0

Add owners to traffic annotation contacts oneof

This enables a traffic annotation to specify an OWNERS file from within
the codebase instead of or in addition to an email.

Bug: b/291954370
Change-Id: Ib377174f2b02d82b8de4d4c6dd44f73dfa3b8cbf
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4701705
Commit-Queue: Chris Mullins <crmullins@chromium.org>
Reviewed-by: Ramin Halavati <rhalavati@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1174419}
This commit is contained in:
Chris Mullins
2023-07-24 20:48:14 +00:00
committed by Chromium LUCI CQ
parent 2b4d3d9c28
commit cb7ba91553
4 changed files with 34 additions and 24 deletions
chrome/browser/privacy
docs
tools/traffic_annotation/scripts/test_data
out
Debug
pyproto
chrome
test_sample_annotations.cc

@ -131,6 +131,8 @@ message NetworkTrafficAnnotation {
oneof contact_type { oneof contact_type {
// Email of a team or individual owner // Email of a team or individual owner
string email = 1; string email = 1;
// OWNERS file within the chromium codebase
string owners = 2;
} }
} }
repeated Contact contacts = 1; repeated Contact contacts = 1;

@ -135,7 +135,8 @@ in the `NetworkTrafficAnnotation` message of
should be placed inside internal field. This field should not be used in any should be placed inside internal field. This field should not be used in any
external reports. external reports.
* `contacts`: A person's or team's email address who are point-of-contact * `contacts`: A person's or team's email address who are point-of-contact
for questions, issues, or bugs related to this network request. for questions, issues, or bugs related to this network request. An
OWNERS file may also be specified using the `owners` field.
* `last_reviewed`: Date when this annotation was last reviewed in YYYY-MM-DD format. * `last_reviewed`: Date when this annotation was last reviewed in YYYY-MM-DD format.
* `policy`: These set of fields specify the controls that a user may have * `policy`: These set of fields specify the controls that a user may have
on disabling or limiting the network request and its trace. on disabling or limiting the network request and its trace.

@ -15,7 +15,7 @@ import chrome_settings_pb2 as chrome__settings__pb2
import chrome_device_policy_pb2 as chrome__device__policy__pb2 import chrome_device_policy_pb2 as chrome__device__policy__pb2
DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x18traffic_annotation.proto\x12\x12traffic_annotation\x1a\x15\x63hrome_settings.proto\x1a\x1a\x63hrome_device_policy.proto\"\x8f\x10\n\x18NetworkTrafficAnnotation\x12\x11\n\tunique_id\x18\x01 \x01(\t\x12J\n\x06source\x18\x02 \x01(\x0b\x32:.traffic_annotation.NetworkTrafficAnnotation.TrafficSource\x12P\n\tsemantics\x18\x03 \x01(\x0b\x32=.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics\x12J\n\x06policy\x18\x04 \x01(\x0b\x32:.traffic_annotation.NetworkTrafficAnnotation.TrafficPolicy\x12\x10\n\x08\x63omments\x18\x05 \x01(\t\x1a@\n\rTrafficSource\x12\x0c\n\x04\x66ile\x18\x01 \x01(\t\x12\x0c\n\x04line\x18\x03 \x01(\x05\x12\x13\n\x0b\x63\x61ll_number\x18\x04 \x01(\x05\x1a\xf7\t\n\x10TrafficSemantics\x12\x0e\n\x06sender\x18\x01 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x02 \x01(\t\x12\x0f\n\x07trigger\x18\x03 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\t\x12^\n\x0b\x64\x65stination\x18\x05 \x01(\x0e\x32I.