mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-08-05 21:44:15 -04:00
CLI: use global image version field
- Restructure config by removing CSP-specific image references - Add global image field - Download image lookup table on create - Download QEMU image on QEMU create
This commit is contained in:
Malte Poll
Malte Poll
parent
9222468d3b
commit
575b6e93f6
21 changed files with 1068 additions and 380 deletions
|
|
@ -25,46 +25,51 @@ func init() {
|
|||
ConfigDoc.Type = "Config"
|
||||
ConfigDoc.Comments[encoder.LineComment] = "Config defines configuration used by CLI."
|
||||
ConfigDoc.Description = "Config defines configuration used by CLI."
|
||||
ConfigDoc.Fields = make([]encoder.Doc, 7)
|
||||
ConfigDoc.Fields = make([]encoder.Doc, 8)
|
||||
ConfigDoc.Fields[0].Name = "version"
|
||||
ConfigDoc.Fields[0].Type = "string"
|
||||
ConfigDoc.Fields[0].Note = ""
|
||||
ConfigDoc.Fields[0].Description = "Schema version of this configuration file."
|
||||
ConfigDoc.Fields[0].Comments[encoder.LineComment] = "Schema version of this configuration file."
|
||||
ConfigDoc.Fields[1].Name = "stateDiskSizeGB"
|
||||
ConfigDoc.Fields[1].Type = "int"
|
||||
ConfigDoc.Fields[1].Name = "image"
|
||||
ConfigDoc.Fields[1].Type = "string"
|
||||
ConfigDoc.Fields[1].Note = ""
|
||||
ConfigDoc.Fields[1].Description = "Size (in GB) of a node's disk to store the non-volatile state."
|
||||
ConfigDoc.Fields[1].Comments[encoder.LineComment] = "Size (in GB) of a node's disk to store the non-volatile state."
|
||||
ConfigDoc.Fields[2].Name = "kubernetesVersion"
|
||||
ConfigDoc.Fields[2].Type = "string"
|
||||
ConfigDoc.Fields[1].Description = "Machine image used to create Constellation nodes."
|
||||
ConfigDoc.Fields[1].Comments[encoder.LineComment] = "Machine image used to create Constellation nodes."
|
||||
ConfigDoc.Fields[2].Name = "stateDiskSizeGB"
|
||||
ConfigDoc.Fields[2].Type = "int"
|
||||
ConfigDoc.Fields[2].Note = ""
|
||||
ConfigDoc.Fields[2].Description = "Kubernetes version to be installed in the cluster."
|
||||
ConfigDoc.Fields[2].Comments[encoder.LineComment] = "Kubernetes version to be installed in the cluster."
|
||||
ConfigDoc.Fields[3].Name = "debugCluster"
|
||||
ConfigDoc.Fields[3].Type = "bool"
|
||||
ConfigDoc.Fields[2].Description = "Size (in GB) of a node's disk to store the non-volatile state."
|
||||
ConfigDoc.Fields[2].Comments[encoder.LineComment] = "Size (in GB) of a node's disk to store the non-volatile state."
|
||||
ConfigDoc.Fields[3].Name = "kubernetesVersion"
|
||||
ConfigDoc.Fields[3].Type = "string"
|
||||
ConfigDoc.Fields[3].Note = ""
|
||||
ConfigDoc.Fields[3].Description = "DON'T USE IN PRODUCTION: enable debug mode and use debug images. For usage, see: https://github.com/edgelesssys/constellation/blob/main/debugd/README.md"
|
||||
ConfigDoc.Fields[3].Comments[encoder.LineComment] = "DON'T USE IN PRODUCTION: enable debug mode and use debug images. For usage, see: https://github.com/edgelesssys/constellation/blob/main/debugd/README.md"
|
||||
ConfigDoc.Fields[4].Name = "provider"
|
||||
ConfigDoc.Fields[4].Type = "ProviderConfig"
|
||||
ConfigDoc.Fields[3].Description = "Kubernetes version to be installed in the cluster."
|
||||
ConfigDoc.Fields[3].Comments[encoder.LineComment] = "Kubernetes version to be installed in the cluster."
|
||||
ConfigDoc.Fields[4].Name = "debugCluster"
|
||||
ConfigDoc.Fields[4].Type = "bool"
|
||||
ConfigDoc.Fields[4].Note = ""
|
||||
ConfigDoc.Fields[4].Description = "Supported cloud providers and their specific configurations."
|
||||
ConfigDoc.Fields[4].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations."
