AB#2076: version specific images (#288)

KubernetesVersion sent by the init command now controls
all downloaded binaries, if they depend on the k8s version.

* Move all download links into /internal/versions.
* Unify files in /internal/versions package
* Move image download links into VersionConfigs
and thus make them dependant on the k8s version,
where the image version is specific to the k8s version.
* Don't specify patch version in k8sVersion

bootstrapper/cloudprovider/azure/ccm.go

@@ -3,11 +3,12 @@ package azure
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 
-	"github.com/edgelesssys/constellation/bootstrapper/cloudprovider"
 	"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
 	"github.com/edgelesssys/constellation/internal/azureshared"
 	"github.com/edgelesssys/constellation/internal/cloud/metadata"
+	"github.com/edgelesssys/constellation/internal/versions"
 	k8s "k8s.io/api/core/v1"
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -29,8 +30,11 @@ func NewCloudControllerManager(metadata ccmMetadata) *CloudControllerManager {
 }
 
 // Image returns the container image used to provide cloud-controller-manager for the cloud-provider.
-func (c *CloudControllerManager) Image() string {
+func (c *CloudControllerManager) Image(k8sVersion string) (string, error) {
-	return cloudprovider.CloudControllerManagerImageAzure
+	if !versions.IsSupportedK8sVersion(k8sVersion) {
+		return "", fmt.Errorf("received unsupported k8sVersion: %s", k8sVersion)
+	}
+	return versions.VersionConfigs[k8sVersion].CloudControllerManagerImageAzure, nil
 }
 
 // Path returns the path used by cloud-controller-manager executable within the container image.

bootstrapper/cloudprovider/azure/ccm_test.go

@@ -88,7 +88,7 @@ func TestTrivialCCMFunctions(t *testing.T) {
 	assert := assert.New(t)
 	cloud := CloudControllerManager{}
 
-	assert.NotEmpty(cloud.Image())
+	assert.NotEmpty(cloud.Image("1.23"))
 	assert.NotEmpty(cloud.Path())
 	assert.NotEmpty(cloud.Name())
 	assert.NotEmpty(cloud.ExtraArgs())

bootstrapper/cloudprovider/azure/cloudnodemanager.go

@@ -1,14 +1,21 @@
 package azure
 
-import "github.com/edgelesssys/constellation/bootstrapper/cloudprovider"
+import (
+	"fmt"
+
+	"github.com/edgelesssys/constellation/internal/versions"
+)
 
 // CloudNodeManager holds the Azure cloud-node-manager configuration.
 // reference: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/examples/out-of-tree/cloud-node-manager.yaml .
 type CloudNodeManager struct{}
 
 // Image returns the container image used to provide cloud-node-manager for the cloud-provider.
-func (c *CloudNodeManager) Image() string {
+func (c *CloudNodeManager) Image(k8sVersion string) (string, error) {
-	return cloudprovider.CloudNodeManagerImageAzure
+	if !versions.IsSupportedK8sVersion(k8sVersion) {
+		return "", fmt.Errorf("received unsupported k8sVersion: %s", k8sVersion)
+	}
+	return versions.VersionConfigs[k8sVersion].CloudControllerManagerImageAzure, nil
 }
 
 // Path returns the path used by cloud-node-manager executable within the container image.

bootstrapper/cloudprovider/azure/cloudnodemanager_test.go

@@ -10,7 +10,7 @@ func TestTrivialCNMFunctions(t *testing.T) {
 	assert := assert.New(t)
 	cloud := CloudNodeManager{}
 
-	assert.NotEmpty(cloud.Image())
+	assert.NotEmpty(cloud.Image("1.23"))
 	assert.NotEmpty(cloud.Path())
 	assert.NotEmpty(cloud.ExtraArgs())
 	assert.True(cloud.Supported())

bootstrapper/cloudprovider/gcp/ccm.go

@@ -6,10 +6,10 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/edgelesssys/constellation/bootstrapper/cloudprovider"
 	"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
 	"github.com/edgelesssys/constellation/internal/cloud/metadata"
 	"github.com/edgelesssys/constellation/internal/gcpshared"
+	"github.com/edgelesssys/constellation/internal/versions"
 	k8s "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -18,8 +18,11 @@ import (
 type CloudControllerManager struct{}
 
