constellation/hack/image-fetch/main.go

/*
Copyright (c) Edgeless Systems GmbH

SPDX-License-Identifier: AGPL-3.0-only
*/

/*
imagefetch retrieves a CSP image reference from a Constellation config in the CWD.
This is especially useful when using self-managed infrastructure, where the image
reference needs to be chosen by the user, which would usually happen manually.
*/
package main

import (
	"context"
	"errors"
	"fmt"
	"os"
	"path/filepath"
	"regexp"

	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
	"github.com/edgelesssys/constellation/v2/internal/config"
	"github.com/edgelesssys/constellation/v2/internal/constants"
	"github.com/edgelesssys/constellation/v2/internal/file"
	"github.com/edgelesssys/constellation/v2/internal/imagefetcher"
	"github.com/spf13/afero"
)

var (
	caseInsensitiveCommunityGalleriesRegexp = regexp.MustCompile(`(?i)\/communitygalleries\/`)
	caseInsensitiveImagesRegExp             = regexp.MustCompile(`(?i)\/images\/`)
	caseInsensitiveVersionsRegExp           = regexp.MustCompile(`(?i)\/versions\/`)
)

func main() {
	cwd := os.Getenv("BUILD_WORKING_DIRECTORY") // set by Bazel, for bazel run compatibility
	ctx := context.Background()

	fh := file.NewHandler(afero.NewOsFs())
	attFetcher := attestationconfigapi.NewFetcher()
	conf, err := config.New(fh, filepath.Join(cwd, constants.ConfigFilename), attFetcher, true)
	var configValidationErr *config.ValidationError
	if errors.As(err, &configValidationErr) {
		fmt.Println(configValidationErr.LongMessage())
	}
	if err != nil {
		panic(err)
	}

	imgFetcher := imagefetcher.New()
	provider := conf.GetProvider()
	attestationVariant := conf.GetAttestationConfig().GetVariant()
	region := conf.GetRegion()
	image, err := imgFetcher.FetchReference(ctx, provider, attestationVariant, conf.Image, region)
	if err != nil {
		panic(err)
	}

	if provider == cloudprovider.Azure {
		image = caseInsensitiveCommunityGalleriesRegexp.ReplaceAllString(image, "/communityGalleries/")
		image = caseInsensitiveImagesRegExp.ReplaceAllString(image, "/images/")
		image = caseInsensitiveVersionsRegExp.ReplaceAllString(image, "/versions/")
	}

	fmt.Println(image)
}
ci: add e2e test for self-managed infrastructure (#2472) * add self-managed infra e2e test * self-managed terminatio Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix upgrade test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix indentation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use -r when copying dir Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add terraform variable parsing * copy constellation conf Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary line breaks * add missing value Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add image fetching for CSP Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix quoting Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing input to internal lb test * normalize Azure URLs.. Of course * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix expressions * initsecret to hex * update hexdump cmd * add build test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add node / pod cidr outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * explicitly delete the state file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing license header Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * always write all outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix list output Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove state-file and admin-conf on destroy * dont use test payload Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] use self managed infra in manual e2e for testing Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * init: always skip infrastructure phase * patch maa in workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * default to Constellation-created infra in e2e test --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> 2023-10-27 03:37:26 -04:00			`/*`
			`Copyright (c) Edgeless Systems GmbH`

			`SPDX-License-Identifier: AGPL-3.0-only`
			`*/`

			`/*`
			`imagefetch retrieves a CSP image reference from a Constellation config in the CWD.`
			`This is especially useful when using self-managed infrastructure, where the image`
			`reference needs to be chosen by the user, which would usually happen manually.`
			`*/`
			`package main`

			`import (`
			`"context"`
			`"errors"`
			`"fmt"`
			`"os"`
			`"path/filepath"`
			`"regexp"`

			`"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"`
			`"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"`
			`"github.com/edgelesssys/constellation/v2/internal/config"`
			`"github.com/edgelesssys/constellation/v2/internal/constants"`
			`"github.com/edgelesssys/constellation/v2/internal/file"`
			`"github.com/edgelesssys/constellation/v2/internal/imagefetcher"`
			`"github.com/spf13/afero"`
			`)`

			`var (`
			caseInsensitiveCommunityGalleriesRegexp = regexp.MustCompile(`(?i)\/communitygalleries\/`)
			caseInsensitiveImagesRegExp = regexp.MustCompile(`(?i)\/images\/`)
			caseInsensitiveVersionsRegExp = regexp.MustCompile(`(?i)\/versions\/`)
			`)`

			`func main() {`
			`cwd := os.Getenv("BUILD_WORKING_DIRECTORY") // set by Bazel, for bazel run compatibility`
			`ctx := context.Background()`

			`fh := file.NewHandler(afero.NewOsFs())`
			`attFetcher := attestationconfigapi.NewFetcher()`
			`conf, err := config.New(fh, filepath.Join(cwd, constants.ConfigFilename), attFetcher, true)`
			`var configValidationErr *config.ValidationError`
			`if errors.As(err, &configValidationErr) {`
			`fmt.Println(configValidationErr.LongMessage())`
			`}`
			`if err != nil {`
			`panic(err)`
			`}`

			`imgFetcher := imagefetcher.New()`
			`provider := conf.GetProvider()`
			`attestationVariant := conf.GetAttestationConfig().GetVariant()`
			`region := conf.GetRegion()`
			`image, err := imgFetcher.FetchReference(ctx, provider, attestationVariant, conf.Image, region)`
			`if err != nil {`
			`panic(err)`
			`}`

			`if provider == cloudprovider.Azure {`
			`image = caseInsensitiveCommunityGalleriesRegexp.ReplaceAllString(image, "/communityGalleries/")`
			`image = caseInsensitiveImagesRegExp.ReplaceAllString(image, "/images/")`
			`image = caseInsensitiveVersionsRegExp.ReplaceAllString(image, "/versions/")`
			`}`

			`fmt.Println(image)`
			`}`