cerbos 0.1.0

data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb

@@ -0,0 +1,178 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: cerbos/request/v1/request.proto
+
+require 'google/protobuf'
+
+require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
+require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
+require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
+require 'cerbos/protobuf/google/api/field_behavior_pb'
+require 'google/protobuf/duration_pb'
+require 'google/protobuf/struct_pb'
+require 'google/protobuf/timestamp_pb'
+require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
+require 'cerbos/protobuf/validate/validate_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("cerbos/request/v1/request.proto", :syntax => :proto3) do
+    add_message "cerbos.request.v1.PlanResourcesRequest" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      optional :action, :string, 2, json_name: "action"
+      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
+      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesRequest.Resource", json_name: "resource"
+      optional :aux_data, :message, 5, "cerbos.request.v1.AuxData", json_name: "auxData"
+      optional :include_meta, :bool, 6, json_name: "includeMeta"
+    end
+    add_message "cerbos.request.v1.CheckResourceSetRequest" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      repeated :actions, :string, 2, json_name: "actions"
+      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
+      optional :resource, :message, 4, "cerbos.request.v1.ResourceSet", json_name: "resource"
+      optional :include_meta, :bool, 5, json_name: "includeMeta"
+      optional :aux_data, :message, 6, "cerbos.request.v1.AuxData", json_name: "auxData"
+    end
+    add_message "cerbos.request.v1.ResourceSet" do
+      optional :kind, :string, 1, json_name: "kind"
+      optional :policy_version, :string, 2, json_name: "policyVersion"
+      map :instances, :string, :message, 3, "cerbos.request.v1.AttributesMap"
+      optional :scope, :string, 4, json_name: "scope"
+    end
+    add_message "cerbos.request.v1.AttributesMap" do
+      map :attr, :string, :message, 1, "google.protobuf.Value"
+    end
+    add_message "cerbos.request.v1.CheckResourceBatchRequest" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      optional :principal, :message, 2, "cerbos.engine.v1.Principal", json_name: "principal"
+      repeated :resources, :message, 3, "cerbos.request.v1.CheckResourceBatchRequest.BatchEntry", json_name: "resources"
+      optional :aux_data, :message, 4, "cerbos.request.v1.AuxData", json_name: "auxData"
+    end
+    add_message "cerbos.request.v1.CheckResourceBatchRequest.BatchEntry" do
+      repeated :actions, :string, 1, json_name: "actions"
+      optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
+    end
+    add_message "cerbos.request.v1.CheckResourcesRequest" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      optional :include_meta, :bool, 2, json_name: "includeMeta"
+      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
+      repeated :resources, :message, 4, "cerbos.request.v1.CheckResourcesRequest.ResourceEntry", json_name: "resources"
+      optional :aux_data, :message, 5, "cerbos.request.v1.AuxData", json_name: "auxData"
+    end
+    add_message "cerbos.request.v1.CheckResourcesRequest.ResourceEntry" do
+      repeated :actions, :string, 1, json_name: "actions"
+      optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
+    end
+    add_message "cerbos.request.v1.AuxData" do
+      optional :jwt, :message, 1, "cerbos.request.v1.AuxData.JWT", json_name: "jwt"
+    end
+    add_message "cerbos.request.v1.AuxData.JWT" do
+      optional :token, :string, 1, json_name: "token"
+      optional :key_set_id, :string, 2, json_name: "keySetId"
+    end
+    add_message "cerbos.request.v1.File" do
+      optional :file_name, :string, 1, json_name: "fileName"
+      optional :contents, :bytes, 2, json_name: "contents"
+    end
+    add_message "cerbos.request.v1.PlaygroundValidateRequest" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
+    end
+    add_message "cerbos.request.v1.PlaygroundTestRequest" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
+    end
+    add_message "cerbos.request.v1.PlaygroundEvaluateRequest" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
+      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
+      optional :resource, :message, 4, "cerbos.engine.v1.Resource", json_name: "resource"
+      repeated :actions, :string, 5, json_name: "actions"
+      optional :aux_data, :message, 6, "cerbos.request.v1.AuxData", json_name: "auxData"
+    end
+    add_message "cerbos.request.v1.PlaygroundProxyRequest" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
+      oneof :proxy_request do
+        optional :check_resource_set, :message, 3, "cerbos.request.v1.CheckResourceSetRequest", json_name: "checkResourceSet"
+        optional :check_resource_batch, :message, 4, "cerbos.request.v1.CheckResourceBatchRequest", json_name: "checkResourceBatch"
+        optional :plan_resources, :message, 5, "cerbos.request.v1.PlanResourcesRequest", json_name: "planResources"
+        optional :check_resources, :message, 6, "cerbos.request.v1.CheckResourcesRequest", json_name: "checkResources"
+      end
+    end
