container-storage-interface
diff --git a/‎csi.proto
Lines changed: 109 additions & 93 deletions b/‎csi.proto
Lines changed: 109 additions & 93 deletions
@@ -196,18 +196,27 @@ message CreateVolumeRequest {
   // validating these parameters. COs will treat these as opaque.
   map<string, string> parameters = 5;
 
-  // Credentials used by Controller plugin to authenticate/authorize
-  // volume creation request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete volume creation request.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // secrets as a one or more map to its end users, therefore the keys
+  // for all unique secrets that a plugin expects, regardless of RPC,
+  // must be unique.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> controller_create_credentials = 6;
+  map<string, string> controller_create_secrets = 6;
 }
 
 message CreateVolumeResponse {
@@ -326,18 +335,24 @@ message DeleteVolumeRequest {
   // This field is REQUIRED.
   string volume_id = 2;
 
-  // Credentials used by Controller plugin to authenticate/authorize
-  // volume deletion request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete volume deletion request.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> controller_delete_credentials = 3;
+  map<string, string> controller_delete_secrets = 3;
 }
 
 message DeleteVolumeResponse {}
@@ -363,18 +378,25 @@ message ControllerPublishVolumeRequest {
   // REQUIRED.
   bool readonly = 5;
 
-  // Credentials used by Controller plugin to authenticate/authorize
-  // controller publish request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete controller publish volume
+  // request.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> controller_publish_credentials = 6;
+  map<string, string> controller_publish_secrets = 6;
 
   // Attributes of the volume to be used on a node. This field is
   // OPTIONAL and MUST match the attributes of the Volume identified
@@ -405,18 +427,27 @@ message ControllerUnpublishVolumeRequest {
   // the volume from all nodes it is published to.
   string node_id = 3;
 
-  // Credentials used by Controller plugin to authenticate/authorize
-  // controller unpublish request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete controller unpublish volume
+  // request. This SHOULD be the same secrets passed to the
+  // ControllerPublishVolume.
+  // call for the specified volume.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> controller_unpublish_credentials = 4;
+  map<string, string> controller_unpublish_secrets = 4;
 }
 
 message ControllerUnpublishVolumeResponse {}
@@ -575,18 +606,24 @@ message NodeStageVolumeRequest {
   // This is a REQUIRED field.
   VolumeCapability volume_capability = 5;
 
-  // Credentials used by Node plugin to authenticate/authorize node
-  // stage request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete node stage volume request.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> node_stage_credentials = 6;
+  map<string, string> node_stage_secrets = 6;
 
   // Attributes of the volume to publish. This field is OPTIONAL and
   // MUST match the attributes of the VolumeInfo identified by
@@ -608,19 +645,6 @@ message NodeUnstageVolumeRequest {
   // path in the root filesystem of the process serving this request.
   // This is a REQUIRED field.
   string staging_target_path = 3;
-
-  // Credentials used by Node plugin to authenticate/authorize node
-  // unstage request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
-  // This field is OPTIONAL.
-  map<string, string> node_unstage_credentials = 4;
 }
 
 message NodeUnstageVolumeResponse {}
@@ -664,19 +688,24 @@ message NodePublishVolumeRequest {
   // REQUIRED.
   bool readonly = 7;
 
-  // Credentials used by Node plugin to authenticate/authorize node
-  // publish request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
+  // Secrets required by plugin to complete node publish volume request.
+  // A secret is a string to string map where the key identifies the
+  // name of the secret (e.g. "username" or "password"), and the value
+  // contains the secret data (e.g. "bob" or "abc123").
+  // Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+  // Each value MUST contain a valid string. An SP MAY choose to accept
+  // binary (non-string) data by using a binary-to-text encoding scheme,
+  // like base64.
+  // An SP SHALL advertise the requirements for required secret keys and
+  // values in documentation.
+  // CO SHALL permit passing through the required secrets.
+  // A CO MAY pass the same secrets to all RPCs, therefore the keys for
+  // all unique secrets that an SP expects must be unique across all CSI
+  // operations.
+  // This information is sensitive and MUST be treated as such (not
+  // logged, etc.) by the CO.
   // This field is OPTIONAL.
-  map<string, string> node_publish_credentials = 8;
-
+  map<string, string> node_publish_secrets = 8;
 
   // Attributes of the volume to publish. This field is OPTIONAL and
   // MUST match the attributes of the Volume identified by
@@ -698,19 +727,6 @@ message NodeUnpublishVolumeRequest {
   // path in the root filesystem of the process serving this request.
   // This is a REQUIRED field.
   string target_path = 3;
-
-  // Credentials used by Node plugin to authenticate/authorize node
-  // unpublish request.
-  // This field contains credential data, for example username and
-  // password. Each key must consist of alphanumeric characters, '-',
-  // '_' or '.'. Each value MUST contain a valid string. An SP MAY
-  // choose to accept binary (non-string) data by using a binary-to-text
-  // encoding scheme, like base64. An SP SHALL advertise the
-  // requirements for credentials in documentation. COs SHALL permit
-  // passing through the required credentials. This information is
-  // sensitive and MUST be treated as such (not logged, etc.) by the CO.
-  // This field is OPTIONAL.
-  map<string, string> node_unpublish_credentials = 4;
 }
 
 message NodeUnpublishVolumeResponse {}