 // Image returns the container image used to provide cloud-controller-manager for the cloud-provider.
-func (c *CloudControllerManager) Image() string {
+func (c *CloudControllerManager) Image(k8sVersion string) (string, error) {
-	return cloudprovider.CloudControllerManagerImageGCP
+	if !versions.IsSupportedK8sVersion(k8sVersion) {
+		return "", fmt.Errorf("received unsupported k8sVersion: %s", k8sVersion)
+	}
+	return versions.VersionConfigs[k8sVersion].CloudControllerManagerImageAzure, nil
 }
 
 // Path returns the path used by cloud-controller-manager executable within the container image.

bootstrapper/cloudprovider/gcp/ccm_test.go

@@ -132,7 +132,7 @@ func TestTrivialCCMFunctions(t *testing.T) {
 	assert := assert.New(t)
 	cloud := CloudControllerManager{}
 
-	assert.NotEmpty(cloud.Image())
+	assert.NotEmpty(cloud.Image("1.23"))
 	assert.NotEmpty(cloud.Path())
 	assert.NotEmpty(cloud.Name())
 	assert.NotEmpty(cloud.ExtraArgs())

bootstrapper/cloudprovider/gcp/cloudnodemanager.go

@@ -5,8 +5,8 @@ type CloudNodeManager struct{}
 
 // Image returns the container image used to provide cloud-node-manager for the cloud-provider.
 // Not used on GCP.
-func (c *CloudNodeManager) Image() string {
+func (c *CloudNodeManager) Image(k8sVersion string) (string, error) {
-	return ""
+	return "", nil
 }
 
 // Path returns the path used by cloud-node-manager executable within the container image.

bootstrapper/cloudprovider/gcp/cloudnodemanager_test.go

@@ -10,7 +10,7 @@ func TestTrivialCNMFunctions(t *testing.T) {
 	assert := assert.New(t)
 	cloud := CloudNodeManager{}
 
-	assert.Empty(cloud.Image())
+	assert.Empty(cloud.Image(""))
 	assert.Empty(cloud.Path())
 	assert.Empty(cloud.ExtraArgs())
 	assert.False(cloud.Supported())

bootstrapper/cloudprovider/images.go

@@ -1,13 +0,0 @@
-package cloudprovider
-
-const (
-	// CloudControllerManagerImageAWS is the CCM image used on AWS.
-	CloudControllerManagerImageAWS = "us.gcr.io/k8s-artifacts-prod/provider-aws/cloud-controller-manager:v1.22.0-alpha.0"
-	// CloudControllerManagerImageGCP is the CCM image used on GCP.
-	// TODO: use newer "cloud-provider-gcp" from https://github.com/kubernetes/cloud-provider-gcp when newer releases are available.
-	CloudControllerManagerImageGCP = "ghcr.io/edgelesssys/cloud-provider-gcp:sha-2f6a5b07fc2d37f24f8ff725132f87584d627d8f"
-	// CloudControllerManagerImageAzure is the CCM image used on Azure.
-	CloudControllerManagerImageAzure = "mcr.microsoft.com/oss/kubernetes/azure-cloud-controller-manager:v1.23.11"
-	// CloudNodeManagerImageAzure is the cloud-node-manager image used on Azure.
-	CloudNodeManagerImageAzure = "mcr.microsoft.com/oss/kubernetes/azure-cloud-node-manager:v1.23.11"
-)

bootstrapper/cloudprovider/qemu/ccm.go

@@ -12,8 +12,8 @@ import (
 type CloudControllerManager struct{}
 
 // Image returns the container image used to provide cloud-controller-manager for the cloud-provider.
-func (c CloudControllerManager) Image() string {
+func (c CloudControllerManager) Image(k8sVersion string) (string, error) {
-	return ""
+	return "", nil
 }
 
 // Path returns the path used by cloud-controller-manager executable within the container image.

bootstrapper/cloudprovider/qemu/cloudnodemanager.go

@@ -5,8 +5,8 @@ type CloudNodeManager struct{}
 
 // Image returns the container image used to provide cloud-node-manager for the cloud-provider.
 // Not used on QEMU.
-func (c *CloudNodeManager) Image() string {
+func (c *CloudNodeManager) Image(k8sVersion string) (string, error) {
-	return ""
+	return "", nil
 }
 
