Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-03 02:50:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

Remove SSHUsers and UserKey from config v2 (#650)

Browse Source 
* Remove SSHUsers and UserKey as part of configVersion v2

* Add migration nodes to docs

* Update CHANGELOG.md
This commit is contained in:
Nils Hanke 2022-11-25 15:27:34 +01:00 committed by GitHub
parent a3661d6c07
commit 878d66dcda
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 12 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -29,7 +29,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Changed ### Changed
<!-- For changes in existing functionality. --> <!-- For changes in existing functionality. -->
<!-- TODO: Remove `/next/` from URL before release -->
- Constellation operators are now deployed using Helm. - Constellation operators are now deployed using Helm.
- Updated the config version to v2. Check [how to migrate your config](https://constellation-docs.edgeless.systems/constellation/next/reference/config-migration).
- OS images are now configured globally in the `images` field of the configuration file. - OS images are now configured globally in the `images` field of the configuration file.
### Deprecated ### Deprecated
@ -38,6 +40,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Removed ### Removed
<!-- For now removed features. --> <!-- For now removed features. -->
- `access-manager` was removed from code base. K8s native way to SSH into nodes documented. - `access-manager` was removed from code base. K8s native way to SSH into nodes documented.
- `SSHUsers` has been removed from the user configuration following the removal of `access-manager`.
### Fixed ### Fixed

2
docs/docs/reference/config-migration.md
View File

@ -4,6 +4,8 @@ This document describes breaking changes in the configuration file format betwee
## Migrating from CLI versions < 2.3 ## Migrating from CLI versions < 2.3
- The `sshUsers` was deprecated in v2.2 and now has been eventually removed from the configuration in v2.3.
As an alternative for SSH, check the workflow section [Connect to nodes](https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes).
- The `image` field for each cloud service provider has been replaced with a global `image` field. Use the following mapping to migrate your configuration: - The `image` field for each cloud service provider has been replaced with a global `image` field. Use the following mapping to migrate your configuration:
<details> <details>
<summary>Show all</summary> <summary>Show all</summary>

2
docs/docs/workflows/troubleshooting.md
View File

@ -46,7 +46,7 @@ Constellation uses the default bucket to store logs. Its [default retention peri
</tabItem> </tabItem>
</tabs> </tabs>
## Connect to nodes via SSH ## Connect to nodes
Debugging via a shell on a node is [directly supported by Kubernetes](https://kubernetes.io/docs/tasks/debug/debug-application/debug-running-pod/#node-shell-session). Debugging via a shell on a node is [directly supported by Kubernetes](https://kubernetes.io/docs/tasks/debug/debug-application/debug-running-pod/#node-shell-session).

23
internal/config/config.go
View File

@ -59,11 +59,6 @@ type Config struct {
// Supported cloud providers and their specific configurations. // Supported cloud providers and their specific configurations.
Provider ProviderConfig `yaml:"provider" validate:"dive"` Provider ProviderConfig `yaml:"provider" validate:"dive"`
// description: | // description: |
// Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh
// examples:
// - value: '[]UserKey{ { Username: "Alice", PublicKey: "ssh-rsa AAAAB3NzaC...5QXHKW1rufgtJeSeJ8= alice@domain.com" } }'
SSHUsers []UserKey `yaml:"sshUsers,omitempty" validate:"dive"`
// description: |
// Configuration to apply during constellation upgrade. // Configuration to apply during constellation upgrade.
// examples: // examples:
// - value: 'UpgradeConfig{ Image: "", Measurements: Measurements{} }' // - value: 'UpgradeConfig{ Image: "", Measurements: Measurements{} }'
@ -80,24 +75,6 @@ type UpgradeConfig struct {
Measurements Measurements `yaml:"measurements"` Measurements Measurements `yaml:"measurements"`
} }
// UserKey describes a user that should be created with corresponding public SSH key.
//
// Deprecated: UserKey was used as configuration for access-manager, which was removed
// in v2.2, but config needs to retain these values for backwards compatibility and
// config validation.
type UserKey struct {
// description: |
// Username of new SSH user.
//
// Deprecated: See UserKey.
Username string `yaml:"username" validate:"required"`
// description: |
// Public key of new SSH user.
//
// Deprecated: See UserKey.
PublicKey string `yaml:"publicKey" validate:"required"`
}
// ProviderConfig are cloud-provider specific configuration values used by the CLI. // ProviderConfig are cloud-provider specific configuration values used by the CLI.
// Fields should remain pointer-types so custom specific configs can nil them // Fields should remain pointer-types so custom specific configs can nil them
// if not required. // if not required.