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Destination\x12\x19\n\x11\x64\x65stination_other\x18\x06 \x01(\t\x12X\n\x08internal\x18\x07 \x01(\x0b\x32\x46.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Internal\x12Y\n\tuser_data\x18\x08 \x01(\x0b\x32\x46.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.UserData\x12\x15\n\rlast_reviewed\x18\t \x01(\t\x1a\x98\x01\n\x08Internal\x12`\n\x08\x63ontacts\x18\x01 \x03(\x0b\x32N.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Internal.Contact\x1a*\n\x07\x43ontact\x12\x0f\n\x05\x65mail\x18\x01 \x01(\tH\x00\x42\x0e\n\x0c\x63ontact_type\x1a\xde\x04\n\x08UserData\x12\x61\n\x04type\x18\x01 \x03(\x0e\x32S.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.UserData.UserDataType\"\xee\x03\n\x0cUserDataType\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x10\n\x0c\x41\x43\x43\x45SS_TOKEN\x10\x01\x12\x0b\n\x07\x41\x44\x44RESS\x10\x02\x12\x0e\n\nANDROID_ID\x10\x03\x12\x07\n\x03\x41GE\x10\x04\x12\x12\n\x0e\x41RBITRARY_DATA\x10\x05\x12\x0e\n\nBIRTH_DATE\x10\x06\x12\x0f\n\x0b\x43REDENTIALS\x10\x07\x12\x14\n\x10\x43REDIT_CARD_DATA\x10\x08\x12\r\n\tDEVICE_ID\x10\t\x12\t\n\x05\x45MAIL\x10\n\x12\r\n\tFILE_DATA\x10\x0b\x12\x0b\n\x07GAIA_ID\x10\x0c\x12\n\n\x06GENDER\x10\r\x12\x11\n\rGOVERNMENT_ID\x10\x0e\x12\t\n\x05IMAGE\x10\x0f\x12\x0e\n\nIP_ADDRESS\x10\x10\x12\x13\n\x0fLOCATION_COARSE\x10\x11\x12\x14\n\x10LOCATION_PRECISE\x10\x12\x12\x08\n\x04NAME\x10\x13\x12\t\n\x05PHONE\x10\x14\x12\x10\n\x0cPROFILE_DATA\x10\x15\x12\x11\n\rSENSITIVE_URL\x10\x16\x12\x0e\n\nSESSION_ID\x10\x17\x12\r\n\tTIMESTAMP\x10\x18\x12\x0e\n\nUSER_AGENT\x10\x19\x12\x10\n\x0cUSER_CONTENT\x10\x1a\x12\x0c\n\x08USERNAME\x10\x1b\x12\x0f\n\x0bWEB_CONTENT\x10\x1c\x12\n\n\x05OTHER\x10\xe7\x07\x12\t\n\x04NONE\x10\xe8\x07\"\\\n\x0b\x44\x65stination\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x0b\n\x07WEBSITE\x10\x01\x12\x18\n\x14GOOGLE_OWNED_SERVICE\x10\x02\x12\t\n\x05LOCAL\x10\x03\x12\n\n\x05OTHER\x10\xe8\x07\x1a\xa7\x03\n\rTrafficPolicy\x12\x62\n\x0f\x63ookies_allowed\x18\x01 \x01(\x0e\x32I.traffic_annotation.NetworkTrafficAnnotation.TrafficPolicy.CookiesAllowed\x12\x15\n\rcookies_store\x18\x02 \x01(\t\x12\x0f\n\x07setting\x18\x03 \x01(\t\x12\x41\n\rchrome_policy\x18\x04 \x03(\x0b\x32*.enterprise_management.ChromeSettingsProto\x12N\n\x14\x63hrome_device_policy\x18\x07 \x03(\x0b\x32\x30.enterprise_management.ChromeDeviceSettingsProto\x12&\n\x1epolicy_exception_justification\x18\x05 \x01(\t\x12\x1b\n\x13\x64\x65precated_policies\x18\x06 \x03(\t\"2\n\x0e\x43ookiesAllowed\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x06\n\x02NO\x10\x01\x12\x07\n\x03YES\x10\x02\"u\n!ExtractedNetworkTrafficAnnotation\x12P\n\x1anetwork_traffic_annotation\x18\x01 \x03(\x0b\x32,.traffic_annotation.NetworkTrafficAnnotation\"x\n$WhitelistedNetworkTrafficAnnotations\x12P\n\x1anetwork_traffic_annotation\x18\x01 \x03(\x0b\x32,.traffic_annotation.NetworkTrafficAnnotation\"\xec\x01\n\x19NetworkTrafficAnnotations\x12\x64\n%extracted_network_traffic_annotations\x18\x01 \x01(\x0b\x32\x35.traffic_annotation.ExtractedNetworkTrafficAnnotation\x12i\n\'whitelisted_network_traffic_annotations\x18\x02 \x01(\x0b\x32\x38.traffic_annotation.WhitelistedNetworkTrafficAnnotationsB\x02H\x03\x62\x06proto3') DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x18traffic_annotation.proto\x12\x12traffic_annotation\x1a\x15\x63hrome_settings.proto\x1a\x1a\x63hrome_device_policy.proto\"\xd2\x10\n\x18NetworkTrafficAnnotation\x12\x11\n\tunique_id\x18\x01 \x01(\t\x12J\n\x06source\x18\x02 \x01(\x0b\x32:.traffic_annotation.NetworkTrafficAnnotation.TrafficSource\x12P\n\tsemantics\x18\x03 \x01(\x0b\x32=.