+    add_message "cerbos.request.v1.AddOrUpdatePolicyRequest" do
+      repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
+    end
+    add_message "cerbos.request.v1.ListAuditLogEntriesRequest" do
+      optional :kind, :enum, 1, "cerbos.request.v1.ListAuditLogEntriesRequest.Kind", json_name: "kind"
+      oneof :filter do
+        optional :tail, :uint32, 2, json_name: "tail"
+        optional :between, :message, 3, "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange", json_name: "between"
+        optional :since, :message, 4, "google.protobuf.Duration", json_name: "since"
+        optional :lookup, :string, 5, json_name: "lookup"
+      end
+    end
+    add_message "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange" do
+      optional :start, :message, 1, "google.protobuf.Timestamp", json_name: "start"
+      optional :end, :message, 2, "google.protobuf.Timestamp", json_name: "end"
+    end
+    add_enum "cerbos.request.v1.ListAuditLogEntriesRequest.Kind" do
+      value :KIND_UNSPECIFIED, 0
+      value :KIND_ACCESS, 1
+      value :KIND_DECISION, 2
+    end
+    add_message "cerbos.request.v1.ServerInfoRequest" do
+    end
+    add_message "cerbos.request.v1.ListPoliciesRequest" do
+    end
+    add_message "cerbos.request.v1.GetPolicyRequest" do
+      repeated :id, :string, 1, json_name: "id"
+    end
+    add_message "cerbos.request.v1.AddOrUpdateSchemaRequest" do
+      repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
+    end
+    add_message "cerbos.request.v1.ListSchemasRequest" do
+    end
+    add_message "cerbos.request.v1.GetSchemaRequest" do
+      repeated :id, :string, 1, json_name: "id"
+    end
+    add_message "cerbos.request.v1.DeleteSchemaRequest" do
+      repeated :id, :string, 1, json_name: "id"
+    end
+    add_message "cerbos.request.v1.ReloadStoreRequest" do
+      optional :wait, :bool, 1, json_name: "wait"
+    end
+  end
+end
+
+module Cerbos::Protobuf::Cerbos
+  module Request
+    module V1
+      PlanResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlanResourcesRequest").msgclass
+      CheckResourceSetRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourceSetRequest").msgclass
+      ResourceSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ResourceSet").msgclass
+      AttributesMap = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AttributesMap").msgclass
+      CheckResourceBatchRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourceBatchRequest").msgclass
+      CheckResourceBatchRequest::BatchEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourceBatchRequest.BatchEntry").msgclass
+      CheckResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourcesRequest").msgclass
+      CheckResourcesRequest::ResourceEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourcesRequest.ResourceEntry").msgclass
+      AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData").msgclass
+      AuxData::JWT = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData.JWT").msgclass
+      File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.File").msgclass
+      PlaygroundValidateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundValidateRequest").msgclass
+      PlaygroundTestRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundTestRequest").msgclass
+      PlaygroundEvaluateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundEvaluateRequest").msgclass
+      PlaygroundProxyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundProxyRequest").msgclass
+      AddOrUpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdatePolicyRequest").msgclass
+      ListAuditLogEntriesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest").msgclass
+      ListAuditLogEntriesRequest::TimeRange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange").msgclass
+      ListAuditLogEntriesRequest::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.Kind").enummodule
+      ServerInfoRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ServerInfoRequest").msgclass
+      ListPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListPoliciesRequest").msgclass
+      GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetPolicyRequest").msgclass
+      AddOrUpdateSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdateSchemaRequest").msgclass
+      ListSchemasRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListSchemasRequest").msgclass
+      GetSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetSchemaRequest").msgclass
+      DeleteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.DeleteSchemaRequest").msgclass
+      ReloadStoreRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ReloadStoreRequest").msgclass
+    end
+  end
+end

data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb

@@ -0,0 +1,230 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: cerbos/response/v1/response.proto
+
+require 'google/protobuf'
+
+require 'cerbos/protobuf/cerbos/audit/v1/audit_pb'
+require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
+require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
+require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
+require 'google/protobuf/empty_pb'
+require 'google/protobuf/struct_pb'
+require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("cerbos/response/v1/response.proto", :syntax => :proto3) do
