Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-19 03:39:32 -04:00
Code Issues Projects Releases Packages Wiki Activity

AB#2554 GCP CSI driver deployment (#532)

Browse source 
* Allow enabling/disabling of CSI driver through config

* Fix inconsistent namespace parsing

* Deploy GCP CSI driver on init

* Update invalid pod tolerations

* Add generate script for CSI charts

* Update generateCilium script

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2022-11-18 10:05:02 +01:00 committed by GitHub
parent 6b7e470983
commit b966f57a2f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
45 changed files with 1597 additions and 165 deletions
Download patch file Download diff file Expand all files Collapse all files

30
cli/internal/cmd/init.go
View file

@ -117,7 +117,7 @@ func initialize(cmd *cobra.Command, newDialer func(validator *cloudcmd.Validator
return fmt.Errorf("parsing or generating master secret from file %s: %w", flags.masterSecretPath, err)
}
helmLoader := helm.New(provider, k8sVersion)
helmDeployments, err := helmLoader.Load(provider, flags.conformance, masterSecret.Key, masterSecret.Salt, getEnforcedPCRs(provider, conf), getEnforceIDKeyDigest(provider, conf))
helmDeployments, err := helmLoader.Load(conf, flags.conformance, masterSecret.Key, masterSecret.Salt)
if err != nil {
return fmt.Errorf("loading Helm charts: %w", err)
}
@ -133,8 +133,8 @@ func initialize(cmd *cobra.Command, newDialer func(validator *cloudcmd.Validator
CloudServiceAccountUri: serviceAccURI,
KubernetesVersion: conf.KubernetesVersion,
HelmDeployments: helmDeployments,
EnforcedPcrs: getEnforcedPCRs(provider, conf),
EnforceIdkeydigest: getEnforceIDKeyDigest(provider, conf),
EnforcedPcrs: conf.GetEnforcedPCRs(),
EnforceIdkeydigest: conf.EnforcesIDKeyDigest(),
ConformanceMode: flags.conformance,
}
resp, err := initCall(cmd.Context(), newDialer(validator), idFile.IP, req)
@ -219,30 +219,6 @@ func writeRow(wr io.Writer, col1 string, col2 string) {
fmt.Fprint(wr, col1, "\t", col2, "\n")
}
func getEnforcedPCRs(provider cloudprovider.Provider, config *config.Config) []uint32 {
switch provider {
case cloudprovider.AWS:
return config.Provider.AWS.EnforcedMeasurements
case cloudprovider.Azure:
return config.Provider.Azure.EnforcedMeasurements
case cloudprovider.GCP:
return config.Provider.GCP.EnforcedMeasurements
case cloudprovider.QEMU:
return config.Provider.QEMU.EnforcedMeasurements
default:
return nil
}
}
func getEnforceIDKeyDigest(provider cloudprovider.Provider, config *config.Config) bool {
switch provider {
case cloudprovider.Azure:
return *config.Provider.Azure.EnforceIDKeyDigest
default:
return false
}
}
// evalFlagArgs gets the flag values and does preprocessing of these values like
// reading the content from file path flags and deriving other values from flag combinations.
func evalFlagArgs(cmd *cobra.Command) (initFlags, error) {