mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-25 15:39:37 -05:00
Use term "attestation variant" consistently
This commit is contained in:
parent
e139eff552
commit
46e144d19b
@ -37,7 +37,7 @@ func newConfigGenerateCmd() *cobra.Command {
|
||||
}
|
||||
cmd.Flags().StringP("file", "f", constants.ConfigFilename, "path to output file, or '-' for stdout")
|
||||
cmd.Flags().StringP("kubernetes", "k", semver.MajorMinor(config.Default().KubernetesVersion), "Kubernetes version to use in format MAJOR.MINOR")
|
||||
cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationTypes())))
|
||||
cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationVariants())))
|
||||
|
||||
return cmd
|
||||
}
|
||||
@ -72,7 +72,7 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
|
||||
|
||||
cg.log.Debugf("Parsed flags as %v", flags)
|
||||
cg.log.Debugf("Using cloud provider %s", provider.String())
|
||||
conf, err := createConfigWithAttestationType(provider, rawProvider, flags.attestationVariant)
|
||||
conf, err := createConfigWithAttestationVariant(provider, rawProvider, flags.attestationVariant)
|
||||
if err != nil {
|
||||
return fmt.Errorf("creating config: %w", err)
|
||||
}
|
||||
@ -101,8 +101,8 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
|
||||
return nil
|
||||
}
|
||||
|
||||
// createConfig creates a config file for the given provider.
|
||||
func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) {
|
||||
// createConfigWithAttestationVariant creates a config file for the given provider.
|
||||
func createConfigWithAttestationVariant(provider cloudprovider.Provider, rawProvider string, attestationVariant variant.Variant) (*config.Config, error) {
|
||||
conf := config.Default().WithOpenStackProviderDefaults(rawProvider)
|
||||
conf.RemoveProviderExcept(provider)
|
||||
|
||||
@ -120,7 +120,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide
|
||||
return nil, fmt.Errorf("provider %s does not have a default attestation variant", provider)
|
||||
}
|
||||
} else if !variant.ValidProvider(provider, attestationVariant) {
|
||||
return nil, fmt.Errorf("provider %s does not support attestation type %s", provider, attestationVariant)
|
||||
return nil, fmt.Errorf("provider %s does not support attestation variant %s", provider, attestationVariant)
|
||||
}
|
||||
conf.SetAttestation(attestationVariant)
|
||||
return conf, nil
|
||||
@ -129,7 +129,7 @@ func createConfigWithAttestationType(provider cloudprovider.Provider, rawProvide
|
||||
// createConfig creates a config file for the given provider.
|
||||
func createConfig(provider cloudprovider.Provider) *config.Config {
|
||||
// rawProvider can be hardcoded as it only matters for OpenStack
|
||||
res, _ := createConfigWithAttestationType(provider, "", variant.Dummy{})
|
||||
res, _ := createConfigWithAttestationVariant(provider, "", variant.Dummy{})
|
||||
return res
|
||||
}
|
||||
|
||||
@ -165,12 +165,12 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) {
|
||||
return generateFlags{}, fmt.Errorf("parsing attestation flag: %w", err)
|
||||
}
|
||||
|
||||
var attestationType variant.Variant
|
||||
// if no attestation type is specified, use the default for the cloud provider
|
||||
var attestationVariant variant.Variant
|
||||
// if no attestation variant is specified, use the default for the cloud provider
|
||||
if attestationString == "" {
|
||||
attestationType = variant.Dummy{}
|
||||
attestationVariant = variant.Dummy{}
|
||||
} else {
|
||||
attestationType, err = variant.FromString(attestationString)
|
||||
attestationVariant, err = variant.FromString(attestationString)
|
||||
if err != nil {
|
||||
return generateFlags{}, fmt.Errorf("invalid attestation variant: %s", attestationString)
|
||||
}
|
||||
@ -178,7 +178,7 @@ func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) {
|
||||
return generateFlags{
|
||||
file: file,
|
||||
k8sVersion: resolvedVersion,
|
||||
attestationVariant: attestationType,
|
||||
attestationVariant: attestationVariant,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -193,7 +193,7 @@ func TestNoValidProviderAttestationCombination(t *testing.T) {
|
||||
}
|
||||
for _, test := range tests {
|
||||
t.Run("", func(t *testing.T) {
|
||||
_, err := createConfigWithAttestationType(test.provider, "", test.attestation)
|
||||
_, err := createConfigWithAttestationVariant(test.provider, "", test.attestation)
|
||||
assert.Error(err)
|
||||
})
|
||||
}
|
||||
@ -244,7 +244,7 @@ func TestValidProviderAttestationCombination(t *testing.T) {
|
||||
}
|
||||
for _, test := range tests {
|
||||
t.Run(fmt.Sprintf("Provider:%s,Attestation:%s", test.provider, test.attestation), func(t *testing.T) {
|
||||
sut, err := createConfigWithAttestationType(test.provider, "", test.attestation)
|
||||
sut, err := createConfigWithAttestationVariant(test.provider, "", test.attestation)
|
||||
assert := assert.New(t)
|
||||
assert.NoError(err)
|
||||
assert.Equal(test.expected, sut.Attestation)
|
||||
|
@ -73,7 +73,7 @@ The Constellation CLI can also print the supported instance types with: `constel
|
||||
|
||||
:::caution
|
||||
Due to a bug in AWS's SNP implementation, SNP report generation currently fails in unforeseeable circumstances.