|
||||
ConfigDoc.Fields[5].Name = "sshUsers"
|
||||
ConfigDoc.Fields[5].Type = "[]UserKey"
|
||||
ConfigDoc.Fields[4].Description = "DON'T USE IN PRODUCTION: enable debug mode and use debug images. For usage, see: https://github.com/edgelesssys/constellation/blob/main/debugd/README.md"
|
||||
ConfigDoc.Fields[4].Comments[encoder.LineComment] = "DON'T USE IN PRODUCTION: enable debug mode and use debug images. For usage, see: https://github.com/edgelesssys/constellation/blob/main/debugd/README.md"
|
||||
ConfigDoc.Fields[5].Name = "provider"
|
||||
ConfigDoc.Fields[5].Type = "ProviderConfig"
|
||||
ConfigDoc.Fields[5].Note = ""
|
||||
ConfigDoc.Fields[5].Description = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh"
|
||||
ConfigDoc.Fields[5].Comments[encoder.LineComment] = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh"
|
||||
|
||||
ConfigDoc.Fields[5].AddExample("", []UserKey{{Username: "Alice", PublicKey: "ssh-rsa AAAAB3NzaC...5QXHKW1rufgtJeSeJ8= alice@domain.com"}})
|
||||
ConfigDoc.Fields[6].Name = "upgrade"
|
||||
ConfigDoc.Fields[6].Type = "UpgradeConfig"
|
||||
ConfigDoc.Fields[5].Description = "Supported cloud providers and their specific configurations."
|
||||
ConfigDoc.Fields[5].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations."
|
||||
ConfigDoc.Fields[6].Name = "sshUsers"
|
||||
ConfigDoc.Fields[6].Type = "[]UserKey"
|
||||
ConfigDoc.Fields[6].Note = ""
|
||||
ConfigDoc.Fields[6].Description = "Configuration to apply during constellation upgrade."
|
||||
ConfigDoc.Fields[6].Comments[encoder.LineComment] = "Configuration to apply during constellation upgrade."
|
||||
ConfigDoc.Fields[6].Description = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh"
|
||||
ConfigDoc.Fields[6].Comments[encoder.LineComment] = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh"
|
||||
|
||||
ConfigDoc.Fields[6].AddExample("", UpgradeConfig{Image: "", Measurements: Measurements{}})
|
||||
ConfigDoc.Fields[6].AddExample("", []UserKey{{Username: "Alice", PublicKey: "ssh-rsa AAAAB3NzaC...5QXHKW1rufgtJeSeJ8= alice@domain.com"}})
|
||||
ConfigDoc.Fields[7].Name = "upgrade"
|
||||
ConfigDoc.Fields[7].Type = "UpgradeConfig"
|
||||
ConfigDoc.Fields[7].Note = ""
|
||||
ConfigDoc.Fields[7].Description = "Configuration to apply during constellation upgrade."
|
||||
ConfigDoc.Fields[7].Comments[encoder.LineComment] = "Configuration to apply during constellation upgrade."
|
||||
|
||||
ConfigDoc.Fields[7].AddExample("", UpgradeConfig{Image: "", Measurements: Measurements{}})
|
||||
|
||||
UpgradeConfigDoc.Type = "UpgradeConfig"
|
||||
UpgradeConfigDoc.Comments[encoder.LineComment] = "UpgradeConfig defines configuration used during constellation upgrade."
|
||||
|
|
@ -81,8 +86,8 @@ func init() {
|
|||
UpgradeConfigDoc.Fields[0].Name = "image"
|
||||
UpgradeConfigDoc.Fields[0].Type = "string"
|
||||
UpgradeConfigDoc.Fields[0].Note = ""
|
||||
UpgradeConfigDoc.Fields[0].Description = "Updated machine image to install on all nodes."
|
||||
UpgradeConfigDoc.Fields[0].Comments[encoder.LineComment] = "Updated machine image to install on all nodes."
|
||||
UpgradeConfigDoc.Fields[0].Description = "Updated Constellation machine image to install on all nodes."
|
||||
UpgradeConfigDoc.Fields[0].Comments[encoder.LineComment] = "Updated Constellation machine image to install on all nodes."
|
||||
UpgradeConfigDoc.Fields[1].Name = "measurements"
|
||||
UpgradeConfigDoc.Fields[1].Type = "Measurements"
|
||||
UpgradeConfigDoc.Fields[1].Note = ""
|
||||
|
|
@ -152,7 +157,7 @@ func init() {
|
|||
FieldName: "aws",
|
||||
},
|
||||
}
|
||||
AWSConfigDoc.Fields = make([]encoder.Doc, 9)
|
||||
AWSConfigDoc.Fields = make([]encoder.Doc, 8)
|
||||
AWSConfigDoc.Fields[0].Name = "region"
|
||||
AWSConfigDoc.Fields[0].Type = "string"
|
||||
AWSConfigDoc.Fields[0].Note = ""
|
||||
|
|
@ -163,41 +168,36 @@ func init() {
|
|||
AWSConfigDoc.Fields[1].Note = ""
|
||||
AWSConfigDoc.Fields[1].Description = "AWS data center zone name in defined region. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones"
|
||||
AWSConfigDoc.Fields[1].Comments[encoder.LineComment] = "AWS data center zone name in defined region. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones"
|
||||
AWSConfigDoc.Fields[2].Name = "image"
|
||||
AWSConfigDoc.Fields[2].Name = "instanceType"
|
||||
AWSConfigDoc.Fields[2].Type = "string"
|
||||
AWSConfigDoc.Fields[2].Note = ""
|
||||
AWSConfigDoc.Fields[2].Description = "AMI ID of the machine image used to create Constellation nodes."