 // Path returns the path used by cloud-node-manager executable within the container image.

bootstrapper/internal/kubernetes/cloud_provider.go

@@ -29,7 +29,7 @@ type ProviderMetadata interface {
 // CloudControllerManager implementers provide configuration for the k8s cloud-controller-manager.
 type CloudControllerManager interface {
 	// Image returns the container image used to provide cloud-controller-manager for the cloud-provider.
-	Image() string
+	Image(k8sVersion string) (string, error)
 	// Path returns the path used by cloud-controller-manager executable within the container image.
 	Path() string
 	// Name returns the cloud-provider name as used by k8s cloud-controller-manager (k8s.gcr.io/cloud-controller-manager).
@@ -56,7 +56,7 @@ type CloudControllerManager interface {
 // CloudNodeManager implementers provide configuration for the k8s cloud-node-manager.
 type CloudNodeManager interface {
 	// Image returns the container image used to provide cloud-node-manager for the cloud-provider.
-	Image() string
+	Image(k8sVersion string) (string, error)
 	// Path returns the path used by cloud-node-manager executable within the container image.
 	Path() string
 	// ExtraArgs returns a list of arguments to append to the cloud-node-manager command.
@@ -133,8 +133,8 @@ type stubCloudControllerManager struct {
 	SupportedResp bool
 }
 
-func (m *stubCloudControllerManager) Image() string {
+func (m *stubCloudControllerManager) Image(k8sVersion string) (string, error) {
-	return "stub-image:latest"
+	return "stub-image:latest", nil
 }
 
 func (m *stubCloudControllerManager) Path() string {
@@ -181,8 +181,8 @@ type stubCloudNodeManager struct {
 	ExtraArgsResp []string
 }
 
-func (m *stubCloudNodeManager) Image() string {
+func (m *stubCloudNodeManager) Image(k8sVersion string) (string, error) {
-	return m.ImageResp
+	return m.ImageResp, nil
 }
 
 func (m *stubCloudNodeManager) Path() string {

bootstrapper/internal/kubernetes/k8sapi/kubectl/client/client_test.go

@@ -245,7 +245,7 @@ func TestGetObjects(t *testing.T) {
 		wantErr          bool
 	}{
 		"GetObjects works on cluster-autoscaler deployment": {
-			wantResources: resources.NewDefaultAutoscalerDeployment(nil, nil, nil),
+			wantResources: resources.NewDefaultAutoscalerDeployment(nil, nil, nil, ""),
 			resourcesYAML: string(nginxDeplYAML),
 			wantErr:       false,
 		},

bootstrapper/internal/kubernetes/k8sapi/resources/cluster_autoscaler.go

@@ -23,7 +23,7 @@ type autoscalerDeployment struct {
 }
 
 // NewDefaultAutoscalerDeployment creates a new *autoscalerDeployment, customized for the CSP.
-func NewDefaultAutoscalerDeployment(extraVolumes []k8s.Volume, extraVolumeMounts []k8s.VolumeMount, env []k8s.EnvVar) *autoscalerDeployment {
+func NewDefaultAutoscalerDeployment(extraVolumes []k8s.Volume, extraVolumeMounts []k8s.VolumeMount, env []k8s.EnvVar, k8sVersion string) *autoscalerDeployment {
 	return &autoscalerDeployment{
 		PodDisruptionBudget: policy.PodDisruptionBudget{
 			TypeMeta: v1.TypeMeta{
@@ -435,7 +435,7 @@ func NewDefaultAutoscalerDeployment(extraVolumes []k8s.Volume, extraVolumeMounts
 						Containers: []k8s.Container{
 							{
 								Name:            "cluster-autoscaler",
-								Image:           versions.ClusterAutoscalerImage,
+								Image:           versions.VersionConfigs[k8sVersion].ClusterAutoscalerImage,
 								ImagePullPolicy: k8s.PullIfNotPresent,
 								LivenessProbe: &k8s.Probe{
 									ProbeHandler: k8s.ProbeHandler{

bootstrapper/internal/kubernetes/k8sapi/resources/cluster_autoscaler_test.go

@@ -11,7 +11,7 @@ func TestAutoscalerDeploymentMarshalUnmarshal(t *testing.T) {
 	require := require.New(t)
 	assert := assert.New(t)
 
