From 1af18e990d1d415b87d664ea59974d3b1cd4e537 Mon Sep 17 00:00:00 2001 From: katexochen <49727155+katexochen@users.noreply.github.com> Date: Tue, 5 Jul 2022 14:13:19 +0200 Subject: [PATCH] Rename all activation --- .github/workflows/build-activation-image.yml | 14 ++--- .../workflows/build-micro-service-manual.yml | 8 +-- .../workflows/build-verification-service.yml | 2 +- bootstrapper/cmd/bootstrapper/run.go | 6 +-- bootstrapper/internal/joinclient/client.go | 10 ++-- .../kubernetes/k8sapi/resources/images.go | 2 +- .../{activation.go => joinservice.go} | 52 +++++++++---------- ...activation_test.go => joinservice_test.go} | 6 +-- .../kubernetes/k8sapi/resources/kms.go | 2 +- .../internal/kubernetes/k8sapi/util.go | 6 +-- bootstrapper/internal/kubernetes/k8sutil.go | 2 +- .../internal/kubernetes/kubernetes.go | 10 ++-- .../internal/kubernetes/kubernetes_test.go | 10 ++-- internal/attestation/vtpm/initialize.go | 8 +-- internal/attestation/vtpm/initialize_test.go | 6 +-- internal/attestation/vtpm/vtpm_test.go | 2 +- internal/constants/constants.go | 6 +-- joinservice/cmd/main.go | 4 +- joinservice/internal/kubeadm/kubeadm.go | 2 +- joinservice/internal/server/server.go | 6 +-- state/setup/setup.go | 2 +- 21 files changed, 83 insertions(+), 83 deletions(-) rename bootstrapper/internal/kubernetes/k8sapi/resources/{activation.go => joinservice.go} (81%) rename bootstrapper/internal/kubernetes/k8sapi/resources/{activation_test.go => joinservice_test.go} (65%) diff --git a/.github/workflows/build-activation-image.yml b/.github/workflows/build-activation-image.yml index 908c2bafa..65499783f 100644 --- a/.github/workflows/build-activation-image.yml +++ b/.github/workflows/build-activation-image.yml @@ -1,4 +1,4 @@ -name: Build and upload activation-service image +name: Build and upload join-service image on: workflow_dispatch: @@ -6,7 +6,7 @@ on: branches: - main paths: - - "activation/**" + - "joinservice/**" - "internal/atls/**" - "internal/attestation/**" - "internal/constants/**" @@ -20,7 +20,7 @@ concurrency: cancel-in-progress: true jobs: - build-activation-service: + build-join-service: runs-on: ubuntu-latest permissions: contents: read @@ -30,11 +30,11 @@ jobs: id: checkout uses: actions/checkout@v3 - - name: Build and upload activation-service container image + - name: Build and upload join-service container image id: build-and-upload uses: ./.github/actions/build_micro_service with: - name: activation-service - projectVersion: "0.0.0" - dockerfile: activation/Dockerfile + name: join-service + projectVersion: '0.0.0' + dockerfile: joinservice/Dockerfile githubToken: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-micro-service-manual.yml b/.github/workflows/build-micro-service-manual.yml index 2dde7f334..41c3f6588 100644 --- a/.github/workflows/build-micro-service-manual.yml +++ b/.github/workflows/build-micro-service-manual.yml @@ -8,7 +8,7 @@ on: type: choice options: - 'access-manager' - - 'activation-service' + - 'join-service' - 'kmsserver' - 'verification-service' required: true @@ -40,15 +40,15 @@ jobs: case "${{ inputs.microService }}" in "access-manager" ) echo "microServiceDockerfile=access_manager/Dockerfile" >> $GITHUB_ENV ;; - "activation-service" ) - echo "microServiceDockerfile=activation/Dockerfile" >> $GITHUB_ENV ;; + "join-service" ) + echo "microServiceDockerfile=joinservice/Dockerfile" >> $GITHUB_ENV ;; "kmsserver" ) echo "microServiceDockerfile=kms/Dockerfile" >> $GITHUB_ENV ;; "verification-service" ) echo "microServiceDockerfile=verify/Dockerfile" >> $GITHUB_ENV ;; esac - - name: Build and upload activation-service container image + - name: Build and upload join-service container image