|
||||
AWSConfigDoc.Fields[2].Comments[encoder.LineComment] = "AMI ID of the machine image used to create Constellation nodes."
|
||||
AWSConfigDoc.Fields[3].Name = "instanceType"
|
||||
AWSConfigDoc.Fields[2].Description = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
|
||||
AWSConfigDoc.Fields[2].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
|
||||
AWSConfigDoc.Fields[3].Name = "stateDiskType"
|
||||
AWSConfigDoc.Fields[3].Type = "string"
|
||||
AWSConfigDoc.Fields[3].Note = ""
|
||||
AWSConfigDoc.Fields[3].Description = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
|
||||
AWSConfigDoc.Fields[3].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
|
||||
AWSConfigDoc.Fields[4].Name = "stateDiskType"
|
||||
AWSConfigDoc.Fields[3].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
|
||||
AWSConfigDoc.Fields[3].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
|
||||
AWSConfigDoc.Fields[4].Name = "iamProfileControlPlane"
|
||||
AWSConfigDoc.Fields[4].Type = "string"
|
||||
AWSConfigDoc.Fields[4].Note = ""
|
||||
AWSConfigDoc.Fields[4].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
|
||||
AWSConfigDoc.Fields[4].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
|
||||
AWSConfigDoc.Fields[5].Name = "iamProfileControlPlane"
|
||||
AWSConfigDoc.Fields[4].Description = "Name of the IAM profile to use for the control plane nodes."
|
||||
AWSConfigDoc.Fields[4].Comments[encoder.LineComment] = "Name of the IAM profile to use for the control plane nodes."
|
||||
AWSConfigDoc.Fields[5].Name = "iamProfileWorkerNodes"
|
||||
AWSConfigDoc.Fields[5].Type = "string"
|
||||
AWSConfigDoc.Fields[5].Note = ""
|
||||
AWSConfigDoc.Fields[5].Description = "Name of the IAM profile to use for the control plane nodes."
|
||||
AWSConfigDoc.Fields[5].Comments[encoder.LineComment] = "Name of the IAM profile to use for the control plane nodes."
|
||||
AWSConfigDoc.Fields[6].Name = "iamProfileWorkerNodes"
|
||||
AWSConfigDoc.Fields[6].Type = "string"
|
||||
AWSConfigDoc.Fields[5].Description = "Name of the IAM profile to use for the worker nodes."
|
||||
AWSConfigDoc.Fields[5].Comments[encoder.LineComment] = "Name of the IAM profile to use for the worker nodes."
|
||||
AWSConfigDoc.Fields[6].Name = "measurements"
|
||||
AWSConfigDoc.Fields[6].Type = "Measurements"
|
||||
AWSConfigDoc.Fields[6].Note = ""
|
||||
AWSConfigDoc.Fields[6].Description = "Name of the IAM profile to use for the worker nodes."
|
||||
AWSConfigDoc.Fields[6].Comments[encoder.LineComment] = "Name of the IAM profile to use for the worker nodes."
|
||||
AWSConfigDoc.Fields[7].Name = "measurements"
|
||||
AWSConfigDoc.Fields[7].Type = "Measurements"
|
||||
AWSConfigDoc.Fields[6].Description = "Expected VM measurements."
|
||||
AWSConfigDoc.Fields[6].Comments[encoder.LineComment] = "Expected VM measurements."
|
||||
AWSConfigDoc.Fields[7].Name = "enforcedMeasurements"
|
||||
AWSConfigDoc.Fields[7].Type = "[]uint32"
|
||||
AWSConfigDoc.Fields[7].Note = ""
|
||||
AWSConfigDoc.Fields[7].Description = "Expected VM measurements."
|
||||
AWSConfigDoc.Fields[7].Comments[encoder.LineComment] = "Expected VM measurements."
|
||||
AWSConfigDoc.Fields[8].Name = "enforcedMeasurements"
|
||||
AWSConfigDoc.Fields[8].Type = "[]uint32"
|
||||
AWSConfigDoc.Fields[8].Note = ""
|
||||
AWSConfigDoc.Fields[8].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AWSConfigDoc.Fields[8].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AWSConfigDoc.Fields[7].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AWSConfigDoc.Fields[7].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
|
||||
AzureConfigDoc.Type = "AzureConfig"
|
||||
AzureConfigDoc.Comments[encoder.LineComment] = "AzureConfig are Azure specific configuration values used by the CLI."
