2023-05-25 12:43:44 -04:00
|
|
|
//go:build e2e
|
|
|
|
|
|
|
|
/*
|
|
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
2023-06-02 03:19:23 -04:00
|
|
|
package client_test
|
2023-05-25 12:43:44 -04:00
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"flag"
|
|
|
|
"fmt"
|
2023-06-01 07:55:46 -04:00
|
|
|
"io"
|
2023-05-25 12:43:44 -04:00
|
|
|
"os"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
2023-06-02 03:19:23 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/client"
|
2023-06-01 07:55:46 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/staticupload"
|
2023-05-25 12:43:44 -04:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
|
|
|
|
2023-06-01 07:55:46 -04:00
|
|
|
const (
|
|
|
|
awsBucket = "cdn-constellation-backend"
|
|
|
|
awsRegion = "eu-central-1"
|
|
|
|
envAwsKeyID = "AWS_ACCESS_KEY_ID"
|
|
|
|
envAwsKey = "AWS_ACCESS_KEY"
|
|
|
|
)
|
|
|
|
|
|
|
|
var cfg staticupload.Config
|
|
|
|
|
2023-05-25 12:43:44 -04:00
|
|
|
var (
|
2023-06-01 07:55:46 -04:00
|
|
|
cosignPwd = flag.String("cosign-pwd", "", "Password to decrypt the cosign private key. Required for signing.")
|
|
|
|
privateKeyPath = flag.String("private-key", "", "Path to the private key used for signing. Required for signing.")
|
|
|
|
privateKey []byte
|
2023-05-25 12:43:44 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestMain(m *testing.M) {
|
|
|
|
flag.Parse()
|
2023-06-01 07:55:46 -04:00
|
|
|
if *cosignPwd == "" || *privateKeyPath == "" {
|
2023-05-25 12:43:44 -04:00
|
|
|
flag.Usage()
|
2023-06-01 07:55:46 -04:00
|
|
|
fmt.Println("Required flags not set: --cosign-pwd, --private-key. Skipping tests.")
|
|
|
|
os.Exit(1)
|
|
|
|
}
|
|
|
|
if _, present := os.LookupEnv(envAwsKey); !present {
|
|
|
|
fmt.Printf("%s not set. Skipping tests.\n", envAwsKey)
|
|
|
|
os.Exit(1)
|
|
|
|
}
|
|
|
|
if _, present := os.LookupEnv(envAwsKeyID); !present {
|
|
|
|
fmt.Printf("%s not set. Skipping tests.\n", envAwsKeyID)
|
|
|
|
os.Exit(1)
|
|
|
|
}
|
|
|
|
cfg = staticupload.Config{
|
|
|
|
Bucket: awsBucket,
|
|
|
|
Region: awsRegion,
|
|
|
|
}
|
|
|
|
file, _ := os.Open(*privateKeyPath)
|
|
|
|
var err error
|
|
|
|
privateKey, err = io.ReadAll(file)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
2023-05-25 12:43:44 -04:00
|
|
|
}
|
|
|
|
os.Exit(m.Run())
|
|
|
|
}
|
|
|
|
|
2023-06-02 03:19:23 -04:00
|
|
|
var versionValues = attestationconfig.AzureSEVSNPVersion{
|
2023-05-25 12:43:44 -04:00
|
|
|
Bootloader: 2,
|
|
|
|
TEE: 0,
|
|
|
|
SNP: 6,
|
|
|
|
Microcode: 93,
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestUploadAzureSEVSNPVersions(t *testing.T) {
|
|
|
|
ctx := context.Background()
|
2023-06-02 05:20:01 -04:00
|
|
|
client, clientClose, err := client.New(ctx, cfg, []byte(*cosignPwd), privateKey)
|
2023-05-25 12:43:44 -04:00
|
|
|
require.NoError(t, err)
|
2023-06-02 05:20:01 -04:00
|
|
|
defer func() { _ = clientClose(ctx) }()
|
2023-05-25 12:43:44 -04:00
|
|
|
d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
|
2023-06-02 03:19:23 -04:00
|
|
|
require.NoError(t, client.UploadAzureSEVSNP(ctx, versionValues, d))
|
2023-05-25 12:43:44 -04:00
|
|
|
}
|