temporalio · mastermanu · Dec 4, 2023 · Dec 4, 2023 · Dec 4, 2023 · Dec 5, 2023
diff --git a/temporal/api/cloud/cloudservice/v1/request_response.proto b/temporal/api/cloud/cloudservice/v1/request_response.proto
@@ -7,6 +7,7 @@ option go_package = "go.temporal.io/api/cloud/cloudservice/v1;cloudservice";
 import "temporal/api/cloud/operation/v1/message.proto";
 import "temporal/api/cloud/identity/v1/message.proto";
 import "temporal/api/cloud/namespace/v1/message.proto";
+import "temporal/api/cloud/nexus/v1/message.proto";
 import "temporal/api/cloud/region/v1/message.proto";
 
 message GetUsersRequest {
@@ -229,3 +230,181 @@ message GetRegionResponse {
     // The temporal cloud region.
     temporal.api.cloud.region.v1.Region region = 1;
 }
+
+message GetIncomingServicesRequest {
+    // The requested size of the page to retrieve - optional.
+    // Cannot exceed 1000. Defaults to 100. 
+    int32 page_size = 1;
+
+    // The page token if this is continuing from another response - optional.
+    string page_token = 2;
+
+    // Filter incoming services by the namespace they route to - optional.
+    string namespace = 3;
+
+    // Filter incoming services by the task queue they route to - optional.
+    string task_queue = 4;
+}
+
+message GetIncomingServicesResponse {
+    // The list of incoming services in ascending ids order
+    repeated temporal.api.cloud.nexus.v1.IncomingService incoming_services = 1;
+
+    // The next page's token
+    string next_page_token = 2;
+}
+
+message GetIncomingServiceRequest {
-message GetIncomingServiceRequest {
+message GetIncomingServiceByIdRequest {
 message GetUserRequest { 
-message GetIncomingServiceRequest {
+message GetIncomingServiceByIdRequest {
 message GetUserRequest { 
+    // The id of the incoming service to get
+    string incoming_service_id = 1;
+}
+
+message GetIncomingServiceResponse {
+    // The incoming service
+    temporal.api.cloud.nexus.v1.IncomingService incoming_service = 1;
+}
+
+message CreateIncomingServiceRequest {
+    // The spec for the incoming service
+    temporal.api.cloud.nexus.v1.IncomingServiceSpec spec = 1;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 2;
+}
+
+message CreateIncomingServiceResponse {
+    // The id of the service that was created
+    string incoming_service_id = 1;
+
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 2;
+}
+
+message UpdateIncomingServiceRequest {
+    // The id of the incoming service to update
+    string incoming_service_id = 1;
+
+    // The updated incoming service specification
+    temporal.api.cloud.nexus.v1.IncomingServiceSpec spec = 2;
+
+    // The version of the incoming service for which this update is intended for
+    // The latest version can be found in the GetIncomingService operation response
+    string resource_version = 3;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 4;
+}
+
+message UpdateIncomingServiceResponse {
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1;
+}
+
+message DeleteIncomingServiceRequest {
+    // The id of the incoming service to delete
+    string incoming_service_id = 1;
+
+    // The version of the incoming service for which this delete is intended for
+    // The latest version can be found in the GetIncomingService operation response
+    string resource_version = 2;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 3;
+}
+
+message DeleteIncomingServiceResponse {
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1;
+}
+
+message GetOutgoingServicesRequest {
+    // The namespace to get all the outgoing services from
+    string namespace = 1;
+
+    // The requested size of the page to retrieve - optional.
+    // Cannot exceed 1000. Defaults to 100. 
+    int32 page_size = 2;
+
+    // The page token if this is continuing from another response - optional.