+    add_message "cerbos.response.v1.PlanResourcesResponse" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      optional :action, :string, 2, json_name: "action"
+      optional :resource_kind, :string, 3, json_name: "resourceKind"
+      optional :policy_version, :string, 4, json_name: "policyVersion"
+      optional :filter, :message, 5, "cerbos.response.v1.PlanResourcesResponse.Filter", json_name: "filter"
+      optional :meta, :message, 6, "cerbos.response.v1.PlanResourcesResponse.Meta", json_name: "meta"
+    end
+    add_message "cerbos.response.v1.PlanResourcesResponse.Expression" do
+      optional :operator, :string, 1, json_name: "operator"
+      repeated :operands, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "operands"
+    end
+    add_message "cerbos.response.v1.PlanResourcesResponse.Expression.Operand" do
+      oneof :node do
+        optional :value, :message, 1, "google.protobuf.Value", json_name: "value"
+        optional :expression, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression", json_name: "expression"
+        optional :variable, :string, 3, json_name: "variable"
+      end
+    end
+    add_message "cerbos.response.v1.PlanResourcesResponse.Filter" do
+      optional :kind, :enum, 1, "cerbos.response.v1.PlanResourcesResponse.Filter.Kind", json_name: "kind"
+      optional :condition, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "condition"
+    end
+    add_enum "cerbos.response.v1.PlanResourcesResponse.Filter.Kind" do
+      value :KIND_UNSPECIFIED, 0
+      value :KIND_ALWAYS_ALLOWED, 1
+      value :KIND_ALWAYS_DENIED, 2
+      value :KIND_CONDITIONAL, 3
+    end
+    add_message "cerbos.response.v1.PlanResourcesResponse.Meta" do
+      optional :filter_debug, :string, 1, json_name: "filterDebug"
+      optional :matched_scope, :string, 2, json_name: "matchedScope"
+    end
+    add_message "cerbos.response.v1.CheckResourceSetResponse" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      map :resource_instances, :string, :message, 2, "cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap"
+      optional :meta, :message, 3, "cerbos.response.v1.CheckResourceSetResponse.Meta", json_name: "meta"
+    end
+    add_message "cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap" do
+      map :actions, :string, :enum, 1, "cerbos.effect.v1.Effect"
+      repeated :validation_errors, :message, 2, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
+    end
+    add_message "cerbos.response.v1.CheckResourceSetResponse.Meta" do
+      map :resource_instances, :string, :message, 1, "cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta"
+    end
+    add_message "cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMeta" do
+      optional :matched_policy, :string, 1, json_name: "matchedPolicy"
+      optional :matched_scope, :string, 2, json_name: "matchedScope"
+    end
+    add_message "cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta" do
+      map :actions, :string, :message, 1, "cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMeta"
+      repeated :effective_derived_roles, :string, 2, json_name: "effectiveDerivedRoles"
+    end
+    add_message "cerbos.response.v1.CheckResourceBatchResponse" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      repeated :results, :message, 2, "cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap", json_name: "results"
+    end
+    add_message "cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap" do
+      optional :resource_id, :string, 1, json_name: "resourceId"
+      map :actions, :string, :enum, 2, "cerbos.effect.v1.Effect"
+      repeated :validation_errors, :message, 3, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
+    end
+    add_message "cerbos.response.v1.CheckResourcesResponse" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      repeated :results, :message, 2, "cerbos.response.v1.CheckResourcesResponse.ResultEntry", json_name: "results"
+    end
+    add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry" do
+      optional :resource, :message, 1, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource", json_name: "resource"
+      map :actions, :string, :enum, 2, "cerbos.effect.v1.Effect"
+      repeated :validation_errors, :message, 3, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
+      optional :meta, :message, 4, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta", json_name: "meta"
+    end
+    add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource" do
+      optional :id, :string, 1, json_name: "id"
+      optional :kind, :string, 2, json_name: "kind"
+      optional :policy_version, :string, 3, json_name: "policyVersion"
+      optional :scope, :string, 4, json_name: "scope"
+    end
+    add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta" do
+      map :actions, :string, :message, 1, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta"
+      repeated :effective_derived_roles, :string, 2, json_name: "effectiveDerivedRoles"
+    end
+    add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta" do
+      optional :matched_policy, :string, 1, json_name: "matchedPolicy"
+      optional :matched_scope, :string, 2, json_name: "matchedScope"
+    end
+    add_message "cerbos.response.v1.PlaygroundFailure" do