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics\x12J\n\x06policy\x18\x04 \x01(\x0b\x32:.traffic_annotation.NetworkTrafficAnnotation.TrafficPolicy\x12\x10\n\x08\x63omments\x18\x05 \x01(\t\x1a@\n\rTrafficSource\x12\x0c\n\x04\x66ile\x18\x01 \x01(\t\x12\x0c\n\x04line\x18\x03 \x01(\x05\x12\x13\n\x0b\x63\x61ll_number\x18\x04 \x01(\x05\x1a\xba\n\n\x10TrafficSemantics\x12\x0e\n\x06sender\x18\x01 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x02 \x01(\t\x12\x0f\n\x07trigger\x18\x03 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\t\x12^\n\x0b\x64\x65stination\x18\x05 \x01(\x0e\x32I.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Destination\x12\x19\n\x11\x64\x65stination_other\x18\x06 \x01(\t\x12X\n\x08internal\x18\x07 \x01(\x0b\x32\x46.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Internal\x12Y\n\tuser_data\x18\x08 \x01(\x0b\x32\x46.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.UserData\x12\x15\n\rlast_reviewed\x18\t \x01(\t\x1a\xb9\x01\n\x08Internal\x12`\n\x08\x63ontacts\x18\x01 \x03(\x0b\x32N.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.Internal.Contact\x1aK\n\x07\x43ontact\x12\x0f\n\x05\x65mail\x18\x01 \x01(\tH\x00\x12\x10\n\x06owners\x18\x02 \x01(\tH\x00\x12\r\n\x03\x66oo\x18\x03 \x01(\tH\x00\x42\x0e\n\x0c\x63ontact_type\x1a\xde\x04\n\x08UserData\x12\x61\n\x04type\x18\x01 \x03(\x0e\x32S.traffic_annotation.NetworkTrafficAnnotation.TrafficSemantics.UserData.UserDataType\"\xee\x03\n\x0cUserDataType\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x10\n\x0c\x41\x43\x43\x45SS_TOKEN\x10\x01\x12\x0b\n\x07\x41\x44\x44RESS\x10\x02\x12\x0e\n\nANDROID_ID\x10\x03\x12\x07\n\x03\x41GE\x10\x04\x12\x12\n\x0e\x41RBITRARY_DATA\x10\x05\x12\x0e\n\nBIRTH_DATE\x10\x06\x12\x0f\n\x0b\x43REDENTIALS\x10\x07\x12\x14\n\x10\x43REDIT_CARD_DATA\x10\x08\x12\r\n\tDEVICE_ID\x10\t\x12\t\n\x05\x45MAIL\x10\n\x12\r\n\tFILE_DATA\x10\x0b\x12\x0b\n\x07GAIA_ID\x10\x0c\x12\n\n\x06GENDER\x10\r\x12\x11\n\rGOVERNMENT_ID\x10\x0e\x12\t\n\x05IMAGE\x10\x0f\x12\x0e\n\nIP_ADDRESS\x10\x10\x12\x13\n\x0fLOCATION_COARSE\x10\x11\x12\x14\n\x10LOCATION_PRECISE\x10\x12\x12\x08\n\x04NAME\x10\x13\x12\t\n\x05PHONE\x10\x14\x12\x10\n\x0cPROFILE_DATA\x10\x15\x12\x11\n\rSENSITIVE_URL\x10\x16\x12\x0e\n\nSESSION_ID\x10\x17\x12\r\n\tTIMESTAMP\x10\x18\x12\x0e\n\nUSER_AGENT\x10\x19\x12\x10\n\x0cUSER_CONTENT\x10\x1a\x12\x0c\n\x08USERNAME\x10\x1b\x12\x0f\n\x0bWEB_CONTENT\x10\x1c\x12\n\n\x05OTHER\x10\xe7\x07\x12\t\n\x04NONE\x10\xe8\x07\"~\n\x0b\x44\x65stination\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x0b\n\x07WEBSITE\x10\x01\x12\x18\n\x14GOOGLE_OWNED_SERVICE\x10\x02\x12\t\n\x05LOCAL\x10\x03\x12 \n\x1cPROXIED_GOOGLE_OWNED_SERVICE\x10\x04\x12\n\n\x05OTHER\x10\xe8\x07\x1a\xa7\x03\n\rTrafficPolicy\x12\x62\n\x0f\x63ookies_allowed\x18\x01 \x01(\x0e\x32I.traffic_annotation.NetworkTrafficAnnotation.TrafficPolicy.CookiesAllowed\x12\x15\n\rcookies_store\x18\x02 \x01(\t\x12\x0f\n\x07setting\x18\x03 \x01(\t\x12\x41\n\rchrome_policy\x18\x04 \x03(\x0b\x32*.enterprise_management.ChromeSettingsProto\x12N\n\x14\x63hrome_device_policy\x18\x07 \x03(\x0b\x32\x30.enterprise_management.ChromeDeviceSettingsProto\x12&\n\x1epolicy_exception_justification\x18\x05 \x01(\t\x12\x1b\n\x13\x64\x65precated_policies\x18\x06 \x03(\t\"2\n\x0e\x43ookiesAllowed\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x06\n\x02NO\x10\x01\x12\x07\n\x03YES\x10\x02\"u\n!ExtractedNetworkTrafficAnnotation\x12P\n\x1anetwork_traffic_annotation\x18\x01 \x03(\x0b\x32,.traffic_annotation.NetworkTrafficAnnotation\"x\n$WhitelistedNetworkTrafficAnnotations\x12P\n\x1anetwork_traffic_annotation\x18\x01 \x03(\x0b\x32,.traffic_annotation.NetworkTrafficAnnotation\"\xec\x01\n\x19NetworkTrafficAnnotations\x12\x64\n%extracted_network_traffic_annotations\x18\x01 \x01(\x0b\x32\x35.traffic_annotation.ExtractedNetworkTrafficAnnotation\x12i\n\'whitelisted_network_traffic_annotations\x18\x02 \x01(\x0b\x32\x38.traffic_annotation.WhitelistedNetworkTrafficAnnotationsB\x02H\x03\x62\x06proto3')
_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals())
_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'traffic_annotation_pb2', globals()) _builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'traffic_annotation_pb2', globals())
@ -24,29 +24,29 @@ if _descriptor._USE_C_DESCRIPTORS == False:
DESCRIPTOR._options = None DESCRIPTOR._options = None
DESCRIPTOR._serialized_options = b'H\003' DESCRIPTOR._serialized_options = b'H\003'
_NETWORKTRAFFICANNOTATION._serialized_start=100 _NETWORKTRAFFICANNOTATION._serialized_start=100
_NETWORKTRAFFICANNOTATION._serialized_end=2163 _NETWORKTRAFFICANNOTATION._serialized_end=2230
_NETWORKTRAFFICANNOTATION_TRAFFICSOURCE._serialized_start=399 _NETWORKTRAFFICANNOTATION_TRAFFICSOURCE._serialized_start=399
_NETWORKTRAFFICANNOTATION_TRAFFICSOURCE._serialized_end=463 _NETWORKTRAFFICANNOTATION_TRAFFICSOURCE._serialized_end=463
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS._serialized_start=466 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS._serialized_start=466
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS._serialized_end=1737 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS._serialized_end=1804
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL._serialized_start=882 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL._serialized_start=882
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL._serialized_end=1034 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL._serialized_end=1067
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL_CONTACT._serialized_start=992 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL_CONTACT._serialized_start=992
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL_CONTACT._serialized_end=1034 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_INTERNAL_CONTACT._serialized_end=1067
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA._serialized_start=1037 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA._serialized_start=1070
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA._serialized_end=1643 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA._serialized_end=1676
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA_USERDATATYPE._serialized_start=1149 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA_USERDATATYPE._serialized_start=1182
