chore: proto update (#162)

* chore: proto update

* chore: update docs

* fix: ci

* fix: test

* chore: drop risk

* chore: update

* fix: lint

Author: ecmadao

api/client.go

@@ -189,18 +189,6 @@ type Client interface {
 	// DeleteReviewConfig deletes the review config.
 	DeleteReviewConfig(ctx context.Context, reviewConfigName string) error
 
-	// Risk
-	// ListRisk lists the risk.
-	ListRisk(ctx context.Context) ([]*v1pb.Risk, error)
-	// GetRisk gets the risk by full name.
-	GetRisk(ctx context.Context, name string) (*v1pb.Risk, error)
-	// CreateRisk creates the risk.
-	CreateRisk(ctx context.Context, risk *v1pb.Risk) (*v1pb.Risk, error)
-	// UpdateRisk updates the risk.
-	UpdateRisk(ctx context.Context, patch *v1pb.Risk, updateMasks []string) (*v1pb.Risk, error)
-	// DeleteRisk deletes the risk.
-	DeleteRisk(ctx context.Context, riskName string) error
-
 	// ListDatabaseGroup list all database groups in a project.
 	ListDatabaseGroup(ctx context.Context, project string) (*v1pb.ListDatabaseGroupsResponse, error)
 	// CreateDatabaseGroup creates the database group.

client/client.go

@@ -35,7 +35,6 @@ type client struct {
 	settingClient         bytebasev1connect.SettingServiceClient
 	orgPolicyClient       bytebasev1connect.OrgPolicyServiceClient
 	reviewConfigClient    bytebasev1connect.ReviewConfigServiceClient
-	riskClient            bytebasev1connect.RiskServiceClient
 	celClient             bytebasev1connect.CelServiceClient
 }
 
@@ -86,7 +85,6 @@ func NewClient(url, email, password string) (api.Client, error) {
 	c.settingClient = bytebasev1connect.NewSettingServiceClient(c.client, c.url, interceptors)
 	c.orgPolicyClient = bytebasev1connect.NewOrgPolicyServiceClient(c.client, c.url, interceptors)
 	c.reviewConfigClient = bytebasev1connect.NewReviewConfigServiceClient(c.client, c.url, interceptors)
-	c.riskClient = bytebasev1connect.NewRiskServiceClient(c.client, c.url, interceptors)
 	c.celClient = bytebasev1connect.NewCelServiceClient(c.client, c.url, interceptors)
 
 	return &c, nil

client/risk.go

@@ -22,6 +22,7 @@ The group data source.
 ### Read-Only
 
 - `description` (String) The group description.
+- `email` (String) The group email.
 - `id` (String) The ID of this resource.
 - `members` (Set of Object) The members in the group. (see [below for nested schema](#nestedatt--members))
 - `source` (String) Source means where the group comes from. For now we support Entra ID SCIM sync, so the source could be Entra ID.

docs/data-sources/group.md

@@ -31,6 +31,7 @@ The group data source list.
 Read-Only:
 
 - `description` (String)
+- `email` (String)
 - `members` (Set of Object) (see [below for nested schema](#nestedobjatt--groups--members))
 - `name` (String)
 - `source` (String)

docs/data-sources/group_list.md

@@ -168,6 +168,7 @@ Optional:
 - `disallow_password_signin` (Boolean) Whether to disallow password signin (except workspace admins). Require ENTERPRISE subscription
 - `disallow_signup` (Boolean) Disallow self-service signup, users can only be invited by the owner. Require PRO subscription.
 - `domains` (List of String) The workspace domain, e.g. bytebase.com. Required for the group
+- `enable_audit_log_stdout` (Boolean) Enable audit logging to stdout in structured JSON format. Requires TEAM or ENTERPRISE license.
 - `enforce_identity_domain` (Boolean) Only user and group from the domains can be created and login.
 - `external_url` (String) The URL user visits Bytebase. The external URL is used for: 1. Constructing the correct callback URL when configuring the VCS provider. The callback URL points to the frontend; 2. Creating the correct webhook endpoint when configuring the project GitOps workflow. The webhook endpoint points to the backend.
 - `maximum_role_expiration_in_seconds` (Number) The max duration in seconds for role expired. If the value is less than or equal to 0, we will remove the setting. AKA no limit.
@@ -189,32 +190,23 @@ Optional:
 
