Argus

Appearance

本頁由 docs-site/scripts/sync-api-docs.shproto/gen/grpc-doc/ 自動產生。 不要直接編輯本檔;改 proto + 跑 make proto 後重新同步。

Protocol Documentation

Table of Contents

Top

store/access_grant.proto

AccessGrant

AccessGrantPayload

FieldTypeLabelDescription
issue_idint64The issue associated with the access grant.
targetsstringrepeatedThe target databases for this access grant. Format: instances/{instance}/databases/
querystringThe query permission granted.
unmaskboolWhether the grant allows unmasking sensitive data.
reasonstring
requested_durationgoogle.protobuf.DurationThe requested duration for the access grant. Stored when the user provides a TTL instead of an absolute expire_time. The server computes expire_time from this value at activation time.

AccessGrant.Status

NameNumberDescription
STATUS_UNSPECIFIED0
PENDING1
ACTIVE2
REVOKED3

Top

store/common.proto

PageToken

PageToken is used internally for obfuscating pagination tokens.

FieldTypeLabelDescription
limitint32Maximum number of items to return.
offsetint32Number of items to skip before starting to return results.

Position

Position in a text expressed as one-based line and one-based column. We use 1-based numbering to match the majority of industry standards:

Handling unknown positions:

  • If the entire position is unknown, leave this field as nil/undefined
  • If only line is known, set line and leave column as 0 (e.g., line=5, column=0)
  • If only column is known (rare), set column and leave line as 0 Frontends should check for nil/undefined/zero values and handle them appropriately.
FieldTypeLabelDescription
lineint32Line position in a text (one-based). First line of the text is line 1. A value of 0 indicates the line information is unknown.
columnint32Column position in a text (one-based). Column is measured in Unicode code points (characters/runes), not bytes or grapheme clusters. First character of the line is column 1. A value of 0 indicates the column information is unknown.

Examples: - "SELECT * FROM t" - column 8 is '*' - "SELECT 你好 FROM t" - column 8 is '你' (even though it's at byte offset 7) - "SELECT 😀 FROM t" - column 8 is '😀' (even though it's 4 bytes in UTF-8) |

Range

Range represents a span within a text or sequence. Whether the indices are byte offsets or character indices depends on the context. Check the documentation of the field using Range for specific semantics.

FieldTypeLabelDescription
startint32Start index (inclusive).
endint32End index (exclusive).

Engine

Engine represents the type of database system.

NameNumberDescription
ENGINE_UNSPECIFIED0
CLICKHOUSE1
MYSQL2
POSTGRES3
SNOWFLAKE4
SQLITE5
TIDB6
MONGODB7
REDIS8
ORACLE9
SPANNER10
MSSQL11
REDSHIFT12
MARIADB13
OCEANBASE14
STARROCKS15
DORIS16
HIVE17
ELASTICSEARCH18
BIGQUERY19
DYNAMODB20
DATABRICKS21
COCKROACHDB22
COSMOSDB23
TRINO24
CASSANDRA25

ExportFormat

ExportFormat represents the file format for exported data.

NameNumberDescription
FORMAT_UNSPECIFIED0
CSV1
JSON2
SQL3
XLSX4

RiskLevel

RiskLevel represents the assessed risk level of a database operation.

NameNumberDescription
RISK_LEVEL_UNSPECIFIED0
LOW1
MODERATE2
HIGH3

SchemaChangeType

SchemaChangeType represents the strategy for schema changes.

NameNumberDescription
SCHEMA_CHANGE_TYPE_UNSPECIFIED0
VERSIONED1Versioned migration with explicit migration scripts.
DECLARATIVE2Declarative schema definition (state-based).

StatementType

StatementType represents the type of SQL statement.

NameNumberDescription
STATEMENT_TYPE_UNSPECIFIED0
CREATE_DATABASE1DDL - CREATE statements
CREATE_TABLE2
CREATE_VIEW3
CREATE_INDEX4
CREATE_SEQUENCE5
CREATE_SCHEMA6
CREATE_FUNCTION7
CREATE_TRIGGER8
CREATE_PROCEDURE9
CREATE_EVENT10
CREATE_EXTENSION11
CREATE_TYPE12
DROP_DATABASE20DDL - DROP statements
DROP_TABLE21
DROP_VIEW22
DROP_INDEX23
DROP_SEQUENCE24
DROP_SCHEMA25
DROP_FUNCTION26
DROP_TRIGGER27
DROP_PROCEDURE28
DROP_EVENT29
DROP_EXTENSION30
DROP_TYPE31
ALTER_DATABASE40DDL - ALTER statements
ALTER_TABLE41
ALTER_VIEW42
ALTER_SEQUENCE43
ALTER_EVENT44
ALTER_TYPE45
ALTER_INDEX46
TRUNCATE50DDL - Other
RENAME51
RENAME_INDEX52
RENAME_SCHEMA53
RENAME_SEQUENCE54
COMMENT55
INSERT60DML statements
UPDATE61
DELETE62

VCSType

VCSType represents the type of version control system.

NameNumberDescription
VCS_TYPE_UNSPECIFIED0
GITHUB1
GITLAB2
BITBUCKET3
AZURE_DEVOPS4

WebhookType

NameNumberDescription
WEBHOOK_TYPE_UNSPECIFIED0Unspecified type.
SLACK1Slack integration.
DISCORD2Discord integration.
TEAMS3Microsoft Teams integration.
DINGTALK4DingTalk integration.
FEISHU5Feishu integration.
WECOM6WeCom (WeChat Work) integration.
LARK7Lark integration.
GOOGLE_CHAT8Google Chat integration.
TELEGRAM9[Argus P1-4 M4.0] Telegram Bot API integration. Added to support emergency-pause + alert routing notifications in regions where Telegram is the standard ops channel.

Top

store/advice.proto

Advice

FieldTypeLabelDescription
statusAdvice.StatusThe advice status.
codeint32The advice code.
titlestringThe advice title.
contentstringThe advice content.
start_positionPositionThe start_position is inclusive and the end_position is exclusive. TODO: use range instead.
end_positionPosition

Advice.Status

Status represents the result status of the advice.

NameNumberDescription
STATUS_UNSPECIFIED0
SUCCESS1
WARNING2
ERROR3

Top

store/approval.proto

ApprovalFlow

ApprovalFlow defines the sequence of approvals required.

FieldTypeLabelDescription
rolesstringrepeatedList of role names that must approve, in order.

ApprovalTemplate

ApprovalTemplate defines the approval workflow and requirements for an issue.

FieldTypeLabelDescription
flowApprovalFlowThe approval workflow specification.
titlestringHuman-readable title of the approval template.
descriptionstringDetailed description of when this template applies.

IssuePayloadApproval

IssuePayloadApproval records the approval template used and approval history for an issue.

FieldTypeLabelDescription
approval_templateApprovalTemplateThe approval template being used for this issue.
approversIssuePayloadApproval.ApproverrepeatedList of approvers and their current status.
approval_finding_doneboolWhether the system has finished finding a matching approval template. False means the backend is still searching for matching templates.

IssuePayloadApproval.Approver

Approver represents a user who can approve or reject an issue.

FieldTypeLabelDescription
statusIssuePayloadApproval.Approver.StatusThe current approval status.
principalstringThe principal who is the approver. Format: users/{email}.

IssuePayloadApproval.Approver.Status

Status represents the approver's decision state.

NameNumberDescription
STATUS_UNSPECIFIED0
PENDING1Approval is pending from this approver.
APPROVED2Approver has approved the issue.
REJECTED3Approver has rejected the issue.

Top

store/audit_log.proto

AuditLog

FieldTypeLabelDescription
parentstringThe project or workspace the audit log belongs to. Formats: - projects/{project} - workspaces/
methodstringExample: /argus.v1.SQLService/Query
resourcestringThe resource name. Example: projects/
userstringFormat: users/{email}.
severityAuditLog.Severity
requeststringMarshalled request.
responsestringMarshalled response. Some fields are omitted because they are too large or contain sensitive information.
statusgoogle.rpc.Status
latencygoogle.protobuf.DurationThe latency of the RPC.
service_datagoogle.protobuf.AnyThe service-specific data about the request, response, and other activities.
request_metadataRequestMetadataMetadata about the operation.

RequestMetadata

Metadata about the request.

FieldTypeLabelDescription
caller_ipstringThe IP address of the caller.
caller_supplied_user_agentstringThe user agent of the caller. This information is not authenticated and should be treated accordingly.

AuditLog.Severity

NameNumberDescription
SEVERITY_UNSPECIFIED0
DEBUG1
INFO2
NOTICE3
WARNING4
ERROR5
CRITICAL6
ALERT7
EMERGENCY8

Top

store/auth.proto

EmailVerificationCodePurpose

EmailVerificationCodePurpose distinguishes login codes from password reset codes. Stored as the enum name string in email_verification_code.purpose column.

NameNumberDescription
EMAIL_VERIFICATION_CODE_PURPOSE_UNSPECIFIED0
LOGIN1
PASSWORD_RESET2

Top

store/changelog.proto

ChangelogPayload

FieldTypeLabelDescription
task_runstringFormat: projects/{project}/plans/{plan}/rollout/stages/{stage}/tasks/{task}/taskRuns/
git_commitstring

Top

store/database.proto

BoundingBox

BoundingBox defines the bounding box for spatial indexes.

FieldTypeLabelDescription
xmindouble
ymindouble
xmaxdouble
ymaxdouble

CheckConstraintMetadata

FieldTypeLabelDescription
namestringThe name of the check constraint.
expressionstringThe expression is the expression of a check constraint.

ColumnCatalog

FieldTypeLabelDescription
namestringThe name of the column.
semantic_typestring
labelsColumnCatalog.LabelsEntryrepeatedThe user labels for a column.
classificationstring
object_schemaObjectSchemaoptional

ColumnCatalog.LabelsEntry

FieldTypeLabelDescription
keystring
valuestring

ColumnMetadata

ColumnMetadata is the metadata for columns.

FieldTypeLabelDescription
namestringThe name of the column.
positionint32The position is the position in columns.
defaultstringThe default value of the column.
default_on_nullboolOracle specific metadata. The default_on_null is the default on null of a column.
on_updatestringThe on_update is the on update action of a column. For MySQL like databases, it's only supported for TIMESTAMP columns with CURRENT_TIMESTAMP as on update value.
nullableboolThe nullable is the nullable of a column.
typestringThe type is the type of a column.
character_setstringThe character_set is the character_set of a column.
collationstringThe collation is the collation of a column.
commentstringThe comment is the comment of a column.
generationGenerationMetadataThe generation is for generated columns.
is_identitybool
identity_generationColumnMetadata.IdentityGenerationThe identity_generation is for identity columns, PG only.
identity_seedint64The identity_seed is for identity columns, MSSQL only.
identity_incrementint64The identity_increment is for identity columns, MSSQL only.
default_constraint_namestringThe default_constraint_name is the name of the default constraint, MSSQL only. In MSSQL, default values are implemented as named constraints. When modifying or dropping a column's default value, you must reference the constraint by name. This field stores the actual constraint name from the database.

Example: A column definition like: CREATE TABLE employees ( status NVARCHAR(20) DEFAULT 'active' )

Will create a constraint with an auto-generated name like 'DF__employees__statu__3B75D760' or a user-defined name if specified: ALTER TABLE employees ADD CONSTRAINT DF_employees_status DEFAULT 'active' FOR status

To modify the default, you must first drop the existing constraint by name: ALTER TABLE employees DROP CONSTRAINT DF__employees__statu__3B75D760 ALTER TABLE employees ADD CONSTRAINT DF_employees_status DEFAULT 'inactive' FOR status

This field is populated when syncing from the database. When empty (e.g., when parsing from SQL files), the system cannot automatically drop the constraint. |

DatabaseConfig

FieldTypeLabelDescription
namestring
schemasSchemaCatalogrepeatedThe schema_configs is the list of configs for schemas in a database.

DatabaseMetadata

DatabaseMetadata is the metadata for databases.

FieldTypeLabelDescription
labelsDatabaseMetadata.LabelsEntryrepeated
last_sync_timegoogle.protobuf.Timestamp
backup_availablebool
datasharebool
releasestringThe release that was last applied to this database. Format: projects/{project}/releases/
sync_statusSyncStatusThe sync status of the database.
sync_errorstringThe error message if sync failed.

DatabaseMetadata.LabelsEntry

FieldTypeLabelDescription
keystring
valuestring

DatabaseSchemaMetadata

DatabaseSchemaMetadata is the schema metadata for databases.

FieldTypeLabelDescription
namestring
schemasSchemaMetadatarepeatedThe list of schemas in a database.
character_setstringThe character set of the database.
collationstringThe collation of the database.
extensionsExtensionMetadatarepeatedThe list of extensions in a database.
datashareboolThe database belongs to a datashare.
service_namestringThe service name of the database. It's an Oracle-specific concept.
linked_databasesLinkedDatabaseMetadatarepeated
ownerstring
search_pathstringThe search_path is the search path of a PostgreSQL database.
event_triggersEventTriggerMetadatarepeatedThe list of event triggers in a database (PostgreSQL specific). Event triggers are database-level objects, not schema-scoped.

DependencyColumn

DependencyColumn is the metadata for dependency columns.