+      repeated :errors, :message, 1, "cerbos.response.v1.PlaygroundFailure.Error", json_name: "errors"
+    end
+    add_message "cerbos.response.v1.PlaygroundFailure.Error" do
+      optional :file, :string, 1, json_name: "file"
+      optional :error, :string, 2, json_name: "error"
+    end
+    add_message "cerbos.response.v1.PlaygroundValidateResponse" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      oneof :outcome do
+        optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
+        optional :success, :message, 3, "google.protobuf.Empty", json_name: "success"
+      end
+    end
+    add_message "cerbos.response.v1.PlaygroundTestResponse" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      oneof :outcome do
+        optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
+        optional :success, :message, 3, "cerbos.response.v1.PlaygroundTestResponse.TestResults", json_name: "success"
+      end
+    end
+    add_message "cerbos.response.v1.PlaygroundTestResponse.TestResults" do
+      optional :results, :message, 1, "cerbos.policy.v1.TestResults", json_name: "results"
+    end
+    add_message "cerbos.response.v1.PlaygroundEvaluateResponse" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      oneof :outcome do
+        optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
+        optional :success, :message, 3, "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList", json_name: "success"
+      end
+    end
+    add_message "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult" do
+      optional :action, :string, 1, json_name: "action"
+      optional :effect, :enum, 2, "cerbos.effect.v1.Effect", json_name: "effect"
+      optional :policy, :string, 3, json_name: "policy"
+      repeated :effective_derived_roles, :string, 4, json_name: "effectiveDerivedRoles"
+      repeated :validation_errors, :message, 5, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
+    end
+    add_message "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList" do
+      repeated :results, :message, 1, "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult", json_name: "results"
+    end
+    add_message "cerbos.response.v1.PlaygroundProxyResponse" do
+      optional :playground_id, :string, 1, json_name: "playgroundId"
+      oneof :outcome do
+        optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
+        optional :check_resource_set, :message, 3, "cerbos.response.v1.CheckResourceSetResponse", json_name: "checkResourceSet"
+        optional :check_resource_batch, :message, 4, "cerbos.response.v1.CheckResourceBatchResponse", json_name: "checkResourceBatch"
+        optional :plan_resources, :message, 5, "cerbos.response.v1.PlanResourcesResponse", json_name: "planResources"
+        optional :check_resources, :message, 6, "cerbos.response.v1.CheckResourcesResponse", json_name: "checkResources"
+      end
+    end
+    add_message "cerbos.response.v1.AddOrUpdatePolicyResponse" do
+      optional :success, :message, 1, "google.protobuf.Empty", json_name: "success"
+    end
+    add_message "cerbos.response.v1.ListAuditLogEntriesResponse" do
+      oneof :entry do
+        optional :access_log_entry, :message, 1, "cerbos.audit.v1.AccessLogEntry", json_name: "accessLogEntry"
+        optional :decision_log_entry, :message, 2, "cerbos.audit.v1.DecisionLogEntry", json_name: "decisionLogEntry"
+      end
+    end
+    add_message "cerbos.response.v1.ServerInfoResponse" do
+      optional :version, :string, 1, json_name: "version"
+      optional :commit, :string, 2, json_name: "commit"
+      optional :build_date, :string, 3, json_name: "buildDate"
+    end
+    add_message "cerbos.response.v1.ListPoliciesResponse" do
+      repeated :policy_ids, :string, 1, json_name: "policyIds"
+    end
+    add_message "cerbos.response.v1.GetPolicyResponse" do
+      repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
+    end
+    add_message "cerbos.response.v1.AddOrUpdateSchemaResponse" do
+    end
+    add_message "cerbos.response.v1.ListSchemasResponse" do
+      repeated :schema_ids, :string, 1, json_name: "schemaIds"
+    end
+    add_message "cerbos.response.v1.GetSchemaResponse" do
+      repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
+    end
+    add_message "cerbos.response.v1.DeleteSchemaResponse" do
+    end
+    add_message "cerbos.response.v1.ReloadStoreResponse" do
+    end
+  end
+end
+
+module Cerbos::Protobuf::Cerbos
+  module Response
+    module V1
+      PlanResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse").msgclass
+      PlanResourcesResponse::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression").msgclass
+      PlanResourcesResponse::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression.Operand").msgclass
+      PlanResourcesResponse::Filter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter").msgclass
+      PlanResourcesResponse::Filter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter.Kind").enummodule
+      PlanResourcesResponse::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Meta").msgclass
+      CheckResourceSetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse").msgclass
+      CheckResourceSetResponse::ActionEffectMap = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap").msgclass
+      CheckResourceSetResponse::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.Meta").msgclass