|
||||
|
|
@ -208,7 +208,7 @@ func init() {
|
|||
FieldName: "azure",
|
||||
},
|
||||
}
|
||||
AzureConfigDoc.Fields = make([]encoder.Doc, 17)
|
||||
AzureConfigDoc.Fields = make([]encoder.Doc, 16)
|
||||
AzureConfigDoc.Fields[0].Name = "subscription"
|
||||
AzureConfigDoc.Fields[0].Type = "string"
|
||||
AzureConfigDoc.Fields[0].Note = ""
|
||||
|
|
@ -244,56 +244,51 @@ func init() {
|
|||
AzureConfigDoc.Fields[6].Note = ""
|
||||
AzureConfigDoc.Fields[6].Description = "Client secret value of the Active Directory app registration credentials. Alternatively leave empty and pass value via CONSTELL_AZURE_CLIENT_SECRET_VALUE environment variable."
|
||||
AzureConfigDoc.Fields[6].Comments[encoder.LineComment] = "Client secret value of the Active Directory app registration credentials. Alternatively leave empty and pass value via CONSTELL_AZURE_CLIENT_SECRET_VALUE environment variable."
|
||||
AzureConfigDoc.Fields[7].Name = "image"
|
||||
AzureConfigDoc.Fields[7].Name = "instanceType"
|
||||
AzureConfigDoc.Fields[7].Type = "string"
|
||||
AzureConfigDoc.Fields[7].Note = ""
|
||||
AzureConfigDoc.Fields[7].Description = "Machine image used to create Constellation nodes."
|
||||
AzureConfigDoc.Fields[7].Comments[encoder.LineComment] = "Machine image used to create Constellation nodes."
|
||||
AzureConfigDoc.Fields[8].Name = "instanceType"
|
||||
AzureConfigDoc.Fields[7].Description = "VM instance type to use for Constellation nodes."
|
||||
AzureConfigDoc.Fields[7].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
|
||||
AzureConfigDoc.Fields[8].Name = "stateDiskType"
|
||||
AzureConfigDoc.Fields[8].Type = "string"
|
||||
AzureConfigDoc.Fields[8].Note = ""
|
||||
AzureConfigDoc.Fields[8].Description = "VM instance type to use for Constellation nodes."
|
||||
AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
|
||||
AzureConfigDoc.Fields[9].Name = "stateDiskType"
|
||||
AzureConfigDoc.Fields[9].Type = "string"
|
||||
AzureConfigDoc.Fields[8].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
|
||||
AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
|
||||
AzureConfigDoc.Fields[9].Name = "deployCSIDriver"
|
||||
AzureConfigDoc.Fields[9].Type = "bool"
|
||||
AzureConfigDoc.Fields[9].Note = ""
|
||||
AzureConfigDoc.Fields[9].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
|
||||
AzureConfigDoc.Fields[9].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
|
||||
AzureConfigDoc.Fields[10].Name = "deployCSIDriver"
|
||||
AzureConfigDoc.Fields[9].Description = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
AzureConfigDoc.Fields[9].Comments[encoder.LineComment] = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
AzureConfigDoc.Fields[10].Name = "confidentialVM"
|
||||
AzureConfigDoc.Fields[10].Type = "bool"
|
||||
AzureConfigDoc.Fields[10].Note = ""
|
||||
AzureConfigDoc.Fields[10].Description = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
AzureConfigDoc.Fields[10].Comments[encoder.LineComment] = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
AzureConfigDoc.Fields[11].Name = "confidentialVM"
|
||||
AzureConfigDoc.Fields[10].Description = "Use Confidential VMs. If set to false, Trusted Launch VMs are used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
|
||||
AzureConfigDoc.Fields[10].Comments[encoder.LineComment] = "Use Confidential VMs. If set to false, Trusted Launch VMs are used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
|
||||
AzureConfigDoc.Fields[11].Name = "secureBoot"
|
||||
AzureConfigDoc.Fields[11].Type = "bool"
|
||||
AzureConfigDoc.Fields[11].Note = ""
|
||||
AzureConfigDoc.Fields[11].Description = "Use Confidential VMs. If set to false, Trusted Launch VMs are used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
|
||||
AzureConfigDoc.Fields[11].Comments[encoder.LineComment] = "Use Confidential VMs. If set to false, Trusted Launch VMs are used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
|
||||
