - If a Commit is referenced, all Labels that currently point to the Commit are returned. - // Labels where this Commit has a PolicyChecksStatus that is neither approved nor passed will not be returned. + // Labels where this Commit has a PolicyCheckStatus that is neither approved nor passed will not be returned. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // @@ -107,10 +107,10 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with one of these PolicyChecksStatus values. + // Only return Labels that point to a Commit with one of these PolicyCheckStatus values. // - // If not set, Labels that point to a Commit with any PolicyChecksStatus value are returned. - repeated PolicyChecksStatus policy_checks_statuses = 5 [(buf.validate.field).repeated.items.enum.defined_only = true]; + // If not set, Labels that point to a Commit with any PolicyCheckStatus value are returned. + repeated PolicyCheckStatus policy_check_statuses = 5 [(buf.validate.field).repeated.items.enum.defined_only = true]; } message ListLabelsResponse { @@ -166,12 +166,12 @@ message ListLabelHistoryResponse { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - // The PolicyChecksState for this Commit on this Label. + // The PolicyCheckState for this Commit on this Label. // // This field will be set if either: // - Policy checks were enabled on this Label when this Commit was pushed. - // - This Commit transitively depends on a Commit that has a PolicyChecksState. - PolicyChecksState policy_checks_state = 2; + // - This Commit transitively depends on a Commit that has a PolicyCheckState. + PolicyCheckState policy_check_state = 2; } // The next page token. From 46300fcd6953cd2ecb79d5b624f9675424643c40 Mon Sep 17 00:00:00 2001 From: bufdev Date: Mon, 26 Feb 2024 18:30:29 -0500 Subject: [PATCH 23/24] commit --- Makefile | 2 +- buf/registry/module/v1beta1/label.proto | 60 ++++++++----------- .../module/v1beta1/label_service.proto | 25 ++++---- 3 files changed, 39 insertions(+), 48 deletions(-) diff --git a/Makefile b/Makefile index c9596d2..ca9b775 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ BIN := .tmp/bin export PATH := $(BIN):$(PATH) export GOBIN := $(abspath $(BIN)) -BUF_VERSION := v1.28.1 +BUF_VERSION := v1.29.0 COPYRIGHT_YEARS := 2023-2024 .PHONY: help diff --git a/buf/registry/module/v1beta1/label.proto b/buf/registry/module/v1beta1/label.proto index 59c0d79..969fda4 100644 --- a/buf/registry/module/v1beta1/label.proto +++ b/buf/registry/module/v1beta1/label.proto @@ -72,55 +72,45 @@ message Label { (buf.validate.field).required = true, (buf.validate.field).string.uuid = true ]; - // Whether or not policy checks are enabled for this Label. + // The CommitCheckState for the Commit the Label points to. // - // Policy checks are an enterprise-only feature - contact us to learn more! - bool policy_checks_enabled = 10; - // The PolicyCheckState for the Commit the Label points to. + // The CommitCheckStatus will always be disabled, passed, or approved, since Labels will + // never point to pending or rejected Commits. // - // This field will be set if either: - // - Policy checks were enabled on this Label when this Commit was pushed. - // - This Commit transitively depends on a Commit that has a PolicyCheckState. - PolicyCheckState policy_check_state = 11; + // TODO: Add custom CEL validation to validate the status field is one of DISABLED, PASSED, APPROVED. + CommitCheckState commit_check_state = 10 [(buf.validate.field).required = true]; } // The state of a Commit's policy checks for a particular Label. // // Policy checks are an enterprise-only feature - contact us to learn more! -message PolicyCheckState { - // The status of the policy checks. - PolicyCheckStatus status = 1 [(buf.validate.field).enum.defined_only = true]; - - // The time the status was last updated. - google.protobuf.Timestamp status_updated_at = 3 [(buf.validate.field).required = true]; - - // The ids of Commits that have policy checks blocking these policy checks. +message CommitCheckState { + // The status of the policy check. + CommitCheckStatus status = 1 [ + (buf.validate.field).enum.defined_only = true, + (buf.validate.field).required = true + ]; + // The time the policy check state was last updated. // - // This field will only be set if the status is blocked. - repeated string blocked_on_commit_ids = 2 [(buf.validate.field).string.uuid = true]; + // If the status is disabled, this will be equal to the Commit create_time. + google.protobuf.Timestamp update_time = 3 [(buf.validate.field).required = true]; } -// The status of a PolicyCheckState. +// A check status for a Commit. // // Policy checks are an enterprise-only feature - contact us to learn more! -enum PolicyCheckStatus { - POLICY_CHECK_STATUS_UNSPECIFIED = 0; +enum CommitCheckStatus { + COMMIT_CHECK_STATUS_UNSPECIFIED = 0; + // Policy checks were not enabled when the Commit was created. + COMMIT_CHECK_STATUS_DISABLED = 1; // The Commit did not fail any policy checks and therefore did not need