48
internal/config/config_doc.go
View File

@ -13,7 +13,6 @@ import (
var ( var (
ConfigDoc encoder.Doc ConfigDoc encoder.Doc
UpgradeConfigDoc encoder.Doc UpgradeConfigDoc encoder.Doc
UserKeyDoc encoder.Doc
ProviderConfigDoc encoder.Doc ProviderConfigDoc encoder.Doc
AWSConfigDoc encoder.Doc AWSConfigDoc encoder.Doc
AzureConfigDoc encoder.Doc AzureConfigDoc encoder.Doc
@ -25,7 +24,7 @@ func init() {
ConfigDoc.Type = "Config" ConfigDoc.Type = "Config"
ConfigDoc.Comments[encoder.LineComment] = "Config defines configuration used by CLI." ConfigDoc.Comments[encoder.LineComment] = "Config defines configuration used by CLI."
ConfigDoc.Description = "Config defines configuration used by CLI." ConfigDoc.Description = "Config defines configuration used by CLI."
ConfigDoc.Fields = make([]encoder.Doc, 8) ConfigDoc.Fields = make([]encoder.Doc, 7)
ConfigDoc.Fields[0].Name = "version" ConfigDoc.Fields[0].Name = "version"
ConfigDoc.Fields[0].Type = "string" ConfigDoc.Fields[0].Type = "string"
ConfigDoc.Fields[0].Note = "" ConfigDoc.Fields[0].Note = ""
@ -56,20 +55,13 @@ func init() {
ConfigDoc.Fields[5].Note = "" ConfigDoc.Fields[5].Note = ""
ConfigDoc.Fields[5].Description = "Supported cloud providers and their specific configurations." ConfigDoc.Fields[5].Description = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[5].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations." ConfigDoc.Fields[5].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[6].Name = "sshUsers" ConfigDoc.Fields[6].Name = "upgrade"
ConfigDoc.Fields[6].Type = "[]UserKey" ConfigDoc.Fields[6].Type = "UpgradeConfig"
ConfigDoc.Fields[6].Note = "" ConfigDoc.Fields[6].Note = ""
ConfigDoc.Fields[6].Description = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh" ConfigDoc.Fields[6].Description = "Configuration to apply during constellation upgrade."
ConfigDoc.Fields[6].Comments[encoder.LineComment] = "Deprecated: Does nothing! To get node SSH access, see: https://constellation-docs.edgeless.systems/constellation/workflows/troubleshooting#connect-to-nodes-via-ssh" ConfigDoc.Fields[6].Comments[encoder.LineComment] = "Configuration to apply during constellation upgrade."
ConfigDoc.Fields[6].AddExample("", []UserKey{{Username: "Alice", PublicKey: "ssh-rsa AAAAB3NzaC...5QXHKW1rufgtJeSeJ8= alice@domain.com"}}) ConfigDoc.Fields[6].AddExample("", UpgradeConfig{Image: "", Measurements: Measurements{}})
ConfigDoc.Fields[7].Name = "upgrade"
ConfigDoc.Fields[7].Type = "UpgradeConfig"
ConfigDoc.Fields[7].Note = ""
ConfigDoc.Fields[7].Description = "Configuration to apply during constellation upgrade."
ConfigDoc.Fields[7].Comments[encoder.LineComment] = "Configuration to apply during constellation upgrade."
ConfigDoc.Fields[7].AddExample("", UpgradeConfig{Image: "", Measurements: Measurements{}})
UpgradeConfigDoc.Type = "UpgradeConfig" UpgradeConfigDoc.Type = "UpgradeConfig"
UpgradeConfigDoc.Comments[encoder.LineComment] = "UpgradeConfig defines configuration used during constellation upgrade." UpgradeConfigDoc.Comments[encoder.LineComment] = "UpgradeConfig defines configuration used during constellation upgrade."
