syntax = "proto3"; package bascule.v1; import "google/protobuf/timestamp.proto"; // --- Session request / response --- message RequestSessionRequest { string ceremony_type = 1; SessionScope requested_scope = 2; repeated EvidenceItem evidence = 3; } message RequestSessionResponse { oneof result { SessionGranted granted = 1; CeremonyPending pending = 2; CeremonyDenied denied = 3; } } message SessionGranted { string session_id = 1; SessionScope granted_scope = 2; google.protobuf.Timestamp expires_at = 3; string ceremony_id = 4; } message CeremonyPending { string ceremony_id = 1; string message = 2; google.protobuf.Timestamp timeout_at = 3; } message CeremonyDenied { string reason = 1; } // --- Scope model --- message SessionScope { repeated NamespaceScope namespaces = 1; GlobalScope global = 2; repeated string pathways = 3; optional uint32 mutation_budget = 4; bool can_delegate = 5; } message NamespaceScope { string namespace = 1; repeated ScopeRule rules = 2; repeated string workload_profiles = 3; repeated string denied_capabilities = 4; } message ScopeRule { repeated string api_groups = 1; repeated string resources = 2; repeated string verbs = 3; } message GlobalScope { bool can_view_audit_trail = 1; bool can_view_profiles = 2; bool can_view_topology = 3; } message EvidenceItem { string evidence_type = 1; string reference = 2; } // --- Session status --- message GetSessionStatusRequest { string session_id = 1; } message GetSessionStatusResponse { string session_id = 1; string state = 2; SessionScope scope = 3; google.protobuf.Timestamp expires_at = 4; uint32 mutations_used = 5; optional uint32 mutation_budget = 6; } // --- Session end --- message EndSessionRequest { string session_id = 1; } message EndSessionResponse { bool success = 1; uint32 total_commands = 2; uint32 total_mutations = 3; } // --- Ceremony status --- message GetCeremonyStatusRequest { string ceremony_id = 1; } message GetCeremonyStatusResponse { string ceremony_id = 1; string status = 2; optional SessionGranted session = 3; }