config: automatically upload new Azure SNP versions to API + sign version with release key (#1854)

* sign version with release key and remove version from fetcher interface * extend azure-reporter GH action to upload updated version values to the Attestation API
2025-05-08 17:25:14 -04:00 · 2023-06-02 12:10:22 +02:00 · 2023-06-02 12:10:22 +02:00 · a813760f96
commit a813760f96
parent 18da9b8128
14 changed files with 214 additions and 76 deletions
--- a/internal/api/attestationconfig/fetcher/fetcher_test.go
+++ b/internal/api/attestationconfig/fetcher/fetcher_test.go
@ -15,9 +15,7 @@ import (
 	"testing"

 	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )

 var testCfg = configapi.AzureSEVSNPVersionGet{
@ -36,7 +34,7 @@ func TestFetchLatestAzureSEVSNPVersion(t *testing.T) {
 		want      configapi.AzureSEVSNPVersionGet
 	}{
 		"get version with valid signature": {
-			signature: []byte("MEUCIQDNn6wiSh9Nz9mtU9RvxvfkH3fNDFGeqopjTIRoBNkyrAIgSsKgdYNQXvPevaLWmmpnj/9WcgrltAQ+KfI+bQfklAo="),
+			signature: []byte("MEQCIBPEbYg89MIQuaGStLhKGLGMKvKFoYCaAniDLwoIwulqAiB+rj7KMaMOMGxmUsjI7KheCXSNM8NzN+tuDw6AywI75A=="), // signed with release key
 			want:      testCfg,
 		},
 		"fail with invalid signature": {
@ -51,13 +49,10 @@ func TestFetchLatestAzureSEVSNPVersion(t *testing.T) {
 					signature: tc.signature,
 				},
 			}
-			require := require.New(t)
-			version, err := versionsapi.NewVersionFromShortPath("stream/debug/v9.9.9", versionsapi.VersionKindImage)
-			require.NoError(err)
 			fetcher := NewWithClient(client)
+			res, err := fetcher.FetchAzureSEVSNPVersionLatest(context.Background())

 			assert := assert.New(t)
-			res, err := fetcher.FetchAzureSEVSNPVersionLatest(context.Background(), version)
 			if tc.wantErr {
 				assert.Error(err)
 			} else {