mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-04-20 15:35:55 -04:00
fix linting + tests
This commit is contained in:
Adrian Stobbe
parent
002779ac96
commit
b9cd9807bd
4
.github/actions/versionsapi/Dockerfile
vendored
4
.github/actions/versionsapi/Dockerfile
vendored
@ -13,11 +13,11 @@ RUN go mod download
|
||||
COPY . .
|
||||
|
||||
# Build
|
||||
WORKDIR /workspace/internal/versionsapi/cli
|
||||
WORKDIR /workspace/internal/api/versionsapi/cli
|
||||
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o versionsapi .
|
||||
|
||||
FROM scratch as release
|
||||
|
||||
COPY --from=builder /workspace/internal/versionsapi/cli/versionsapi .
|
||||
COPY --from=builder /workspace/internal/api/versionsapi/cli/versionsapi .
|
||||
|
||||
CMD ["/notIntendedToBeExecuted"]
|
||||
|
||||
@ -6,7 +6,7 @@ on:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "internal/versionsapi/**"
|
||||
- "internal/api/versionsapi/**"
|
||||
- ".github/workflows/build-versionsapi-ci-image.yml"
|
||||
- ".github/actions/versionsapi/**"
|
||||
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
/internal/retry @katexochen
|
||||
/internal/sigstore @malt3
|
||||
/internal/versions @katexochen
|
||||
/internal/versionsapi @katexochen
|
||||
/internal/api/versionsapi @katexochen
|
||||
/joinservice @daniel-weisse
|
||||
/keyservice @daniel-weisse
|
||||
/operators @malt3
|
||||
|
||||
@ -47,6 +47,8 @@ go_library(
|
||||
"//cli/internal/terraform",
|
||||
"//cli/internal/upgrade",
|
||||
"//disk-mapper/recoverproto",
|
||||
"//internal/api/fetcher",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/atls",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/cloud/azureshared",
|
||||
@ -71,8 +73,6 @@ go_library(
|
||||
"//internal/sigstore",
|
||||
"//internal/variant",
|
||||
"//internal/versions",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/fetcher",
|
||||
"//operators/constellation-node-operator/api/v1alpha1",
|
||||
"//verify/verifyproto",
|
||||
"@com_github_mattn_go_isatty//:go-isatty",
|
||||
@ -126,6 +126,7 @@ go_test(
|
||||
"//cli/internal/terraform",
|
||||
"//cli/internal/upgrade",
|
||||
"//disk-mapper/recoverproto",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/atls",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/cloud/cloudprovider",
|
||||
@ -142,7 +143,6 @@ go_test(
|
||||
"//internal/logger",
|
||||
"//internal/variant",
|
||||
"//internal/versions",
|
||||
"//internal/versionsapi",
|
||||
"//operators/constellation-node-operator/api/v1alpha1",
|
||||
"//verify/verifyproto",
|
||||
"@com_github_spf13_afero//:afero",
|
||||
|
||||
@ -14,12 +14,12 @@ import (
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/edgelesssys/constellation/v2/internal/sigstore"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
@ -15,12 +15,12 @@ import (
|
||||
"net/url"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
@ -17,6 +17,8 @@ import (
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/helm"
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/compatibility"
|
||||
@ -27,8 +29,6 @@ import (
|
||||
conSemver "github.com/edgelesssys/constellation/v2/internal/semver"
|
||||
"github.com/edgelesssys/constellation/v2/internal/sigstore"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versions"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
|
||||
"github.com/siderolabs/talos/pkg/machinery/config/encoder"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/spf13/cobra"
|
||||
@ -66,7 +66,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
versionListFetcher := fetcher.NewFetcher()
|
||||
versionListFetcher := fetcher.NewVersionAPIFetcher()
|
||||
rekor, err := sigstore.NewRekor()
|
||||
if err != nil {
|
||||
return fmt.Errorf("constructing Rekor client: %w", err)
|
||||
@ -82,7 +82,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
|
||||
flags: flags,
|
||||
cliVersion: compatibility.EnsurePrefixV(constants.VersionInfo()),
|
||||
log: log,
|
||||
versionsapi: fetcher.NewFetcher(),
|
||||
versionsapi: fetcher.NewVersionAPIFetcher(),
|
||||
},
|
||||
log: log,
|
||||
}
|
||||
|
||||
@ -15,6 +15,7 @@ import (
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
@ -22,7 +23,6 @@ import (
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
@ -10,11 +10,11 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/cli/internal/image",
|
||||
visibility = ["//cli:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/fetcher",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/config",
|
||||
"//internal/variant",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/fetcher",
|
||||
"@com_github_schollz_progressbar_v3//:progressbar",
|
||||
"@com_github_spf13_afero//:afero",
|
||||
],
|
||||
@ -28,10 +28,10 @@ go_test(
|
||||
],
|
||||
embed = [":image"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/config",
|
||||
"//internal/file",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_spf13_afero//:afero",
|
||||
"@com_github_stretchr_testify//assert",
|
||||
"@com_github_stretchr_testify//require",
|
||||
|
||||
@ -19,11 +19,11 @@ import (
|
||||
"io/fs"
|
||||
"regexp"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
|
||||
"github.com/spf13/afero"
|
||||
)
|
||||
|
||||
@ -36,7 +36,7 @@ type Fetcher struct {
|
||||
// New returns a new image fetcher.
