config: add attestation variant (#1413)

* Add attestation type to config (optional for now) * Get attestation variant from config in CLI * Set attestation variant for Constellation services in helm deployments * Remove AzureCVM variable from helm deployments --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-05-02 14:26:23 -04:00 · 2023-03-14 11:46:27 +01:00 · 2023-03-14 11:46:27 +01:00 · 6ea5588bdc
commit 6ea5588bdc
parent 8679988b6c
44 changed files with 379 additions and 383 deletions
--- a/verify/cmd/main.go
+++ b/verify/cmd/main.go
@ -11,39 +11,31 @@ import (
 	"net"
 	"strconv"

-	"github.com/edgelesssys/constellation/v2/internal/attestation/aws"
-	"github.com/edgelesssys/constellation/v2/internal/attestation/azure/snp"
-	"github.com/edgelesssys/constellation/v2/internal/attestation/gcp"
-	"github.com/edgelesssys/constellation/v2/internal/attestation/qemu"
-	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
+	"github.com/edgelesssys/constellation/v2/internal/attestation/choose"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
+	"github.com/edgelesssys/constellation/v2/internal/oid"
 	"github.com/edgelesssys/constellation/v2/verify/server"
 	"go.uber.org/zap"
 )

 func main() {
-	provider := flag.String("cloud-provider", "", "cloud service provider this binary is running on")
+	attestationVariant := flag.String("attestation-variant", "", "attestation variant to use for aTLS connections")
 	verbosity := flag.Int("v", 0, logger.CmdLineVerbosityDescription)

 	flag.Parse()
 	log := logger.New(logger.JSONLog, logger.VerbosityFromInt(*verbosity))

-	log.With(zap.String("version", constants.VersionInfo()), zap.String("cloudProvider", *provider)).
+	log.With(zap.String("version", constants.VersionInfo()), zap.String("attestationVariant", *attestationVariant)).
 		Infof("Constellation Verification Service")

-	var issuer server.AttestationIssuer
-	switch cloudprovider.FromString(*provider) {
-	case cloudprovider.AWS:
-		issuer = aws.NewIssuer(log)
-	case cloudprovider.GCP:
-		issuer = gcp.NewIssuer(log)
-	case cloudprovider.Azure:
-		issuer = snp.NewIssuer(log) // TODO: dynamic selection
-	case cloudprovider.QEMU:
-		issuer = qemu.NewIssuer(log)
-	default:
-		log.With(zap.String("cloudProvider", *provider)).Fatalf("Unknown cloud provider")
+	variant, err := oid.FromString(*attestationVariant)
+	if err != nil {
+		log.With(zap.Error(err)).Fatalf("Failed to parse attestation variant")
+	}
+	issuer, err := choose.Issuer(variant, log.Named("issuer"))
+	if err != nil {
+		log.With(zap.Error(err)).Fatalf("Failed to create issuer")
 	}

 	server := server.New(log.Named("server"), issuer)