id: build-and-upload uses: ./.github/actions/build_micro_service with: diff --git a/.github/workflows/build-verification-service.yml b/.github/workflows/build-verification-service.yml index ac1342898..56b5a7c53 100644 --- a/.github/workflows/build-verification-service.yml +++ b/.github/workflows/build-verification-service.yml @@ -11,7 +11,7 @@ on: - "internal/constants/**" jobs: - build-activation-service: + build-verification-service: runs-on: ubuntu-latest permissions: contents: read diff --git a/bootstrapper/cmd/bootstrapper/run.go b/bootstrapper/cmd/bootstrapper/run.go index fa59eb41f..7505eab6e 100644 --- a/bootstrapper/cmd/bootstrapper/run.go +++ b/bootstrapper/cmd/bootstrapper/run.go @@ -28,12 +28,12 @@ func run(issuer quoteIssuer, tpm vtpm.TPMOpenFunc, fileHandler file.Handler, defer cloudLogger.Close() cloudLogger.Disclose("bootstrapper started running...") - nodeActivated, err := vtpm.IsNodeInitialized(tpm) + nodeBootstrapped, err := vtpm.IsNodeBootstrapped(tpm) if err != nil { - logger.Fatal("failed to check for previous activation using vTPM", zap.Error(err)) + logger.Fatal("failed to check for previous bootstrapping using vTPM", zap.Error(err)) } - if nodeActivated { + if nodeBootstrapped { if err := kube.StartKubelet(); err != nil { logger.Fatal("failed to restart kubelet", zap.Error(err)) } diff --git a/bootstrapper/internal/joinclient/client.go b/bootstrapper/internal/joinclient/client.go index bbdc1f59b..ce6dae806 100644 --- a/bootstrapper/internal/joinclient/client.go +++ b/bootstrapper/internal/joinclient/client.go @@ -65,7 +65,7 @@ func New(lock *nodelock.Lock, dial grpcDialer, joiner ClusterJoiner, meta Metada dialer: dial, joiner: joiner, metadataAPI: meta, - log: log.Named("selfactivation-client"), + log: log.Named("join-client"), } } @@ -116,15 +116,15 @@ func (c *JoinClient) Start() { } for { - err := c.tryJoinAtAvailableServices() + err := c.tryJoinWithAvailableServices() if err == nil { - c.log.Info("Activated successfully. SelfActivationClient shut down.") + c.log.Info("Joined successfully. Client is shut down.") return } else if isUnrecoverable(err) { c.log.Error("Unrecoverable error occurred", zap.Error(err)) return } - c.log.Info("Activation failed for all available endpoints", zap.Error(err)) + c.log.Info("Join failed for all available endpoints", zap.Error(err)) c.log.Info("Sleeping", zap.Duration("interval", c.interval)) select { @@ -156,7 +156,7 @@ func (c *JoinClient) Stop() { c.log.Info("Stopped") } -func (c *JoinClient) tryJoinAtAvailableServices() error { +func (c *JoinClient) tryJoinWithAvailableServices() error { ips, err := c.getControlPlaneIPs() if err != nil { return err diff --git a/bootstrapper/internal/kubernetes/k8sapi/resources/images.go b/bootstrapper/internal/kubernetes/k8sapi/resources/images.go index 17f5b00b8..cd360f8c8 100644 --- a/bootstrapper/internal/kubernetes/k8sapi/resources/images.go +++ b/bootstrapper/internal/kubernetes/k8sapi/resources/images.go @@ -2,7 +2,7 @@ package resources const ( // Constellation images. - activationImage = "ghcr.io/edgelesssys/constellation/activation-service:v1.2" + joinImage = "ghcr.io/edgelesssys/constellation/join-service:v1.2" accessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v1.2" kmsImage = "ghcr.io/edgelesssys/constellation/kmsserver:v1.2" verificationImage = "ghcr.io/edgelesssys/constellation/verification-service:v1.2" diff --git a/bootstrapper/internal/kubernetes/k8sapi/resources/activation.go b/bootstrapper/internal/kubernetes/k8sapi/resources/joinservice.go similarity index 81% rename from bootstrapper/internal/kubernetes/k8sapi/resources/activation.go rename to bootstrapper/internal/kubernetes/k8sapi/resources/joinservice.go