From 10744a99a77d9f267a64b9051dc39efe444c9782 Mon Sep 17 00:00:00 2001
From: Cedric Cordenier <cedric.cordenier@smartcontract.com>
Date: Wed, 15 Jan 2025 13:49:32 +0000
Subject: [PATCH] [CRE-44] Add restricted_config and restricted_keys to
 capability registry config

---
 pkg/capabilities/capabilities.go   |  8 ++++-
 pkg/capabilities/pb/registry.pb.go | 51 ++++++++++++++++++++++--------
 pkg/capabilities/pb/registry.proto |  3 ++
 3 files changed, 47 insertions(+), 15 deletions(-)

diff --git a/pkg/capabilities/capabilities.go b/pkg/capabilities/capabilities.go
index f1b6cdcab3..14ba74c758 100644
--- a/pkg/capabilities/capabilities.go
+++ b/pkg/capabilities/capabilities.go
@@ -392,7 +392,13 @@ func (c *RemoteExecutableConfig) ApplyDefaults() {
 }
 
 type CapabilityConfiguration struct {
-	DefaultConfig          *values.Map
+	DefaultConfig *values.Map
+	// RestrictedKeys is a list of keys that can't be provided by users in their
+	// configuration; we'll remove these fields before passing them to the capability.
+	RestrictedKeys []string
+	// RestrictedConfig is configuration that can only be set by us; this
+	// takes precedence over any user-provided config.
+	RestrictedConfig       *values.Map
 	RemoteTriggerConfig    *RemoteTriggerConfig
 	RemoteTargetConfig     *RemoteTargetConfig
 	RemoteExecutableConfig *RemoteExecutableConfig
diff --git a/pkg/capabilities/pb/registry.pb.go b/pkg/capabilities/pb/registry.pb.go
index d6a2f66177..0e8d005ab6 100644
--- a/pkg/capabilities/pb/registry.pb.go
+++ b/pkg/capabilities/pb/registry.pb.go
@@ -236,7 +236,9 @@ type CapabilityConfig struct {
 	//	*CapabilityConfig_RemoteTriggerConfig
 	//	*CapabilityConfig_RemoteTargetConfig
 	//	*CapabilityConfig_RemoteExecutableConfig
-	RemoteConfig isCapabilityConfig_RemoteConfig `protobuf_oneof:"remote_config"`
+	RemoteConfig     isCapabilityConfig_RemoteConfig `protobuf_oneof:"remote_config"`
+	RestrictedConfig *pb.Map                         `protobuf:"bytes,5,opt,name=restricted_config,json=restrictedConfig,proto3" json:"restricted_config,omitempty"`
+	RestrictedKeys   []string                        `protobuf:"bytes,6,rep,name=restricted_keys,json=restrictedKeys,proto3" json:"restricted_keys,omitempty"`
 }
 
 func (x *CapabilityConfig) Reset() {
@@ -306,6 +308,20 @@ func (x *CapabilityConfig) GetRemoteExecutableConfig() *RemoteExecutableConfig {
 	return nil
 }
 