+      CheckResourceSetResponse::Meta::EffectMeta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMeta").msgclass
+      CheckResourceSetResponse::Meta::ActionMeta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta").msgclass
+      CheckResourceBatchResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceBatchResponse").msgclass
+      CheckResourceBatchResponse::ActionEffectMap = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap").msgclass
+      CheckResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse").msgclass
+      CheckResourcesResponse::ResultEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry").msgclass
+      CheckResourcesResponse::ResultEntry::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource").msgclass
+      CheckResourcesResponse::ResultEntry::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta").msgclass
+      CheckResourcesResponse::ResultEntry::Meta::EffectMeta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta").msgclass
+      PlaygroundFailure = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundFailure").msgclass
+      PlaygroundFailure::Error = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundFailure.Error").msgclass
+      PlaygroundValidateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundValidateResponse").msgclass
+      PlaygroundTestResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundTestResponse").msgclass
+      PlaygroundTestResponse::TestResults = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundTestResponse.TestResults").msgclass
+      PlaygroundEvaluateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse").msgclass
+      PlaygroundEvaluateResponse::EvalResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult").msgclass
+      PlaygroundEvaluateResponse::EvalResultList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList").msgclass
+      PlaygroundProxyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundProxyResponse").msgclass
+      AddOrUpdatePolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.AddOrUpdatePolicyResponse").msgclass
+      ListAuditLogEntriesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListAuditLogEntriesResponse").msgclass
+      ServerInfoResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ServerInfoResponse").msgclass
+      ListPoliciesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListPoliciesResponse").msgclass
+      GetPolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.GetPolicyResponse").msgclass
+      AddOrUpdateSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.AddOrUpdateSchemaResponse").msgclass
+      ListSchemasResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListSchemasResponse").msgclass
+      GetSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.GetSchemaResponse").msgclass
+      DeleteSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.DeleteSchemaResponse").msgclass
+      ReloadStoreResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ReloadStoreResponse").msgclass
+    end
+  end
+end

data/lib/cerbos/protobuf/cerbos/schema/v1/schema_pb.rb

@@ -0,0 +1,37 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: cerbos/schema/v1/schema.proto
+
+require 'google/protobuf'
+
+require 'cerbos/protobuf/google/api/field_behavior_pb'
+require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
+require 'cerbos/protobuf/validate/validate_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("cerbos/schema/v1/schema.proto", :syntax => :proto3) do
+    add_message "cerbos.schema.v1.ValidationError" do
+      optional :path, :string, 1, json_name: "path"
+      optional :message, :string, 2, json_name: "message"
+      optional :source, :enum, 3, "cerbos.schema.v1.ValidationError.Source", json_name: "source"
+    end
+    add_enum "cerbos.schema.v1.ValidationError.Source" do
+      value :SOURCE_UNSPECIFIED, 0
+      value :SOURCE_PRINCIPAL, 1
+      value :SOURCE_RESOURCE, 2
+    end
+    add_message "cerbos.schema.v1.Schema" do
+      optional :id, :string, 1, json_name: "id"
+      optional :definition, :bytes, 2, json_name: "definition"
+    end
+  end
+end
+
+module Cerbos::Protobuf::Cerbos
+  module Schema
+    module V1
+      ValidationError = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.ValidationError").msgclass
+      ValidationError::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.ValidationError.Source").enummodule
+      Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.Schema").msgclass
+    end
+  end
+end

data/lib/cerbos/protobuf/cerbos/svc/v1/svc_pb.rb

@@ -0,0 +1,21 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: cerbos/svc/v1/svc.proto
+
+require 'google/protobuf'
+
+require 'cerbos/protobuf/cerbos/request/v1/request_pb'
+require 'cerbos/protobuf/cerbos/response/v1/response_pb'
+require 'cerbos/protobuf/google/api/annotations_pb'
+require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("cerbos/svc/v1/svc.proto", :syntax => :proto3) do
+  end
+end
+
+module Cerbos::Protobuf::Cerbos
+  module Svc
+    module V1
+    end
+  end
+end

data/lib/cerbos/protobuf/cerbos/svc/v1/svc_services_pb.rb

@@ -0,0 +1,73 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: cerbos/svc/v1/svc.proto for package 'cerbos.svc.v1'
+# Original file comments:
+# Copyright 2021-2022 Zenauth Ltd.