@ -94,29 +86,6 @@ func init() {
UpgradeConfigDoc.Fields[1].Description = "Measurements of the updated image." UpgradeConfigDoc.Fields[1].Description = "Measurements of the updated image."
UpgradeConfigDoc.Fields[1].Comments[encoder.LineComment] = "Measurements of the updated image." UpgradeConfigDoc.Fields[1].Comments[encoder.LineComment] = "Measurements of the updated image."
UserKeyDoc.Type = "UserKey"
UserKeyDoc.Comments[encoder.LineComment] = "UserKey describes a user that should be created with corresponding public SSH key."
UserKeyDoc.Description = "UserKey describes a user that should be created with corresponding public SSH key.\n\nDeprecated: UserKey was used as configuration for access-manager, which was removed\nin v2.2, but config needs to retain these values for backwards compatibility and\nconfig validation.\n"
UserKeyDoc.AddExample("", []UserKey{{Username: "Alice", PublicKey: "ssh-rsa AAAAB3NzaC...5QXHKW1rufgtJeSeJ8= alice@domain.com"}})
UserKeyDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "Config",
FieldName: "sshUsers",
},
}
UserKeyDoc.Fields = make([]encoder.Doc, 2)
UserKeyDoc.Fields[0].Name = "username"
UserKeyDoc.Fields[0].Type = "string"
UserKeyDoc.Fields[0].Note = ""
UserKeyDoc.Fields[0].Description = "Username of new SSH user.\n\nDeprecated: See UserKey."
UserKeyDoc.Fields[0].Comments[encoder.LineComment] = "Username of new SSH user."
UserKeyDoc.Fields[1].Name = "publicKey"
UserKeyDoc.Fields[1].Type = "string"
UserKeyDoc.Fields[1].Note = ""
UserKeyDoc.Fields[1].Description = "Public key of new SSH user.\n\nDeprecated: See UserKey."
UserKeyDoc.Fields[1].Comments[encoder.LineComment] = "Public key of new SSH user."
ProviderConfigDoc.Type = "ProviderConfig" ProviderConfigDoc.Type = "ProviderConfig"
ProviderConfigDoc.Comments[encoder.LineComment] = "ProviderConfig are cloud-provider specific configuration values used by the CLI." ProviderConfigDoc.Comments[encoder.LineComment] = "ProviderConfig are cloud-provider specific configuration values used by the CLI."
ProviderConfigDoc.Description = "ProviderConfig are cloud-provider specific configuration values used by the CLI.\nFields should remain pointer-types so custom specific configs can nil them\nif not required.\n" ProviderConfigDoc.Description = "ProviderConfig are cloud-provider specific configuration values used by the CLI.\nFields should remain pointer-types so custom specific configs can nil them\nif not required.\n"
@ -396,10 +365,6 @@ func (_ UpgradeConfig) Doc() *encoder.Doc {
return &UpgradeConfigDoc return &UpgradeConfigDoc
} }
func (_ UserKey) Doc() *encoder.Doc {
return &UserKeyDoc
}
func (_ ProviderConfig) Doc() *encoder.Doc { func (_ ProviderConfig) Doc() *encoder.Doc {
return &ProviderConfigDoc return &ProviderConfigDoc
} }
@ -428,7 +393,6 @@ func GetConfigurationDoc() *encoder.FileDoc {
Structs: []*encoder.Doc{ Structs: []*encoder.Doc{
&ConfigDoc, &ConfigDoc,
&UpgradeConfigDoc, &UpgradeConfigDoc,
&UserKeyDoc,
&ProviderConfigDoc, &ProviderConfigDoc,
&AWSConfigDoc, &AWSConfigDoc,
&AzureConfigDoc, &AzureConfigDoc,