2023-04-21 10:47:07 +02:00
|
|
|
/*
|
|
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
|
|
|
|
|
|
|
// package archive is used to archive OS images in S3.
|
|
|
|
package archive
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2024-02-08 14:20:01 +00:00
|
|
|
"fmt"
|
2023-04-21 10:47:07 +02:00
|
|
|
"io"
|
2024-02-08 14:20:01 +00:00
|
|
|
"log/slog"
|
2023-04-21 10:47:07 +02:00
|
|
|
"net/url"
|
2023-08-31 10:31:45 +02:00
|
|
|
"time"
|
2023-04-21 10:47:07 +02:00
|
|
|
|
|
|
|
s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
|
|
|
|
"github.com/aws/aws-sdk-go-v2/service/s3"
|
|
|
|
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
2023-06-07 16:16:32 +02:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
2023-05-23 15:09:14 +02:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
2023-06-02 11:20:01 +02:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/staticupload"
|
2023-04-21 10:47:07 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
// Archivist uploads OS images to S3.
|
|
|
|
type Archivist struct {
|
2023-06-02 11:20:01 +02:00
|
|
|
uploadClient uploadClient
|
|
|
|
uploadClientClose func(ctx context.Context) error
|
2023-04-21 10:47:07 +02:00
|
|
|
// bucket is the name of the S3 bucket to use.
|
|
|
|
bucket string
|
|
|
|
|
2024-02-08 14:20:01 +00:00
|
|
|
log *slog.Logger
|
2023-04-21 10:47:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// New creates a new Archivist.
|
2024-02-08 14:20:01 +00:00
|
|
|
func New(ctx context.Context, region, bucket, distributionID string, log *slog.Logger) (*Archivist, CloseFunc, error) {
|
2023-06-02 11:20:01 +02:00
|
|
|
staticUploadClient, staticUploadClientClose, err := staticupload.New(ctx, staticupload.Config{
|
2023-08-31 10:31:45 +02:00
|
|
|
Region: region,
|
|
|
|
Bucket: bucket,
|
|
|
|
DistributionID: distributionID,
|
|
|
|
CacheInvalidationStrategy: staticupload.CacheInvalidateBatchOnFlush,
|
|
|
|
CacheInvalidationWaitTimeout: 10 * time.Minute,
|
|
|
|
}, log)
|
2023-04-21 10:47:07 +02:00
|
|
|
if err != nil {
|
2023-06-02 11:20:01 +02:00
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
archivist := &Archivist{
|
|
|
|
uploadClient: staticUploadClient,
|
|
|
|
uploadClientClose: staticUploadClientClose,
|
|
|
|
bucket: bucket,
|
|
|
|
log: log,
|
|
|
|
}
|
|
|
|
archivistClose := func(ctx context.Context) error {
|
|
|
|
return archivist.Close(ctx)
|
2023-04-21 10:47:07 +02:00
|
|
|
}
|
|
|
|
|
2023-06-02 11:20:01 +02:00
|
|
|
return archivist, archivistClose, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Close closes the uploader.
|
|
|
|
// It invalidates the CDN cache for all uploaded files.
|
|
|
|
func (a *Archivist) Close(ctx context.Context) error {
|
|
|
|
if a.uploadClientClose == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return a.uploadClientClose(ctx)
|
2023-04-21 10:47:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Archive reads the OS image in img and uploads it as key.
|
2023-05-25 14:33:57 +02:00
|
|
|
func (a *Archivist) Archive(ctx context.Context, version versionsapi.Version, csp, attestationVariant string, img io.Reader) (string, error) {
|
2023-08-01 16:48:13 +02:00
|
|
|
key, err := url.JoinPath(version.ArtifactPath(versionsapi.APIV1), version.Kind().String(), "csp", csp, attestationVariant, "image.raw")
|
2023-04-21 10:47:07 +02:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
2024-04-03 13:49:03 +00:00
|
|
|
a.log.Debug(fmt.Sprintf("Archiving OS image %q to s3://%s/%s", fmt.Sprintf("%s %s %v", csp, attestationVariant, version.ShortPath()), a.bucket, key))
|
2023-04-21 10:47:07 +02:00
|
|
|
_, err = a.uploadClient.Upload(ctx, &s3.PutObjectInput{
|
|
|
|
Bucket: &a.bucket,
|
|
|
|
Key: &key,
|
|
|
|
Body: img,
|
|
|
|
ChecksumAlgorithm: s3types.ChecksumAlgorithmSha256,
|
|
|
|
})
|
2023-05-23 15:09:14 +02:00
|
|
|
return constants.CDNRepositoryURL + "/" + key, err
|
2023-04-21 10:47:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
type uploadClient interface {
|
|
|
|
Upload(ctx context.Context, input *s3.PutObjectInput, opts ...func(*s3manager.Uploader)) (*s3manager.UploadOutput, error)
|
|
|
|
}
|
2023-06-02 11:20:01 +02:00
|
|
|
|
|
|
|
// CloseFunc is a function that closes the client.
|
|
|
|
type CloseFunc func(ctx context.Context) error
|