FieldTypeLabelDescription
schemastringThe schema is the schema of a reference column.
tablestringThe table is the table of a reference column.
columnstringThe column is the name of a reference column.

DependencyTable

FieldTypeLabelDescription
schemastringThe schema is the schema of a reference table.
tablestringThe table is the name of a reference table.

DimensionalConfig

DimensionalConfig defines dimensional and constraint parameters for spatial indexes.

FieldTypeLabelDescription
dimensionsint32Number of dimensions (2-4, default 2)
data_typestringSpatial data type Examples: GEOMETRY, GEOGRAPHY, POINT, POLYGON, etc.
operator_classstringPostgreSQL operator class Examples: gist_geometry_ops_2d, gist_geometry_ops_nd, etc.
layer_gtypestringOracle geometry type constraint Examples: POINT, LINE, POLYGON, COLLECTION
parallel_buildboolParallel index creation

EnumTypeMetadata

FieldTypeLabelDescription
namestringThe name of the enum type.
valuesstringrepeatedThe enum values of the type.
commentstring
skip_dumpbool

EventMetadata

FieldTypeLabelDescription
namestringThe name of the event.
definitionstringThe schedule of the event.
time_zonestringThe time zone of the event.
sql_modestring
character_set_clientstring
collation_connectionstring
commentstring

EventTriggerMetadata

EventTriggerMetadata is the metadata for PostgreSQL event triggers. Event triggers are database-level objects that fire on DDL events.

FieldTypeLabelDescription
namestringThe name of the event trigger.
eventstringThe event type: DDL_COMMAND_START, DDL_COMMAND_END, SQL_DROP, TABLE_REWRITE.
tagsstringrepeatedThe tags filter (e.g., ['CREATE TABLE', 'DROP TABLE']).
function_schemastringThe schema of the function to execute.
function_namestringThe name of the function to execute.
enabledboolWhether the trigger is enabled.
definitionstringThe full CREATE EVENT TRIGGER definition from pg_get_event_trigger_def(). SDL output should prefer using this field.
commentstringThe comment on the event trigger.
skip_dumpboolSkip dump flag (for extension-owned triggers).

ExcludeConstraintMetadata

FieldTypeLabelDescription
namestringThe name of the EXCLUDE constraint.
expressionstringThe expression is the full EXCLUDE constraint definition including "EXCLUDE" keyword. Example: "EXCLUDE USING gist (room_id WITH =, during WITH &&)"

ExtensionMetadata

ExtensionMetadata is the metadata for extensions.

FieldTypeLabelDescription
namestringThe name of the extension.
schemastringThe schema where the extension is installed. However, the extension usage is not limited to the schema.
versionstringThe version is the version of an extension.
descriptionstringThe description is the description of an extension.

ExternalTableMetadata

FieldTypeLabelDescription
namestringThe name of the external table.
external_server_namestringThe external_server_name is the name of the external server.
external_database_namestringThe external_database_name is the name of the external database.
columnsColumnMetadatarepeatedThe columns is the ordered list of columns in a foreign table.

ForeignKeyMetadata

ForeignKeyMetadata is the metadata for foreign keys.

FieldTypeLabelDescription
namestringThe name of the foreign key.
columnsstringrepeatedThe columns are the ordered referencing columns of a foreign key.
referenced_schemastringThe referenced_schema is the referenced schema name of a foreign key. It is an empty string for databases without such concept such as MySQL.
referenced_tablestringThe referenced_table is the referenced table name of a foreign key.
referenced_columnsstringrepeatedThe referenced_columns are the ordered referenced columns of a foreign key.
on_deletestringThe on_delete is the on delete action of a foreign key.
on_updatestringThe on_update is the on update action of a foreign key.
match_typestringThe match_type is the match type of a foreign key. The match_type is the PostgreSQL specific field. It's empty string for other databases.

FunctionMetadata

FunctionMetadata is the metadata for functions.

FieldTypeLabelDescription
namestringThe name of the function.
definitionstringThe definition is the definition of a function.
signaturestringThe signature is the name with the number and type of input arguments the function takes.
character_set_clientstringMySQL specific metadata.
collation_connectionstring
database_collationstring
sql_modestring
commentstring
dependency_tablesDependencyTablerepeatedThe dependency_tables is the list of dependency tables of a function. For PostgreSQL, it's the list of tables that the function depends on the return type definition.
skip_dumpbool

GenerationMetadata

FieldTypeLabelDescription
typeGenerationMetadata.Type
expressionstring

GridLevel

GridLevel defines a grid level for spatial tessellation.

FieldTypeLabelDescription
levelint321-4 for SQL Server
densitystringLOW, MEDIUM, HIGH

IndexMetadata

IndexMetadata is the metadata for indexes.

FieldTypeLabelDescription
namestringThe name of the index.
expressionsstringrepeatedThe expressions are the ordered columns or expressions of an index.

For PostgreSQL, the canonical shape for each entry matches pg_get_indexdef(oid, col, true) — the tightest index_elem grammar form: - column key: bare identifier e.g. "id", "Name" - function-call key: bare func_expr_windowless e.g. "lower(name)" - expression key: parenthesized a_expr e.g. "(payload ->> 'k'::text)" The DDL emitter writes entries verbatim into the CREATE INDEX key list. | | key_length | int64 | repeated | The ordered list of key lengths for the index. If the key length is not specified, it is -1. | | descending | bool | repeated | The ordered list of descending flags for the index columns. | | type | string | | The type is the type of an index. | | unique | bool | | The unique is whether the index is unique. | | primary | bool | | The primary is whether the index is a primary key index. | | visible | bool | | The visible is whether the index is visible. | | comment | string | | The comment is the comment of an index. | | definition | string | | The definition of an index. | | parent_index_schema | string | | The schema name of the parent index. | | parent_index_name | string | | The index name of the parent index. | | granularity | int64 | | The number of granules in the block. It's a ClickHouse specific field. | | is_constraint | bool | | It's a PostgreSQL specific field. The unique constraint and unique index are not the same thing in PostgreSQL. | | spatial_config | SpatialIndexConfig | | Spatial index specific configuration | | opclass_names | string | repeated | https://www.postgresql.org/docs/current/catalog-pg-opclass.html Name of the operator class for each column. (PostgreSQL specific). | | opclass_defaults | bool | repeated | True if the operator class is the default. (PostgreSQL specific). |

InstanceRoleMetadata

InstanceRoleMetadata is the message for instance role.

FieldTypeLabelDescription
namestringThe role name. It's unique within the instance.
grantstringThe grant display string on the instance. It's generated by database engine.

LinkedDatabaseMetadata

FieldTypeLabelDescription
namestring
usernamestring
hoststring

MaterializedViewMetadata

MaterializedViewMetadata is the metadata for materialized views.

FieldTypeLabelDescription
namestringThe name of the materialized view.
definitionstringThe definition is the definition of a view.
commentstringThe comment is the comment of a view.
dependency_columnsDependencyColumnrepeatedThe list of dependency columns of the view.
triggersTriggerMetadatarepeatedThe ordered list of columns in the materialized view.
indexesIndexMetadatarepeatedThe list of indexes in the materialized view.
skip_dumpbool

ObjectSchema

FieldTypeLabelDescription
typeObjectSchema.Type
struct_kindObjectSchema.StructKind
array_kindObjectSchema.ArrayKind
semantic_typestring

ObjectSchema.ArrayKind

FieldTypeLabelDescription
kindObjectSchema

ObjectSchema.StructKind

FieldTypeLabelDescription
propertiesObjectSchema.StructKind.PropertiesEntryrepeated

ObjectSchema.StructKind.PropertiesEntry

FieldTypeLabelDescription
keystring
valueObjectSchema

PackageMetadata

PackageMetadata is the metadata for packages.

FieldTypeLabelDescription
namestringThe name of the package.
definitionstringThe definition is the definition of a package.

ProcedureMetadata

ProcedureMetadata is the metadata for procedures.

FieldTypeLabelDescription
namestringThe name of the procedure.
definitionstringThe definition is the definition of a procedure.
signaturestringThe signature is the name with the number and type of input arguments the function takes.
character_set_clientstringMySQL specific metadata.
collation_connectionstring
database_collationstring
sql_modestring
commentstring
skip_dumpbool

RuleMetadata

RuleMetadata is the metadata for PostgreSQL rules.

FieldTypeLabelDescription
namestringThe name of the rule.
eventstringThe event type of the rule: SELECT, INSERT, UPDATE, or DELETE.
conditionstringThe WHERE condition of the rule (optional).
actionstringThe command(s) to execute when the rule fires.
is_insteadboolThe is_instead indicates whether this is an INSTEAD rule.
is_enabledboolThe is_enabled indicates whether the rule is enabled.
definitionstringThe full CREATE RULE statement.

SchemaCatalog

FieldTypeLabelDescription
namestringThe schema name. It is an empty string for databases without such concept such as MySQL.
tablesTableCatalogrepeatedThe table_configs is the list of configs for tables in a schema.

SchemaMetadata

SchemaMetadata is the metadata for schemas. This is the concept of schema in Postgres, but it's a no-op for MySQL.

FieldTypeLabelDescription
namestringThe schema name. It is an empty string for databases without such concept such as MySQL.
tablesTableMetadatarepeatedThe list of tables in a schema.
external_tablesExternalTableMetadatarepeatedThe list of external tables in a schema.
viewsViewMetadatarepeatedThe list of views in a schema.
functionsFunctionMetadatarepeatedThe list of functions in a schema.
proceduresProcedureMetadatarepeatedThe list of procedures in a schema.
streamsStreamMetadatarepeatedThe list of streams in a schema, currently only used for Snowflake.
tasksTaskMetadatarepeatedThe list of tasks in a schema, currently only used for Snowflake.
materialized_viewsMaterializedViewMetadatarepeatedThe list of materialized views in a schema.
sequencesSequenceMetadatarepeatedThe list of sequences in a schema.
packagesPackageMetadatarepeatedThe list of packages in a schema.
ownerstring
commentstring
eventsEventMetadatarepeated
enum_typesEnumTypeMetadatarepeated
skip_dumpbool

SequenceMetadata

FieldTypeLabelDescription
namestringThe name of a sequence.
data_typestringThe data type of a sequence.
startstringThe start value of a sequence.
min_valuestringThe minimum value of a sequence.
max_valuestringThe maximum value of a sequence.
incrementstringThe increment value of a sequence.
cycleboolWhether the sequence cycles.
cache_sizestringCache size of a sequence.
last_valuestringThe last value of a sequence.
owner_tablestringThe table that owns the sequence.
owner_columnstringThe column that owns the sequence.
commentstring
skip_dumpbool

SpatialIndexConfig

SpatialIndexConfig is the configuration for spatial indexes across different database engines.

FieldTypeLabelDescription
methodstringIndex method/type (database-specific) Examples: "SPATIAL" (MySQL/SQL Server), "GIST"/"SPGIST" (PostgreSQL), "MDSYS.SPATIAL_INDEX_V2" (Oracle)
tessellationTessellationConfigTessellation configuration (primarily SQL Server)
storageStorageConfigStorage and performance parameters
dimensionalDimensionalConfigDimensional and constraint parameters
engine_specificSpatialIndexConfig.EngineSpecificEntryrepeatedDatabase-specific parameters (stored as key-value pairs for extensibility)

SpatialIndexConfig.EngineSpecificEntry

FieldTypeLabelDescription
keystring
valuestring

StorageConfig

StorageConfig defines storage and performance parameters for spatial indexes.

FieldTypeLabelDescription
fillfactorint32PostgreSQL parameters

10-100 | | buffering | string | | auto, on, off | | tablespace | string | | Oracle parameters | | work_tablespace | string | | | | sdo_level | int32 | | | | commit_interval | int32 | | | | pad_index | bool | | SQL Server parameters | | sort_in_tempdb | string | | ON, OFF | | drop_existing | bool | | | | online | bool | | | | allow_row_locks | bool | | | | allow_page_locks | bool | | | | maxdop | int32 | | | | data_compression | string | | NONE, ROW, PAGE |

StreamMetadata

FieldTypeLabelDescription
namestringThe name of the stream.
table_namestringThe table_name is the name of the table/view that the stream is created on.
ownerstringThe owner of the stream.
commentstringThe comment of the stream.
typeStreamMetadata.TypeThe type of the stream.
staleboolIndicates whether the stream was last read before the stale_after time.
modeStreamMetadata.ModeThe mode of the stream.
definitionstringThe definition of the stream.

TableCatalog

FieldTypeLabelDescription
namestringThe name of the table.
columnsColumnCatalogrepeatedThe column_configs is the ordered list of configs for columns in a table.
object_schemaObjectSchemaoptional
classificationstring

TableMetadata

TableMetadata is the metadata for tables.