+    string page_token = 3;
+}
+
+message GetOutgoingServicesResponse {
+    // The list of outgoing services in ascending name order
+    repeated temporal.api.cloud.nexus.v1.OutgoingService outgoing_services = 1;
+
+    // The next page's token
+    string next_page_token = 2;
+}
+
+message GetOutgoingServiceRequest {
+    // The name of the namespace the outgoing service is registered on
+    string namespace = 1;
+
+    // The name of the outgoing service
+    string name = 2;
+}
+
+message GetOutgoingServiceResponse {
+    // The outgoing service
+    temporal.api.cloud.nexus.v1.OutgoingService outgoing_service = 1;
+}
+
+message CreateOutgoingServiceRequest {
+    // The namespace to register this outgoing service request on
+    string namespace = 1;
+
+    // The spec for the outgoing service
+    temporal.api.cloud.nexus.v1.OutgoingServiceSpec spec = 2;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 3;
+}
+
+message CreateOutgoingServiceResponse {
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1;
+}
+
+message UpdateOutgoingServiceRequest {
+    // The name of the namespace the outgoing service is registered on
+    string namespace = 1;
+
+    // The name of the outgoing service to update
+    string name = 2;
+
+    // The updated outcoming service specification
+    temporal.api.cloud.nexus.v1.OutgoingServiceSpec spec = 3;
+
+    // The version of the outgoing service for which this update is intended for
+    // The latest version can be found in the GetOutgoingService operation response
+    string resource_version = 4;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 5;
+}
+
+message UpdateOutgoingServiceResponse {
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1;
+}
+
+message DeleteOutgoingServiceRequest {
+    // The id of the namespace to remove the outgoing service from
+    string namespace = 1;
+
+    // The name outcoming service to delete
+    string name = 2;
+
+    // The version of the outcoming service for which this delete is intended for
+    // The latest version can be found in the GetOutgoingService operation response
+    string resource_version = 3;
+
+    // The id to use for this async operation - optional
+    string async_operation_id = 4;
+}
+
+message DeleteOutgoingServiceResponse {
+    // The async operation
+    temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1;
+}
diff --git a/temporal/api/cloud/cloudservice/v1/service.proto b/temporal/api/cloud/cloudservice/v1/service.proto
@@ -118,4 +118,78 @@ service CloudService {
             get: "/api/v1/regions/{region}",
         };
     }
+
+    // Gets all known nexus incoming services
+    rpc GetIncomingServices(GetIncomingServicesRequest) returns (GetIncomingServicesResponse) {
+	option (google.api.http) = {
+            get: "/api/v1/nexus/incomingservices",
+        };
+    }
+
+    // Get an incoming service
+    rpc GetIncomingService(GetIncomingServiceRequest) returns (GetIncomingServiceResponse) {
+	option (google.api.http) = {
+            get: "/api/v1/nexus/incomingservices/{incoming_service_id}",
+        };
+    }
+
+    // Create an incoming service
+    rpc CreateIncomingService(CreateIncomingServiceRequest) returns (CreateIncomingServiceResponse) {
+        option (google.api.http) = {
+            post: "/api/v1/nexus/incomingservices",
+	    body: "*"
+        };
+    }
+
+    // Update an incoming service
+    rpc UpdateIncomingService(UpdateIncomingServiceRequest) returns (UpdateIncomingServiceResponse) {
+	option (google.api.http) = {
+            post: "/api/v1/nexus/incomingservices/{incoming_service_id}",
+	    body: "*"
+        };
+    }
+
+    // Delete an incoming service
+    rpc DeleteIncomingService(DeleteIncomingServiceRequest) returns (DeleteIncomingServiceResponse) {
+	option (google.api.http) = {
+            delete: "/api/v1/nexus/incomingservices/{incoming_service_id}",
+        };
+    }
+
+    // Gets all known nexus outgoing services for a given namespace
+    rpc GetOutgoingServices(GetOutgoingServicesRequest) returns (GetOutgoingServicesResponse) {
+	option (google.api.http) = {
+            get: "/api/v1/namespaces/{namespace}/nexus/outgoingservices",
+        };
+    }
+
+    // Get an outgoing service
+    rpc GetOutgoingService(GetOutgoingServiceRequest) returns (GetOutgoingServiceResponse) {