index 449a1ba6a..3d6f37a66 100644 --- a/bootstrapper/internal/kubernetes/k8sapi/resources/activation.go +++ b/bootstrapper/internal/kubernetes/k8sapi/resources/joinservice.go @@ -12,7 +12,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" ) -type activationDaemonset struct { +type joinServiceDaemonset struct { ClusterRole rbac.ClusterRole ClusterRoleBinding rbac.ClusterRoleBinding ConfigMap k8s.ConfigMap @@ -21,18 +21,18 @@ type activationDaemonset struct { Service k8s.Service } -// NewActivationDaemonset returns a daemonset for the activation service. -func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDaemonset { - return &activationDaemonset{ +// NewJoinServiceDaemonset returns a daemonset for the join service. +func NewJoinServiceDaemonset(csp, measurementsJSON, idJSON string) *joinServiceDaemonset { + return &joinServiceDaemonset{ ClusterRole: rbac.ClusterRole{ TypeMeta: meta.TypeMeta{ APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-service", + Name: "join-service", Labels: map[string]string{ - "k8s-app": "activation-service", + "k8s-app": "join-service", }, }, Rules: []rbac.PolicyRule{ @@ -54,17 +54,17 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae Kind: "ClusterRoleBinding", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-service", + Name: "join-service", }, RoleRef: rbac.RoleRef{ APIGroup: "rbac.authorization.k8s.io", Kind: "ClusterRole", - Name: "activation-service", + Name: "join-service", }, Subjects: []rbac.Subject{ { Kind: "ServiceAccount", - Name: "activation-service", + Name: "join-service", Namespace: "kube-system", }, }, @@ -75,29 +75,29 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae Kind: "DaemonSet", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-service", + Name: "join-service", Namespace: "kube-system", Labels: map[string]string{ - "k8s-app": "activation-service", - "component": "activation-service", + "k8s-app": "join-service", + "component": "join-service", "kubernetes.io/cluster-service": "true", }, }, Spec: apps.DaemonSetSpec{ Selector: &meta.LabelSelector{ MatchLabels: map[string]string{ - "k8s-app": "activation-service", + "k8s-app": "join-service", }, }, Template: k8s.PodTemplateSpec{ ObjectMeta: meta.ObjectMeta{ Labels: map[string]string{ - "k8s-app": "activation-service", + "k8s-app": "join-service", }, }, Spec: k8s.PodSpec{ PriorityClassName: "system-cluster-critical", - ServiceAccountName: "activation-service", + ServiceAccountName: "join-service", Tolerations: []k8s.Toleration{ { Key: "CriticalAddonsOnly", @@ -134,11 +134,11 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae }, Containers: []k8s.Container{ { - Name: "activation-service", - Image: activationImage, + Name: "join-service", + Image: joinImage, Ports: []k8s.ContainerPort{ { - ContainerPort: constants.ActivationServicePort, + ContainerPort: constants.JoinServicePort, Name: "tcp", }, }, @@ -169,7 +169,7 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae VolumeSource: k8s.VolumeSource{ ConfigMap: &k8s.ConfigMapVolumeSource{ LocalObjectReference: k8s.LocalObjectReference{ - Name: "activation-config", + Name: "join-config", }, }, }, @@ -193,7 +193,7 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae Kind: "ServiceAccount", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-service", + Name: "join-service", Namespace: "kube-system", }, }, @@ -203,7 +203,7 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae Kind: "Service", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-service", + Name: "join-service", Namespace: "kube-system", }, Spec: k8s.ServiceSpec{ @@ -212,13 +212,13 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae { Name: "grpc", Protocol: k8s.ProtocolTCP, - Port: constants.ActivationServicePort, - TargetPort: intstr.IntOrString{IntVal: constants.ActivationServicePort}, + Port: constants.JoinServicePort, + TargetPort: intstr.IntOrString{IntVal: constants.JoinServicePort}, NodePort: constants.JoinServiceNodePort, }, }, Selector: map[string]string{ - "k8s-app": "activation-service", + "k8s-app": "join-service", }, }, }, @@ -228,7 +228,7 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae Kind: "ConfigMap", }, ObjectMeta: meta.ObjectMeta{ - Name: "activation-config", + Name: "join-config", Namespace: "kube-system", }, Data: map[string]string{ @@ -240,6 +240,6 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae } // Marshal the daemonset using the Kubernetes resource marshaller. -func (a *activationDaemonset) Marshal() ([]byte, error) { +func (a *joinServiceDaemonset) Marshal() ([]byte, error) { return MarshalK8SResources(a) } diff --git a/bootstrapper/internal/kubernetes/k8sapi/resources/activation_test.go b/bootstrapper/internal/kubernetes/k8sapi/resources/joinservice_test.go similarity index 65% rename from bootstrapper/internal/kubernetes/k8sapi/resources/activation_test.go rename to bootstrapper/internal/kubernetes/k8sapi/resources/joinservice_test.go index 112998910..393f60b8b 100644 --- a/bootstrapper/internal/kubernetes/k8sapi/resources/activation_test.go +++ b/bootstrapper/internal/kubernetes/k8sapi/resources/joinservice_test.go @@ -7,12 +7,12 @@ import ( "github.com/stretchr/testify/require" ) -func TestNewActivationDaemonset(t *testing.T) { - deployment := NewActivationDaemonset("csp", "measurementsJSON", "idJSON") +func TestNewJoinServiceDaemonset(t *testing.T) { + deployment := NewJoinServiceDaemonset("csp", "measurementsJSON", "idJSON") deploymentYAML, err := deployment.Marshal() require.NoError(t, err) - var recreated activationDaemonset + var recreated joinServiceDaemonset require.NoError(t, UnmarshalK8SResources(deploymentYAML, &recreated)) assert.Equal(t, deployment, &recreated) } diff --git a/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go b/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go index 44a8599a3..36ae4be5d 100644 --- a/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go +++ b/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go @@ -194,7 +194,7 @@ func NewKMSDeployment(csp string, masterSecret []byte) *kmsDeployment { { ConfigMap: &k8s.ConfigMapProjection{ LocalObjectReference: k8s.LocalObjectReference{ - Name: "activation-config", + Name: "join-config", }, Items: []k8s.KeyToPath{ { diff --git a/bootstrapper/internal/kubernetes/k8sapi/util.go b/bootstrapper/internal/kubernetes/k8sapi/util.go index 2fac94ce0..4bc8e7342 100644 --- a/bootstrapper/internal/kubernetes/k8sapi/util.go +++ b/bootstrapper/internal/kubernetes/k8sapi/util.go @@ -232,9 +232,9 @@ func (k *KubernetesUtil) SetupAutoscaling(kubectl Client, clusterAutoscalerConfi return kubectl.Apply(clusterAutoscalerConfiguration, true) } -// SetupActivationService deploys the Constellation node activation service. -func (k *KubernetesUtil) SetupActivationService(kubectl Client, activationServiceConfiguration resources.Marshaler) error { - return kubectl.Apply(activationServiceConfiguration, true) +// SetupJoinService deploys the Constellation node join service. +func (k *KubernetesUtil) SetupJoinService(kubectl Client, joinServiceConfiguration resources.Marshaler) error { + return kubectl.Apply(joinServiceConfiguration, true) } // SetupCloudControllerManager deploys the k8s cloud-controller-manager. diff --git a/bootstrapper/internal/kubernetes/k8sutil.go b/bootstrapper/internal/kubernetes/k8sutil.go index 08724ce8b..fcc376435 