cli: remove helm management from join-config (#2251)

* Replace UpdateAttestationConfig with ApplyJoinConfig * Dont set up join-config over Helm, it is now only managed by our CLI directly during init and upgrade * Remove measurementSalt and attestationConfig parsing from helm, they were only needed for the JoinConfig * Add migration step to remove join-config from Helm management * Update attestation config trouble shooting tip --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-08-02 12:06:09 -04:00 · 2023-08-23 08:14:39 +02:00 · 2023-08-23 08:14:39 +02:00 · 053aa60e47
commit 053aa60e47
parent c42e81bf23
21 changed files with 326 additions and 196 deletions
--- a/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/templates/configmap.yaml
+++ b/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/templates/configmap.yaml
@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: join-config
-  namespace: {{ .Release.Namespace }}
-data:
-  {{/* mustToJson is required so the json-strings passed from go are of type string in the rendered yaml. */}}
-  attestationConfig: {{ .Values.attestationConfig | mustToJson }}
-binaryData:
-  measurementSalt: {{ .Values.measurementSalt }}
--- a/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/values.schema.json
+++ b/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/values.schema.json
@ -3,33 +3,33 @@
    "properties": {
        "csp": {
            "description": "CSP to which the chart is deployed.",
-            "enum": ["AWS", "Azure", "GCP", "OpenStack", "QEMU"]
-        },
-        "attestationConfig": {
-            "description": "JSON-string to describe the config to use for attestation validation.",
-            "type": "string",
-            "examples": ["{'measurements':{'1':{'expected':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA','warnOnly':true},'15':{'expected':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=','warnOnly':true}}}"]
+            "enum": [
+                "AWS",
+                "Azure",
+                "GCP",
+                "OpenStack",
+                "QEMU"
+            ]
        },
        "image": {
            "description": "Container image to use for the spawned pods.",
            "type": "string",
-            "examples": ["ghcr.io/edgelesssys/constellation/join-service:latest"]
-        },
-        "measurementSalt": {
-            "description": "Salt used to generate node measurements",
-            "type": "string",
-            "examples": ["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]
+            "examples": [
+                "ghcr.io/edgelesssys/constellation/join-service:latest"
+            ]
        },
        "attestationVariant": {
            "description": "Attestation variant to use for aTLS connections.",
            "type": "string",
-            "examples": ["azure-sev-snp", "azure-trusted-launch", "gcp-sev-es"]
+            "examples": [
+                "azure-sev-snp",
+                "azure-trusted-launch",
+                "gcp-sev-es"
+            ]
        }
    },
    "required": [
        "csp",
-        "attestationConfig",
-        "measurementSalt",
        "image",
        "attestationVariant"
    ],
--- a/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/values.yaml
+++ b/cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/values.yaml
@ -1,5 +1,4 @@
 csp: "gcp"
 attestationVariant: ""
-measurementSalt: ""
 joinServicePort: 9090
 joinServiceNodePort: 30090