Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-09-26 19:41:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

config: add attestation variant (#1413)

Browse source 
* Add attestation type to config (optional for now)

* Get attestation variant from config in CLI

* Set attestation variant for Constellation services in helm deployments

* Remove AzureCVM variable from helm deployments

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2023-03-14 11:46:27 +01:00 committed by GitHub
parent 8679988b6c
commit 6ea5588bdc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 379 additions and 383 deletions
Download patch file Download diff file Expand all files Collapse all files

1
bootstrapper/internal/initserver/BUILD.bazel
View file

@ -11,7 +11,6 @@ go_library(
"//bootstrapper/internal/diskencryption",
"//internal/atls",
"//internal/attestation",
"//internal/attestation/azure/snp",
"//internal/crypto",
"//internal/file",
"//internal/grpc/atlscredentials",

6
bootstrapper/internal/initserver/initserver.go
View file

@ -29,7 +29,6 @@ import (
"github.com/edgelesssys/constellation/v2/bootstrapper/internal/diskencryption"
"github.com/edgelesssys/constellation/v2/internal/atls"
"github.com/edgelesssys/constellation/v2/internal/attestation"
"github.com/edgelesssys/constellation/v2/internal/attestation/azure/snp"
"github.com/edgelesssys/constellation/v2/internal/crypto"
"github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/grpc/atlscredentials"
@ -168,9 +167,6 @@ func (s *Server) Init(ctx context.Context, req *initproto.InitRequest) (*initpro
return nil, status.Errorf(codes.Internal, "persisting node state: %s", err)
}
// Check if we are running on a CVM
_, isCVM := s.issuer.(*snp.Issuer)
clusterName := req.ClusterName
if clusterName == "" {
clusterName = "constellation"
@ -183,7 +179,6 @@ func (s *Server) Init(ctx context.Context, req *initproto.InitRequest) (*initpro
measurementSalt,
req.EnforcedPcrs,
req.EnforceIdkeydigest,
isCVM,
req.HelmDeployments,
req.ConformanceMode,
components.NewComponentsFromInitProto(req.KubernetesComponents),
@ -260,7 +255,6 @@ type ClusterInitializer interface {
measurementSalt []byte,
enforcedPcrs []uint32,
enforceIDKeyDigest bool,
azureCVM bool,
helmDeployments []byte,
conformanceMode bool,
kubernetesComponents components.Components,

2
bootstrapper/internal/initserver/initserver_test.go
View file

@ -320,7 +320,7 @@ type stubClusterInitializer struct {
}
func (i *stubClusterInitializer) InitCluster(
context.Context, string, string, string, []byte, []uint32, bool, bool,
context.Context, string, string, string, []byte, []uint32, bool,
[]byte, bool, components.Components, *logger.Logger,
) ([]byte, error) {
return i.initClusterKubeconfig, i.initClusterErr