FieldTypeLabelDescription
namestringThe name of the table.
columnsColumnMetadatarepeatedThe columns is the ordered list of columns in a table.
indexesIndexMetadatarepeatedThe indexes is the list of indexes in a table.
enginestringThe engine is the engine of a table.
collationstringThe collation is the collation of a table.
charsetstringThe character set of the table.
row_countint64The row_count is the estimated number of rows of a table.
data_sizeint64The data_size is the estimated data size of a table.
index_sizeint64The index_size is the estimated index size of a table.
data_freeint64The data_free is the estimated free data size of a table.
create_optionsstringThe create_options is the create option of a table.
commentstringThe comment is the comment of a table.
foreign_keysForeignKeyMetadatarepeatedThe foreign_keys is the list of foreign keys in a table.
partitionsTablePartitionMetadatarepeatedThe partitions is the list of partitions in a table.
check_constraintsCheckConstraintMetadatarepeatedThe check_constraints is the list of check constraints in a table.
ownerstring
sorting_keysstringrepeatedThe sorting_keys is a tuple of column names or arbitrary expressions. ClickHouse specific field. Reference: https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/mergetree#order_by
triggersTriggerMetadatarepeated
skip_dumpbool
rulesRuleMetadatarepeatedThe rules is the list of rules in a table (PostgreSQL specific).
sharding_infostringhttps://docs.pingcap.com/tidb/stable/information-schema-tables/
primary_key_typestringhttps://docs.pingcap.com/tidb/stable/clustered-indexes/#clustered-indexes CLUSTERED or NONCLUSTERED.
exclude_constraintsExcludeConstraintMetadatarepeatedThe exclude_constraints is the list of EXCLUDE constraints in a table (PostgreSQL specific).

TablePartitionMetadata

TablePartitionMetadata is the metadata for table partitions.

FieldTypeLabelDescription
namestringThe name of the table partition.
typeTablePartitionMetadata.TypeThe type of a table partition.
expressionstringThe expression is the expression of a table partition. For PostgreSQL, the expression is the text of {FOR VALUES partition_bound_spec}, see https://www.postgresql.org/docs/current/sql-createtable.html. For MySQL, the expression is the expr or column_list of the following syntax. PARTITION BY { [LINEAR] HASH(expr)
valuestringThe value is the value of a table partition. For MySQL, the value is for RANGE and LIST partition types, - For a RANGE partition, it contains the value set in the partition's VALUES LESS THAN clause, which can be either an integer or MAXVALUE. - For a LIST partition, this column contains the values defined in the partition's VALUES IN clause, which is a list of comma-separated integer values. - For others, it's an empty string.
use_defaultstringThe use_default is whether the users use the default partition, it stores the different value for different database engines. For MySQL, it's [INT] type, 0 means not use default partition, otherwise, it's equals to number in syntax [SUB]PARTITION {number}.
subpartitionsTablePartitionMetadatarepeatedThe subpartitions is the list of subpartitions in a table partition.
indexesIndexMetadatarepeated
check_constraintsCheckConstraintMetadatarepeated
exclude_constraintsExcludeConstraintMetadatarepeated

TaskMetadata

FieldTypeLabelDescription
namestringThe name of the task.
idstringThe Snowflake-generated ID of the task. Example: 01ad32a0-1bb6-5e93-0000-000000000001.
ownerstringThe owner of the task.
commentstringThe comment of the task.
warehousestringThe warehouse of the task.
schedulestringThe schedule interval of the task.
predecessorsstringrepeatedThe predecessor tasks of the task.
stateTaskMetadata.StateThe state of the task.
conditionstringThe condition of the task.
definitionstringThe definition of the task.

TessellationConfig

TessellationConfig defines tessellation parameters for spatial indexes.

FieldTypeLabelDescription
schemestringTessellation scheme Examples: GEOMETRY_GRID, GEOGRAPHY_GRID, GEOMETRY_AUTO_GRID, GEOGRAPHY_AUTO_GRID
bounding_boxBoundingBoxBounding box for GEOMETRY indexes (SQL Server)
grid_levelsGridLevelrepeatedGrid level configuration (SQL Server)
cells_per_objectint32Cells per object (SQL Server)

TriggerMetadata

FieldTypeLabelDescription
namestringThe name of the trigger.
eventstringThe event that triggers this action, such as INSERT, UPDATE, DELETE, or TRUNCATE.
timingstringThe timing of when the trigger fires, such as BEFORE or AFTER.
bodystringThe body of the trigger.
sql_modestring
character_set_clientstring
collation_connectionstring
commentstring
skip_dumpbool

ViewMetadata

ViewMetadata is the metadata for views.

FieldTypeLabelDescription
namestringThe name of the view.
definitionstringThe definition is the definition of a view.
commentstringThe comment is the comment of a view.
dependency_columnsDependencyColumnrepeatedThe list of dependency columns of a view.
columnsColumnMetadatarepeatedThe ordered list of columns in the view.
triggersTriggerMetadatarepeatedThe list of triggers in the view.
skip_dumpbool
rulesRuleMetadatarepeatedThe rules is the list of rules in a view (PostgreSQL specific).

ColumnMetadata.IdentityGeneration

NameNumberDescription
IDENTITY_GENERATION_UNSPECIFIED0
ALWAYS1
BY_DEFAULT2

GenerationMetadata.Type

NameNumberDescription
TYPE_UNSPECIFIED0
TYPE_VIRTUAL1
TYPE_STORED2

ObjectSchema.Type

NameNumberDescription
TYPE_UNSPECIFIED0
STRING1
NUMBER2
BOOLEAN3
OBJECT4
ARRAY5

StreamMetadata.Mode

NameNumberDescription
MODE_UNSPECIFIED0
MODE_DEFAULT1
MODE_APPEND_ONLY2
MODE_INSERT_ONLY3

StreamMetadata.Type

NameNumberDescription
TYPE_UNSPECIFIED0
TYPE_DELTA1

SyncStatus

SyncStatus is the status of the database sync operation.

NameNumberDescription
SYNC_STATUS_UNSPECIFIED0
SYNC_STATUS_OK1
SYNC_STATUS_FAILED2

TablePartitionMetadata.Type

The type is the type of a table partition. Some database engines may not support all types. Only available for the following database engines now: MySQL: RANGE, RANGE COLUMNS, LIST, LIST COLUMNS, HASH, LINEAR HASH, KEY, LINEAR_KEY (https://dev.mysql.com/doc/refman/8.0/en/partitioning-types.html) TiDB: RANGE, RANGE COLUMNS, LIST, LIST COLUMNS, HASH, KEY PostgreSQL: RANGE, LIST, HASH (https://www.postgresql.org/docs/current/ddl-partitioning.html)

NameNumberDescription
TYPE_UNSPECIFIED0
RANGE1
RANGE_COLUMNS2
LIST3
LIST_COLUMNS4
HASH5
LINEAR_HASH6
KEY7
LINEAR_KEY8

TaskMetadata.State

NameNumberDescription
STATE_UNSPECIFIED0
STATE_STARTED1
STATE_SUSPENDED2

Top

store/export_archive.proto

ExportArchivePayload

FieldTypeLabelDescription
file_formatExportFormatThe exported file format. e.g. JSON, CSV, SQL

Top

store/group.proto

GroupMember

FieldTypeLabelDescription
memberstringMember is the principal who belongs to this group.

Format: users/{email}. | | role | GroupMember.Role | | |

GroupPayload

FieldTypeLabelDescription
membersGroupMemberrepeated
sourcestringThe source indicates where the group comes from. For now we support Entra ID SCIM sync, so the source could be Entra ID.

GroupMember.Role

NameNumberDescription
ROLE_UNSPECIFIED0
OWNER1
MEMBER2

Top

store/idp.proto

FieldMapping

FieldMapping saves the field names from user info API of identity provider. As we save all raw json string of user info response data into principal.idp_user_info, we can extract the relevant data based with FieldMapping.

FieldTypeLabelDescription
identifierstringIdentifier is the field name of the unique identifier in 3rd-party idp user info. Required.
display_namestringDisplayName is the field name of display name in 3rd-party idp user info. Optional.
phonestringPhone is the field name of primary phone in 3rd-party idp user info. Optional.
groupsstringGroups is the field name of groups in 3rd-party idp user info. Optional. Mainly used for OIDC: https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/

IdentityProviderConfig

FieldTypeLabelDescription
oauth2_configOAuth2IdentityProviderConfig
oidc_configOIDCIdentityProviderConfig
ldap_configLDAPIdentityProviderConfig

IdentityProviderUserInfo

FieldTypeLabelDescription
identifierstringIdentifier is the value of the unique identifier in 3rd-party idp user info.
display_namestringDisplayName is the value of display name in 3rd-party idp user info.
phonestringPhone is the value of primary phone in 3rd-party idp user info.
groupsstringrepeatedGroups is the value of groups in 3rd-party idp user info. Mainly used for OIDC: https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/
has_groupsbool

LDAPIdentityProviderConfig

LDAPIdentityProviderConfig is the structure for LDAP identity provider config.

FieldTypeLabelDescription
hoststringHost is the hostname or IP address of the LDAP server, e.g. "ldap.example.com".
portint32Port is the port number of the LDAP server, e.g. 389. When not set, the default port of the corresponding security protocol will be used, i.e. 389 for StartTLS and 636 for LDAPS.
skip_tls_verifyboolSkipTLSVerify controls whether to skip TLS certificate verification.
bind_dnstringBindDN is the DN of the user to bind as a service account to perform search requests.
bind_passwordstringBindPassword is the password of the user to bind as a service account.
base_dnstringBaseDN is the base DN to search for users, e.g. "ou=users,dc=example,dc=com".
user_filterstringUserFilter is the filter to search for users, e.g. "(uid=%s)".
security_protocolLDAPIdentityProviderConfig.SecurityProtocolSecurityProtocol is the security protocol to be used for establishing connections with the LDAP server.
field_mappingFieldMappingFieldMapping is the mapping of the user attributes returned by the LDAP server.

OAuth2IdentityProviderConfig

OAuth2IdentityProviderConfig is the structure for OAuth2 identity provider config.

FieldTypeLabelDescription
auth_urlstring
token_urlstring
user_info_urlstring
client_idstring
client_secretstring
scopesstringrepeated
field_mappingFieldMapping
skip_tls_verifybool
auth_styleOAuth2AuthStyle

OIDCIdentityProviderConfig

OIDCIdentityProviderConfig is the structure for OIDC identity provider config.

FieldTypeLabelDescription
issuerstring
client_idstring
client_secretstring
scopesstringrepeated
field_mappingFieldMapping
skip_tls_verifybool
auth_styleOAuth2AuthStyle

IdentityProviderType

NameNumberDescription
IDENTITY_PROVIDER_TYPE_UNSPECIFIED0
OAUTH21
OIDC2
LDAP3

LDAPIdentityProviderConfig.SecurityProtocol

NameNumberDescription
SECURITY_PROTOCOL_UNSPECIFIED0
START_TLS1StartTLS is the security protocol that starts with an unencrypted connection and then upgrades to TLS.
LDAPS2LDAPS is the security protocol that uses TLS from the beginning.

OAuth2AuthStyle

NameNumberDescription
OAUTH2_AUTH_STYLE_UNSPECIFIED0
IN_PARAMS1IN_PARAMS sends the "client_id" and "client_secret" in the POST body as application/x-www-form-urlencoded parameters.
IN_HEADER2IN_HEADER sends the client_id and client_secret using HTTP Basic Authorization. This is an optional style described in the OAuth2 RFC 6749 section 2.3.1.

Top

store/instance.proto

DataSource

FieldTypeLabelDescription
idstring
typeDataSourceType
usernamestring
passwordstring
obfuscated_passwordstring
use_sslboolUse SSL to connect to the data source. By default, we use the system's SSL configuration.
ssl_castring
obfuscated_ssl_castring
ssl_certstring
obfuscated_ssl_certstring
ssl_keystring
obfuscated_ssl_keystring
ssl_ca_pathstring
obfuscated_ssl_ca_pathstring
ssl_cert_pathstring
obfuscated_ssl_cert_pathstring
ssl_key_pathstring
obfuscated_ssl_key_pathstring
verify_tls_certificateboolverify_tls_certificate enables TLS certificate verification for SSL connections. Default is false (no verification) for backward compatibility. Set to true for secure connections (recommended for production). Only set to false for development or when certificates cannot be properly validated (e.g., self-signed certs, VPN environments).
hoststring
portstring
databasestring
srvboolsrv, authentication_database, and replica_set are used for MongoDB. srv is a boolean flag that indicates whether the host is a DNS SRV record.
authentication_databasestringauthentication_database is the database name to authenticate against, which stores the user credentials.
replica_setstringreplica_set is used for MongoDB replica set.
sidstringsid and service_name are used for Oracle.
service_namestring
ssh_hoststringSSH related The hostname of the SSH server agent.
ssh_portstringThe port of the SSH server agent. It's 22 typically.
ssh_userstringThe user to login the server.
ssh_passwordstringThe password to login the server. If it's empty string, no password is required.
obfuscated_ssh_passwordstring
ssh_private_keystringThe private key to login the server. If it's empty string, we will use the system default private key from os.Getenv("SSH_AUTH_SOCK").
obfuscated_ssh_private_keystring
authentication_private_keystringPKCS#8 private key in PEM format. If it's empty string, no private key is required. Used for authentication when connecting to the data source.
obfuscated_authentication_private_keystring
authentication_private_key_passphrasestringPassphrase for the encrypted PKCS#8 private key. Only used when the private key is encrypted.
obfuscated_authentication_private_key_passphrasestring
external_secretDataSourceExternalSecret
authentication_typeDataSource.AuthenticationType
azure_credentialDataSource.AzureCredential
aws_credentialDataSource.AWSCredential
gcp_credentialDataSource.GCPCredential
sasl_configSASLConfig
additional_addressesDataSource.Addressrepeatedadditional_addresses is used for MongoDB replica set.
direct_connectionbooldirect_connection is used for MongoDB to dispatch all the operations to the node specified in the connection string.
regionstringRegion is the location of the database, used for AWS RDS. For example, us-east-1.
warehouse_idstringwarehouse_id is used by Databricks.
master_namestringmaster_name is the master name used by connecting redis-master via redis sentinel.
master_usernamestringmaster_username and master_obfuscated_password are master credentials used by redis sentinel mode.
master_passwordstring
obfuscated_master_passwordstring
redis_typeDataSource.RedisType
clusterstringCluster is the cluster name for the data source. Used by CockroachDB.
extra_connection_parametersDataSource.ExtraConnectionParametersEntryrepeatedExtra connection parameters for the database connection. For PostgreSQL HA, this can be used to set target_session_attrs=read-write

