diff --git a/cli/internal/cmd/configgenerate.go b/cli/internal/cmd/configgenerate.go index 01f1ac25f..d982a760b 100644 --- a/cli/internal/cmd/configgenerate.go +++ b/cli/internal/cmd/configgenerate.go @@ -37,7 +37,7 @@ func newConfigGenerateCmd() *cobra.Command { } cmd.Flags().StringP("file", "f", constants.ConfigFilename, "path to output file, or '-' for stdout") cmd.Flags().StringP("kubernetes", "k", semver.MajorMinor(config.Default().KubernetesVersion), "Kubernetes version to use in format MAJOR.MINOR") - cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationTypes()))) + cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationVariants()))) return cmd } @@ -72,7 +72,7 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file cg.log.Debugf("Parsed flags as %v", flags) cg.log.Debugf("Using cloud provider %s", provider.String()) - conf, err := createConfigWithAttestationType(provider, rawProvider, flags.attestationVariant) + conf, err := createConfigWithAttestationVariant(provider, rawProvider, flags.attestationVariant) if err != nil { return fmt.Errorf("creating config: %w", err) } @@ -101,8 +101,8 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file return nil } -// createConfig creates a config file for the given provider. -func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) { +// createConfigWithAttestationVariant creates a config file for the given provider. +func createConfigWithAttestationVariant(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) { conf := config.Default().WithOpenStackProviderDefaults(rawProvider) conf.RemoveProviderExcept(provider) @@ -120,7 +120,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide return nil, fmt.Errorf("provider %s does not have a default attestation variant", provider) } } else if !variant.ValidProvider(provider, attestationVariant) { - return nil, fmt.Errorf("provider %s does not support attestation type %s", provider, attestationVariant) + return nil, fmt.Errorf("provider %s does not support attestation variant %s", provider, attestationVariant) } conf.SetAttestation(attestationVariant) return conf, nil @@ -129,7 +129,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide // createConfig creates a config file for the given provider. func createConfig(provider cloudprovider.Provider) *config.Config { // rawProvider can be hardcoded as it only matters for OpenStack - res, _ := createConfigWithAttestationType(provider, "", variant.Dummy{}) + res, _ := createConfigWithAttestationVariant(provider, "", variant.Dummy{}) return res } @@ -165,12 +165,12 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) { return generateFlags{}, fmt.Errorf("parsing attestation flag: %w", err) } - var attestationType variant.Variant - // if no attestation type is specified, use the default for the cloud provider + var attestationVariant variant.Variant + // if no attestation variant is specified, use the default for the cloud provider if attestationString == "" { - attestationType = variant.Dummy{} + attestationVariant = variant.Dummy{} } else { - attestationType, err = variant.FromString(attestationString) + attestationVariant, err = variant.FromString(attestationString) if err != nil { return generateFlags{}, fmt.Errorf("invalid attestation variant: %s", attestationString) } @@ -178,7 +178,7 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) { return generateFlags{ file: file, k8sVersion: resolvedVersion, - attestationVariant: attestationType, + attestationVariant: attestationVariant, }, nil } diff --git a/cli/internal/cmd/configgenerate_test.go b/cli/internal/cmd/configgenerate_test.go index f245d419e..8034b00a0 100644 --- a/cli/internal/cmd/configgenerate_test.go +++ b/cli/internal/cmd/configgenerate_test.go @@ -193,7 +193,7 @@ func TestNoValidProviderAttestationCombination(t *testing.T) { } for _, test := range tests { t.Run("", func(t *testing.T) { - _, err := createConfigWithAttestationType(test.provider, "", test.attestation) + _, err := createConfigWithAttestationVariant(test.provider, "", test.attestation) assert.Error(err) }) } @@ -244,7 +244,7 @@ func TestValidProviderAttestationCombination(t *testing.T) { } for _, test := range tests { t.Run(fmt.Sprintf("Provider:%s,Attestation:%s", test.provider, test.attestation), func(t *testing.T) { - sut, err := createConfigWithAttestationType(test.provider, "", test.attestation) + sut, err := createConfigWithAttestationVariant(test.provider, "", test.attestation) assert := assert.New(t) assert.NoError(err) assert.Equal(test.expected, sut.Attestation) diff --git a/docs/docs/workflows/config.md b/docs/docs/workflows/config.md index 505f5110b..6381f3e29 100644 --- a/docs/docs/workflows/config.md +++ b/docs/docs/workflows/config.md @@ -73,7 +73,7 @@ The Constellation CLI can also print the supported instance types with: `constel :::caution Due to a bug in AWS's SNP implementation, SNP report generation currently fails in unforeseeable circumstances. -Therefore, even if you select attestation type `awsSEVSNP`, Constellation still uses NitroTPM-based attestation. +Therefore, even if you select attestation variant `awsSEVSNP`, Constellation still uses NitroTPM-based attestation. Nonetheless, runtime encryption is enabled. AWS is currently investigating the issue. SNP-based attestation will be enabled as soon as a fix is verified. diff --git a/internal/api/attestationconfigapi/client.go b/internal/api/attestationconfigapi/client.go index f0087b413..507e24661 100644 --- a/internal/api/attestationconfigapi/client.go +++ b/internal/api/attestationconfigapi/client.go @@ -71,7 +71,7 @@ func (a Client) DeleteAzureSEVSNPVersion(ctx context.Context, versionStr string) return executeAllCmds(ctx, a.s3Client, ops) } -// List returns the list of versions for the given attestation type. +// List returns the list of versions for the given attestation variant. func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string, error) { if attestation.Equal(variant.AzureSEVSNP{}) { versions, err := apiclient.Fetch(ctx, a.s3Client, AzureSEVSNPVersionList{}) @@ -80,7 +80,7 @@ func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string } return versions, nil } - return nil, fmt.Errorf("unsupported attestation type: %s", attestation) + return nil, fmt.Errorf("unsupported attestation variant: %s", attestation) } func (a Client) deleteAzureSEVSNPVersion(versions AzureSEVSNPVersionList, versionStr string) (ops []crudCmd, err error) { diff --git a/internal/attestation/variant/variant.go b/internal/attestation/variant/variant.go index 3ab672257..b1aead8b7 100644 --- a/internal/attestation/variant/variant.go +++ b/internal/attestation/variant/variant.go @@ -58,7 +58,7 @@ var providerAttestationMapping = map[cloudprovider.Provider][]Variant{ cloudprovider.OpenStack: {QEMUVTPM{}}, } -// GetDefaultAttestation returns the default attestation type for the given provider. If not found, it returns the default variant. +// GetDefaultAttestation returns the default attestation variant for the given provider. If not found, it returns the default variant. func GetDefaultAttestation(provider cloudprovider.Provider) Variant { res, ok := providerAttestationMapping[provider] if ok { @@ -67,8 +67,8 @@ func GetDefaultAttestation(provider cloudprovider.Provider) Variant { return Dummy{} } -// GetAvailableAttestationTypes returns the available attestation types. -func GetAvailableAttestationTypes() []Variant { +// GetAvailableAttestationVariants returns the available attestation variants. +func GetAvailableAttestationVariants() []Variant { var res []Variant // assumes that cloudprovider.Provider is a uint32 to sort the providers and get a consistent order @@ -121,7 +121,7 @@ func FromString(oid string) (Variant, error) { return nil, fmt.Errorf("unknown OID: %q", oid) } -// ValidProvider returns true if the attestation type is valid for the given provider. +// ValidProvider returns true if the attestation variants is valid for the given provider. func ValidProvider(provider cloudprovider.Provider, variant Variant) bool { validTypes, ok := providerAttestationMapping[provider] if ok {