 Read-Only:
 
-- `rules` (List of Object) (see [below for nested schema](#nestedatt--approval_flow--rules))
+- `rules` (List of Object) Rules are evaluated in order, first matching rule applies. (see [below for nested schema](#nestedatt--approval_flow--rules))
 
 <a id="nestedatt--approval_flow--rules"></a>
 ### Nested Schema for `approval_flow.rules`
 
 Read-Only:
 
-- `conditions` (List of Object) (see [below for nested schema](#nestedobjatt--approval_flow--rules--conditions))
+- `condition` (String)
 - `flow` (List of Object) (see [below for nested schema](#nestedobjatt--approval_flow--rules--flow))
-
-<a id="nestedobjatt--approval_flow--rules--conditions"></a>
-### Nested Schema for `approval_flow.rules.conditions`
-
-Read-Only:
-
-- `level` (String)
 - `source` (String)
 
-
 <a id="nestedobjatt--approval_flow--rules--flow"></a>
 ### Nested Schema for `approval_flow.rules.flow`
 
 Read-Only:
 
 - `description` (String)
-- `id` (String)
 - `roles` (List of String)
 - `title` (String)
 

docs/data-sources/risk.md

@@ -37,25 +37,22 @@ The setting resource.
 
 Required:
 
-- `rules` (Block List, Min: 1) (see [below for nested schema](#nestedblock--approval_flow--rules))
+- `rules` (Block List, Min: 1) Rules are evaluated in order, first matching rule applies. (see [below for nested schema](#nestedblock--approval_flow--rules))
 
 <a id="nestedblock--approval_flow--rules"></a>
 ### Nested Schema for `approval_flow.rules`
 
 Required:
 
+- `condition` (String) The condition that is associated with the rule. Check the proto message https://github.com/bytebase/bytebase/blob/c7304123902610b8a2c83e49fcd1c4d4eb972f0d/proto/v1/v1/setting_service.proto#L280 for details.
 - `flow` (Block List, Min: 1) (see [below for nested schema](#nestedblock--approval_flow--rules--flow))
-
-Optional:
-
-- `conditions` (Block List) Match any condition will trigger this approval flow. (see [below for nested schema](#nestedblock--approval_flow--rules--conditions))
+- `source` (String)
 
 <a id="nestedblock--approval_flow--rules--flow"></a>
 ### Nested Schema for `approval_flow.rules.flow`
 
 Required:
 
-- `id` (String) The approval template ID. Built-in templates use 'bb.*' prefix (e.g., 'bb.project-owner', 'bb.workspace-dba'), custom templates use UUIDs.
 - `roles` (List of String) The role require to review in this step
 - `title` (String)
 
@@ -64,15 +61,6 @@ Optional:
 - `description` (String)
 
 
-<a id="nestedblock--approval_flow--rules--conditions"></a>
-### Nested Schema for `approval_flow.rules.conditions`
-
-Optional:
-
-- `level` (String)
-- `source` (String)
-
-
 
 
 <a id="nestedblock--classification"></a>
@@ -237,6 +225,7 @@ Optional:
 - `disallow_password_signin` (Boolean) Whether to disallow password signin (except workspace admins). Require ENTERPRISE subscription
 - `disallow_signup` (Boolean) Disallow self-service signup, users can only be invited by the owner. Require PRO subscription.
 - `domains` (List of String) The workspace domain, e.g. bytebase.com. Required for the group
+- `enable_audit_log_stdout` (Boolean) Enable audit logging to stdout in structured JSON format. Requires TEAM or ENTERPRISE license.
 - `enforce_identity_domain` (Boolean) Only user and group from the domains can be created and login.
 - `external_url` (String) The URL user visits Bytebase. The external URL is used for: 1. Constructing the correct callback URL when configuring the VCS provider. The callback URL points to the frontend; 2. Creating the correct webhook endpoint when configuring the project GitOps workflow. The webhook endpoint points to the backend.
 - `maximum_role_expiration_in_seconds` (Number) The max duration in seconds for role expired. If the value is less than or equal to 0, we will remove the setting. AKA no limit.