|
||||
func New() *Fetcher {
|
||||
return &Fetcher{
|
||||
fetcher: fetcher.NewFetcher(),
|
||||
fetcher: fetcher.NewVersionAPIFetcher(),
|
||||
fs: &afero.Afero{Fs: afero.NewOsFs()},
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,10 +13,10 @@ import (
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
@ -15,6 +15,7 @@ go_library(
|
||||
"//cli/internal/image",
|
||||
"//cli/internal/terraform",
|
||||
"//cli/internal/upgrade",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/compatibility",
|
||||
"//internal/config",
|
||||
@ -25,7 +26,6 @@ go_library(
|
||||
"//internal/variant",
|
||||
"//internal/versions",
|
||||
"//internal/versions/components",
|
||||
"//internal/versionsapi",
|
||||
"//operators/constellation-node-operator/api/v1alpha1",
|
||||
"@io_k8s_api//core/v1:core",
|
||||
"@io_k8s_apimachinery//pkg/api/errors",
|
||||
|
||||
@ -19,6 +19,7 @@ import (
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/image"
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/upgrade"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/compatibility"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
@ -29,7 +30,6 @@ import (
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versions"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versions/components"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
updatev1alpha1 "github.com/edgelesssys/constellation/v2/operators/constellation-node-operator/v2/api/v1alpha1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
k8serrors "k8s.io/apimachinery/pkg/api/errors"
|
||||
|
||||
@ -22,7 +22,7 @@ With `cdbg` and `yq` installed in your path:
|
||||
|
||||
1. Run `constellation config generate` to create a new default configuration
|
||||
|
||||
2. Locate the latest debugd images by running `(cd internal/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)`
|
||||
2. Locate the latest debugd images by running `(cd internal/api/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)`
|
||||
|
||||
3. Modify the `constellation-conf.yaml` to use an image with the debugd already included and add required firewall rules:
|
||||
|
||||
|
||||
@ -11,12 +11,12 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/e2e/internal/upgrade",
|
||||
visibility = ["//e2e:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/fetcher",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/constants",
|
||||
"//internal/logger",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/fetcher",
|
||||
"@in_gopkg_yaml_v3//:yaml_v3",
|
||||
"@sh_helm_helm_v3//pkg/action",
|
||||
"@sh_helm_helm_v3//pkg/cli",
|
||||
|
||||
@ -19,10 +19,10 @@ import (
|
||||
|
||||
"gopkg.in/yaml.v3"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
|
||||
)
|
||||
|
||||
type upgradeInfo struct {
|
||||
@ -36,7 +36,7 @@ func fetchUpgradeInfo(ctx context.Context, csp cloudprovider.Provider, toImage s
|
||||
measurements: make(measurements.M),
|
||||
shortPath: toImage,
|
||||
}
|
||||
versionsClient := fetcher.NewFetcher()
|
||||
versionsClient := fetcher.NewVersionAPIFetcher()
|
||||
|
||||
ver, err := versionsapi.NewVersionFromShortPath(toImage, versionsapi.VersionKindImage)
|
||||
if err != nil {
|
||||
@ -124,7 +124,7 @@ func getFromURL(ctx context.Context, client *http.Client, sourceURL *url.URL) ([
|
||||
return content, nil
|
||||
}
|
||||
|
||||
func fetchImageRef(ctx context.Context, client *fetcher.Fetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) {
|
||||
func fetchImageRef(ctx context.Context, client *fetcher.VersionAPIFetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) {
|
||||
imageInfo, err := client.FetchImageInfo(ctx, imageInfo)
|
||||
if err != nil {
|
||||
return "", err
|
||||
|
||||
@ -6,10 +6,10 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/hack/cli-k8s-compatibility",