-	autoscalerDepl := NewDefaultAutoscalerDeployment(nil, nil, nil)
+	autoscalerDepl := NewDefaultAutoscalerDeployment(nil, nil, nil, "")
 
 	data, err := autoscalerDepl.Marshal()
 	require.NoError(err)
@@ -27,7 +27,7 @@ func TestAutoscalerDeploymentWithCommandMarshalUnmarshal(t *testing.T) {
 	require := require.New(t)
 	assert := assert.New(t)
 
-	autoscalerDepl := NewDefaultAutoscalerDeployment(nil, nil, nil)
+	autoscalerDepl := NewDefaultAutoscalerDeployment(nil, nil, nil, "")
 	autoscalerDepl.SetAutoscalerCommand("someProvider", []string{"group1", "group2"})
 
 	data, err := autoscalerDepl.Marshal()

bootstrapper/internal/kubernetes/kubernetes.go

@@ -84,6 +84,8 @@ func (k *KubeWrapper) InitCluster(
 	id attestationtypes.ID, kmsConfig KMSConfig, sshUsers map[string]string, log *logger.Logger,
 ) ([]byte, error) {
 	log.With(zap.String("version", k8sVersion)).Infof("Installing Kubernetes components")
+	// InstallComponents validates the k8sVersion as it's first action and returns if not supported.
+	// This implicitly makes k8sVersion safe to use in this function.
 	if err := k.clusterUtil.InstallComponents(ctx, k8sVersion); err != nil {
 		return nil, err
 	}
@@ -194,14 +196,14 @@ func (k *KubeWrapper) InitCluster(
 		return nil, fmt.Errorf("setting up join service failed: %w", err)
 	}
 
-	if err := k.setupCCM(ctx, subnetworkPodCIDR, cloudServiceAccountURI, instance); err != nil {
+	if err := k.setupCCM(ctx, subnetworkPodCIDR, cloudServiceAccountURI, instance, k8sVersion); err != nil {
 		return nil, fmt.Errorf("setting up cloud controller manager: %w", err)
 	}
-	if err := k.setupCloudNodeManager(); err != nil {
+	if err := k.setupCloudNodeManager(k8sVersion); err != nil {
 		return nil, fmt.Errorf("setting up cloud node manager: %w", err)
 	}
 
-	if err := k.setupClusterAutoscaler(instance, cloudServiceAccountURI, autoscalingNodeGroups); err != nil {
+	if err := k.setupClusterAutoscaler(instance, cloudServiceAccountURI, autoscalingNodeGroups, k8sVersion); err != nil {
 		return nil, fmt.Errorf("setting up cluster autoscaler: %w", err)
 	}
 
@@ -309,7 +311,7 @@ func (k *KubeWrapper) setupJoinService(csp string, measurementsJSON []byte, id a
 	return k.clusterUtil.SetupJoinService(k.client, joinConfiguration)
 }
 
-func (k *KubeWrapper) setupCCM(ctx context.Context, subnetworkPodCIDR, cloudServiceAccountURI string, instance metadata.InstanceMetadata) error {
+func (k *KubeWrapper) setupCCM(ctx context.Context, subnetworkPodCIDR, cloudServiceAccountURI string, instance metadata.InstanceMetadata, k8sVersion string) error {
 	if !k.cloudControllerManager.Supported() {
 		return nil
 	}
@@ -321,9 +323,13 @@ func (k *KubeWrapper) setupCCM(ctx context.Context, subnetworkPodCIDR, cloudServ
 	if err != nil {
 		return fmt.Errorf("defining Secrets for CCM failed: %w", err)
 	}
+	ccmImage, err := k.cloudControllerManager.Image(k8sVersion)
+	if err != nil {
+		return fmt.Errorf("defining Image for CCM failed: %w", err)
+	}
 