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA_USERDATATYPE._serialized_end=1643 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_USERDATA_USERDATATYPE._serialized_end=1676
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_DESTINATION._serialized_start=1645 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_DESTINATION._serialized_start=1678
_NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_DESTINATION._serialized_end=1737 _NETWORKTRAFFICANNOTATION_TRAFFICSEMANTICS_DESTINATION._serialized_end=1804
_NETWORKTRAFFICANNOTATION_TRAFFICPOLICY._serialized_start=1740 _NETWORKTRAFFICANNOTATION_TRAFFICPOLICY._serialized_start=1807
_NETWORKTRAFFICANNOTATION_TRAFFICPOLICY._serialized_end=2163 _NETWORKTRAFFICANNOTATION_TRAFFICPOLICY._serialized_end=2230
_NETWORKTRAFFICANNOTATION_TRAFFICPOLICY_COOKIESALLOWED._serialized_start=2113 _NETWORKTRAFFICANNOTATION_TRAFFICPOLICY_COOKIESALLOWED._serialized_start=2180
_NETWORKTRAFFICANNOTATION_TRAFFICPOLICY_COOKIESALLOWED._serialized_end=2163 _NETWORKTRAFFICANNOTATION_TRAFFICPOLICY_COOKIESALLOWED._serialized_end=2230
_EXTRACTEDNETWORKTRAFFICANNOTATION._serialized_start=2165 _EXTRACTEDNETWORKTRAFFICANNOTATION._serialized_start=2232
_EXTRACTEDNETWORKTRAFFICANNOTATION._serialized_end=2282 _EXTRACTEDNETWORKTRAFFICANNOTATION._serialized_end=2349
_WHITELISTEDNETWORKTRAFFICANNOTATIONS._serialized_start=2284 _WHITELISTEDNETWORKTRAFFICANNOTATIONS._serialized_start=2351
_WHITELISTEDNETWORKTRAFFICANNOTATIONS._serialized_end=2404 _WHITELISTEDNETWORKTRAFFICANNOTATIONS._serialized_end=2471
_NETWORKTRAFFICANNOTATIONS._serialized_start=2407 _NETWORKTRAFFICANNOTATIONS._serialized_start=2474
_NETWORKTRAFFICANNOTATIONS._serialized_end=2643 _NETWORKTRAFFICANNOTATIONS._serialized_end=2710
# @@protoc_insertion_point(module_scope) # @@protoc_insertion_point(module_scope)

@ -4,7 +4,7 @@
// An OK annotation // An OK annotation
net::NetworkTrafficAnnotationTag traffic_annotation = net::NetworkTrafficAnnotationTag traffic_annotation =
net::DefineNetworkTrafficAnnotation("ok_annotation", R"( net::DefineNetworkTrafficAnnotation("ok_annotation", R"(
semantics { semantics {
sender: "Cloud Policy" sender: "Cloud Policy"
description: description:
@ -12,6 +12,14 @@ net::NetworkTrafficAnnotationTag traffic_annotation =
"and custom terms of service." "and custom terms of service."
trigger: trigger:
"Periodically loaded when a managed user is signed in to Chrome." "Periodically loaded when a managed user is signed in to Chrome."
internal {
contacts {
email: "crmullins@google.com"
}
contacts {
owners: "//tools/traffic_annotation/OWNERS"
}
}
data: data:
"This request does not send any data. It loads external resources " "This request does not send any data. It loads external resources "
"by a unique URL provided by the admin." "by a unique URL provided by the admin."
@ -27,7 +35,6 @@ net::NetworkTrafficAnnotationTag traffic_annotation =
"the policy fetcher itself." "the policy fetcher itself."
})"); })");
// An annotation with a syntax error: semantics is missing '{'. // An annotation with a syntax error: semantics is missing '{'.
net::NetworkTrafficAnnotationTag traffic_annotation = net::NetworkTrafficAnnotationTag traffic_annotation =
net::DefineNetworkTrafficAnnotation("syntax_error_annotation", R"( net::DefineNetworkTrafficAnnotation("syntax_error_annotation", R"(