|
||||
visibility = ["//visibility:private"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/api/versionsapi/client",
|
||||
"//internal/logger",
|
||||
"//internal/versions",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/client",
|
||||
"@org_uber_go_zap//zapcore",
|
||||
],
|
||||
)
|
||||
|
||||
@ -11,10 +11,10 @@ import (
|
||||
"context"
|
||||
"flag"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versions"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/image/upload/internal/cmd",
|
||||
visibility = ["//image/upload:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/logger",
|
||||
"//internal/osimage",
|
||||
@ -27,7 +28,6 @@ go_library(
|
||||
"//internal/osimage/gcp",
|
||||
"//internal/osimage/nop",
|
||||
"//internal/osimage/secureboot",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_spf13_afero//:afero",
|
||||
"@com_github_spf13_cobra//:cobra",
|
||||
"@org_uber_go_zap//zapcore",
|
||||
|
||||
@ -10,8 +10,8 @@ import (
|
||||
"context"
|
||||
"io"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
type archivist interface {
|
||||
|
||||
@ -11,8 +11,8 @@ import (
|
||||
"path/filepath"
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/spf13/cobra"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
|
||||
@ -13,9 +13,9 @@ import (
|
||||
"io"
|
||||
"strings"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
func uploadImage(ctx context.Context, archiveC archivist, uploadC uploader, req *osimage.UploadRequest, out io.Writer) error {
|
||||
|
||||
@ -2,28 +2,30 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
||||
load("//bazel/go:go_test.bzl", "go_test")
|
||||
|
||||
go_library(
|
||||
name = "attestationapi",
|
||||
srcs = ["attestationapi.go"],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/attestationapi",
|
||||
name = "configapi",
|
||||
srcs = [
|
||||
"attestation.go",
|
||||
"configapi.go",
|
||||
"repo.go",
|
||||
],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/api/configapi",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/constants",
|
||||
"//internal/kms/storage",
|
||||
"//internal/kms/storage/awss3",
|
||||
"//internal/kms/uri",
|
||||
"//internal/variant",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/fetcher",
|
||||
],
|
||||
)
|
||||
|
||||
go_test(
|
||||
name = "attestationapi_test",
|
||||
srcs = ["attestationapi_test.go"],
|
||||
name = "configapi_test",
|
||||
srcs = ["repo_test.go"],
|
||||
deps = [
|
||||
":attestationapi",
|
||||
":configapi",
|
||||
"//internal/kms/uri",
|
||||
"//internal/variant",
|
||||
"@com_github_stretchr_testify//assert",
|
||||
"@com_github_stretchr_testify//require",
|
||||
],
|
||||
)
|
||||
125
internal/api/configapi/attestation.go
Normal file
125
internal/api/configapi/attestation.go
Normal file
@ -0,0 +1,125 @@
|
||||
/*
|
||||
Copyright (c) Edgeless Systems GmbH
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package configapi
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/url"
|
||||
"path"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
)
|
||||
|
||||
const (
|
||||
Bootloader AzureSEVSNPVersionType = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
|
||||
TEE AzureSEVSNPVersionType = "tee" // TEE is the version of the Azure SEVSNP TEE.
|
||||
SNP AzureSEVSNPVersionType = "snp" // SNP is the version of the Azure SEVSNP SNP.
|
||||
Microcode AzureSEVSNPVersionType = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
|
||||
)
|
||||
|
||||
// AttestationURLPath is the URL path to the attestation versions.
|
||||
const AttestationURLPath = "constellation/v1/attestation"
|
||||
|
||||
// AzureSEVSNP is the latest version of each component of the Azure SEVSNP.
|
||||
// used for testing only.
|
||||
// TODO remove? (or use for fallback?)
