mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 23:19:39 -05:00
Ref/update cosign key (#31)
* use new cosign keypair * use community images for production image heuristic Signed-off-by: Fabian Kammel <fk@edgeless.systems>
This commit is contained in:
parent
db942ee4b5
commit
6440904865
@ -146,19 +146,16 @@ func TestConfigFetchMeasurements(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
require := require.New(t)
|
||||
|
||||
measurements := `0: DzXCFGCNk8em5ornNZtKi+Wg6Z7qkQfs5CfE3qTkOc8=
|
||||
1: PpZwsXLISi+uelbloy9u3m9M+X0/Br11g5cqq370Kxc=
|
||||
measurements := `1: fPRxd3lV3uybnSVhcBmM6XLzcvMitXW78G0RRuQxYGc=
|
||||
2: PUWM/lXMA+ofRD8VYr7sjfUcdeFKn8+acjShPxmOeWk=
|
||||
3: PUWM/lXMA+ofRD8VYr7sjfUcdeFKn8+acjShPxmOeWk=
|
||||
4: C5/4ItGHR986BeUS7VNGD/wLltkAEOmw3sek9wA/QQs=
|
||||
5: ZykPWLTRtSn5ImX6ZpHW7JpvwqN9M9L170FtEQl3PYg=
|
||||
6: PUWM/lXMA+ofRD8VYr7sjfUcdeFKn8+acjShPxmOeWk=
|
||||
7: UZcW+fhFRMpFkgU+EfKG2s3KdmgEA+TD2quLmthQHbo=
|
||||
8: h4oDFRNoG+e3iig9KmrRZQUNfeCPpk2eqH3ZTpUikmw=
|
||||
9: vODgwZQa0pm/my1oXAQWHv1ozwzMYGELX2eO44MoUlA=
|
||||
10: TyOf7DchF2qkAYUBSZLQobvbsTx3GjYGKELTfAc2vRw=
|
||||
4: HaV5ivUAGzMxmKkfKjcG3wmW08MRUWr+vsfIMVQpOH0=
|
||||
5: PemdXV59WnLLzPz0F4GGCTKm8KbHskPRvon1dtNw7oY=
|
||||
7: 8dI/6SUmQ5sd8+bulPDpJ8ghs0UX0+fgLlW8kutAYKw=
|
||||
8: XJ5IBWy6b6vqojkTsk/GLOWyfNUB2qaf58+JjMYiAB4=
|
||||
9: Gw5gq8D1WXfz46sF/OKiWbkBssyt4ayGybzNyV9cUCQ=
|
||||
`
|
||||
signature := "MEUCIBQYbeZMYNPFTaD80fcjlm75eiwxxQ6xu0JM/H2Ha7dJAiEA1WVdnpX+NbsJLzc2lrvUQFztfaWoDA8A39pHsu1MG6c="
|
||||
signature := "MEUCIFdJ5dH6HDywxQWTUh9Bw77wMrq0mNCUjMQGYP+6QsVmAiEAmazj/L7rFGA4/Gz8y+kI5h5E5cDgc3brihvXBKF6qZA="
|
||||
|
||||
cmd := newConfigFetchMeasurementsCmd()
|
||||
cmd.Flags().String("config", constants.ConfigFilename, "") // register persisten flag manually
|
||||
|
@ -386,7 +386,7 @@ func (c *Config) IsImageDebug() bool {
|
||||
gcpRegex := regexp.MustCompile(`^projects\/constellation-images\/global\/images\/constellation-v[\d]+-[\d]+-[\d]+$`)
|
||||
return !gcpRegex.MatchString(c.Provider.GCP.Image)
|
||||
case c.Provider.Azure != nil:
|
||||
azureRegex := regexp.MustCompile(`^\/subscriptions\/0d202bbb-4fa7-4af8-8125-58c269a05435\/resourceGroups\/constellation-images\/providers\/Microsoft.Compute\/galleries\/Constellation\/images\/constellation\/versions\/[\d]+.[\d]+.[\d]+$`)
|
||||
azureRegex := regexp.MustCompile(`^\/CommunityGalleries\/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df\/Images\/constellation\/Versions\/[\d]+.[\d]+.[\d]+$`)
|
||||
return !azureRegex.MatchString(c.Provider.Azure.Image)
|
||||
default:
|
||||
return false
|
||||
|
@ -352,7 +352,7 @@ func TestConfig_IsImageDebug(t *testing.T) {
|
||||
conf: func() *Config {
|
||||
conf := Default()
|
||||
conf.RemoveProviderExcept(cloudprovider.Azure)
|
||||
conf.Provider.Azure.Image = "/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/constellation-images/providers/Microsoft.Compute/galleries/Constellation/images/constellation/versions/2022.0805.151600"
|
||||
conf.Provider.Azure.Image = "/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/0.0.1"
|
||||
return conf
|
||||
}(),
|
||||
want: false,
|
||||
|
@ -110,8 +110,8 @@ const (
|
||||
S3PublicBucket = "https://public-edgeless-constellation.s3.us-east-2.amazonaws.com/"
|
||||
// CosignPublicKey signs all our releases.
|
||||
CosignPublicKey = `-----BEGIN PUBLIC KEY-----
|
||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Iv15myTjpa1KznlGFe+dBEjN91q
|
||||
oGhQf4z+3TgFjv+Z+6ATPA1OPANf0//6p+goKifNZD5+Cq/VEAP7xOhlYw==
|
||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf8F1hpmwE+YCFXzjGtaQcrL6XZVT
|
||||
JmEe5iSLvG1SyQSAew7WdMKF6o9t8e2TFuCkzlOhhlws2OHWbiFZnFWCFw==
|
||||
-----END PUBLIC KEY-----`
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user