+# SPDX-License-Identifier: Apache-2.0
+#
+
+require 'grpc'
+require 'cerbos/protobuf/cerbos/svc/v1/svc_pb'
+
+module Cerbos::Protobuf::Cerbos
+  module Svc
+    module V1
+      module CerbosService
+        class Service
+
+          include ::GRPC::GenericService
+
+          self.marshal_class_method = :encode
+          self.unmarshal_class_method = :decode
+          self.service_name = 'cerbos.svc.v1.CerbosService'
+
+          rpc :CheckResourceSet, ::Cerbos::Protobuf::Cerbos::Request::V1::CheckResourceSetRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::CheckResourceSetResponse
+          rpc :CheckResourceBatch, ::Cerbos::Protobuf::Cerbos::Request::V1::CheckResourceBatchRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::CheckResourceBatchResponse
+          rpc :CheckResources, ::Cerbos::Protobuf::Cerbos::Request::V1::CheckResourcesRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::CheckResourcesResponse
+          rpc :ServerInfo, ::Cerbos::Protobuf::Cerbos::Request::V1::ServerInfoRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ServerInfoResponse
+          rpc :PlanResources, ::Cerbos::Protobuf::Cerbos::Request::V1::PlanResourcesRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlanResourcesResponse
+        end
+
+        Stub = Service.rpc_stub_class
+      end
+      module CerbosAdminService
+        class Service
+
+          include ::GRPC::GenericService
+
+          self.marshal_class_method = :encode
+          self.unmarshal_class_method = :decode
+          self.service_name = 'cerbos.svc.v1.CerbosAdminService'
+
+          rpc :AddOrUpdatePolicy, ::Cerbos::Protobuf::Cerbos::Request::V1::AddOrUpdatePolicyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::AddOrUpdatePolicyResponse
+          rpc :ListPolicies, ::Cerbos::Protobuf::Cerbos::Request::V1::ListPoliciesRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ListPoliciesResponse
+          rpc :GetPolicy, ::Cerbos::Protobuf::Cerbos::Request::V1::GetPolicyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::GetPolicyResponse
+          rpc :ListAuditLogEntries, ::Cerbos::Protobuf::Cerbos::Request::V1::ListAuditLogEntriesRequest, stream(::Cerbos::Protobuf::Cerbos::Response::V1::ListAuditLogEntriesResponse)
+          rpc :AddOrUpdateSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::AddOrUpdateSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::AddOrUpdateSchemaResponse
+          rpc :ListSchemas, ::Cerbos::Protobuf::Cerbos::Request::V1::ListSchemasRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ListSchemasResponse
+          rpc :GetSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::GetSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::GetSchemaResponse
+          rpc :DeleteSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::DeleteSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::DeleteSchemaResponse
+          rpc :ReloadStore, ::Cerbos::Protobuf::Cerbos::Request::V1::ReloadStoreRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ReloadStoreResponse
+        end
+
+        Stub = Service.rpc_stub_class
+      end
+      module CerbosPlaygroundService
+        class Service
+
+          include ::GRPC::GenericService
+
+          self.marshal_class_method = :encode
+          self.unmarshal_class_method = :decode
+          self.service_name = 'cerbos.svc.v1.CerbosPlaygroundService'
+
+          rpc :PlaygroundValidate, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundValidateRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundValidateResponse
+          rpc :PlaygroundTest, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundTestRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundTestResponse
+          rpc :PlaygroundEvaluate, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundEvaluateRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundEvaluateResponse
+          rpc :PlaygroundProxy, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundProxyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundProxyResponse
+        end
+
+        Stub = Service.rpc_stub_class
+      end
+    end
+  end
+end

data/lib/cerbos/protobuf/cerbos/telemetry/v1/telemetry_pb.rb

@@ -0,0 +1,99 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: cerbos/telemetry/v1/telemetry.proto
+
+require 'google/protobuf'
+
+require 'google/protobuf/duration_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("cerbos/telemetry/v1/telemetry.proto", :syntax => :proto3) do
+    add_message "cerbos.telemetry.v1.Ping" do
+      optional :version, :string, 1, json_name: "version"
+      optional :source, :message, 2, "cerbos.telemetry.v1.Ping.Source", json_name: "source"
+      optional :features, :message, 3, "cerbos.telemetry.v1.Ping.Features", json_name: "features"