|
||||
var AzureSEVSNP = AzureSEVSNPVersion{
|
||||
Bootloader: 2,
|
||||
TEE: 0,
|
||||
SNP: 6,
|
||||
Microcode: 93,
|
||||
}
|
||||
|
||||
// AzureSEVSNPVersionType is the type of the version to be requested.
|
||||
type AzureSEVSNPVersionType (string)
|
||||
|
||||
// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP.
|
||||
type AzureSEVSNPVersion struct {
|
||||
// Bootloader is the latest version of the Azure SEVSNP bootloader.
|
||||
Bootloader uint8 `json:"bootloader"`
|
||||
// TEE is the latest version of the Azure SEVSNP TEE.
|
||||
TEE uint8 `json:"tee"`
|
||||
// SNP is the latest version of the Azure SEVSNP SNP.
|
||||
SNP uint8 `json:"snp"`
|
||||
// Microcode is the latest version of the Azure SEVSNP microcode.
|
||||
Microcode uint8 `json:"microcode"`
|
||||
}
|
||||
|
||||
// AzureSEVSNPVersionGet is the request to get the version information of the specific version in the config api.
|
||||
type AzureSEVSNPVersionGet struct {
|
||||
Version string `json:"-"`
|
||||
AzureSEVSNPVersion
|
||||
}
|
||||
|
||||
// URL returns the URL for the request to the config api.
|
||||
func (i AzureSEVSNPVersionGet) URL() (string, error) {
|
||||
url, err := url.Parse(constants.CDNRepositoryURL)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("parsing CDN URL: %w", err)
|
||||
}
|
||||
url.Path = i.JSONPath()
|
||||
return url.String(), nil
|
||||
}
|
||||
|
||||
// JSONPath returns the path to the JSON file for the request to the config api.
|
||||
func (i AzureSEVSNPVersionGet) JSONPath() string {
|
||||
return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), i.Version)
|
||||
}
|
||||
|
||||
// ValidateRequest validates the request.
|
||||
func (i AzureSEVSNPVersionGet) ValidateRequest() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Validate validates the request.
|
||||
func (i AzureSEVSNPVersionGet) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// AzureSEVSNPVersionList is the request to list all versions in the config api.
|
||||
type AzureSEVSNPVersionList ([]string)
|
||||
|
||||
// URL returns the URL for the request to the config api.
|
||||
func (i AzureSEVSNPVersionList) URL() (string, error) {
|
||||
url, err := url.Parse(constants.CDNRepositoryURL)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("parsing CDN URL: %w", err)
|
||||
}
|
||||
url.Path = i.JSONPath()
|
||||
return url.String(), nil
|
||||
}
|
||||
|
||||
// JSONPath returns the path to the JSON file for the request to the config api.
|
||||
func (i AzureSEVSNPVersionList) JSONPath() string {
|
||||
return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), "list")
|
||||
}
|
||||
|
||||
// ValidateRequest validates the request.
|
||||
func (i AzureSEVSNPVersionList) ValidateRequest() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Validate validates the request.
|
||||
func (i AzureSEVSNPVersionList) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetVersionByType returns the requested version of the given type.
|
||||
func GetVersionByType(res AzureSEVSNPVersion, t AzureSEVSNPVersionType) uint8 {
|
||||
switch t {
|
||||
case Bootloader:
|
||||
return res.Bootloader
|
||||
case TEE:
|
||||
return res.TEE
|
||||
case SNP:
|
||||
return res.SNP
|
||||
case Microcode:
|
||||
return res.Microcode
|
||||
default:
|
||||
return 1
|
||||
}
|
||||
}
|
||||
20
internal/api/configapi/configapi.go
Normal file
20
internal/api/configapi/configapi.go
Normal file
@ -0,0 +1,20 @@
|
||||
/*
|
||||
Copyright (c) Edgeless Systems GmbH
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
/*
|
||||
# Config API
|
||||
|
||||
The Config API provides information about versions of Constellation components.
|
||||
|
||||
This package defines API types that represents objects of the config API.
|
||||
The types provide helper methods for validation and commonly used operations on the
|
||||
information contained in the objects. Especially the paths used for the API are defined
|
||||
in these helper methods.
|
||||
|
||||
The package also provides helper functions that can be used in context of the config API,
|
||||
e.g. to validate versions.