 	cloudControllerManagerConfiguration := resources.NewDefaultCloudControllerManagerDeployment(
-		k.cloudControllerManager.Name(), k.cloudControllerManager.Image(), k.cloudControllerManager.Path(), subnetworkPodCIDR,
+		k.cloudControllerManager.Name(), ccmImage, k.cloudControllerManager.Path(), subnetworkPodCIDR,
 		k.cloudControllerManager.ExtraArgs(), k.cloudControllerManager.Volumes(), k.cloudControllerManager.VolumeMounts(), k.cloudControllerManager.Env(),
 	)
 	if err := k.clusterUtil.SetupCloudControllerManager(k.client, cloudControllerManagerConfiguration, ccmConfigMaps, ccmSecrets); err != nil {
@@ -333,12 +339,17 @@ func (k *KubeWrapper) setupCCM(ctx context.Context, subnetworkPodCIDR, cloudServ
 	return nil
 }
 
-func (k *KubeWrapper) setupCloudNodeManager() error {
+func (k *KubeWrapper) setupCloudNodeManager(k8sVersion string) error {
 	if !k.cloudNodeManager.Supported() {
 		return nil
 	}
+	nodeManagerImage, err := k.cloudNodeManager.Image(k8sVersion)
+	if err != nil {
+		return fmt.Errorf("defining Image for Node Manager failed: %w", err)
+	}
+
 	cloudNodeManagerConfiguration := resources.NewDefaultCloudNodeManagerDeployment(
-		k.cloudNodeManager.Image(), k.cloudNodeManager.Path(), k.cloudNodeManager.ExtraArgs(),
+		nodeManagerImage, k.cloudNodeManager.Path(), k.cloudNodeManager.ExtraArgs(),
 	)
 	if err := k.clusterUtil.SetupCloudNodeManager(k.client, cloudNodeManagerConfiguration); err != nil {
 		return fmt.Errorf("failed to setup cloud-node-manager: %w", err)
@@ -347,7 +358,7 @@ func (k *KubeWrapper) setupCloudNodeManager() error {
 	return nil
 }
 
-func (k *KubeWrapper) setupClusterAutoscaler(instance metadata.InstanceMetadata, cloudServiceAccountURI string, autoscalingNodeGroups []string) error {
+func (k *KubeWrapper) setupClusterAutoscaler(instance metadata.InstanceMetadata, cloudServiceAccountURI string, autoscalingNodeGroups []string, k8sVersion string) error {
 	if !k.clusterAutoscaler.Supported() {
 		return nil
 	}
@@ -356,7 +367,7 @@ func (k *KubeWrapper) setupClusterAutoscaler(instance metadata.InstanceMetadata,
 		return fmt.Errorf("defining Secrets for cluster-autoscaler failed: %w", err)
 	}
 
-	clusterAutoscalerConfiguration := resources.NewDefaultAutoscalerDeployment(k.clusterAutoscaler.Volumes(), k.clusterAutoscaler.VolumeMounts(), k.clusterAutoscaler.Env())
+	clusterAutoscalerConfiguration := resources.NewDefaultAutoscalerDeployment(k.clusterAutoscaler.Volumes(), k.clusterAutoscaler.VolumeMounts(), k.clusterAutoscaler.Env(), k8sVersion)
 	clusterAutoscalerConfiguration.SetAutoscalerCommand(k.clusterAutoscaler.Name(), autoscalingNodeGroups)
 	if err := k.clusterUtil.SetupAutoscaling(k.client, clusterAutoscalerConfiguration, caSecrets); err != nil {
 		return fmt.Errorf("failed to setup cluster-autoscaler: %w", err)

