Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-19 20:01:49 -05:00
Code Issues Packages Projects Releases Wiki Activity
cdc91b50bc
constellation/internal/verify/certchain.go

30 lines
777 B
Go
Raw Normal View History

verify: move CSP-specific code to internal/verify With the introduction of SNP-based attestation on AWS some of the information in the report (MAAToken) is not applicable to all attestation reports anymore. Thus, make verify cmd CSP-agnostic and move CSP-specific logic to internal/verify. Also make internal/attestation/snp CSP aware.
2023-11-07 09:19:31 -05:00
package verify
import (
"context"
"fmt"
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/kubernetes/kubectl"
)
func getCertChainCache(ctx context.Context, kubectl *kubectl.Kubectl, log debugLog) ([]byte, error) {
log.Debugf("Retrieving certificate chain from cache")
cm, err := kubectl.GetConfigMap(ctx, constants.ConstellationNamespace, constants.SevSnpCertCacheConfigMapName)
if err != nil {
return nil, fmt.Errorf("getting certificate chain cache configmap: %w", err)
}
var result []byte
ask, ok := cm.Data[constants.CertCacheAskKey]
if ok {
result = append(result, ask...)
}
ark, ok := cm.Data[constants.CertCacheArkKey]
if ok {
result = append(result, ark...)
}
return result, nil
}
Reference in New Issue Copy Permalink