|
||||
*/
|
||||
package configapi
|
||||
@ -1,4 +1,9 @@
|
||||
package attestationapi
|
||||
/*
|
||||
Copyright (c) Edgeless Systems GmbH
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package configapi
|
||||
|
||||
import (
|
||||
"context"
|
||||
@ -13,32 +18,8 @@ import (
|
||||
"github.com/edgelesssys/constellation/v2/internal/kms/storage/awss3"
|
||||
"github.com/edgelesssys/constellation/v2/internal/kms/uri"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
|
||||
)
|
||||
|
||||
const (
|
||||
Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
|
||||
TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE.
|
||||
SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP.
|
||||
Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
|
||||
)
|
||||
|
||||
// AttestationPath is the path to the attestation versions.
|
||||
const AttestationPath = "constellation/v1/attestation"
|
||||
|
||||
// AzureSEVSNP is the latest version of each component of the Azure SEVSNP.
|
||||
// used for testing only
|
||||
var AzureSEVSNP = versionsapi.AzureSEVSNPVersion{
|
||||
Bootloader: 2,
|
||||
TEE: 0,
|
||||
SNP: 6,
|
||||
Microcode: 93,
|
||||
}
|
||||
|
||||
// Type is the type of the version to be requested.
|
||||
type Type (string)
|
||||
|
||||
// AttestationVersionRepo manages (modifies) the version information for the attestation variants.
|
||||
type AttestationVersionRepo struct {
|
||||
*awss3.Storage
|
||||
@ -54,7 +35,7 @@ func NewAttestationVersionRepo(ctx context.Context, cfg uri.AWSS3Config) (*Attes
|
||||
}
|
||||
|
||||
// UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP.
|
||||
func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions versionsapi.AzureSEVSNPVersion, date time.Time) error {
|
||||
func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions AzureSEVSNPVersion, date time.Time) error {
|
||||
bt, err := json.Marshal(versions)
|
||||
if err != nil {
|
||||
return err
|
||||
@ -62,37 +43,16 @@ func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions
|
||||
variant := variant.AzureSEVSNP{}
|
||||
fname := date.Format("2006-01-02-15-04") + ".json"
|
||||
|
||||
err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationPath, variant.String(), fname), bt)
|
||||
err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationURLPath, variant.String(), fname), bt)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.addVersionToList(ctx, variant, fname)
|
||||
}
|
||||
|
||||
func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error {
|
||||
versions := []string{}
|
||||
key := path.Join(AttestationPath, attestation.String(), "list")
|
||||
bt, err := a.Get(ctx, key)
|
||||
if err == nil {
|
||||
if err := json.Unmarshal(bt, &versions); err != nil {
|
||||
return err
|
||||
}
|
||||
} else if !errors.Is(err, storage.ErrDEKUnset) {
|
||||
return err
|
||||
}
|
||||
versions = append(versions, fname)
|
||||
versions = variant.RemoveDuplicate(versions)
|
||||
sort.Sort(sort.Reverse(sort.StringSlice(versions)))
|
||||
json, err := json.Marshal(versions)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.Put(ctx, key, json)
|
||||
}
|
||||
|
||||
// List returns the list of versions for the given attestation type.
|
||||
func (a AttestationVersionRepo) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
|
||||
key := path.Join(AttestationPath, attestation.String(), "list")
|
||||
key := path.Join(AttestationURLPath, attestation.String(), "list")
|
||||
bt, err := a.Get(ctx, key)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -111,39 +71,26 @@ func (a AttestationVersionRepo) DeleteList(ctx context.Context, attestation vari
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.Put(ctx, path.Join(AttestationPath, attestation.String(), "list"), bt)
|
||||
return a.Put(ctx, path.Join(AttestationURLPath, attestation.String(), "list"), bt)
|
||||
}
|
||||
|
||||
func GetVersionByType(res versionsapi.AzureSEVSNPVersion, t Type) uint8 {
|
||||
switch t {
|
||||
case Bootloader:
|
||||
return res.Bootloader
|
||||
case TEE:
|
||||
return res.TEE
|
||||
case SNP:
|
||||
return res.SNP
|
||||
case Microcode:
|
||||
return res.Microcode
|
||||
default:
|
||||
return 1
|
||||
func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error {
|
||||
versions := []string{}
|
||||
key := path.Join(AttestationURLPath, attestation.String(), "list")
|
||||
bt, err := a.Get(ctx, key)
|
||||
if err == nil {
|
||||
if err := json.Unmarshal(bt, &versions); err != nil {
|
||||
return err
|
||||
}
|
||||
} else if !errors.Is(err, storage.ErrDEKUnset) {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
// GetAzureSEVSNPVersion returns the requested version of the given type.