bootstrapper/internal/kubernetes/kubernetes_test.go

@@ -70,7 +70,7 @@ func TestInitCluster(t *testing.T) {
 				},
 				ClusterConfiguration: kubeadm.ClusterConfiguration{},
 			},
-			k8sVersion: "1.23.6",
+			k8sVersion: "1.23",
 		},
 		"kubeadm init works with metadata and loadbalancer": {
 			clusterUtil: stubClusterUtil{},
@@ -110,7 +110,7 @@ func TestInitCluster(t *testing.T) {
 				},
 			},
 			wantErr:    false,
-			k8sVersion: "1.23.6",
+			k8sVersion: "1.23",
 		},
 		"kubeadm init fails when retrieving metadata self": {
 			clusterUtil: stubClusterUtil{},
@@ -125,7 +125,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when retrieving metadata subnetwork cidr": {
 			clusterUtil: stubClusterUtil{},
@@ -140,7 +140,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when retrieving metadata loadbalancer ip": {
 			clusterUtil: stubClusterUtil{},
@@ -156,7 +156,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when applying the init config": {
 			clusterUtil: stubClusterUtil{initClusterErr: someErr},
@@ -168,7 +168,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting up the pod network": {
 			clusterUtil: stubClusterUtil{setupPodNetworkErr: someErr},
@@ -180,7 +180,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting up the join service": {
 			clusterUtil: stubClusterUtil{setupJoinServiceError: someErr},
@@ -192,7 +192,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting the cloud contoller manager": {
 			clusterUtil: stubClusterUtil{setupCloudControllerManagerError: someErr},
@@ -204,7 +204,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting the cloud node manager": {
 			clusterUtil: stubClusterUtil{setupCloudNodeManagerError: someErr},
@@ -216,7 +216,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{SupportedResp: true},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting the cluster autoscaler": {
 			clusterUtil: stubClusterUtil{setupAutoscalingError: someErr},
@@ -228,7 +228,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{SupportedResp: true},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when reading kubeconfig": {
 			clusterUtil: stubClusterUtil{},
@@ -240,7 +240,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting up the kms": {
 			clusterUtil: stubClusterUtil{setupKMSError: someErr},
@@ -252,7 +252,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{SupportedResp: false},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"kubeadm init fails when setting up verification service": {
 			clusterUtil: stubClusterUtil{setupVerificationServiceErr: someErr},
@@ -264,7 +264,7 @@ func TestInitCluster(t *testing.T) {
 			CloudNodeManager:       &stubCloudNodeManager{SupportedResp: false},
 			ClusterAutoscaler:      &stubClusterAutoscaler{},
 			wantErr:                true,
-			k8sVersion:             "1.23.6",
+			k8sVersion:             "1.23",
 		},
 		"unsupported k8sVersion fails cluster creation": {
 			clusterUtil: stubClusterUtil{},

internal/config/config.go

@@ -230,7 +230,7 @@ func Default() *Config {
 				Measurements: qemuPCRs,
 			},
 		},
-		KubernetesVersion: "1.23.6",
+		KubernetesVersion: "1.23",
 	}
 }
 

internal/versions/containerImages.go

@@ -1,13 +0,0 @@
-package versions
-
-const (
-	// Constellation images.
-	JoinImage          = "ghcr.io/edgelesssys/constellation/join-service:v1.3.2-0.20220718102802-8c25a227"
-	AccessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v1.3.2-0.20220714151638-d295be31"
-	KmsImage           = "ghcr.io/edgelesssys/constellation/kmsserver:v1.3.2-0.20220714151638-d295be31"
-	VerificationImage  = "ghcr.io/edgelesssys/constellation/verification-service:v1.3.2-0.20220714151638-d295be31"
-	GcpGuestImage      = "ghcr.io/edgelesssys/gcp-guest-agent:latest"
-
-	// external images.
-	ClusterAutoscalerImage = "k8s.gcr.io/autoscaling/cluster-autoscaler:v1.23.0"
-)

internal/versions/k8sBinaries.go

@@ -1,31 +0,0 @@
-package versions
-
-// versionConfigs holds download URLs for all required kubernetes components for every supported version.
-var VersionConfigs map[string]KubernetesVersion = map[string]KubernetesVersion{
-	"1.23.6": {
-		CNIPluginsURL:     "https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-amd64-v1.1.1.tgz",
-		CrictlURL:         "https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.24.1/crictl-v1.24.1-linux-amd64.tar.gz",
-		KubeletServiceURL: "https://raw.githubusercontent.com/kubernetes/release/v0.13.0/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service",
-		KubeadmConfURL:    "https://raw.githubusercontent.com/kubernetes/release/v0.13.0/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf",
-		KubeletURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubelet",
-		KubeadmURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubeadm",
-		KubectlURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubectl",
-	},
-}
-
-type KubernetesVersion struct {
-	CNIPluginsURL     string
-	CrictlURL         string
-	KubeletServiceURL string
-	KubeadmConfURL    string
-	KubeletURL        string
-	KubeadmURL        string
-	KubectlURL        string
-}
-
-func IsSupportedK8sVersion(version string) bool {
-	if _, ok := VersionConfigs[version]; !ok {
-		return false
-	}
-	return true
-}