DataSource.AWSCredential

FieldTypeLabelDescription
access_key_idstring
obfuscated_access_key_idstring
secret_access_keystring
obfuscated_secret_access_keystring
session_tokenstring
obfuscated_session_tokenstring
role_arnstringARN of IAM role to assume for cross-account access. See: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
external_idstringOptional external ID for additional security when assuming role. See: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html

DataSource.Address

FieldTypeLabelDescription
hoststring
portstring

DataSource.AzureCredential

FieldTypeLabelDescription
tenant_idstring
client_idstring
client_secretstring
obfuscated_client_secretstring

DataSource.ExtraConnectionParametersEntry

FieldTypeLabelDescription
keystring
valuestring

DataSource.GCPCredential

FieldTypeLabelDescription
contentstring
obfuscated_contentstring

DataSourceExternalSecret

FieldTypeLabelDescription
secret_typeDataSourceExternalSecret.SecretType
urlstring
auth_typeDataSourceExternalSecret.AuthType
app_roleDataSourceExternalSecret.AppRoleAuthOption
tokenstring
engine_namestringengine name is the name for secret engine.
secret_namestringthe secret name in the engine to store the password.
password_key_namestringthe key name for the password.
skip_vault_tls_verificationboolTLS configuration for connecting to Vault server. These fields are separate from the database TLS configuration in DataSource. skip_vault_tls_verification disables TLS certificate verification for Vault connections. Default is false (verification enabled) for security. Only set to true for development or when certificates cannot be properly validated.
vault_ssl_castringCA certificate for Vault server verification.
obfuscated_vault_ssl_castring
vault_ssl_certstringClient certificate for mutual TLS authentication with Vault.
obfuscated_vault_ssl_certstring
vault_ssl_keystringClient private key for mutual TLS authentication with Vault.
obfuscated_vault_ssl_keystring

DataSourceExternalSecret.AppRoleAuthOption

FieldTypeLabelDescription
role_idstring
secret_idstringThe secret ID for the role without TTL.
typeDataSourceExternalSecret.AppRoleAuthOption.SecretType
mount_pathstringThe path where the approle auth method is mounted.

Instance

Instance is the proto for instances.

FieldTypeLabelDescription
titlestring
engineEngine
versionstring
external_linkstring
data_sourcesDataSourcerepeated
sync_intervalgoogle.protobuf.DurationThe interval between automatic instance synchronizations.
sync_databasesstringrepeatedEnable sync for the following databases. Default empty, means sync all schemas & databases.
mysql_lower_case_table_namesint32The lower_case_table_names config for MySQL instances. It is used to determine whether the table names and database names are case sensitive.
last_sync_timegoogle.protobuf.Timestamp
rolesInstanceRolerepeated
labelsInstance.LabelsEntryrepeatedLabels are key-value pairs that can be attached to the instance. For example, { "org_group": "infrastructure", "environment": "production" }

Instance.LabelsEntry

FieldTypeLabelDescription
keystring
valuestring

InstanceRole

InstanceRole is the API message for instance role.

FieldTypeLabelDescription
namestringThe role name.
connection_limitint32optionalThe connection count limit for this role.
valid_untilstringoptionalThe expiration for the role's password.
attributestringoptionalThe role attribute. For PostgreSQL, it contains super_user, no_inherit, create_role, create_db, can_login, replication and bypass_rls. Docs: https://www.postgresql.org/docs/current/role-attributes.html For MySQL, it is the global privileges as GRANT statements, which means it only contains "GRANT ... ON . TO ...". Docs: https://dev.mysql.com/doc/refman/8.0/en/grant.html

KerberosConfig

FieldTypeLabelDescription
primarystring
instancestring
realmstring
keytabbytes
kdc_hoststring
kdc_portstring
kdc_transport_protocolstring

SASLConfig

FieldTypeLabelDescription
krb_configKerberosConfig

DataSource.AuthenticationType

NameNumberDescription
AUTHENTICATION_UNSPECIFIED0
PASSWORD1
GOOGLE_CLOUD_SQL_IAM2
AWS_RDS_IAM3
AZURE_IAM4

DataSource.RedisType

NameNumberDescription
REDIS_TYPE_UNSPECIFIED0
STANDALONE1
SENTINEL2
CLUSTER3

DataSourceExternalSecret.AppRoleAuthOption.SecretType

NameNumberDescription
SECRET_TYPE_UNSPECIFIED0
PLAIN1
ENVIRONMENT2

DataSourceExternalSecret.AuthType

NameNumberDescription
AUTH_TYPE_UNSPECIFIED0
TOKEN1ref: https://developer.hashicorp.com/vault/docs/auth/token
VAULT_APP_ROLE2ref: https://developer.hashicorp.com/vault/docs/auth/approle

DataSourceExternalSecret.SecretType

NameNumberDescription
SECRET_TYPE_UNSPECIFIED0
VAULT_KV_V21ref: https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2
AWS_SECRETS_MANAGER2ref: https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html
GCP_SECRET_MANAGER3ref: https://cloud.google.com/secret-manager/docs
AZURE_KEY_VAULT4ref: https://learn.microsoft.com/en-us/azure/key-vault/secrets/about-secrets

DataSourceType

NameNumberDescription
DATA_SOURCE_UNSPECIFIED0
ADMIN1
READ_ONLY2

Top

store/issue.proto

Issue

Issue is the metadata for issues that track database operations and access requests.

FieldTypeLabelDescription
approvalIssuePayloadApprovalApproval information for the issue workflow.
role_grantRoleGrantRole grant details if this is a role grant issue.
labelsstringrepeatedLabels attached to categorize and filter the issue.
risk_levelRiskLevelRisk level for the issue, calculated from statement types.
access_grant_idstringThe access grant id for ACCESS_GRANT type issue.

RoleGrant

RoleGrant contains details for requesting a project role.

FieldTypeLabelDescription
rolestringThe role being requested for the user. Format: roles/EXPORTER.
userstringThe user who will receive the role. Format: users/{email}.
conditiongoogle.type.ExprOptional conditional expression that limits when the grant applies.
expirationgoogle.protobuf.DurationDuration after which the grant automatically expires.

Issue.Status

Status represents the current state of the issue.

NameNumberDescription
ISSUE_STATUS_UNSPECIFIED0
OPEN1Issue is open and pending action.
DONE2Issue has been completed successfully.
CANCELED3Issue was canceled and will not be completed.

Issue.Type

Type represents the category of issue.

NameNumberDescription
ISSUE_TYPE_UNSPECIFIED0
DATABASE_CHANGE1Issue for database schema or data changes.
ROLE_GRANT2Role grant request.
DATABASE_EXPORT3Issue for exporting data from databases.
ACCESS_GRANT4Temporary access grant request.

Top

store/issue_comment.proto

IssueCommentPayload

FieldTypeLabelDescription
commentstring
approvalIssueCommentPayload.Approval
issue_updateIssueCommentPayload.IssueUpdate
plan_spec_updateIssueCommentPayload.PlanSpecUpdate
ai_reviewIssueCommentPayload.AIReview[Argus P1-3] Comment created by the AI Reviewer module after a DBA review of the issue's SQL change. Carries the structured report so the UI can re-render the original report without re-running the LLM. The comment field is also populated with a markdown summary for systems that only consume free-text.

IssueCommentPayload.AIReview

[Argus P1-3] Structured DBA-review payload. risk_level mirrors the storepb.RiskLevel enum (OQ-AIR-4 = B); raw_response keeps the unparsed LLM reply for admin debugging when status is PARSE_FAILED. status discriminates the "happy path" report from failure modes that left an audit trail without a usable report.

FieldTypeLabelDescription
statusIssueCommentPayload.AIReview.Status
risk_levelRiskLevel
lock_scopestringTABLE
estimated_affected_rowsint64
replication_riskstringHIGH
potential_issuesstringrepeated
suggestionsstringrepeated
blocking_concernsstringrepeated
raw_responsestringRaw LLM response. Populated even on success for admin / auditor debugging. Trimmed to 8 KiB to bound payload size.
providerstringLLM provider that produced this report (OPEN_AI / CLAUDE / GEMINI). Stamped server-side so users see which model spoke.

IssueCommentPayload.Approval

FieldTypeLabelDescription
statusIssuePayloadApproval.Approver.Status

IssueCommentPayload.IssueUpdate

FieldTypeLabelDescription
from_titlestringoptional
to_titlestringoptional
from_descriptionstringoptional
to_descriptionstringoptional
from_statusIssue.Statusoptional
to_statusIssue.Statusoptional
from_labelsstringrepeated
to_labelsstringrepeated

IssueCommentPayload.PlanSpecUpdate

Plan spec update event (tracks sheet changes to plan specs)

FieldTypeLabelDescription
specstringThe spec that was updated Format: projects/{project}/plans/{plan}/specs/
from_sheet_sha256stringoptionalThe SHA256 hash of the previous sheet content (hex-encoded).
to_sheet_sha256stringoptionalThe SHA256 hash of the new sheet content (hex-encoded).

IssueCommentPayload.AIReview.Status

NameNumberDescription
STATUS_UNSPECIFIED0
OK1
PARSE_FAILED2LLM returned content but the parser couldn't extract a valid JSON report. UI shows raw_response instead.
LLM_FAILED3LLM call itself failed (rate limit / timeout / API down). raw_response carries the error message.

Top

store/oauth2.proto

OAuth2AuthorizationCodeConfig

FieldTypeLabelDescription
redirect_uristring
code_challengestring
code_challenge_methodstring

OAuth2ClientConfig

FieldTypeLabelDescription
client_namestring
redirect_urisstringrepeated
grant_typesstringrepeated
token_endpoint_auth_methodstring

Top

store/plan.proto

PlanConfig

FieldTypeLabelDescription
specsPlanConfig.Specrepeated
has_rolloutboolWhether the plan has started the rollout.

PlanConfig.ChangeDatabaseConfig

FieldTypeLabelDescription
targetsstringrepeatedThe list of targets. Multi-database format: [instances/{instance-id}/databases/{database-name}]. Single database group format: [projects/{project}/databaseGroups/{databaseGroup}].
sheet_sha256stringThe SHA256 hash of the sheet content (hex-encoded).
releasestringThe resource name of the release. Format: projects/{project}/releases/
enable_prior_backupboolIf set, a backup of the modified data will be created automatically before any changes are applied.
rollback_sheet_sha256string[Argus P0-5 G1] The SHA256 hash of the rollback SQL sheet content (hex-encoded). Empty when the change does not require rollback (e.g. SELECT) or has not yet been provided. PRE_FLIGHT check enforces presence for DDL / DML changes.

PlanConfig.CreateDatabaseConfig

FieldTypeLabelDescription
targetstringThe resource name of the instance on which the database is created. Format: instances/
databasestringThe name of the database to create.
tablestringtable is the name of the table, if it is not empty, Argus should create a table after creating the database. For example, in MongoDB, it only creates the database when we first store data in that database.
character_setstringcharacter_set is the character set of the database.
collationstringcollation is the collation of the database.
clusterstringcluster is the cluster of the database. This is only applicable to ClickHouse for "ON CLUSTER <<cluster>>".
ownerstringowner is the owner of the database. This is only applicable to Postgres for "WITH OWNER <<owner>>".
environmentstringThe environment resource. Format: environments/prod where prod is the environment resource ID.

PlanConfig.ExportDataConfig

FieldTypeLabelDescription
targetsstringrepeatedThe list of targets. Multi-database format: [instances/{instance-id}/databases/{database-name}]. Single database group format: [projects/{project}/databaseGroups/{databaseGroup}].
sheet_sha256stringThe SHA256 hash of the sheet content (hex-encoded).
formatExportFormatThe format of the exported file.
passwordstringoptionalThe zip password provided by users. Leave it empty if there is no need to encrypt the zip file.

PlanConfig.Spec

FieldTypeLabelDescription
idstringA UUID4 string that uniquely identifies the Spec.
create_database_configPlanConfig.CreateDatabaseConfig
change_database_configPlanConfig.ChangeDatabaseConfig
export_data_configPlanConfig.ExportDataConfig

Top

store/plan_check_run.proto

ChangedResourceDatabase

FieldTypeLabelDescription
namestring
schemasChangedResourceSchemarepeated

ChangedResourceSchema

FieldTypeLabelDescription
namestring
tablesChangedResourceTablerepeated

ChangedResourceTable

FieldTypeLabelDescription
namestring
table_rowsint64The estimated row count of the table.