+func (x *CapabilityConfig) GetRestrictedConfig() *pb.Map {
+	if x != nil {
+		return x.RestrictedConfig
+	}
+	return nil
+}
+
+func (x *CapabilityConfig) GetRestrictedKeys() []string {
+	if x != nil {
+		return x.RestrictedKeys
+	}
+	return nil
+}
+
 type isCapabilityConfig_RemoteConfig interface {
 	isCapabilityConfig_RemoteConfig()
 }
@@ -384,7 +400,7 @@ var file_capabilities_pb_registry_proto_rawDesc = []byte{
 	0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
 	0x12, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x78, 0x70,
-	0x69, 0x72, 0x79, 0x22, 0xd0, 0x02, 0x0a, 0x10, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69,
+	0x69, 0x72, 0x79, 0x22, 0xb3, 0x03, 0x0a, 0x10, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69,
 	0x74, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x32, 0x0a, 0x0e, 0x64, 0x65, 0x66, 0x61,
 	0x75, 0x6c, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b,
 	0x32, 0x0b, 0x2e, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x2e, 0x4d, 0x61, 0x70, 0x52, 0x0d, 0x64,
@@ -404,13 +420,19 @@ var file_capabilities_pb_registry_proto_rawDesc = []byte{
 	0x6c, 0x6f, 0x6f, 0x70, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x45, 0x78, 0x65, 0x63, 0x75,
 	0x74, 0x61, 0x62, 0x6c, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x00, 0x52, 0x16, 0x72,
 	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x45, 0x78, 0x65, 0x63, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x43,
-	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x0f, 0x0a, 0x0d, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f,
-	0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x42, 0x5a, 0x40, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62,
-	0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x6d, 0x61, 0x72, 0x74, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x61,
-	0x63, 0x74, 0x6b, 0x69, 0x74, 0x2f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x6b, 0x2d,
-	0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x63, 0x61, 0x70, 0x61, 0x62,
-	0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x33,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x38, 0x0a, 0x11, 0x72, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63,
+	0x74, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x0b, 0x2e, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x2e, 0x4d, 0x61, 0x70, 0x52, 0x10, 0x72,
+	0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
+	0x27, 0x0a, 0x0f, 0x72, 0x65, 0x73, 0x74, 0x72, 0x69, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x6b, 0x65,
+	0x79, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x65, 0x73, 0x74, 0x72, 0x69,
+	0x63, 0x74, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x73, 0x42, 0x0f, 0x0a, 0x0d, 0x72, 0x65, 0x6d, 0x6f,
+	0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x42, 0x5a, 0x40, 0x67, 0x69, 0x74,
+	0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x6d, 0x61, 0x72, 0x74, 0x63, 0x6f, 0x6e,
+	0x74, 0x72, 0x61, 0x63, 0x74, 0x6b, 0x69, 0x74, 0x2f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x6c, 0x69,
+	0x6e, 0x6b, 0x2d, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x63, 0x61,
+	0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -445,11 +467,12 @@ var file_capabilities_pb_registry_proto_depIdxs = []int32{
 	0,  // 7: loop.CapabilityConfig.remote_trigger_config:type_name -> loop.RemoteTriggerConfig
 	1,  // 8: loop.CapabilityConfig.remote_target_config:type_name -> loop.RemoteTargetConfig
 	2,  // 9: loop.CapabilityConfig.remote_executable_config:type_name -> loop.RemoteExecutableConfig
-	10, // [10:10] is the sub-list for method output_type
-	10, // [10:10] is the sub-list for method input_type
-	10, // [10:10] is the sub-list for extension type_name
-	10, // [10:10] is the sub-list for extension extendee
-	0,  // [0:10] is the sub-list for field type_name
+	5,  // 10: loop.CapabilityConfig.restricted_config:type_name -> values.Map
+	11, // [11:11] is the sub-list for method output_type
+	11, // [11:11] is the sub-list for method input_type
+	11, // [11:11] is the sub-list for extension type_name
+	11, // [11:11] is the sub-list for extension extendee
+	0,  // [0:11] is the sub-list for field type_name
 }
 
 func init() { file_capabilities_pb_registry_proto_init() }
diff --git a/pkg/capabilities/pb/registry.proto b/pkg/capabilities/pb/registry.proto
index 6010273995..7cfd30ce8f 100644
--- a/pkg/capabilities/pb/registry.proto
+++ b/pkg/capabilities/pb/registry.proto
@@ -40,5 +40,8 @@ message CapabilityConfig {
     RemoteTargetConfig remote_target_config = 3;
     RemoteExecutableConfig remote_executable_config = 4;
   }
+
+  values.Map restricted_config = 5;
+  repeated string restricted_keys = 6;
 }