+	option (google.api.http) = {
+            get: "/api/v1/namespaces/{namespace}/nexus/outgoingservices/{name}",
+        };
+    }
+
+    // Create an outgoing service
+    rpc CreateOutgoingService(CreateOutgoingServiceRequest) returns (CreateOutgoingServiceResponse) {
+        option (google.api.http) = {
+            post: "/api/v1/namespaces/{namespace}/nexus/outgoingservices",
+	    body: "*"
+        };
+    }
+
+    // Update an outgoing service
+    rpc UpdateOutgoingService(UpdateOutgoingServiceRequest) returns (UpdateOutgoingServiceResponse) {
+	option (google.api.http) = {
+            post: "/api/v1/namespaces/{namespace}/nexus/outgoingservices/{name}",
+	    body: "*"
+        };
+    }
+
+    // Delete an outgoing service
+    rpc DeleteOutgoingService(DeleteOutgoingServiceRequest) returns (DeleteOutgoingServiceResponse) {
+	option (google.api.http) = {
+            delete: "/api/v1/namespaces/{namespace}/nexus/outgoingservices/{name}",
+        };
+    }
 }
diff --git a/temporal/api/cloud/nexus/v1/message.proto b/temporal/api/cloud/nexus/v1/message.proto
@@ -0,0 +1,101 @@
+syntax = "proto3";
+
+package temporal.api.cloud.nexus.v1;
+
+option go_package = "go.temporal.io/api/cloud/nexus/v1;nexus";
+
+import "google/protobuf/timestamp.proto";
+
+message IncomingServiceSpec {
+    // The name of the incoming service. Must be unique within an account
+    // The name must match `[a-zA-Z_][a-zA-Z0-9_]*`.
+    string name = 1;
+
+    // The namespace to route requests to
+    string namespace = 2;
+
+    // The task queue to route requests to
+    string task_queue = 3;
+
+    // The authorization specification for this service
+    IncomingServiceAuthorizationSpec authorization_spec = 4;
+}
+
+message IncomingServiceAuthorizationSpec {
+    AllowedNamespacePolicySpec allowed_namespace_policy_spec = 1;
+}
+
+message AllowedNamespacePolicySpec {
+    // The set of namespaces that are allowed to call into this service
+    repeated string namespaces = 1;
+}
+
+// A binding from a service name to namespace and task queue for dispatching incoming Nexus requests.
+message IncomingService {
+    // The id of the service. This is generated by the server and is immutable
+    string id = 1;
+
+    // The current version of the incoming service specification
+    // The next update operation must include this version
+    string resource_version = 2;
+
+    // The incoming service specification
+    IncomingServiceSpec spec = 3;
+
+    // The current state of the service
+    string state = 4;
+
+    // The id of the async operation that is creating/updating/deleting the service, if any
+    string async_operation_id = 5;
+
+    // The date and time when the service was created
+    google.protobuf.Timestamp created_time = 6;
+
+    // The date and time when the service was last modified
+    // Will not be set if the service has never been modified.
+    google.protobuf.Timestamp last_modified_time = 7;
+}
+
+message OutgoingServiceSpec {
+    // The name of the outgoing service. Must be unique within the namespace
+    // The name must match `[a-zA-Z_][a-zA-Z0-9_]*`.
+    // This name is immutable
+    string name = 1;
+
+    BindingSpec spec = 2;
+}
+
+message BindingSpec {
+    IntraAccountServiceSpec intra_account_service_spec = 1;
+}
+
+message IntraAccountServiceSpec {
+    string incoming_service_id = 1;
+}
+
+// A per-namespace binding from service name to destination service to invoke Nexus requests
+// that are initiated by workflows.
+message OutgoingService {
+    // The name of the outgoing service.
+    string name = 1;
+
+    // The current version of the incoming service specification
+    // The next update operation must include this version
+    string resource_version = 2;
+
+    // The incoming service specification
+    OutgoingServiceSpec spec = 3;
+
+    // The current state of the service
+    string state = 4;
+
+    // The id of the async operation that is creating/updating/deleting the service, if any
+    string async_operation_id = 5;
+
+    // The date and time when the service was created
+    google.protobuf.Timestamp created_time = 6;
+
+    // The date and time when the service was last modified
+    // Will not be set if the service has never been modified.
+    google.protobuf.Timestamp last_modified_time = 7;
+}