ChangedResources

FieldTypeLabelDescription
databasesChangedResourceDatabaserepeated

PlanCheckRunResult

FieldTypeLabelDescription
resultsPlanCheckRunResult.Resultrepeated
errorstring

PlanCheckRunResult.Result

FieldTypeLabelDescription
statusAdvice.Status
titlestring
contentstring
codeint32
targetstringTarget identification for consolidated results Format: instances/{instance}/databases/
typePlanCheckType
sql_summary_reportPlanCheckRunResult.Result.SqlSummaryReport
sql_review_reportPlanCheckRunResult.Result.SqlReviewReport

PlanCheckRunResult.Result.SqlReviewReport

FieldTypeLabelDescription
start_positionPositionPosition of the SQL statement.
end_positionPosition

PlanCheckRunResult.Result.SqlSummaryReport

FieldTypeLabelDescription
statement_typesStatementTyperepeatedstatement_types are the types of statements found in the SQL.
affected_rowsint64
changed_resourcesChangedResources

PlanCheckType

NameNumberDescription
PLAN_CHECK_TYPE_UNSPECIFIED0
PLAN_CHECK_TYPE_STATEMENT_ADVISE1
PLAN_CHECK_TYPE_STATEMENT_SUMMARY_REPORT2
PLAN_CHECK_TYPE_GHOST_SYNC3
PLAN_CHECK_TYPE_PRE_FLIGHT4[Argus P0-5] Pre-flight checklist: rollback SQL presence (G1 / M1), maintenance window admission (G2 / M2, planned), replication-lag estimate (G3 / M3, planned). Result types share this enum value; sub-check kind is conveyed by the Result.title prefix ("Rollback SQL:" / "Maintenance window:" / "Replication lag:"). See docs/modules/preflight-checklist.md.

Top

store/policy.proto

Binding

FieldTypeLabelDescription
rolestringThe role that is assigned to the members. Format: roles/
membersstringrepeatedSpecifies the principals requesting access for a Argus resource. For users, the member should be: users/{email} For groups, the member should be: groups/
conditiongoogle.type.ExprThe condition that is associated with this binding. If the condition evaluates to true, then this binding applies to the current request. If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.

IamPolicy

FieldTypeLabelDescription
bindingsBindingrepeatedCollection of binding. A binding binds one or more members or groups to a single role.

MaskingExemptionPolicy

MaskingExemptionPolicy is the allowlist of users who can access sensitive data.

FieldTypeLabelDescription
exemptionsMaskingExemptionPolicy.Exemptionrepeated

MaskingExemptionPolicy.Exemption

FieldTypeLabelDescription
membersstringrepeatedMembers who bind to this exemption.

Format: users/{email} or groups/{group email} | | condition | google.type.Expr | | The condition that is associated with this exception policy instance. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec If the condition is empty, means the user can access all databases without expiration.

Support variables: resource.instance_id: the instance resource id. Only support "==" operation. resource.database_name: the database name. Only support "==" operation. resource.schema_name: the schema name. Only support "==" operation. resource.table_name: the table name. Only support "==" operation. resource.column_name: the column name. Only support "==" operation. request.time: the expiration. Only support "<" operation in request.time &lt; timestamp(&#34;{ISO datetime string format}&#34;) All variables should join with "&&" condition.

For example: resource.instance_id == "local" && resource.database_name == "employee" && request.time < timestamp("2025-04-30T11:10:39.000Z") resource.instance_id == "local" && resource.database_name == "employee" |

MaskingRulePolicy

FieldTypeLabelDescription
rulesMaskingRulePolicy.MaskingRulerepeated

MaskingRulePolicy.MaskingRule

FieldTypeLabelDescription
idstringA unique identifier for a node in UUID format.
conditiongoogle.type.Expr
semantic_typestring

Policy

QueryDataPolicy

QueryDataPolicy is the policy configuration for querying data in the SQL Editor.

FieldTypeLabelDescription
disable_exportboolworkspace-level policy Disable exporting data in the SQL editor.
maximum_result_rowsint32Support both project-level and workspace-level. The maximum number of rows to return in the SQL editor. The default value <= 0, means no limit.
disable_copy_databoolworkspace-level policy Disable copying data.
allow_admin_data_sourceboolworkspace-level policy Allow using the admin data source to query in the SQL editor.
disallow_ddlbool================ Deprecate following fields. Disallow running DDL statements in the SQL editor.
disallow_dmlboolDisallow running DML statements in the SQL editor.

RolloutPolicy

FieldTypeLabelDescription
automaticbool
rolesstringrepeated

TagPolicy

FieldTypeLabelDescription
tagsTagPolicy.TagsEntryrepeatedtags is the key-value map for resources. For example, the environment resource can have the SQL review config tag, such as "bb.tag.review_config": "reviewConfigs/{review config resource id}".

TagPolicy.TagsEntry

FieldTypeLabelDescription
keystring
valuestring

Policy.Resource

NameNumberDescription
RESOURCE_UNSPECIFIED0
WORKSPACE1
ENVIRONMENT2
PROJECT3

Policy.Type

NameNumberDescription
TYPE_UNSPECIFIED0
ROLLOUT1
MASKING_EXEMPTION2
QUERY_DATA3
MASKING_RULE4
IAM5
TAG6

Top

store/project.proto

Label

Label represents a categorization tag that can be applied to issues.

FieldTypeLabelDescription
valuestringThe display text of the label.
colorstringThe color for the label in hex format (e.g., "#FF0000").
groupstringOptional group name for organizing related labels.

Project

Project contains settings and configuration for a Argus project.

FieldTypeLabelDescription
issue_labelsLabelrepeatedAvailable labels that can be applied to issues in this project.
force_issue_labelsboolForce issue labels to be used when creating an issue.
enforce_issue_titleboolEnforce issue title created by user instead of generated by Argus.
postgres_database_tenant_modeboolWhether to enable the database tenant mode for PostgreSQL. If enabled, the issue will be created with the prepend "set role <db_owner>" statement.
allow_self_approvalboolWhether to allow the issue creator to self-approve the issue.
execution_retry_policyProject.ExecutionRetryPolicyConfiguration for automatic retry on task execution failures.
ci_sampling_sizeint32The maximum number of databases to sample during CI data validation. If not specified, sampling is disabled, resulting in a full validation.
parallel_tasks_per_rolloutint32The maximum number of parallel tasks to run during the rollout.
labelsProject.LabelsEntryrepeatedLabels are key-value pairs that can be attached to the project. For example, { "environment": "production", "team": "backend" }
enforce_sql_reviewboolWhether to enforce SQL review checks to pass before issue creation. If enabled, issues cannot be created when SQL review finds errors.
require_issue_approvalboolWhether issue approval is required before proceeding with rollout.
require_plan_check_no_errorboolWhether to block rollout when plan check finds errors.
allow_request_rolebool
data_classification_config_idstringThe data classification configuration ID for the project.
allow_just_in_time_accessboolOnce enabled, users can request and use the just-in-time access in the SQL Editor.

Project.ExecutionRetryPolicy

ExecutionRetryPolicy defines retry behavior for failed task executions.

FieldTypeLabelDescription
maximum_retriesint32The maximum number of retry attempts for lock timeout errors.

Project.LabelsEntry

FieldTypeLabelDescription
keystring
valuestring

Top

store/project_webhook.proto

Activity

Activity types for webhook notifications.

ProjectWebhook

FieldTypeLabelDescription
typeWebhookTypeWebhook type.
titlestringWebhook title.
urlstringWebhook URL.
activitiesActivity.TyperepeatedList of activities that trigger this webhook.
direct_messageboolIf direct_message is set, the notification is sent directly to the persons and url will be ignored. IM integration setting should be set for this function to work.

Activity.Type

Activity type enumeration.

NameNumberDescription
TYPE_UNSPECIFIED0Unspecified type.
ISSUE_CREATED10ISSUE_CREATED represents a new issue creation event.
ISSUE_APPROVAL_REQUESTED11ISSUE_APPROVAL_REQUESTED represents an approval request event.
ISSUE_SENT_BACK12ISSUE_SENT_BACK represents an issue being sent back by an approver.
PIPELINE_FAILED13PIPELINE_FAILED represents a pipeline failure event.
PIPELINE_COMPLETED14PIPELINE_COMPLETED represents a pipeline completion event.
ISSUE_APPROVED15ISSUE_APPROVED represents an issue being fully approved.
ISSUE_REJECTED16[Argus P0-1 M3 / OQ-APP-7 = A] ISSUE_REJECTED represents an approver rejecting the issue (terminal decision until the creator calls RequestIssue to clear rejections + re-trigger approval). Lets second-line on-call surface red decisions through the standard webhook fan-out (Telegram/Slack/etc).

Top

store/query_history.proto

QueryHistoryPayload

FieldTypeLabelDescription
errorstringoptional
durationgoogle.protobuf.Duration

Top

store/release.proto

ReleasePayload

FieldTypeLabelDescription
filesReleasePayload.Filerepeated
vcs_sourceReleasePayload.VCSSource
typeSchemaChangeType

ReleasePayload.File

FieldTypeLabelDescription
pathstringThe path of the file, e.g., 2.2/V0001_create_table.sql.
sheet_sha256stringThe SHA256 hash of the sheet content (hex-encoded).
versionstring

ReleasePayload.VCSSource

FieldTypeLabelDescription
vcs_typeVCSType
urlstring

Top

store/review_config.proto

ReviewConfigPayload

FieldTypeLabelDescription
sql_review_rulesSQLReviewRulerepeated

SQLReviewRule

FieldTypeLabelDescription
typeSQLReviewRule.Type
levelSQLReviewRule.Level
naming_payloadSQLReviewRule.NamingRulePayload
number_payloadSQLReviewRule.NumberRulePayload
string_array_payloadSQLReviewRule.StringArrayRulePayload
comment_convention_payloadSQLReviewRule.CommentConventionRulePayload
string_payloadSQLReviewRule.StringRulePayload
naming_case_payloadSQLReviewRule.NamingCaseRulePayload
engineEngine

SQLReviewRule.CommentConventionRulePayload

FieldTypeLabelDescription
requiredbool
max_lengthint32

SQLReviewRule.NamingCaseRulePayload

FieldTypeLabelDescription
upperbool

SQLReviewRule.NamingRulePayload

Payload message types for SQL review rules

FieldTypeLabelDescription
max_lengthint32
formatstring

SQLReviewRule.NumberRulePayload

FieldTypeLabelDescription
numberint32

SQLReviewRule.StringArrayRulePayload

FieldTypeLabelDescription
liststringrepeated

SQLReviewRule.StringRulePayload

FieldTypeLabelDescription
valuestring

SQLReviewRule.Level

The severity level for SQL review rules.

NameNumberDescription
LEVEL_UNSPECIFIED0Unspecified level.
ERROR1Rule violation is an error.
WARNING2Rule violation is a warning.