AzureConfigDoc.Fields[12].Name = "secureBoot"
|
||||
AzureConfigDoc.Fields[12].Type = "bool"
|
||||
AzureConfigDoc.Fields[11].Description = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
|
||||
AzureConfigDoc.Fields[11].Comments[encoder.LineComment] = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
|
||||
AzureConfigDoc.Fields[12].Name = "idKeyDigest"
|
||||
AzureConfigDoc.Fields[12].Type = "string"
|
||||
AzureConfigDoc.Fields[12].Note = ""
|
||||
AzureConfigDoc.Fields[12].Description = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
|
||||
AzureConfigDoc.Fields[12].Comments[encoder.LineComment] = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
|
||||
AzureConfigDoc.Fields[13].Name = "idKeyDigest"
|
||||
AzureConfigDoc.Fields[13].Type = "string"
|
||||
AzureConfigDoc.Fields[12].Description = "Expected value for the field 'idkeydigest' in the AMD SEV-SNP attestation report. Only usable with ConfidentialVMs. See 4.6 and 7.3 in: https://www.amd.com/system/files/TechDocs/56860.pdf"
|
||||
AzureConfigDoc.Fields[12].Comments[encoder.LineComment] = "Expected value for the field 'idkeydigest' in the AMD SEV-SNP attestation report. Only usable with ConfidentialVMs. See 4.6 and 7.3 in: https://www.amd.com/system/files/TechDocs/56860.pdf"
|
||||
AzureConfigDoc.Fields[13].Name = "enforceIdKeyDigest"
|
||||
AzureConfigDoc.Fields[13].Type = "bool"
|
||||
AzureConfigDoc.Fields[13].Note = ""
|
||||
AzureConfigDoc.Fields[13].Description = "Expected value for the field 'idkeydigest' in the AMD SEV-SNP attestation report. Only usable with ConfidentialVMs. See 4.6 and 7.3 in: https://www.amd.com/system/files/TechDocs/56860.pdf"
|
||||
AzureConfigDoc.Fields[13].Comments[encoder.LineComment] = "Expected value for the field 'idkeydigest' in the AMD SEV-SNP attestation report. Only usable with ConfidentialVMs. See 4.6 and 7.3 in: https://www.amd.com/system/files/TechDocs/56860.pdf"
|
||||
AzureConfigDoc.Fields[14].Name = "enforceIdKeyDigest"
|
||||
AzureConfigDoc.Fields[14].Type = "bool"
|
||||
AzureConfigDoc.Fields[13].Description = "Enforce the specified idKeyDigest value during remote attestation."
|
||||
AzureConfigDoc.Fields[13].Comments[encoder.LineComment] = "Enforce the specified idKeyDigest value during remote attestation."
|
||||
AzureConfigDoc.Fields[14].Name = "measurements"
|
||||
AzureConfigDoc.Fields[14].Type = "Measurements"
|
||||
AzureConfigDoc.Fields[14].Note = ""
|
||||
AzureConfigDoc.Fields[14].Description = "Enforce the specified idKeyDigest value during remote attestation."
|
||||
AzureConfigDoc.Fields[14].Comments[encoder.LineComment] = "Enforce the specified idKeyDigest value during remote attestation."
|
||||
AzureConfigDoc.Fields[15].Name = "measurements"
|
||||
AzureConfigDoc.Fields[15].Type = "Measurements"
|
||||
AzureConfigDoc.Fields[14].Description = "Expected confidential VM measurements."
|
||||
AzureConfigDoc.Fields[14].Comments[encoder.LineComment] = "Expected confidential VM measurements."
|
||||
AzureConfigDoc.Fields[15].Name = "enforcedMeasurements"
|
||||
AzureConfigDoc.Fields[15].Type = "[]uint32"
|
||||
AzureConfigDoc.Fields[15].Note = ""
|
||||
AzureConfigDoc.Fields[15].Description = "Expected confidential VM measurements."
|
||||
AzureConfigDoc.Fields[15].Comments[encoder.LineComment] = "Expected confidential VM measurements."
|
||||
AzureConfigDoc.Fields[16].Name = "enforcedMeasurements"
|
||||
AzureConfigDoc.Fields[16].Type = "[]uint32"
|
||||
AzureConfigDoc.Fields[16].Note = ""
|
||||
AzureConfigDoc.Fields[16].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AzureConfigDoc.Fields[16].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AzureConfigDoc.Fields[15].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
AzureConfigDoc.Fields[15].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
|
||||
GCPConfigDoc.Type = "GCPConfig"
|
||||
GCPConfigDoc.Comments[encoder.LineComment] = "GCPConfig are GCP specific configuration values used by the CLI."
