Use tags for UID and role parsing (#242)

* Apply tags to all applicable GCP resources * Move GCP UID and role from VM metadata to labels * Adjust Azure tags to be in line with GCP and AWS * Dont rely on resource name to find resources Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-05-02 14:26:23 -04:00 · 2022-10-24 16:58:21 +02:00 · 2022-10-24 16:58:21 +02:00 · b35b74b772
commit b35b74b772
parent c2814aeddb
34 changed files with 344 additions and 360 deletions
--- a/internal/cloud/aws/logger.go
+++ b/internal/cloud/aws/logger.go
@ -18,6 +18,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
 	logs "github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs"
 	"github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs/types"
+	"github.com/edgelesssys/constellation/v2/internal/cloud"
 	"k8s.io/utils/clock"
 )

@ -147,7 +148,7 @@ func (l *Logger) createStream(ctx context.Context, imds imdsAPI) error {
 	l.streamName = name

 	// find log group with matching Constellation UID
-	uid, err := readInstanceTag(ctx, imds, tagUID)
+	uid, err := readInstanceTag(ctx, imds, cloud.TagUID)
 	if err != nil {
 		return err
 	}
@ -162,7 +163,7 @@ func (l *Logger) createStream(ctx context.Context, imds imdsAPI) error {
 			if err != nil {
 				continue // we may not have permission to read the tags of a log group outside the Constellation scope
 			}
-			if tags.Tags[tagUID] == uid {
+			if tags.Tags[cloud.TagUID] == uid {
 				l.groupName = *group.LogGroupName
 				res.NextToken = nil // stop pagination
 				break