SQLReviewRule.Type

NameNumberDescription
TYPE_UNSPECIFIED0
ENGINE_MYSQL_USE_INNODB1
NAMING_FULLY_QUALIFIED2
NAMING_TABLE3
NAMING_COLUMN4
NAMING_INDEX_PK5
NAMING_INDEX_UK6
NAMING_INDEX_FK7
NAMING_INDEX_IDX8
NAMING_COLUMN_AUTO_INCREMENT9
NAMING_TABLE_NO_KEYWORD10
NAMING_IDENTIFIER_NO_KEYWORD11
NAMING_IDENTIFIER_CASE12
STATEMENT_SELECT_NO_SELECT_ALL13
STATEMENT_WHERE_REQUIRE_SELECT14
STATEMENT_WHERE_REQUIRE_UPDATE_DELETE15
STATEMENT_WHERE_NO_LEADING_WILDCARD_LIKE16
STATEMENT_DISALLOW_ON_DEL_CASCADE17
STATEMENT_DISALLOW_RM_TBL_CASCADE18
STATEMENT_DISALLOW_COMMIT19
STATEMENT_DISALLOW_LIMIT20
STATEMENT_DISALLOW_ORDER_BY21
STATEMENT_MERGE_ALTER_TABLE22
STATEMENT_INSERT_ROW_LIMIT23
STATEMENT_INSERT_MUST_SPECIFY_COLUMN24
STATEMENT_INSERT_DISALLOW_ORDER_BY_RAND25
STATEMENT_AFFECTED_ROW_LIMIT26
STATEMENT_DML_DRY_RUN27
STATEMENT_DISALLOW_ADD_COLUMN_WITH_DEFAULT28
STATEMENT_ADD_CHECK_NOT_VALID29
STATEMENT_ADD_FOREIGN_KEY_NOT_VALID30
STATEMENT_DISALLOW_ADD_NOT_NULL31
STATEMENT_SELECT_FULL_TABLE_SCAN32
STATEMENT_CREATE_SPECIFY_SCHEMA33
STATEMENT_CHECK_SET_ROLE_VARIABLE34
STATEMENT_DISALLOW_USING_FILESORT35
STATEMENT_DISALLOW_USING_TEMPORARY36
STATEMENT_WHERE_NO_EQUAL_NULL37
STATEMENT_WHERE_DISALLOW_FUNCTIONS_AND_CALCULATIONS38
STATEMENT_QUERY_MINIMUM_PLAN_LEVEL39
STATEMENT_WHERE_MAXIMUM_LOGICAL_OPERATOR_COUNT40
STATEMENT_MAXIMUM_LIMIT_VALUE41
STATEMENT_MAXIMUM_JOIN_TABLE_COUNT42
STATEMENT_MAXIMUM_STATEMENTS_IN_TRANSACTION43
STATEMENT_JOIN_STRICT_COLUMN_ATTRS44
STATEMENT_NON_TRANSACTIONAL45
STATEMENT_ADD_COLUMN_WITHOUT_POSITION46
STATEMENT_DISALLOW_OFFLINE_DDL47
STATEMENT_DISALLOW_CROSS_DB_QUERIES48
STATEMENT_MAX_EXECUTION_TIME49
STATEMENT_REQUIRE_ALGORITHM_OPTION50
STATEMENT_REQUIRE_LOCK_OPTION51
STATEMENT_OBJECT_OWNER_CHECK52
TABLE_REQUIRE_PK53
TABLE_NO_FOREIGN_KEY54
TABLE_DROP_NAMING_CONVENTION55
TABLE_COMMENT56
TABLE_DISALLOW_PARTITION57
TABLE_DISALLOW_TRIGGER58
TABLE_NO_DUPLICATE_INDEX59
TABLE_TEXT_FIELDS_TOTAL_LENGTH60
TABLE_DISALLOW_SET_CHARSET61
TABLE_DISALLOW_DDL62
TABLE_DISALLOW_DML63
TABLE_LIMIT_SIZE64
TABLE_REQUIRE_CHARSET65
TABLE_REQUIRE_COLLATION66
COLUMN_REQUIRED67
COLUMN_NO_NULL68
COLUMN_DISALLOW_CHANGE_TYPE69
COLUMN_SET_DEFAULT_FOR_NOT_NULL70
COLUMN_DISALLOW_CHANGE71
COLUMN_DISALLOW_CHANGING_ORDER72
COLUMN_DISALLOW_DROP73
COLUMN_DISALLOW_DROP_IN_INDEX74
COLUMN_COMMENT75
COLUMN_AUTO_INCREMENT_MUST_INTEGER76
COLUMN_TYPE_DISALLOW_LIST77
COLUMN_DISALLOW_SET_CHARSET78
COLUMN_MAXIMUM_CHARACTER_LENGTH79
COLUMN_MAXIMUM_VARCHAR_LENGTH80
COLUMN_AUTO_INCREMENT_INITIAL_VALUE81
COLUMN_AUTO_INCREMENT_MUST_UNSIGNED82
COLUMN_CURRENT_TIME_COUNT_LIMIT83
COLUMN_REQUIRE_DEFAULT84
COLUMN_DEFAULT_DISALLOW_VOLATILE85
COLUMN_ADD_NOT_NULL_REQUIRE_DEFAULT86
COLUMN_REQUIRE_CHARSET87
COLUMN_REQUIRE_COLLATION88
SCHEMA_BACKWARD_COMPATIBILITY89
DATABASE_DROP_EMPTY_DATABASE90
INDEX_NO_DUPLICATE_COLUMN91
INDEX_KEY_NUMBER_LIMIT92
INDEX_PK_TYPE_LIMIT93
INDEX_TYPE_NO_BLOB94
INDEX_TOTAL_NUMBER_LIMIT95
INDEX_PRIMARY_KEY_TYPE_ALLOWLIST96
INDEX_CREATE_CONCURRENTLY97
INDEX_TYPE_ALLOW_LIST98
INDEX_NOT_REDUNDANT99
SYSTEM_CHARSET_ALLOWLIST100
SYSTEM_COLLATION_ALLOWLIST101
SYSTEM_COMMENT_LENGTH102
SYSTEM_PROCEDURE_DISALLOW_CREATE103
SYSTEM_EVENT_DISALLOW_CREATE104
SYSTEM_VIEW_DISALLOW_CREATE105
SYSTEM_FUNCTION_DISALLOW_CREATE106
SYSTEM_FUNCTION_DISALLOWED_LIST107
ADVICE_ONLINE_MIGRATION108
BUILTIN_PRIOR_BACKUP_CHECK109
BUILTIN_WALK_THROUGH_CHECK110
STATEMENT_DISALLOW_TRUNCATE111

Top

store/revision.proto

RevisionPayload

FieldTypeLabelDescription
releasestringFormat: projects/{project}/releases/{release} Can be empty.
filestringThe file filepath. Can be empty.
sheet_sha256stringThe SHA256 hash of the sheet content (hex-encoded).
task_runstringThe task run associated with the revision. Can be empty. Format: projects/{project}/plans/{plan}/rollout/stages/{stage}/tasks/{task}/taskRuns/
typeSchemaChangeTypeThe type of the revision.

Top

store/role.proto

RolePermissions

FieldTypeLabelDescription
permissionsstringrepeated

Top

store/server_config.proto

ServerConfigPayload

ServerConfigPayload stores global server-level infrastructure configuration. Only contains settings that are truly cross-workspace and cannot be derived from any workspace context (e.g., JWT signing secret). All other settings live in per-workspace WORKSPACE_PROFILE.

FieldTypeLabelDescription
auth_secretstringAuthentication secret for token signing (32-character random string).

Top

store/setting.proto

AISetting

FieldTypeLabelDescription
enabledbool
providerAISetting.Provider
endpointstring
api_keystring
modelstring
versionstring

Algorithm

FieldTypeLabelDescription
full_maskAlgorithm.FullMask
range_maskAlgorithm.RangeMask
md5_maskAlgorithm.MD5Mask
inner_outer_maskAlgorithm.InnerOuterMask

Algorithm.FullMask

FieldTypeLabelDescription
substitutionstringsubstitution is the string used to replace the original value, the max length of the string is 16 bytes.

Algorithm.InnerOuterMask

FieldTypeLabelDescription
prefix_lenint32
suffix_lenint32
typeAlgorithm.InnerOuterMask.MaskType
substitutionstring

Algorithm.MD5Mask

FieldTypeLabelDescription
saltstringsalt is the salt value to generate a different hash that with the word alone.

Algorithm.RangeMask

FieldTypeLabelDescription
slicesAlgorithm.RangeMask.SlicerepeatedWe store it as a repeated field to face the fact that the original value may have multiple parts should be masked. But frontend can be started with a single rule easily.

Algorithm.RangeMask.Slice

FieldTypeLabelDescription
startint32start is the start character index (0-based) of the original value, should be less than end. Uses character indices (not byte offsets) for display-oriented masking. Example: For "你好world", character index 2 refers to 'w' (the 3rd character).
endint32end is the end character index (exclusive) of the original value. Uses character indices (not byte offsets) for display-oriented masking.
substitutionstringOriginalValue[start:end) would be replaced with substitution.

AppIMSetting

FieldTypeLabelDescription
settingsAppIMSetting.IMSettingrepeated

AppIMSetting.DingTalk

FieldTypeLabelDescription
client_idstring
client_secretstring
robot_codestring

AppIMSetting.Feishu

FieldTypeLabelDescription
app_idstring
app_secretstring

AppIMSetting.IMSetting

FieldTypeLabelDescription
typeWebhookType
slackAppIMSetting.Slack
feishuAppIMSetting.Feishu
wecomAppIMSetting.Wecom
larkAppIMSetting.Lark
dingtalkAppIMSetting.DingTalk
teamsAppIMSetting.Teams
telegramAppIMSetting.Telegram

AppIMSetting.Lark

FieldTypeLabelDescription
app_idstring
app_secretstring

AppIMSetting.Slack

FieldTypeLabelDescription
tokenstring

AppIMSetting.Teams

FieldTypeLabelDescription
tenant_idstringAzure AD tenant ID (Directory ID).
client_idstringAzure AD application (client) ID.
client_secretstringAzure AD client secret.

AppIMSetting.Telegram

[Argus P1-4 M4.0] Telegram Bot API credentials. The bot must be added to the target chat with permission to send messages. Argus never reads from the bot (no inline keyboard / commands in M4.0), so chat-write is the only scope required.

FieldTypeLabelDescription
bot_tokenstringBot token from @BotFather. Sensitive — never echoed back from GetSetting; UpdateSetting only writes when non-empty (empty preserves the existing token, mirroring how Slack.token works).
chat_idstringTarget chat id. Either a numeric id (e.g. "-1001234567890" for a supergroup) or a @channelname for public channels. The bot must already be a member of this chat.

AppIMSetting.Wecom

FieldTypeLabelDescription
corp_idstring
agent_idstring
secretstring

DataClassificationSetting

FieldTypeLabelDescription
configsDataClassificationSetting.DataClassificationConfigrepeated

DataClassificationSetting.DataClassificationConfig

FieldTypeLabelDescription
idstringid is the uuid for classification. Each project can chose one classification config.
titlestring
levelsDataClassificationSetting.DataClassificationConfig.Levelrepeatedlevels is user defined level list for classification.
classificationDataClassificationSetting.DataClassificationConfig.ClassificationEntryrepeatedclassification is the id - DataClassification map. The id should in [0-9]+-[0-9]+-[0-9]+ format.

DataClassificationSetting.DataClassificationConfig.ClassificationEntry

FieldTypeLabelDescription
keystring
valueDataClassificationSetting.DataClassificationConfig.DataClassification

DataClassificationSetting.DataClassificationConfig.DataClassification

FieldTypeLabelDescription
idstringid is the classification id in [0-9]+-[0-9]+-[0-9]+ format.
titlestring
levelint32optionalThe sensitivity level. Maps to Level.level.

DataClassificationSetting.DataClassificationConfig.Level

FieldTypeLabelDescription
titlestring
levelint32The numeric level for ordering. Higher = more sensitive.

EmailSetting

FieldTypeLabelDescription
fromstring
from_namestring
typeEmailSetting.Type
smtpEmailSetting.SMTPConfig

EmailSetting.SMTPConfig

FieldTypeLabelDescription
hoststring
portint32
usernamestring
passwordstring
encryptionEmailSetting.SMTPConfig.Encryption
authenticationEmailSetting.SMTPConfig.Authentication

EmergencyPauseSetting

[Argus P1-4 G4] EmergencyPauseSetting is the workspace-singleton kill-switch payload. The pending scheduler reads this on every cycle and holds matching tasks in PENDING with a WaitingCause.EmergencyPause payload. See docs/modules/monitoring-bridge.md §5.

Semantics:

  • workspace_wide=true pauses ALL environments
  • per_environment[env]=true pauses just that environment
  • the two are OR'd, so workspace_wide is a strict superset
  • clearing is a separate write (workspace_wide=false + empty map); resolution_reason is captured by audit-log, NOT this payload, so a stale reason from the last clear doesn't leak into the next set
FieldTypeLabelDescription
workspace_wideboolWhen true, every task in every environment is held in PENDING.
per_environmentEmergencyPauseSetting.PerEnvironmentEntryrepeatedEnvironment resource id → paused. Only true entries are meaningful; deleting the key is equivalent to setting false.
reasonstringHuman-readable reason shown in the UI banner. Required when at least one of workspace_wide / per_environment is true (the RPC enforces this; the store accepts any value).
set_bystringlogin_id of the admin who last toggled this setting. Captured at RPC time so the banner can show who paused without re-fetching the audit log.
set_atgoogle.protobuf.TimestampServer clock at the last toggle.

EmergencyPauseSetting.PerEnvironmentEntry

FieldTypeLabelDescription
keystring
valuebool

EnvironmentSetting

FieldTypeLabelDescription
environmentsEnvironmentSetting.Environmentrepeated

EnvironmentSetting.Environment

FieldTypeLabelDescription
namestring
idstringThe resource id of the environment. This value should be 4-63 characters, and valid characters are /[a-z][0-9]-/.
titlestringThe display name of the environment.
tagsEnvironmentSetting.Environment.TagsEntryrepeated
colorstring

EnvironmentSetting.Environment.TagsEntry

FieldTypeLabelDescription
keystring
valuestring

MaintenanceWindowSetting

[Argus P0-5 G2] MaintenanceWindowSetting controls when rollout tasks are allowed to execute. Configured per-environment; an empty rule set means "no window enforced for that env". See docs/modules/preflight-checklist.md §5 (OQ-PFC-4 = per-environment, OQ-PFC-5 = block at approval gate in M2a; rollout-time PENDING-Window deferred to M2b).

FieldTypeLabelDescription
rulesMaintenanceWindowSetting.WindowRulerepeated

MaintenanceWindowSetting.WindowRule

FieldTypeLabelDescription
namestringDisplay name shown in the settings UI, e.g. "weekday-nights".
environmentstringEnvironment resource id this rule applies to (e.g. "prod"). Empty means "all environments".
cronstringStandard 5-field cron expression marking the start of each window. Parsed by github.com/robfig/cron/v3 using the Standard parser.
duration_secondsint64Window length once it starts. Must be > 0.
timezonestringIANA timezone name. Defaults to "Asia/Shanghai" when empty (the canonical operational timezone for Argus deployments per approval_seed.go's default templates).
enabledboolWhen false the rule is ignored.