|
||||
|
|
@ -304,7 +299,7 @@ func init() {
|
|||
FieldName: "gcp",
|
||||
},
|
||||
}
|
||||
GCPConfigDoc.Fields = make([]encoder.Doc, 10)
|
||||
GCPConfigDoc.Fields = make([]encoder.Doc, 9)
|
||||
GCPConfigDoc.Fields[0].Name = "project"
|
||||
GCPConfigDoc.Fields[0].Type = "string"
|
||||
GCPConfigDoc.Fields[0].Note = ""
|
||||
|
|
@ -325,36 +320,31 @@ func init() {
|
|||
GCPConfigDoc.Fields[3].Note = ""
|
||||
GCPConfigDoc.Fields[3].Description = "Path of service account key file. For required service account roles, see https://docs.edgeless.systems/constellation/getting-started/install#authorization"
|
||||
GCPConfigDoc.Fields[3].Comments[encoder.LineComment] = "Path of service account key file. For required service account roles, see https://docs.edgeless.systems/constellation/getting-started/install#authorization"
|
||||
GCPConfigDoc.Fields[4].Name = "image"
|
||||
GCPConfigDoc.Fields[4].Name = "instanceType"
|
||||
GCPConfigDoc.Fields[4].Type = "string"
|
||||
GCPConfigDoc.Fields[4].Note = ""
|
||||
GCPConfigDoc.Fields[4].Description = "Machine image used to create Constellation nodes."
|
||||
GCPConfigDoc.Fields[4].Comments[encoder.LineComment] = "Machine image used to create Constellation nodes."
|
||||
GCPConfigDoc.Fields[5].Name = "instanceType"
|
||||
GCPConfigDoc.Fields[4].Description = "VM instance type to use for Constellation nodes."
|
||||
GCPConfigDoc.Fields[4].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
|
||||
GCPConfigDoc.Fields[5].Name = "stateDiskType"
|
||||
GCPConfigDoc.Fields[5].Type = "string"
|
||||
GCPConfigDoc.Fields[5].Note = ""
|
||||
GCPConfigDoc.Fields[5].Description = "VM instance type to use for Constellation nodes."
|
||||
GCPConfigDoc.Fields[5].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
|
||||
GCPConfigDoc.Fields[6].Name = "stateDiskType"
|
||||
GCPConfigDoc.Fields[6].Type = "string"
|
||||
GCPConfigDoc.Fields[5].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
|
||||
GCPConfigDoc.Fields[5].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
|
||||
GCPConfigDoc.Fields[6].Name = "deployCSIDriver"
|
||||
GCPConfigDoc.Fields[6].Type = "bool"
|
||||
GCPConfigDoc.Fields[6].Note = ""
|
||||
GCPConfigDoc.Fields[6].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
|
||||
GCPConfigDoc.Fields[6].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
|
||||
GCPConfigDoc.Fields[7].Name = "deployCSIDriver"
|
||||
GCPConfigDoc.Fields[7].Type = "bool"
|
||||
GCPConfigDoc.Fields[6].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
GCPConfigDoc.Fields[6].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
GCPConfigDoc.Fields[7].Name = "measurements"
|
||||
GCPConfigDoc.Fields[7].Type = "Measurements"
|
||||
GCPConfigDoc.Fields[7].Note = ""
|
||||
GCPConfigDoc.Fields[7].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
GCPConfigDoc.Fields[7].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
|
||||
GCPConfigDoc.Fields[8].Name = "measurements"
|
||||
GCPConfigDoc.Fields[8].Type = "Measurements"
|
||||
GCPConfigDoc.Fields[7].Description = "Expected confidential VM measurements."
|
||||
GCPConfigDoc.Fields[7].Comments[encoder.LineComment] = "Expected confidential VM measurements."
|
||||
GCPConfigDoc.Fields[8].Name = "enforcedMeasurements"
|
||||
GCPConfigDoc.Fields[8].Type = "[]uint32"
|
||||
GCPConfigDoc.Fields[8].Note = ""
|
||||
GCPConfigDoc.Fields[8].Description = "Expected confidential VM measurements."
|
||||
GCPConfigDoc.Fields[8].Comments[encoder.LineComment] = "Expected confidential VM measurements."
|
||||
GCPConfigDoc.Fields[9].Name = "enforcedMeasurements"
|
||||
GCPConfigDoc.Fields[9].Type = "[]uint32"
|
||||
GCPConfigDoc.Fields[9].Note = ""
|
||||
GCPConfigDoc.Fields[9].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
GCPConfigDoc.Fields[9].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
GCPConfigDoc.Fields[8].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
GCPConfigDoc.Fields[8].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
|
||||
QEMUConfigDoc.Type = "QEMUConfig"
|
||||
QEMUConfigDoc.Comments[encoder.LineComment] = "QEMUConfig holds config information for QEMU based Constellation deployments."