100644 --- a/bootstrapper/internal/kubernetes/k8sutil.go +++ b/bootstrapper/internal/kubernetes/k8sutil.go @@ -16,7 +16,7 @@ type clusterUtil interface { SetupPodNetwork(context.Context, k8sapi.SetupPodNetworkInput) error SetupAccessManager(kubectl k8sapi.Client, sshUsers resources.Marshaler) error SetupAutoscaling(kubectl k8sapi.Client, clusterAutoscalerConfiguration resources.Marshaler, secrets resources.Marshaler) error - SetupActivationService(kubectl k8sapi.Client, activationServiceConfiguration resources.Marshaler) error + SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration resources.Marshaler) error SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration resources.Marshaler, configMaps resources.Marshaler, secrets resources.Marshaler) error SetupCloudNodeManager(kubectl k8sapi.Client, cloudNodeManagerConfiguration resources.Marshaler) error SetupKMS(kubectl k8sapi.Client, kmsConfiguration resources.Marshaler) error diff --git a/bootstrapper/internal/kubernetes/kubernetes.go b/bootstrapper/internal/kubernetes/kubernetes.go index d3a3c55f8..3558bb007 100644 --- a/bootstrapper/internal/kubernetes/kubernetes.go +++ b/bootstrapper/internal/kubernetes/kubernetes.go @@ -162,8 +162,8 @@ func (k *KubeWrapper) InitCluster( return nil, fmt.Errorf("setting up kms: %w", err) } - if err := k.setupActivationService(k.cloudProvider, k.initialMeasurementsJSON, id); err != nil { - return nil, fmt.Errorf("setting up activation service failed: %w", err) + if err := k.setupJoinService(k.cloudProvider, k.initialMeasurementsJSON, id); err != nil { + return nil, fmt.Errorf("setting up join service failed: %w", err) } if err := k.setupCCM(ctx, subnetworkPodCIDR, cloudServiceAccountURI, instance); err != nil { @@ -268,15 +268,15 @@ func (k *KubeWrapper) GetJoinToken(ctx context.Context, ttl time.Duration) (*kub return k.clusterUtil.CreateJoinToken(ctx, ttl) } -func (k *KubeWrapper) setupActivationService(csp string, measurementsJSON []byte, id attestationtypes.ID) error { +func (k *KubeWrapper) setupJoinService(csp string, measurementsJSON []byte, id attestationtypes.ID) error { idJSON, err := json.Marshal(id) if err != nil { return err } - activationConfiguration := resources.NewActivationDaemonset(csp, string(measurementsJSON), string(idJSON)) + joinConfiguration := resources.NewJoinServiceDaemonset(csp, string(measurementsJSON), string(idJSON)) - return k.clusterUtil.SetupActivationService(k.client, activationConfiguration) + return k.clusterUtil.SetupJoinService(k.client, joinConfiguration) } func (k *KubeWrapper) setupCCM(ctx context.Context, subnetworkPodCIDR, cloudServiceAccountURI string, instance metadata.InstanceMetadata) error { diff --git a/bootstrapper/internal/kubernetes/kubernetes_test.go b/bootstrapper/internal/kubernetes/kubernetes_test.go index 17deaa3b1..5cc653421 100644 --- a/bootstrapper/internal/kubernetes/kubernetes_test.go +++ b/bootstrapper/internal/kubernetes/kubernetes_test.go @@ -173,8 +173,8 @@ func TestInitCluster(t *testing.T) { ClusterAutoscaler: &stubClusterAutoscaler{}, wantErr: true, }, - "kubeadm init fails when setting up the activation service": { - clusterUtil: stubClusterUtil{setupActivationServiceError: someErr}, + "kubeadm init fails when setting up the join service": { + clusterUtil: stubClusterUtil{setupJoinServiceError: someErr}, kubeconfigReader: &stubKubeconfigReader{ Kubeconfig: []byte("someKubeconfig"), }, @@ -506,7 +506,7 @@ type stubClusterUtil struct { initClusterErr error setupPodNetworkErr error setupAutoscalingError error - setupActivationServiceError error + setupJoinServiceError error setupCloudControllerManagerError error setupCloudNodeManagerError error setupKMSError error @@ -539,8 +539,8 @@ func (s *stubClusterUtil) SetupAutoscaling(kubectl k8sapi.Client, clusterAutosca return s.setupAutoscalingError } -func (s *stubClusterUtil) SetupActivationService(kubectl k8sapi.Client, activationServiceConfiguration resources.Marshaler) error { - return s.setupActivationServiceError +func (s *stubClusterUtil) SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration resources.Marshaler) error { + return s.setupJoinServiceError } func (s *stubClusterUtil) SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration resources.Marshaler, configMaps resources.Marshaler, secrets resources.Marshaler) error { diff --git a/internal/attestation/vtpm/initialize.go b/internal/attestation/vtpm/initialize.go index 9087d7e55..2050237c5 100644 --- a/internal/attestation/vtpm/initialize.go +++ b/internal/attestation/vtpm/initialize.go @@ -17,8 +17,8 @@ const ( PCRIndexClusterID = tpmutil.Handle(12) ) -// MarkNodeAsInitialized marks a node as initialized by extending PCRs. -func MarkNodeAsInitialized(openTPM TPMOpenFunc, ownerID, clusterID []byte) error { +// MarkNodeAsBootstrapped marks a node as initialized by extending PCRs. +func MarkNodeAsBootstrapped(openTPM TPMOpenFunc, ownerID, clusterID []byte) error { tpm, err := openTPM() if err != nil { return err @@ -33,8 +33,8 @@ func MarkNodeAsInitialized(openTPM TPMOpenFunc, ownerID, clusterID []byte) error return tpm2.PCREvent(tpm, PCRIndexClusterID, clusterID) } -// IsNodeInitialized checks if a node is already initialized by reading PCRs. -func IsNodeInitialized(openTPM TPMOpenFunc) (bool, error) { +// IsNodeBootstrapped checks if a node is already bootestrapped by reading PCRs. +func IsNodeBootstrapped(openTPM TPMOpenFunc) (bool, error) { tpm, err := openTPM() if err != nil { return false, err diff --git a/internal/attestation/vtpm/initialize_test.go b/internal/attestation/vtpm/initialize_test.go index 9b8b4adaf..de289661a 100644 --- a/internal/attestation/vtpm/initialize_test.go +++ b/internal/attestation/vtpm/initialize_test.go @@ -31,7 +31,7 @@ func TestMarkNodeAsInitialized(t *testing.T) { pcrs, err := client.ReadAllPCRs(tpm) require.NoError(err) - assert.NoError(MarkNodeAsInitialized(func() (io.ReadWriteCloser, error) { + assert.NoError(MarkNodeAsBootstrapped(func() (io.ReadWriteCloser, error) { return &simTPMNOPCloser{tpm}, nil }, []byte{0x0, 0x1, 0x2, 0x3}, []byte{0x4, 0x5, 0x6, 0x7})) @@ -47,7 +47,7 @@ func TestMarkNodeAsInitialized(t *testing.T) { func TestFailOpener(t *testing.T) { assert := assert.New(t) - assert.Error(MarkNodeAsInitialized(func() (io.ReadWriteCloser, error) { return nil, errors.New("failed") }, []byte{0x0, 0x1, 0x2, 0x3}, []byte{0x0, 0x1, 0x2, 0x3})) + assert.Error(MarkNodeAsBootstrapped(func() (io.ReadWriteCloser, error) { return nil, errors.New("failed") }, []byte{0x0, 0x1, 0x2, 0x3}, []byte{0x0, 0x1, 0x2, 0x3})) } func TestIsNodeInitialized(t *testing.T) { @@ -86,7 +86,7 @@ func TestIsNodeInitialized(t *testing.T) { if tc.pcrValueClusterID != nil { require.NoError(tpm2.PCREvent(tpm, PCRIndexClusterID, tc.pcrValueClusterID)) } - initialized, err := IsNodeInitialized(func() (io.ReadWriteCloser, error) { + initialized, err := IsNodeBootstrapped(func() (io.ReadWriteCloser, error) { return &simTPMNOPCloser{tpm}, nil }) if tc.wantErr { diff --git a/internal/attestation/vtpm/vtpm_test.go b/internal/attestation/vtpm/vtpm_test.go index f62bb2016..3652709a3 100644 --- a/internal/attestation/vtpm/vtpm_test.go +++ b/internal/attestation/vtpm/vtpm_test.go @@ -14,5 +14,5 @@ func TestMain(m *testing.M) { func TestNOPTPM(t *testing.T) { assert := assert.New(t) - assert.NoError(MarkNodeAsInitialized(OpenNOPTPM, []byte{0x0, 0x1, 0x2, 0x3}, []byte{0x4, 0x5, 0x6, 0x7})) + assert.NoError(MarkNodeAsBootstrapped(OpenNOPTPM, []byte{0x0, 0x1, 0x2, 0x3}, []byte{0x4, 0x5, 0x6, 0x7})) } diff --git a/internal/constants/constants.go b/internal/constants/constants.go index ab7729d96..8c4cff95d 100644 --- a/internal/constants/constants.go +++ b/internal/constants/constants.go @@ -22,9 +22,9 @@ const ( // Ports. // - // ActivationServiePort is the port for reaching the activation service within Kubernetes. - ActivationServicePort = 9090 - // JoinServiceNodePort is the port for reaching the activation service outside of Kubernetes. + // JoinServicePort is the port for reaching the join service within Kubernetes. + JoinServicePort = 9090 + // JoinServiceNodePort is the port for reaching the join service outside of Kubernetes. JoinServiceNodePort = 30090 VerifyServicePortHTTP = 8080 VerifyServicePortGRPC = 9090 diff --git a/joinservice/cmd/main.go b/joinservice/cmd/main.go index abeff278e..1278f52a7 100644 --- a/joinservice/cmd/main.go +++ b/joinservice/cmd/main.go @@ -28,7 +28,7 @@ func main() { log := logger.New(logger.JSONLog, logger.VerbosityFromInt(*verbosity)) log.With(zap.String("version", constants.VersionInfo), zap.String("cloudProvider", *provider)). - Infof("Constellation Node Activation Service") + Infof("Constellation Node Join Service") handler := file.NewHandler(afero.NewOsFs()) @@ -67,7 +67,7 @@ func main() { } }() - if err := server.Run(creds, strconv.Itoa(constants.ActivationServicePort)); err != nil { + if err := server.Run(creds, strconv.Itoa(constants.JoinServicePort)); err != nil { log.With(zap.Error(err)).Fatalf("Failed to run server") } } diff --git a/joinservice/internal/kubeadm/kubeadm.go b/joinservice/internal/kubeadm/kubeadm.go index 31c594007..b443d50e1 100644 --- a/joinservice/internal/kubeadm/kubeadm.go +++ b/joinservice/internal/kubeadm/kubeadm.go @@ -63,7 +63,7 @@ func (k *Kubeadm) GetJoinToken(ttl time.Duration) (*kubeadm.BootstrapTokenDiscov } token := bootstraptoken.BootstrapToken{ Token: tokenStr, - Description: "Bootstrap token generated by Constellation's Activation service", + Description: "Bootstrap token generated by Constellation's Join service", TTL: &metav1.Duration{Duration: ttl}, } diff --git a/joinservice/internal/server/server.go b/joinservice/internal/server/server.go index fc9119e8e..a61ba57fa 100644 --- a/joinservice/internal/server/server.go +++ b/joinservice/internal/server/server.go @@ -22,7 +22,7 @@ import ( kubeadmv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" ) -// Server implements the core logic of Constellation's node activation service. +// Server implements the core logic of Constellation's node join service. type Server struct { log *logger.Logger file file.Handler @@ -57,11 +57,11 @@ func (s *Server) Run(creds credentials.TransportCredentials, port string) error if err != nil { return fmt.Errorf("failed to listen: %s", err) } - s.log.Infof("Starting activation service on %s", lis.Addr().String()) + s.log.Infof("Starting join service on %s", lis.Addr().String()) return grpcServer.Serve(lis) } -// IssueJoinTicket handles activation requests of Constellation nodes. +// IssueJoinTicket handles join requests of Constellation nodes. // A node will receive: // - stateful disk encryption key. // - Kubernetes join token. diff --git a/state/setup/setup.go b/state/setup/setup.go index 729e360b8..d4c4696e8 100644 --- a/state/setup/setup.go +++ b/state/setup/setup.go @@ -83,7 +83,7 @@ getKey: } // taint the node as initialized - if err := vtpm.MarkNodeAsInitialized(s.openTPM, ownerID, clusterID); err != nil { + if err := vtpm.MarkNodeAsBootstrapped(s.openTPM, ownerID, clusterID); err != nil { return err }