MonitoringSetting

[Argus P1-4.1] MonitoringSetting holds the shared secret used by external monitors (AlertManager / Grafana / etc.) to authenticate against the /v1/internal/monitor-webhook endpoint plus the auto- response rules (G6) evaluated on every received alert.

Secret is stored as a bcrypt hash — the plaintext is shown to the admin once at generation time and never persisted. Rules are stored in plain form because their match predicates are non-secret CEL strings and the action targets reference existing IM settings by id.

FieldTypeLabelDescription
webhook_shared_secret_hashstringbcrypt hash of the shared secret. Empty string = "no secret configured" → the webhook receiver MUST reject all requests (fail-closed) per docs/modules/monitoring-bridge.md §4.2.
webhook_shared_secret_set_bystringlogin_id of the admin who rotated the secret last.
webhook_shared_secret_set_atgoogle.protobuf.TimestampServer clock at last rotation. nil = never configured.
rulesMonitoringSetting.ResponseRulerepeated[Argus P1-4.3 G6] Auto-response rules. Matched in (priority asc, name asc) order; the first matching enabled rule's action fires and evaluation stops. See docs/modules/monitoring-bridge.md §6.

MonitoringSetting.EmergencyPauseAction

FieldTypeLabelDescription
target_environmentstringEmpty = workspace_wide pause; non-empty = per-environment.
reason_templatestringFree-form reason. May be a literal string or a CEL template interpolated from alert vars by the dispatcher (e.g. "auto-paused: {alert.name} on {alert.environment}"). Empty falls back to a stock "auto-paused by monitoring rule" string.

MonitoringSetting.NotifyOnlyAction

FieldTypeLabelDescription
message_templatestringOptional message override. Empty falls back to the canonical "[Argus alert] <name> on <env>: <summary>" format the dispatcher emits.

MonitoringSetting.ResponseAction

FieldTypeLabelDescription
emergency_pauseMonitoringSetting.EmergencyPauseAction
notify_onlyMonitoringSetting.NotifyOnlyAction
im_typesstringrepeatedNotification target — applies to both emergency_pause and notify_only. Each entry is a WebhookType enum value name (e.g. "TELEGRAM", "SLACK"). Empty list = broadcast to every configured IM channel.

MonitoringSetting.ResponseRule

FieldTypeLabelDescription
namestringDisplay name; must be unique within the workspace.
enabledboolWhen false the rule is skipped at evaluation time.
priorityint32Lower = higher priority. Ties broken by name asc.
match_predicatestringCEL predicate evaluated against the alert vars. See backend/internal/monitoringbridge/matcher.go for the binding surface. Empty string = always-match (useful for catch-all notify rules but admins are encouraged to be explicit).
actionMonitoringSetting.ResponseActionAction to execute when the predicate matches.

SSOGroupMappingSetting

[Argus P1-2] SSOGroupMappingSetting upgrades the existing OIDC syncUserGroups exact-match convention (OIDC group name == bb_group.title/email) into an admin-configurable rule layer. The legacy exact-match path is preserved per OQ-SGM-3 = B — when this setting is empty, behaviour is identical to the v0 deployment.

Each rule maps one OIDC group name to one target (either a bb_group membership or a direct workspace role binding). Multi- target requirements are expressed by adding multiple rules sharing the same oidc_group (OQ-SGM-4 = A).

v1 only grants — when a user no longer belongs to an OIDC group the corresponding bb_group / role binding sticks around until admin manual cleanup (OQ-SGM-2 = A; revocation tracking is P2).

FieldTypeLabelDescription
mappingsSSOGroupMappingSetting.GroupMappingrepeated

SSOGroupMappingSetting.GroupMapping

FieldTypeLabelDescription
oidc_groupstringOIDC group name as it appears in the IdP's groups claim. Compared by exact string equality, case-sensitive.
idp_namestringOptional: restrict this rule to a specific IdP. Format: idps/&lt;resource-id&gt;. Empty = match any IdP — useful when an org has a single IdP and admin doesn't want to repeat the name on every rule. Required when two IdPs both emit a group by the same name with conflicting intent.
bb_groupstringAdd user to a workspace bb_group. The bb_group can carry IAM bindings the user transitively inherits. Format: groups/&lt;email-or-name&gt;.
workspace_rolestringDirect workspace IAM role binding for the user. Skips the bb_group middleware. Format: roles/&lt;role&gt; — both built-in (roles/workspaceAdmin, roles/projectDeveloper, ...) and custom roles are accepted; the RPC validates against the current role catalogue at write time.
enabledboolDisabled rules are skipped at login. Lets admin keep a historical rule visible without applying it.

SemanticTypeSetting

FieldTypeLabelDescription
typesSemanticTypeSetting.SemanticTyperepeated

SemanticTypeSetting.SemanticType

FieldTypeLabelDescription
idstringid is the uuid for semantic type.
titlestringthe title of the semantic type, it should not be empty.
descriptionstringthe description of the semantic type, it can be empty.
algorithmAlgorithm
iconstringicon is the icon for semantic type, it can be emoji or base64 encoded image.

SystemSetting

FieldTypeLabelDescription
licensestringEnterprise license JWT token.

WorkspaceApprovalSetting

FieldTypeLabelDescription
rulesWorkspaceApprovalSetting.Rulerepeated

WorkspaceApprovalSetting.Rule

FieldTypeLabelDescription
templateApprovalTemplate
conditiongoogle.type.Expr
sourceWorkspaceApprovalSetting.Rule.Source

WorkspaceProfileSetting

FieldTypeLabelDescription
external_urlstringThe external URL is used for sso authentication callback.
disallow_signupboolDisallow self-service signup, users can only be invited by the owner.
require_2faboolRequire 2FA for all users.
refresh_token_durationgoogle.protobuf.DurationThe duration for refresh token. Default is 7 days.
announcementWorkspaceProfileSetting.AnnouncementThe setting of custom announcement
maximum_role_expirationgoogle.protobuf.DurationThe max duration for role expired.
domainsstringrepeatedThe workspace domain, e.g., bytebase.com.
enforce_identity_domainboolOnly user and group from the domains can be created and login.
database_change_modeWorkspaceProfileSetting.DatabaseChangeModeThe workspace database change mode.
disallow_password_signinboolWhether to disallow password signin. (Except workspace admins)
inactive_session_timeoutgoogle.protobuf.DurationThe session expiration time if not activity detected for the user. Value <= 0 means no limit.
enable_audit_log_stdoutboolWhether to enable audit logging to stdout in structured JSON format. Requires TEAM or ENTERPRISE license.
watermarkboolWhether to display watermark on pages. Requires ENTERPRISE license.
directory_sync_tokenstringThe token for directory sync authentication.
password_restrictionWorkspaceProfileSetting.PasswordRestrictionPassword restriction settings.
access_token_durationgoogle.protobuf.DurationThe duration for access token. Default is 1 hour.
enable_debugboolWhether debug mode is enabled.
sql_result_sizeint64The maximum result size limit in bytes for query and export, works for the SQL Editor and Export Center. The default value is 100MB, we will use the default value if the setting not exists, or the limit <= 0.
query_timeoutgoogle.protobuf.DurationThe query timeout duration for query and export, works for the SQL Editor and Export Center.
allow_email_code_signinboolAllow signin/signup using email + a 6-digit one-time verification code. Requires the EMAIL setting to be configured on the workspace.
disallow_self_approval_defaultbool[Argus P0-1] Zero-trust default: when true, the issue approval/reject path treats every project as if project.Setting.AllowSelfApproval is false, regardless of the project value. Projects can only loosen self- approval when this workspace flag is off. Default for new workspaces is true (seeded by internal/role::SeedDefaultApprovalTemplate).

WorkspaceProfileSetting.Announcement

FieldTypeLabelDescription
levelWorkspaceProfileSetting.Announcement.AlertLevelThe alert level of the announcement.
textstringThe text of the announcement.
linkstringThe optional link, user can follow the link to check extra details

WorkspaceProfileSetting.PasswordRestriction

FieldTypeLabelDescription
min_lengthint32min_length is the minimum length for password, should be no less than 8.
require_numberboolrequire_number requires the password must contain at least one number.
require_letterboolrequire_letter requires the password must contain at least one letter, regardless of upper case or lower case
require_uppercase_letterboolrequire_uppercase_letter requires the password must contain at least one upper case letter.
require_special_characterboolrequire_special_character requires the password must contain at least one special character.
require_reset_password_for_first_loginboolrequire_reset_password_for_first_login requires users to reset their password after the 1st login.
password_rotationgoogle.protobuf.Durationpassword_rotation requires users to reset their password after the duration.

AISetting.Provider

NameNumberDescription
PROVIDER_UNSPECIFIED0
OPEN_AI1
CLAUDE2
GEMINI3
AZURE_OPENAI4

Algorithm.InnerOuterMask.MaskType

NameNumberDescription
MASK_TYPE_UNSPECIFIED0
INNER1
OUTER2

EmailSetting.SMTPConfig.Authentication

NameNumberDescription
AUTHENTICATION_UNSPECIFIED0
AUTHENTICATION_NONE1
PLAIN2
LOGIN3
CRAM_MD54

EmailSetting.SMTPConfig.Encryption

NameNumberDescription
ENCRYPTION_UNSPECIFIED0
ENCRYPTION_NONE1
STARTTLS2
SSL_TLS3

EmailSetting.Type

NameNumberDescription
TYPE_UNSPECIFIED0
SMTP1

SettingName

NameNumberDescription
SETTING_NAME_UNSPECIFIED0
SYSTEM1
WORKSPACE_PROFILE2
WORKSPACE_APPROVAL3
APP_IM4
AI5
DATA_CLASSIFICATION6
SEMANTIC_TYPES7
ENVIRONMENT8
EMAIL9
MAINTENANCE_WINDOW10[Argus P0-5 G2] Maintenance window configuration — payload type is MaintenanceWindowSetting (this file). See docs/modules/preflight-checklist.md §5 for the gate semantics.
EMERGENCY_PAUSE11[Argus P1-4 G4] Emergency kill-switch — workspace-wide or per-environment pause of all in-flight rollout tasks. Payload type is EmergencyPauseSetting (this file). See docs/modules/monitoring-bridge.md §5.
MONITORING12[Argus P1-4.1] Monitoring bridge configuration — shared secret for the inbound webhook receiver and (later) auto-response rules. Payload type is MonitoringSetting (this file). See docs/modules/monitoring-bridge.md §4.
SSO_GROUP_MAPPING13[Argus P1-2] OIDC SSO group → role mapping. Payload type is SSOGroupMappingSetting (this file). See docs/modules/sso-group-mapping.md §2.

WorkspaceApprovalSetting.Rule.Source

NameNumberDescription
SOURCE_UNSPECIFIED0
CHANGE_DATABASE1
CREATE_DATABASE2
EXPORT_DATA3
REQUEST_ROLE4
REQUEST_ACCESS5

WorkspaceProfileSetting.Announcement.AlertLevel

We support three levels of AlertLevel: INFO, WARNING, and ERROR.

NameNumberDescription
ALERT_LEVEL_UNSPECIFIED0
INFO1
WARNING2
CRITICAL3

WorkspaceProfileSetting.DatabaseChangeMode

NameNumberDescription
DATABASE_CHANGE_MODE_UNSPECIFIED0
PIPELINE1A more advanced database change process, including custom approval workflows and other advanced features. Default to this mode.
EDITOR2A simple database change process in SQL editor. Users can execute SQL directly.

Top

store/signal.proto

Signal

Signal represents a notification payload sent via PostgreSQL NOTIFY for HA coordination.

FieldTypeLabelDescription
typeSignal.Type
uidint64
projectstring

Signal.Type

Type represents the type of signal.

NameNumberDescription
TYPE_UNSPECIFIED0
CANCEL_PLAN_CHECK_RUN1
CANCEL_TASK_RUN2

Top

store/subscription.proto

SubscriptionPayload

SubscriptionPayload stores all subscription data for a workspace. Serialized as JSONB in the subscription table's payload column.

FieldTypeLabelDescription
statusSubscriptionPayload.StatusLifecycle
started_atgoogle.protobuf.Timestamp
expires_atgoogle.protobuf.Timestamp
planSubscriptionPayload.PlanBilling details
intervalSubscriptionPayload.BillingInterval
seatint32
instance_countint32
stripe_subscription_idstringStripe integration
stripe_customer_idstring

SubscriptionPayload.BillingInterval

NameNumberDescription
BILLING_INTERVAL_UNSPECIFIED0
MONTH1
YEAR2

SubscriptionPayload.Plan

NameNumberDescription
PLAN_UNSPECIFIED0
TEAM1
ENTERPRISE2

SubscriptionPayload.Status

NameNumberDescription
STATUS_UNSPECIFIED0
ACTIVE1
PAUSED2
CANCELED3

Top

store/task.proto

Task

Task is the metadata for database operation tasks.

FieldTypeLabelDescription
skippedboolWhether the task was skipped during execution.
skipped_reasonstringReason why the task was skipped.
spec_idstringUUID that identifies the spec this task implements.
sheet_sha256stringThe SHA256 hash of a single sheet content (hex-encoded). Used for non-release tasks.
releasestringThe release resource name: projects/{project}/releases/{release}. Used for GitOps release-based tasks that execute multiple files.
enable_prior_backupboolWhether to create an automatic backup before applying changes.

