GCRS - Updates from GAP-4 and GAP-5

standards/2-service/srv/caps.md

@@ -12,3 +12,12 @@ Indicates the that the Provider supports the multi-activity Agreements.
 ### **Examples**
 * `golem.srv.caps.multi-activity=true` - The Provider supports multi-activity Agreements.
 
+## `golem.srv.caps.payload-manifest : Boolean`
+
+### Describes: Offer
+
+Providers need to declare that they support Payload Manifests by setting this property to `true`.
+
+### **Examples**
+* `golem.srv.caps.payload-manifest=true` - The Provider supports Payload Manifests.
+

standards/2-service/srv/comp/manifest.md

@@ -0,0 +1,128 @@
+# Computation Manifest 
+This namespace defines properties used to specify the Golem Computation Manifest (as originally designed in [GAP-4](https://github.com/golemfactory/golem-architecture/blob/master/gaps/gap-4_comp_manifest/gap-4_comp_manifest.md)).
+
+## Computation Manifest Example
+
+```json
+{
+  "golem.srv.comp.manifest.script.match": "regex",
+  "golem.srv.comp.manifest.script.commands": [
+    "run /bin/cat /etc/motd",
+    "{\"run\": { \"args\": \"/bin/date -R\", \"env\": { \"MYVAR\": \"42\", \"match\": \"strict\" }}}"
+  ],
+  "golem.srv.comp.manifest.net.inet.out.protocols": [
+    "http",
+    "https"
+  ],
+  "golem.srv.comp.manifest.net.inet.out.urls": [
+    "http://golemfactory.s3.amazonaws.com/file1",
+    "http://golemfactory.s3.amazonaws.com/file2"
+  ]
+}
+```
+
+### Object representation
+
+1. JSON
+
+```json
+{
+    "script": {
+    "match": "regex",
+    "commands": [
+        "run /bin/cat /etc/motd",
+        {
+        "run": {
+            "args": "/bin/date -R",
+            "env": {
+            "MYVAR": "42"
+            },
+            "match": "strict"
+        }
+        }
+    ]
+    },
+    "net": {
+    "inet": {
+        "out": {
+        "protocols": [
+            "http",
+            "https"
+        ],
+        "urls": [
+            "http://golemfactory.s3.amazonaws.com/file1",
+            "http://golemfactory.s3.amazonaws.com/file2"
+        ]
+        }
+    }
+    }
+}
+```
+
+2. Imploded JSON (optional)
+
+```json
+{
+    "script.match": "regex",
+    "script.commands": [
+    "run /bin/cat /etc/motd",
+    {
+        "run": {
+        "args": "/bin/date -R",
+        "env": {
+            "MYVAR": "42"
+        },
+        "match": "strict"
+        }
+    }
+    ],
+    "net.inet.out.protocols": [
+    "http",
+    "https"
+    ],
+    "net.inet.out.urls": [
+    "http://golemfactory.s3.amazonaws.com/file1",
+    "http://golemfactory.s3.amazonaws.com/file2"
+    ]
+}
+```
+
+3. YAML
+
+```yaml
+---
+script:
+    match: regex
+    commands:
+    - run /bin/cat /etc/motd
+    - run:
+        args: "/bin/date -R"
+        env:
+        MYVAR: '42'
+        match: strict
+net:
+    inet:
+    out:
+        protocols:
+        - http
+        - https
+        urls:
+        - http://golemfactory.s3.amazonaws.com/file1
+        - http://golemfactory.s3.amazonaws.com/file2
+```
+
+## Common Properties
+
+N/A
+
+## Specific Properties
+
+## `golem.srv.comp.manifest.version : String` 
+
+### Describes: Demand
+
+Specifies a version (Semantic Versioning 2.0 specification) of the manifest, **defaults** to "0.1.0"
+
+### **Examples**
+* `golem.srv.comp.manifest.version="0.1.0"` - The manifest version is 0.1.0.
+

standards/2-service/srv/comp/manifest/net.md

@@ -0,0 +1,45 @@
+# Computation Manifest Net namespace
+This namespace defines properties used to specify details the Golem Computation Manifest network aspects. Applies constraints to networking. Currently, outgoing requests to the public Internet network are covered.
+
+## Common Properties
+
+N/A 
+
+## Specific Properties
+
+## `golem.srv.comp.manifest.net.inet.out.protocols : List[String]` 
+
+### Describes: Demand
+
+List of allowed outbound protocols. Currently **fixed at** `["http", "https"]`.
+
+### **Examples**
+* `golem.srv.comp.manifest.net.inet.out.protocols=["http","https"]` - HTTP/HTTPS allowed.
+
+
+## `golem.srv.comp.manifest.net.inet.out.urls : List[String]` 
+
+### Describes: Demand
+
+List of allowed external URLs that outbound requests can be sent to.  
+
+If unrestricted outbound access is requested this property must not be set.
+
+
+### **Examples**
+* `golem.srv.comp.manifest.net.inet.out.urls=["http://golemfactory.s3.amazonaws.com/file1", "http://golemfactory.s3.amazonaws.com/file2"]`
+
+
+## `golem.srv.comp.manifest.net.inet.out.unrestricted.urls : Boolean` 
+
+### Describes: Demand
+
+This property means that the payload requires unrestricted outbound access. When present the value is always `true`. Either this property or the URL list in `golem.srv.comp.manifest.net.inet.out.urls` must be present.
+
+The manifest must be considered invalid and outbound access should not be permitted in the following scenarios:
+- neither `golem.srv.comp.manifest.net.inet.out.unrestricted.urls` nor `golem.srv.comp.manifest.net.inet.out.urls` is present
+- both `golem.srv.comp.manifest.net.inet.out.unrestricted.urls` and `golem.srv.comp.manifest.net.inet.out.urls` are present
+- property `golem.srv.comp.manifest.net.inet.out.unrestricted.urls` is present and it contains a value different from `true`
+
+### **Examples**
+* `golem.srv.comp.manifest.net.inet.out.unrestricted.urls=true`

