Tyler King
b1865a0627
Bascule shell runtime workspace — governed shell access layer for Substrate/Guildhouse FFC deployments. Crates: - bascule-agent: node agent with SSH server + command filtering - bascule-core: audit, grant engine, ceremony types, session - bascule-filter-core: log line filtering (stdio protocol) - bascule-gateway: OIDC auth, session management, SAT validation - bascule-node-agent: k8s DaemonSet agent (pod watcher, BPF manager) - bascule-proto: protobuf definitions - bascule-shell: governed SSH shell (commands, elevation, REPL) - bascule-tail: chronicle log tail + fanout - ceremony-engine: ceremony lifecycle (6 types + request/resolution) 172 tests passing. Implements SBS-SPEC-0001 shell model. Reference impl for SPEC-SHELLOPS-0001 Layer 1 (root shell).
110 lines
2.2 KiB
Protocol Buffer
110 lines
2.2 KiB
Protocol Buffer
syntax = "proto3";
|
|
package bascule.v1;
|
|
|
|
import "google/protobuf/timestamp.proto";
|
|
|
|
// --- Session request / response ---
|
|
|
|
message RequestSessionRequest {
|
|
string ceremony_type = 1;
|
|
SessionScope requested_scope = 2;
|
|
repeated EvidenceItem evidence = 3;
|
|
}
|
|
|
|
message RequestSessionResponse {
|
|
oneof result {
|
|
SessionGranted granted = 1;
|
|
CeremonyPending pending = 2;
|
|
CeremonyDenied denied = 3;
|
|
}
|
|
}
|
|
|
|
message SessionGranted {
|
|
string session_id = 1;
|
|
SessionScope granted_scope = 2;
|
|
google.protobuf.Timestamp expires_at = 3;
|
|
string ceremony_id = 4;
|
|
}
|
|
|
|
message CeremonyPending {
|
|
string ceremony_id = 1;
|
|
string message = 2;
|
|
google.protobuf.Timestamp timeout_at = 3;
|
|
}
|
|
|
|
message CeremonyDenied {
|
|
string reason = 1;
|
|
}
|
|
|
|
// --- Scope model ---
|
|
|
|
message SessionScope {
|
|
repeated NamespaceScope namespaces = 1;
|
|
GlobalScope global = 2;
|
|
repeated string pathways = 3;
|
|
optional uint32 mutation_budget = 4;
|
|
bool can_delegate = 5;
|
|
}
|
|
|
|
message NamespaceScope {
|
|
string namespace = 1;
|
|
repeated ScopeRule rules = 2;
|
|
repeated string workload_profiles = 3;
|
|
repeated string denied_capabilities = 4;
|
|
}
|
|
|
|
message ScopeRule {
|
|
repeated string api_groups = 1;
|
|
repeated string resources = 2;
|
|
repeated string verbs = 3;
|
|
}
|
|
|
|
message GlobalScope {
|
|
bool can_view_audit_trail = 1;
|
|
bool can_view_profiles = 2;
|
|
bool can_view_topology = 3;
|
|
}
|
|
|
|
message EvidenceItem {
|
|
string evidence_type = 1;
|
|
string reference = 2;
|
|
}
|
|
|
|
// --- Session status ---
|
|
|
|
message GetSessionStatusRequest {
|
|
string session_id = 1;
|
|
}
|
|
|
|
message GetSessionStatusResponse {
|
|
string session_id = 1;
|
|
string state = 2;
|
|
SessionScope scope = 3;
|
|
google.protobuf.Timestamp expires_at = 4;
|
|
uint32 mutations_used = 5;
|
|
optional uint32 mutation_budget = 6;
|
|
}
|
|
|
|
// --- Session end ---
|
|
|
|
message EndSessionRequest {
|
|
string session_id = 1;
|
|
}
|
|
|
|
message EndSessionResponse {
|
|
bool success = 1;
|
|
uint32 total_commands = 2;
|
|
uint32 total_mutations = 3;
|
|
}
|
|
|
|
// --- Ceremony status ---
|
|
|
|
message GetCeremonyStatusRequest {
|
|
string ceremony_id = 1;
|
|
}
|
|
|
|
message GetCeremonyStatusResponse {
|
|
string ceremony_id = 1;
|
|
string status = 2;
|
|
optional SessionGranted session = 3;
|
|
}
|