+      optional :stats, :message, 4, "cerbos.telemetry.v1.Ping.Stats", json_name: "stats"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Cerbos" do
+      optional :version, :string, 1, json_name: "version"
+      optional :commit, :string, 2, json_name: "commit"
+      optional :build_date, :string, 3, json_name: "buildDate"
+      optional :module_version, :string, 4, json_name: "moduleVersion"
+      optional :module_checksum, :string, 5, json_name: "moduleChecksum"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Source" do
+      optional :cerbos, :message, 1, "cerbos.telemetry.v1.Ping.Cerbos", json_name: "cerbos"
+      optional :os, :string, 2, json_name: "os"
+      optional :arch, :string, 3, json_name: "arch"
+      optional :num_cpus, :uint32, 4, json_name: "numCpus"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features" do
+      optional :audit, :message, 1, "cerbos.telemetry.v1.Ping.Features.Audit", json_name: "audit"
+      optional :schema, :message, 2, "cerbos.telemetry.v1.Ping.Features.Schema", json_name: "schema"
+      optional :admin_api, :message, 3, "cerbos.telemetry.v1.Ping.Features.AdminApi", json_name: "adminApi"
+      optional :storage, :message, 4, "cerbos.telemetry.v1.Ping.Features.Storage", json_name: "storage"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Audit" do
+      optional :enabled, :bool, 1, json_name: "enabled"
+      optional :backend, :string, 2, json_name: "backend"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Schema" do
+      optional :enforcement, :string, 1, json_name: "enforcement"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.AdminApi" do
+      optional :enabled, :bool, 1, json_name: "enabled"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Storage" do
+      optional :driver, :string, 1, json_name: "driver"
+      oneof :store do
+        optional :disk, :message, 2, "cerbos.telemetry.v1.Ping.Features.Storage.Disk", json_name: "disk"
+        optional :git, :message, 3, "cerbos.telemetry.v1.Ping.Features.Storage.Git", json_name: "git"
+        optional :blob, :message, 4, "cerbos.telemetry.v1.Ping.Features.Storage.Blob", json_name: "blob"
+      end
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Disk" do
+      optional :watch, :bool, 1, json_name: "watch"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Git" do
+      optional :protocol, :string, 1, json_name: "protocol"
+      optional :auth, :bool, 2, json_name: "auth"
+      optional :poll_interval, :message, 3, "google.protobuf.Duration", json_name: "pollInterval"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Blob" do
+      optional :provider, :string, 1, json_name: "provider"
+      optional :poll_interval, :message, 2, "google.protobuf.Duration", json_name: "pollInterval"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Stats" do
+      optional :policy, :message, 1, "cerbos.telemetry.v1.Ping.Stats.Policy", json_name: "policy"
+      optional :schema, :message, 2, "cerbos.telemetry.v1.Ping.Stats.Schema", json_name: "schema"
+    end
+    add_message "cerbos.telemetry.v1.Ping.Stats.Policy" do
+      map :count, :string, :uint32, 1
+      map :avg_rule_count, :string, :double, 2
+      map :avg_condition_count, :string, :double, 3
+    end
+    add_message "cerbos.telemetry.v1.Ping.Stats.Schema" do
+      optional :count, :uint32, 1, json_name: "count"
+    end
+  end
+end
+
+module Cerbos::Protobuf::Cerbos
+  module Telemetry
+    module V1
+      Ping = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping").msgclass
+      Ping::Cerbos = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Cerbos").msgclass
+      Ping::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Source").msgclass
+      Ping::Features = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features").msgclass
+      Ping::Features::Audit = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Audit").msgclass
+      Ping::Features::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Schema").msgclass
+      Ping::Features::AdminApi = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.AdminApi").msgclass
+      Ping::Features::Storage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage").msgclass
+      Ping::Features::Storage::Disk = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Disk").msgclass
+      Ping::Features::Storage::Git = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Git").msgclass
+      Ping::Features::Storage::Blob = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Blob").msgclass
+      Ping::Stats = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats").msgclass
+      Ping::Stats::Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats.Policy").msgclass
+      Ping::Stats::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats.Schema").msgclass
+    end
+  end
+end