Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

uplosi: use separate galleries for Azure TDX and TDX

Browse Source
This commit is contained in:
Malte Poll 2024-01-16 14:15:04 +01:00
parent 52dec77508
commit 9d6321faa3
2 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
internal/attestation/measurements/overrides.go
View File

@ -98,12 +98,12 @@ type valueOverride struct {
func ApplyOverrides(in M, csp cloudprovider.Provider, attestationVariant string) (M, error) {
out := in.Copy()
var matchingOverrides []measurementOverride
if cspOverride, ok := measurementOverridesForCSP[csp.String()]; ok {
matchingOverrides = append(matchingOverrides, cspOverride)
}
if attestationVariantOverride, ok := measurementOverridesForAttestationVariant[attestationVariant]; ok {
matchingOverrides = append(matchingOverrides, attestationVariantOverride)
}
if cspOverride, ok := measurementOverridesForCSP[csp.String()]; ok {
matchingOverrides = append(matchingOverrides, cspOverride)
}
for _, override := range matchingOverrides {
for _, i := range override.ValueOverrides {
m, ok := out[i.Index]

21
internal/osimage/uplosi/uplosiupload.go
View File

@ -209,21 +209,32 @@ func awsParseAMIARN(arn string) (region string, amiID string, retErr error) {
func extendAzureConfig(azureConfig map[string]any, version versionsapi.Version, attestationVariant string, timestamp time.Time) {
azureConfig["attestationVariant"] = attestationVariant
azureConfig["sharedImageGallery"] = azureGalleryName(version)
azureConfig["sharedImageGallery"] = azureGalleryName(version, attestationVariant)
azureConfig["imageDefinitionName"] = azureImageOffer(version)
azureConfig["offer"] = azureImageOffer(version)
formattedTime := timestamp.Format(timestampFormat)
azureConfig["diskName"] = fmt.Sprintf("constellation-%s-%s-%s", version.Stream(), formattedTime, attestationVariant)
}
func azureGalleryName(version versionsapi.Version) string {
func azureGalleryName(version versionsapi.Version, attestationVariant string) string {
var prefix string
switch version.Stream() {
case "stable":
return "Constellation_CVM"
prefix = "Constellation"
case "debug":
return "Constellation_Debug_CVM"
prefix = "Constellation_Debug"
default:
prefix = "Constellation_Testing"
}
return "Constellation_Testing_CVM"
var suffix string
switch attestationVariant {
case "azure-tdx":
suffix = "_TDX"
case "azure-sev-snp":
suffix = "_CVM"
}
return prefix + suffix
}
func azureImageOffer(version versionsapi.Version) string {