review. - POLICY_CHECK_STATUS_PASSED = 1; - // The Commit was reviewed after failing policy checks and was approved. - POLICY_CHECK_STATUS_APPROVED = 2; - // The Commit was reviewed after failing policy checks and was rejected. - POLICY_CHECK_STATUS_REJECTED = 3; + COMMIT_CHECK_STATUS_PASSED = 2; // The Commit has not yet been reviewed after failing policy checks and is pending. - POLICY_CHECK_STATUS_PENDING = 4; - // The policy checks for this Commit are blocked on pending policy checks for at least one other Commit. - // - // If at least one dependent Commit is rejected, this Commit will inherit the rejected status. - // If all dependent Commits are passed or approved, then the status for this Commit will transition to: - // - Passed if policy checks are not enabled for this Label. - // - Passed if policy checks are enabled for this Label and all checks passed. - // - Pending if policy checks are enabled for this Label and some checks failed. - POLICY_CHECK_STATUS_BLOCKED = 5; + COMMIT_CHECK_STATUS_PENDING = 3; + // The Commit was reviewed after failing policy checks and was rejected. + COMMIT_CHECK_STATUS_REJECTED = 4; + // The Commit was reviewed after failing policy checks and was approved. + COMMIT_CHECK_STATUS_APPROVED = 5; } // LabelRef is a reference to a Label, either an id or a fully-qualified name. diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 12d7074..64f95b2 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -96,8 +96,8 @@ message ListLabelsRequest { // Once the resource is resolved, the following Labels are listed: // - If a Module is referenced, all Labels for the Module are returned. // - If a Label is referenced, this Label is returned. - // - If a Commit is referenced, all Labels that currently point to the Commit are returned. - // Labels where this Commit has a PolicyCheckStatus that is neither approved nor passed will not be returned. + // - If a Commit is referenced, all Labels that currently point to the Commit are returned. Note that + // Labels only point to passed or approved Commits, or Commits where policy checks were disabled. ResourceRef resource_ref = 3 [(buf.validate.field).required = true]; // The order to return the Labels. // @@ -107,10 +107,16 @@ message ListLabelsRequest { // TODO: We are purposefully not making the default the zero enum value, however // we may want to consider this. Order order = 4 [(buf.validate.field).enum.defined_only = true]; - // Only return Labels that point to a Commit with one of these PolicyCheckStatus values. + // Only return Labels that point to a Commit with one of these CommitCheckStatus values. // - // If not set, Labels that point to a Commit with any PolicyCheckStatus value are returned. - repeated PolicyCheckStatus policy_check_statuses = 5 [(buf.validate.field).repeated.items.enum.defined_only = true]; + // If not set, Labels that point to a Commit with any CommitCheckStatus value are returned. + // + // It is an error to filter on CommitCheckStatuses of pending or rejected, as Labels will only + // point to Commits that are passed or approved, or that have policy checks disabled. + // + // TODO: Add custom CEL validation to validate the status field is one of DISABLED, PASSED, APPROVED. + repeated CommitCheckStatus commit_check_statuses = 5 [ + (buf.validate.field).repeated.items.enum.defined_only = true]; } message ListLabelsResponse { @@ -165,13 +171,8 @@ message ListLabelHistoryResponse { message Value { // The Commit. Commit commit = 1 [(buf.validate.field).required = true]; - - // The PolicyCheckState for this Commit on this Label. - // - // This field will be set if either: - // - Policy checks were enabled on this Label when this Commit was pushed. - // - This Commit transitively depends on a Commit that has a PolicyCheckState. - PolicyCheckState policy_check_state = 2; + // The CommitCheckState for this Commit on this Label. + CommitCheckState commit_check_state = 2 [(buf.validate.field).required = true]; } // The next page token. From 108b27945b6c2936cf6ad96b790bd79703057534 Mon Sep 17 00:00:00 2001 From: bufdev Date: Mon, 26 Feb 2024 18:33:23 -0500 Subject: [PATCH 24/24] commit --- buf/registry/module/v1beta1/label_service.proto | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/buf/registry/module/v1beta1/label_service.proto b/buf/registry/module/v1beta1/label_service.proto index 64f95b2..4491946 100644 --- a/buf/registry/module/v1beta1/label_service.proto +++ b/buf/registry/module/v1beta1/label_service.proto @@ -115,8 +115,7 @@ message ListLabelsRequest { // point to Commits that are passed or approved, or that have policy checks disabled. // // TODO: Add custom CEL validation to validate the status field is one of DISABLED, PASSED, APPROVED. - repeated CommitCheckStatus commit_check_statuses = 5 [ - (buf.validate.field).repeated.items.enum.defined_only = true]; + repeated CommitCheckStatus commit_check_statuses = 5 [(buf.validate.field).repeated.items.enum.defined_only = true]; } message ListLabelsResponse {