|
||||
|
|
@ -365,62 +355,57 @@ func init() {
|
|||
FieldName: "qemu",
|
||||
},
|
||||
}
|
||||
QEMUConfigDoc.Fields = make([]encoder.Doc, 11)
|
||||
QEMUConfigDoc.Fields[0].Name = "image"
|
||||
QEMUConfigDoc.Fields = make([]encoder.Doc, 10)
|
||||
QEMUConfigDoc.Fields[0].Name = "imageFormat"
|
||||
QEMUConfigDoc.Fields[0].Type = "string"
|
||||
QEMUConfigDoc.Fields[0].Note = ""
|
||||
QEMUConfigDoc.Fields[0].Description = "Path to the image to use for the VMs."
|
||||
QEMUConfigDoc.Fields[0].Comments[encoder.LineComment] = "Path to the image to use for the VMs."
|
||||
QEMUConfigDoc.Fields[1].Name = "imageFormat"
|
||||
QEMUConfigDoc.Fields[1].Type = "string"
|
||||
QEMUConfigDoc.Fields[0].Description = "Format of the image to use for the VMs. Should be either qcow2 or raw."
|
||||
QEMUConfigDoc.Fields[0].Comments[encoder.LineComment] = "Format of the image to use for the VMs. Should be either qcow2 or raw."
|
||||
QEMUConfigDoc.Fields[1].Name = "vcpus"
|
||||
QEMUConfigDoc.Fields[1].Type = "int"
|
||||
QEMUConfigDoc.Fields[1].Note = ""
|
||||
QEMUConfigDoc.Fields[1].Description = "Format of the image to use for the VMs. Should be either qcow2 or raw."
|
||||
QEMUConfigDoc.Fields[1].Comments[encoder.LineComment] = "Format of the image to use for the VMs. Should be either qcow2 or raw."
|
||||
QEMUConfigDoc.Fields[2].Name = "vcpus"
|
||||
QEMUConfigDoc.Fields[1].Description = "vCPU count for the VMs."
|
||||
QEMUConfigDoc.Fields[1].Comments[encoder.LineComment] = "vCPU count for the VMs."
|
||||
QEMUConfigDoc.Fields[2].Name = "memory"
|
||||
QEMUConfigDoc.Fields[2].Type = "int"
|
||||
QEMUConfigDoc.Fields[2].Note = ""
|
||||
QEMUConfigDoc.Fields[2].Description = "vCPU count for the VMs."
|
||||
QEMUConfigDoc.Fields[2].Comments[encoder.LineComment] = "vCPU count for the VMs."
|
||||
QEMUConfigDoc.Fields[3].Name = "memory"
|
||||
QEMUConfigDoc.Fields[3].Type = "int"
|
||||
QEMUConfigDoc.Fields[2].Description = "Amount of memory per instance (MiB)."
|
||||
QEMUConfigDoc.Fields[2].Comments[encoder.LineComment] = "Amount of memory per instance (MiB)."
|
||||
QEMUConfigDoc.Fields[3].Name = "metadataAPIServer"
|
||||
QEMUConfigDoc.Fields[3].Type = "string"
|
||||
QEMUConfigDoc.Fields[3].Note = ""
|
||||
QEMUConfigDoc.Fields[3].Description = "Amount of memory per instance (MiB)."
|
||||
QEMUConfigDoc.Fields[3].Comments[encoder.LineComment] = "Amount of memory per instance (MiB)."
|
||||
QEMUConfigDoc.Fields[4].Name = "metadataAPIServer"
|
||||
QEMUConfigDoc.Fields[3].Description = "Container image to use for the QEMU metadata server."
|
||||
QEMUConfigDoc.Fields[3].Comments[encoder.LineComment] = "Container image to use for the QEMU metadata server."
|
||||
QEMUConfigDoc.Fields[4].Name = "libvirtSocket"
|
||||
QEMUConfigDoc.Fields[4].Type = "string"
|
||||
QEMUConfigDoc.Fields[4].Note = ""
|
||||
QEMUConfigDoc.Fields[4].Description = "Container image to use for the QEMU metadata server."
|
||||
QEMUConfigDoc.Fields[4].Comments[encoder.LineComment] = "Container image to use for the QEMU metadata server."
|
||||
QEMUConfigDoc.Fields[5].Name = "libvirtSocket"
|
||||
QEMUConfigDoc.Fields[4].Description = "Libvirt connection URI. Leave empty to start a libvirt instance in Docker."
|
||||
QEMUConfigDoc.Fields[4].Comments[encoder.LineComment] = "Libvirt connection URI. Leave empty to start a libvirt instance in Docker."
|
||||
QEMUConfigDoc.Fields[5].Name = "libvirtContainerImage"
|
||||
QEMUConfigDoc.Fields[5].Type = "string"
|
||||
QEMUConfigDoc.Fields[5].Note = ""
|
||||
QEMUConfigDoc.Fields[5].Description = "Libvirt connection URI. Leave empty to start a libvirt instance in Docker."