internal/versions/versions.go

@@ -0,0 +1,57 @@
+package versions
+
+const (
+	// Constellation images.
+	// These images are built in a way that they support all versions currently listed in VersionConfigs.
+	JoinImage          = "ghcr.io/edgelesssys/constellation/join-service:v1.3.2-0.20220718102802-8c25a227"
+	AccessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v1.3.2-0.20220714151638-d295be31"
+	KmsImage           = "ghcr.io/edgelesssys/constellation/kmsserver:v1.3.2-0.20220714151638-d295be31"
+	VerificationImage  = "ghcr.io/edgelesssys/constellation/verification-service:v1.3.2-0.20220714151638-d295be31"
+	GcpGuestImage      = "ghcr.io/edgelesssys/gcp-guest-agent:latest"
+)
+
+// versionConfigs holds download URLs for all required kubernetes components for every supported version.
+var VersionConfigs map[string]KubernetesVersion = map[string]KubernetesVersion{
+	"1.23": {
+		CNIPluginsURL:     "https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-amd64-v1.1.1.tgz",
+		CrictlURL:         "https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.24.1/crictl-v1.24.1-linux-amd64.tar.gz",
+		KubeletServiceURL: "https://raw.githubusercontent.com/kubernetes/release/v0.13.0/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service",
+		KubeadmConfURL:    "https://raw.githubusercontent.com/kubernetes/release/v0.13.0/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf",
+		KubeletURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubelet",
+		KubeadmURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubeadm",
+		KubectlURL:        "https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubectl",
+		// CloudControllerManagerImageAWS is the CCM image used on AWS.
+		CloudControllerManagerImageAWS: "us.gcr.io/k8s-artifacts-prod/provider-aws/cloud-controller-manager:v1.22.0-alpha.0",
+		// CloudControllerManagerImageGCP is the CCM image used on GCP.
+		// TODO: use newer "cloud-provider-gcp" from https://github.com/kubernetes/cloud-provider-gcp when newer releases are available.
+		CloudControllerManagerImageGCP: "ghcr.io/edgelesssys/cloud-provider-gcp:sha-2f6a5b07fc2d37f24f8ff725132f87584d627d8f",
+		// CloudControllerManagerImageAzure is the CCM image used on Azure.
+		CloudControllerManagerImageAzure: "mcr.microsoft.com/oss/kubernetes/azure-cloud-controller-manager:v1.23.11",
+		// CloudNodeManagerImageAzure is the cloud-node-manager image used on Azure.
+		CloudNodeManagerImageAzure: "mcr.microsoft.com/oss/kubernetes/azure-cloud-node-manager:v1.23.11",
+		// External service image. Depends on k8s version.
+		ClusterAutoscalerImage: "k8s.gcr.io/autoscaling/cluster-autoscaler:v1.23.0",
+	},
+}
+
+// KubernetesVersion bundles download URLs to all version-releated binaries necessary for installing/deploying a particular Kubernetes version.
+type KubernetesVersion struct {
+	CNIPluginsURL                    string
+	CrictlURL                        string
+	KubeletServiceURL                string
+	KubeadmConfURL                   string
+	KubeletURL                       string
+	KubeadmURL                       string
+	KubectlURL                       string
+	CloudControllerManagerImageAWS   string
+	CloudControllerManagerImageGCP   string
+	CloudControllerManagerImageAzure string
+	CloudNodeManagerImageAzure       string
+	ClusterAutoscalerImage           string
+}
+
+// IsSupportedK8sVersion checks if a given Kubernetes version is supported by Constellation.
+func IsSupportedK8sVersion(version string) bool {
+	_, ok := VersionConfigs[version]
+	return ok
+}

joinservice/internal/server/server_test.go

@@ -37,7 +37,7 @@ func TestIssueJoinTicket(t *testing.T) {
 		CACertHashes:      []string{"hash"},
 		Token:             "token",
 	}
-	testK8sVersion := "1.23.6"
+	testK8sVersion := "1.23"
 
 	testCases := map[string]struct {
 		isControlPlane bool