Task.Type

Type represents the type of database operation to perform.

NameNumberDescription
TASK_TYPE_UNSPECIFIED0
DATABASE_CREATE1Create a new database.
DATABASE_MIGRATE2Apply schema/data migrations to an existing database. Execution strategy is determined by release type (VERSIONED/DECLARATIVE) or sheet content for non-release tasks.
DATABASE_EXPORT3Export data from a database.

Top

store/task_run.proto

SchedulerInfo

SchedulerInfo contains information about task scheduling and execution delays.

FieldTypeLabelDescription
report_timegoogle.protobuf.TimestampTimestamp when the scheduler reported this information.
waiting_causeSchedulerInfo.WaitingCauseReason why the task run is currently waiting.

SchedulerInfo.WaitingCause

WaitingCause indicates why a task run is waiting to execute.

FieldTypeLabelDescription
parallel_tasks_limitboolTask is waiting due to parallel execution limit.
maintenance_windowSchedulerInfo.WaitingCause.MaintenanceWindow[Argus P0-5 G2] Task is waiting for the next maintenance window. The pending scheduler holds the task in PENDING state and re-checks every 5s; on the next window opening the task is auto-promoted to AVAILABLE without operator intervention. See docs/modules/preflight-checklist.md §5.2 (OQ-PFC-5 = A).
emergency_pauseSchedulerInfo.WaitingCause.EmergencyPause[Argus P1-4 G4] Task is held by the workspace emergency kill-switch. Unlike maintenance_window there is no auto-resume — an admin must explicitly clear the kill-switch (with an audit resolution_reason). See docs/modules/monitoring-bridge.md §5.

SchedulerInfo.WaitingCause.EmergencyPause

FieldTypeLabelDescription
reasonstringFree-form reason supplied by the admin who set the kill-switch. Surfaced verbatim in the task-run UI; no markdown rendering.
set_bystringlogin_id of the admin who set the kill-switch. Renders as "Paused by <set_by>" in the UI alongside the reason.

SchedulerInfo.WaitingCause.MaintenanceWindow

FieldTypeLabelDescription
rule_namestringThe rule whose window the task is waiting for. May be empty when no rule matched (caller deduplicated to a generic message).
next_window_start_unixint64Unix timestamp (seconds) when the next window opens. Zero when the evaluator could not compute a next firing (rare; surface as an indefinite-wait state in the UI).

TaskRun

TaskRun represents an execution attempt of a task.

TaskRunPayload

TaskRunPayload contains extensible runtime data for a task run. Stored in the payload JSONB column. New fields can be added here without database schema changes.

FieldTypeLabelDescription
scheduler_infoSchedulerInfoScheduler information about why a task is waiting.
skip_prior_backupboolIf true, prior backup is skipped for this task run.

TaskRunResult

TaskRunResult contains the outcome and metadata from a task run execution.

FieldTypeLabelDescription
detailstringError message for failed task runs. Empty for successful or canceled runs.
has_prior_backupboolIndicates whether a prior backup was created for this task run. When true, the task run can be rolled back using the backup tables. Backup details are available in the task run logs (PRIOR_BACKUP log entries).
export_archive_idstringResource ID of the export archive generated for export tasks.

TaskRun.Status

Status represents the current execution state of a task run.

NameNumberDescription
STATUS_UNSPECIFIED0
PENDING1Task run is queued and waiting to execute.
RUNNING2Task run is currently executing.
DONE3Task run completed successfully.
FAILED4Task run encountered an error and failed.
CANCELED5Task run was canceled by user or system.
NOT_STARTED6Task run has not started yet.
SKIPPED7Task run was skipped and will not execute.
AVAILABLE8Task run is ready for immediate execution.

Top

store/task_run_log.proto

PriorBackupDetail

PriorBackupDetail contains information about automatic backups created before migration.

FieldTypeLabelDescription
itemsPriorBackupDetail.ItemrepeatedList of backup operations performed.

PriorBackupDetail.Item

Item represents a single backup operation for a table.

FieldTypeLabelDescription
source_tablePriorBackupDetail.Item.TableThe original table that was backed up.
target_tablePriorBackupDetail.Item.TableThe backup table where data was copied.
start_positionPositionStarting position in SQL for this backup operation.
end_positionPositionEnding position in SQL for this backup operation.

PriorBackupDetail.Item.Table

Table identifies a database table.

FieldTypeLabelDescription
databasestringThe database containing the table. Format: instances/{instance}/databases/
schemastringSchema name (for databases that support schemas).
tablestringTable name.

TaskRunLog

FieldTypeLabelDescription
typeTaskRunLog.Type
replica_idstring
schema_dump_startTaskRunLog.SchemaDumpStart
schema_dump_endTaskRunLog.SchemaDumpEnd
command_executeTaskRunLog.CommandExecute
command_responseTaskRunLog.CommandResponse
database_sync_startTaskRunLog.DatabaseSyncStart
database_sync_endTaskRunLog.DatabaseSyncEnd
transaction_controlTaskRunLog.TransactionControl
prior_backup_startTaskRunLog.PriorBackupStart
prior_backup_endTaskRunLog.PriorBackupEnd
retry_infoTaskRunLog.RetryInfo
compute_diff_startTaskRunLog.ComputeDiffStart
compute_diff_endTaskRunLog.ComputeDiffEnd
release_file_executeTaskRunLog.ReleaseFileExecute

TaskRunLog.CommandExecute

FieldTypeLabelDescription
rangeRangeThe byte offset range of the executed command in the sheet. Uses byte offsets (not character indices) for efficient slicing of sheet content bytes. Example: For "SELECT 你好;" in a UTF-8 sheet, range [0, 13) represents all 13 bytes.
statementstringThe statement to be executed.

TaskRunLog.CommandResponse

FieldTypeLabelDescription
errorstring
affected_rowsint64
all_affected_rowsint64repeatedall_affected_rows is the affected rows of each command. all_affected_rows may be unavailable if the database driver doesn't support it. Caller should fallback to affected_rows in that case.

TaskRunLog.ComputeDiffEnd

FieldTypeLabelDescription
errorstring

TaskRunLog.ComputeDiffStart

TaskRunLog.DatabaseSyncEnd

FieldTypeLabelDescription
errorstring

TaskRunLog.DatabaseSyncStart

TaskRunLog.PriorBackupEnd

FieldTypeLabelDescription
prior_backup_detailPriorBackupDetail
errorstring

TaskRunLog.PriorBackupStart

TaskRunLog.ReleaseFileExecute

FieldTypeLabelDescription
versionstringThe version of the file being executed (e.g., "0001").
file_pathstringThe file path within the release (e.g., "2.2/V0001_create_table.sql").

TaskRunLog.RetryInfo

FieldTypeLabelDescription
errorstring
retry_countint32
maximum_retriesint32

TaskRunLog.SchemaDumpEnd

FieldTypeLabelDescription
errorstring

TaskRunLog.SchemaDumpStart

TaskRunLog.TransactionControl

FieldTypeLabelDescription
typeTaskRunLog.TransactionControl.Type
errorstring

TaskRunLog.TransactionControl.Type

NameNumberDescription
TYPE_UNSPECIFIED0
BEGIN1
COMMIT2
ROLLBACK3

TaskRunLog.Type

NameNumberDescription
TYPE_UNSPECIFIED0
SCHEMA_DUMP_START1
SCHEMA_DUMP_END2
COMMAND_EXECUTE3
COMMAND_RESPONSE4
DATABASE_SYNC_START5
DATABASE_SYNC_END6
TRANSACTION_CONTROL8
PRIOR_BACKUP_START9
PRIOR_BACKUP_END10
RETRY_INFO11
COMPUTE_DIFF_START12
COMPUTE_DIFF_END13
RELEASE_FILE_EXECUTE14

Top

store/user.proto

MFAConfig

MFAConfig is the MFA configuration for a user.

FieldTypeLabelDescription
otp_secretstringThe otp_secret is the secret key used to validate the OTP code.
temp_otp_secretstringThe temp_otp_secret is the temporary secret key used to validate the OTP code and will replace the otp_secret in two-phase commits.
recovery_codesstringrepeatedThe recovery_codes are the codes that can be used to recover the account.
temp_recovery_codesstringrepeatedThe temp_recovery_codes are the temporary codes that will replace the recovery_codes in two-phase commits.
temp_otp_secret_created_timegoogle.protobuf.TimestampThe temp_otp_secret_created_time is the timestamp when temp_otp_secret was created. Used to enforce expiration.

UserProfile

FieldTypeLabelDescription
last_login_timegoogle.protobuf.Timestamp
last_change_password_timegoogle.protobuf.Timestamp
sourcestringThe source indicates where the user comes from. For now we support Entra ID SCIM sync, so the source could be Entra ID.
last_login_workspacestringThe workspace resource ID the user last logged into. Used to auto-select workspace on next login instead of requiring a workspace picker.
pending_first_loginboolpending_first_login marks principals seeded via the --bootstrap-admin-* CLI flags (P0-AUTH-7) that have not completed their initial sign-in. Login forces the password-reset flow when this is true, regardless of the workspace's require_reset_password_for_first_login setting (P0-AUTH-8). Cleared by ResetPassword on success.
failed_login_countint32P1-AUTH-9: Password-failure lockout counters.

failed_login_count is incremented on each wrong-password attempt and reset to 0 on a successful login. When it reaches the configured threshold (currently 5), locked_until is set to now + lockout_duration (currently 30 min).

locked_until, when set to a future timestamp, causes Login to reject password attempts with CodeResourceExhausted until the timestamp passes or an administrator clears both fields via UpdateUser. | | locked_until | google.protobuf.Timestamp | | | | idp_only | bool | | P1-AUTH-1: idp_only marks principals that MUST authenticate through an external IdP (SSO). When true: - The password-login path rejects the attempt (CodePermissionDenied). - RequestPasswordReset silently skips sending the reset email (avoids user-enumeration; the "contact admin" UI message covers this case).

Set to true automatically when a user is JIT-provisioned by getOrCreateUserWithIDP. Admins can toggle it via UpdateUser (P1-AUTH-10). Has no effect while Phase 1 (no IdP) is active — all users have idp_only=false and the check is a no-op. |

WorkloadIdentityConfig

WorkloadIdentityConfig stores OIDC configuration for workload identity.

FieldTypeLabelDescription
provider_typeWorkloadIdentityConfig.ProviderTypeProvider type (currently only GITHUB is supported)
issuer_urlstringOIDC issuer URL
allowed_audiencesstringrepeatedAllowed audiences for token validation
subject_patternstringSubject pattern to match against token subject claim

PrincipalType

PrincipalType is the type of a principal.

NameNumberDescription
PRINCIPAL_TYPE_UNSPECIFIED0
END_USER1END_USER represents the human being using Argus.
WORKLOAD_IDENTITY2WORKLOAD_IDENTITY represents external CI/CD workload identity.
SERVICE_ACCOUNT3SERVICE_ACCOUNT represents the external service calling Argus OpenAPI.

WorkloadIdentityConfig.ProviderType

ProviderType identifies the CI/CD platform.

NameNumberDescription
PROVIDER_TYPE_UNSPECIFIED0
GITHUB1
GITLAB2

Top

store/worksheet.proto

WorkSheetOrganizerPayload

FieldTypeLabelDescription
starredbool
foldersstringrepeatedThe folder path for a worksheet. For example, if the folders is [A, B, C], means the worksheet is in the A/B/C subfolder.

Top

store/workspace.proto

WorkspacePayload

WorkspacePayload stores workspace-level metadata.

FieldTypeLabelDescription
titlestring
logostring

Scalar Value Types

.proto TypeNotesC++JavaPythonGoC#PHPRuby
doubledoubledoublefloatfloat64doublefloatFloat
floatfloatfloatfloatfloat32floatfloatFloat
int32Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead.int32intintint32intintegerBignum or Fixnum (as required)
int64Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead.int64longint/longint64longinteger/stringBignum
uint32Uses variable-length encoding.uint32intint/longuint32uintintegerBignum or Fixnum (as required)
uint64Uses variable-length encoding.uint64longint/longuint64ulonginteger/stringBignum or Fixnum (as required)
sint32Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s.int32intintint32intintegerBignum or Fixnum (as required)
sint64Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s.int64longint/longint64longinteger/stringBignum
fixed32Always four bytes. More efficient than uint32 if values are often greater than 2^28.uint32intintuint32uintintegerBignum or Fixnum (as required)
fixed64Always eight bytes. More efficient than uint64 if values are often greater than 2^56.uint64longint/longuint64ulonginteger/stringBignum
sfixed32Always four bytes.int32intintint32intintegerBignum or Fixnum (as required)
sfixed64Always eight bytes.int64longint/longint64longinteger/stringBignum
boolboolbooleanbooleanboolboolbooleanTrueClass/FalseClass
stringA string must always contain UTF-8 encoded or 7-bit ASCII text.stringStringstr/unicodestringstringstringString (UTF-8)
bytesMay contain any arbitrary sequence of bytes.stringByteStringstr[]byteByteStringstringString (ASCII-8BIT)

Argus — 公司內部資料庫變更審計平台