standards/2-service/srv/comp/manifest/script.md

@@ -0,0 +1,60 @@
+# Computation Manifest Script namespace
+This namespace defines properties used to specify details the Golem Computation Manifest ExeScript allowance. Defines a set of allowed ExeScript commands and applies constraints to their arguments. 
+
+## Common Properties
+
+## Specific Properties
+
+## `golem.srv.comp.manifest.script.commands : List[String]` 
+
+### Describes: Demand
+
+Specifies a curated list of commands in form of:
+
+- UTF-8 encoded strings
+
+    No command context or matching mode need to be specified.
+
+    E.g. `["run /bin/cat /etc/motd", "run /bin/date -R"]`
+
+- UTF-8 encoded JSON strings
+
+    Command context (e.g. `env`) or argument matching mode need to be
+    specified for a command.
+
+    E.g. `["{\"run\": { \"args\": \"/bin/date -R\", \"env\": { \"MYVAR\": \"42\", \"match\": \"strict\" }}}"]`
+
+- mix of both
+
+`"deploy"`, `"start"` and `"terminate'` commands are always allowed.
+These values become the **default** if no `manifest.script.command` property
+has been set in the Demand, but the `manifest` namespace is present.
+
+### **Examples**
+* `golem.srv.comp.manifest.script.commands=[
+    "run /bin/cat /etc/motd",
+    "{\"run\": { \"args\": \"/bin/date -R\", \"env\": { \"MYVAR\": \"42\", \"match\": \"strict\" }}}"
+  ]` 
+
+
+## `golem.srv.comp.manifest.script.match : String` 
+
+### Describes: Demand
+
+Selects a default way of comparing command arguments stated in the manifest
+and the ones received in the ExeScript, unless stated otherwise in a
+command JSON object.
+
+### Value enum
+|Value| Description |
+|---|---|
+|`strict`| byte-to-byte argument equality (**default**) |
+|`regex`| treat arguments as regular expressions |
+
+`regex` syntax: Perl-compatible regular expressions (UTF-8 Unicode mode),
+w/o the support for look around and backreferences (among others);
+for more information read the documentation of the Rust
+[regex](https://docs.rs/regex/latest/regex/) crate.
+
+### **Examples**
+* `golem.srv.comp.manifest.script.match="regex"` - The manifest version is 0.1.0.

standards/2-service/srv/comp/payload.md

@@ -0,0 +1,90 @@
+# Payload Manifest 
+This namespace defines properties used to specify the Golem Payload Manifest (as originally designed in [GAP-5](https://github.com/golemfactory/golem-architecture/blob/master/gaps/gap-5_payload_manifest/gap-5_payload_manifest.md)).
+
+Computation Payload Manifest signatures are verified by either the Provider Agent, the ExeUnit Supervisor or both.
+Payload and Computation manifests are not expected to have constraints put on them. 
+
+### Payload Manifest example
+
+```json
+  {
+    "version": "0.1.0",
+    "createdAt": "2020-12-12T12:12:12.1200012",
+    "expiresAt": "2022-12-12T12:12:12.1200012",
+
+    "metadata": {
+      "name": "Service1",
+      "description": "Description of Service1",
+      "version": "0.1.1",
+      "authors": [
+        "mf <[email protected]>",
+        "ng <[email protected]>"
+      ],
+      "homepage": "https://github.com/golemfactory/s1"
+    },
+
+    "payload": [
+      {
+        "platform": {
+          "arch": "amd64",
+          "os": "win32",
+          "osVersion": "6.1.7601"
+        },
+        "urls": [
+          "https://golemfactory-payloads.s3.amazonaws.com/payloads/s1-amd64-win32",
+          "ipfs://Qa.........."
+        ],
+        "hash": "sha3-224:deadbeef01"
+      },
+      {
+        "platform": {
+          "arch": "ARMv7E-M",
+          "os": "linux"
+        },
+        "urls": [
+          "https://golemfactory-payloads.s3.amazonaws.com/payloads/s1-armv7e-m",
+          "ipfs://Qb.........."
+        ],
+        "hash": "sha3-224:deadbeef02"
+      }
+    ],
+
+    "compManifest": {}
+  }
+```
+
+`version` and `metadata.version` follow SemVer 2.0 specification.
+
+## Common Properties
+
+N/A
+
+## Specific Properties
+
+## `golem.srv.comp.payload: String` 
+
+### Describes: Demand
+
+Base64-encoded JSON manifest.
+
+## `golem.srv.comp.payload.sig: String` 
+
+### Describes: Demand
+
+Base64-encoded signature of the base64-encoded manifest.
+
+## `golem.srv.comp.payload.sig.algorithm: String` 
+
+### Describes: Demand
+
+Digest algorithm used to generate manifest signature.
+
+## `golem.srv.comp.payload.cert: String` 
+
+### Describes: Demand
+
+Base64-encoded certificate in DER format.
+
+
+
+