|
||||
QEMUConfigDoc.Fields[5].Comments[encoder.LineComment] = "Libvirt connection URI. Leave empty to start a libvirt instance in Docker."
|
||||
QEMUConfigDoc.Fields[6].Name = "libvirtContainerImage"
|
||||
QEMUConfigDoc.Fields[5].Description = "Container image to use for launching a containerized libvirt daemon. Only relevant if `libvirtSocket = \"\"`."
|
||||
QEMUConfigDoc.Fields[5].Comments[encoder.LineComment] = "Container image to use for launching a containerized libvirt daemon. Only relevant if `libvirtSocket = \"\"`."
|
||||
QEMUConfigDoc.Fields[6].Name = "nvram"
|
||||
QEMUConfigDoc.Fields[6].Type = "string"
|
||||
QEMUConfigDoc.Fields[6].Note = ""
|
||||
QEMUConfigDoc.Fields[6].Description = "Container image to use for launching a containerized libvirt daemon. Only relevant if `libvirtSocket = \"\"`."
|
||||
QEMUConfigDoc.Fields[6].Comments[encoder.LineComment] = "Container image to use for launching a containerized libvirt daemon. Only relevant if `libvirtSocket = \"\"`."
|
||||
QEMUConfigDoc.Fields[7].Name = "nvram"
|
||||
QEMUConfigDoc.Fields[6].Description = "NVRAM template to be used for secure boot. Can be sentinel value \"production\", \"testing\" or a path to a custom NVRAM template"
|
||||
QEMUConfigDoc.Fields[6].Comments[encoder.LineComment] = "NVRAM template to be used for secure boot. Can be sentinel value \"production\", \"testing\" or a path to a custom NVRAM template"
|
||||
QEMUConfigDoc.Fields[7].Name = "firmware"
|
||||
QEMUConfigDoc.Fields[7].Type = "string"
|
||||
QEMUConfigDoc.Fields[7].Note = ""
|
||||
QEMUConfigDoc.Fields[7].Description = "NVRAM template to be used for secure boot. Can be sentinel value \"production\", \"testing\" or a path to a custom NVRAM template"
|
||||
QEMUConfigDoc.Fields[7].Comments[encoder.LineComment] = "NVRAM template to be used for secure boot. Can be sentinel value \"production\", \"testing\" or a path to a custom NVRAM template"
|
||||
QEMUConfigDoc.Fields[8].Name = "firmware"
|
||||
QEMUConfigDoc.Fields[8].Type = "string"
|
||||
QEMUConfigDoc.Fields[7].Description = "Path to the OVMF firmware. Leave empty for auto selection."
|
||||
QEMUConfigDoc.Fields[7].Comments[encoder.LineComment] = "Path to the OVMF firmware. Leave empty for auto selection."
|
||||
QEMUConfigDoc.Fields[8].Name = "measurements"
|
||||
QEMUConfigDoc.Fields[8].Type = "Measurements"
|
||||
QEMUConfigDoc.Fields[8].Note = ""
|
||||
QEMUConfigDoc.Fields[8].Description = "Path to the OVMF firmware. Leave empty for auto selection."
|
||||
QEMUConfigDoc.Fields[8].Comments[encoder.LineComment] = "Path to the OVMF firmware. Leave empty for auto selection."
|
||||
QEMUConfigDoc.Fields[9].Name = "measurements"
|
||||
QEMUConfigDoc.Fields[9].Type = "Measurements"
|
||||
QEMUConfigDoc.Fields[8].Description = "Measurement used to enable measured boot."
|
||||
QEMUConfigDoc.Fields[8].Comments[encoder.LineComment] = "Measurement used to enable measured boot."
|
||||
QEMUConfigDoc.Fields[9].Name = "enforcedMeasurements"
|
||||
QEMUConfigDoc.Fields[9].Type = "[]uint32"
|
||||
QEMUConfigDoc.Fields[9].Note = ""
|
||||
QEMUConfigDoc.Fields[9].Description = "Measurement used to enable measured boot."
|
||||
QEMUConfigDoc.Fields[9].Comments[encoder.LineComment] = "Measurement used to enable measured boot."
|
||||
QEMUConfigDoc.Fields[10].Name = "enforcedMeasurements"
|
||||
QEMUConfigDoc.Fields[10].Type = "[]uint32"
|
||||
QEMUConfigDoc.Fields[10].Note = ""
|
||||
QEMUConfigDoc.Fields[10].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
QEMUConfigDoc.Fields[10].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
QEMUConfigDoc.Fields[9].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
QEMUConfigDoc.Fields[9].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
|
||||
}
|
||||
|
||||
func (_ Config) Doc() *encoder.Doc {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue