Use term "attestation variant" consistently

This commit is contained in:
Thomas Tendyck 2023-06-25 23:32:39 +02:00 committed by Thomas Tendyck
parent e139eff552
commit 46e144d19b
5 changed files with 20 additions and 20 deletions

View File

@ -37,7 +37,7 @@ func newConfigGenerateCmd() *cobra.Command {
}
cmd.Flags().StringP("file", "f", constants.ConfigFilename, "path to output file, or '-' for stdout")
cmd.Flags().StringP("kubernetes", "k", semver.MajorMinor(config.Default().KubernetesVersion), "Kubernetes version to use in format MAJOR.MINOR")
cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationTypes())))
cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationVariants())))
return cmd
}
@ -72,7 +72,7 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
cg.log.Debugf("Parsed flags as %v", flags)
cg.log.Debugf("Using cloud provider %s", provider.String())
conf, err := createConfigWithAttestationType(provider, rawProvider, flags.attestationVariant)
conf, err := createConfigWithAttestationVariant(provider, rawProvider, flags.attestationVariant)
if err != nil {
return fmt.Errorf("creating config: %w", err)
}
@ -101,8 +101,8 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
return nil
}
// createConfig creates a config file for the given provider.
func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) {
// createConfigWithAttestationVariant creates a config file for the given provider.
func createConfigWithAttestationVariant(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) {
conf := config.Default().WithOpenStackProviderDefaults(rawProvider)
conf.RemoveProviderExcept(provider)
@ -120,7 +120,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide
return nil, fmt.Errorf("provider %s does not have a default attestation variant", provider)
}
} else if !variant.ValidProvider(provider, attestationVariant) {
return nil, fmt.Errorf("provider %s does not support attestation type %s", provider, attestationVariant)
return nil, fmt.Errorf("provider %s does not support attestation variant %s", provider, attestationVariant)
}
conf.SetAttestation(attestationVariant)
return conf, nil
@ -129,7 +129,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide
// createConfig creates a config file for the given provider.
func createConfig(provider cloudprovider.Provider) *config.Config {
// rawProvider can be hardcoded as it only matters for OpenStack
res, _ := createConfigWithAttestationType(provider, "", variant.Dummy{})
res, _ := createConfigWithAttestationVariant(provider, "", variant.Dummy{})
return res
}
@ -165,12 +165,12 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) {
return generateFlags{}, fmt.Errorf("parsing attestation flag: %w", err)
}
var attestationType variant.Variant
// if no attestation type is specified, use the default for the cloud provider
var attestationVariant variant.Variant
// if no attestation variant is specified, use the default for the cloud provider
if attestationString == "" {
attestationType = variant.Dummy{}
attestationVariant = variant.Dummy{}
} else {
attestationType, err = variant.FromString(attestationString)
attestationVariant, err = variant.FromString(attestationString)
if err != nil {
return generateFlags{}, fmt.Errorf("invalid attestation variant: %s", attestationString)
}
@ -178,7 +178,7 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) {
return generateFlags{
file: file,
k8sVersion: resolvedVersion,
attestationVariant: attestationType,
attestationVariant: attestationVariant,
}, nil
}

View File

@ -193,7 +193,7 @@ func TestNoValidProviderAttestationCombination(t *testing.T) {
}
for _, test := range tests {
t.Run("", func(t *testing.T) {
_, err := createConfigWithAttestationType(test.provider, "", test.attestation)
_, err := createConfigWithAttestationVariant(test.provider, "", test.attestation)
assert.Error(err)
})
}
@ -244,7 +244,7 @@ func TestValidProviderAttestationCombination(t *testing.T) {
}
for _, test := range tests {
t.Run(fmt.Sprintf("Provider:%s,Attestation:%s", test.provider, test.attestation), func(t *testing.T) {
sut, err := createConfigWithAttestationType(test.provider, "", test.attestation)
sut, err := createConfigWithAttestationVariant(test.provider, "", test.attestation)
assert := assert.New(t)
assert.NoError(err)
assert.Equal(test.expected, sut.Attestation)

View File

@ -73,7 +73,7 @@ The Constellation CLI can also print the supported instance types with: `constel
:::caution
Due to a bug in AWS's SNP implementation, SNP report generation currently fails in unforeseeable circumstances.
Therefore, even if you select attestation type `awsSEVSNP`, Constellation still uses NitroTPM-based attestation.
Therefore, even if you select attestation variant `awsSEVSNP`, Constellation still uses NitroTPM-based attestation.
Nonetheless, runtime encryption is enabled.
AWS is currently investigating the issue.
SNP-based attestation will be enabled as soon as a fix is verified.

View File

@ -71,7 +71,7 @@ func (a Client) DeleteAzureSEVSNPVersion(ctx context.Context, versionStr string)
return executeAllCmds(ctx, a.s3Client, ops)
}
// List returns the list of versions for the given attestation type.
// List returns the list of versions for the given attestation variant.
func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
if attestation.Equal(variant.AzureSEVSNP{}) {
versions, err := apiclient.Fetch(ctx, a.s3Client, AzureSEVSNPVersionList{})
@ -80,7 +80,7 @@ func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string
}
return versions, nil
}
return nil, fmt.Errorf("unsupported attestation type: %s", attestation)
return nil, fmt.Errorf("unsupported attestation variant: %s", attestation)
}
func (a Client) deleteAzureSEVSNPVersion(versions AzureSEVSNPVersionList, versionStr string) (ops []crudCmd, err error) {

View File

@ -58,7 +58,7 @@ var providerAttestationMapping = map[cloudprovider.Provider][]Variant{
cloudprovider.OpenStack: {QEMUVTPM{}},
}
// GetDefaultAttestation returns the default attestation type for the given provider. If not found, it returns the default variant.
// GetDefaultAttestation returns the default attestation variant for the given provider. If not found, it returns the default variant.
func GetDefaultAttestation(provider cloudprovider.Provider) Variant {
res, ok := providerAttestationMapping[provider]
if ok {
@ -67,8 +67,8 @@ func GetDefaultAttestation(provider cloudprovider.Provider) Variant {
return Dummy{}
}
// GetAvailableAttestationTypes returns the available attestation types.
func GetAvailableAttestationTypes() []Variant {
// GetAvailableAttestationVariants returns the available attestation variants.
func GetAvailableAttestationVariants() []Variant {
var res []Variant
// assumes that cloudprovider.Provider is a uint32 to sort the providers and get a consistent order
@ -121,7 +121,7 @@ func FromString(oid string) (Variant, error) {
return nil, fmt.Errorf("unknown OID: %q", oid)
}
// ValidProvider returns true if the attestation type is valid for the given provider.
// ValidProvider returns true if the attestation variants is valid for the given provider.
func ValidProvider(provider cloudprovider.Provider, variant Variant) bool {
validTypes, ok := providerAttestationMapping[provider]
if ok {