|
||||
Therefore, even if you select attestation type `awsSEVSNP`, Constellation still uses NitroTPM-based attestation.
|
||||
Therefore, even if you select attestation variant `awsSEVSNP`, Constellation still uses NitroTPM-based attestation.
|
||||
Nonetheless, runtime encryption is enabled.
|
||||
AWS is currently investigating the issue.
|
||||
SNP-based attestation will be enabled as soon as a fix is verified.
|
||||
|
@ -71,7 +71,7 @@ func (a Client) DeleteAzureSEVSNPVersion(ctx context.Context, versionStr string)
|
||||
return executeAllCmds(ctx, a.s3Client, ops)
|
||||
}
|
||||
|
||||
// List returns the list of versions for the given attestation type.
|
||||
// List returns the list of versions for the given attestation variant.
|
||||
func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
|
||||
if attestation.Equal(variant.AzureSEVSNP{}) {
|
||||
versions, err := apiclient.Fetch(ctx, a.s3Client, AzureSEVSNPVersionList{})
|
||||
@ -80,7 +80,7 @@ func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string
|
||||
}
|
||||
return versions, nil
|
||||
}
|
||||
return nil, fmt.Errorf("unsupported attestation type: %s", attestation)
|
||||
return nil, fmt.Errorf("unsupported attestation variant: %s", attestation)
|
||||
}
|
||||
|
||||
func (a Client) deleteAzureSEVSNPVersion(versions AzureSEVSNPVersionList, versionStr string) (ops []crudCmd, err error) {
|
||||
|
@ -58,7 +58,7 @@ var providerAttestationMapping = map[cloudprovider.Provider][]Variant{
|
||||
cloudprovider.OpenStack: {QEMUVTPM{}},
|
||||
}
|
||||
|
||||
// GetDefaultAttestation returns the default attestation type for the given provider. If not found, it returns the default variant.
|
||||
// GetDefaultAttestation returns the default attestation variant for the given provider. If not found, it returns the default variant.
|
||||
func GetDefaultAttestation(provider cloudprovider.Provider) Variant {
|
||||
res, ok := providerAttestationMapping[provider]
|
||||
if ok {
|
||||
@ -67,8 +67,8 @@ func GetDefaultAttestation(provider cloudprovider.Provider) Variant {
|
||||
return Dummy{}
|
||||
}
|
||||
|
||||
// GetAvailableAttestationTypes returns the available attestation types.
|
||||
func GetAvailableAttestationTypes() []Variant {
|
||||
// GetAvailableAttestationVariants returns the available attestation variants.
|
||||
func GetAvailableAttestationVariants() []Variant {
|
||||
var res []Variant
|
||||
|
||||
// assumes that cloudprovider.Provider is a uint32 to sort the providers and get a consistent order
|
||||
@ -121,7 +121,7 @@ func FromString(oid string) (Variant, error) {
|
||||
return nil, fmt.Errorf("unknown OID: %q", oid)
|
||||
}
|
||||
|
||||
// ValidProvider returns true if the attestation type is valid for the given provider.
|
||||
// ValidProvider returns true if the attestation variants is valid for the given provider.
|
||||
func ValidProvider(provider cloudprovider.Provider, variant Variant) bool {
|
||||
validTypes, ok := providerAttestationMapping[provider]
|
||||
if ok {
|
||||
|
Loading…
Reference in New Issue
Block a user