|
||||
func GetAzureSEVSNPVersion(ctx context.Context) (res versionsapi.AzureSEVSNPVersion, err error) {
|
||||
var versions versionsapi.AzureSEVSNPVersionList
|
||||
fetcher := fetcher.NewFetcher()
|
||||
versions, err = fetcher.FetchAttestationList(ctx, versions)
|
||||
versions = append(versions, fname)
|
||||
versions = variant.RemoveDuplicate(versions)
|
||||
sort.Sort(sort.Reverse(sort.StringSlice(versions)))
|
||||
json, err := json.Marshal(versions)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf("failed fetching versions list: %w", err)
|
||||
return err
|
||||
}
|
||||
if len(versions) < 1 {
|
||||
return res, errors.New("no versions found in /list")
|
||||
}
|
||||
get := versionsapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically)
|
||||
get, err = fetcher.FetchAttestationVersion(ctx, get)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf("failed fetching version: %w", err)
|
||||
}
|
||||
return get.AzureSEVSNPVersion, nil
|
||||
return a.Put(ctx, key, json)
|
||||
}
|
||||
@ -1,16 +1,21 @@
|
||||
package attestationapi_test
|
||||
/*
|
||||
Copyright (c) Edgeless Systems GmbH
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package configapi_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"flag"
|
||||
"fmt"
|
||||
"os"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestationapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/configapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/kms/uri"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
@ -25,7 +30,8 @@ func TestMain(m *testing.M) {
|
||||
flag.Parse()
|
||||
if *awsAccessKey == "" || *awsAccessKeyID == "" || *awsBucket == "" || *awsRegion == "" {
|
||||
flag.Usage()
|
||||
panic("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region")
|
||||
fmt.Println("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region. Skipping tests.")
|
||||
os.Exit(0)
|
||||
}
|
||||
os.Exit(m.Run())
|
||||
}
|
||||
@ -39,16 +45,16 @@ var cfg = uri.AWSS3Config{
|
||||
|
||||
func TestUploadAzureSEVSNPVersions(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg)
|
||||
sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
|
||||
require.NoError(t, err)
|
||||
d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
|
||||
require.NoError(t, sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d))
|
||||
require.NoError(t, sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d))
|
||||
}
|
||||
|
||||
func TestListVersions(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
|
||||
sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg)
|
||||
sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
|
||||
require.NoError(t, err)
|
||||
|
||||
err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
|
||||
@ -59,7 +65,7 @@ func TestListVersions(t *testing.T) {
|
||||
require.Equal(t, []string{}, res)
|
||||
|
||||
d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
|
||||
err = sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d)
|
||||
err = sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d)
|
||||
require.NoError(t, err)
|
||||
res, err = sut.List(ctx, variant.AzureSEVSNP{})
|
||||
require.NoError(t, err)
|
||||
@ -68,10 +74,3 @@ func TestListVersions(t *testing.T) {
|
||||
err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestGetVersion(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
res, err := attestationapi.GetAzureSEVSNPVersion(ctx)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, uint8(2), res.Bootloader)
|
||||
}
|
||||
@ -3,18 +3,28 @@ load("//bazel/go:go_test.bzl", "go_test")
|
||||
|
||||
go_library(
|
||||
name = "fetcher",
|
||||
srcs = ["fetcher.go"],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher",
|
||||
srcs = [
|
||||
"configapi.go",
|
||||
"fetcher.go",
|
||||
"versionapi.go",
|
||||
],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/api/fetcher",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = ["//internal/versionsapi"],
|
||||
deps = [
|
||||
"//internal/api/configapi",
|
||||
"//internal/api/versionsapi",
|
||||
],
|
||||
)
|
||||
|
||||
go_test(
|
||||
name = "fetcher_test",
|
||||
srcs = ["fetcher_test.go"],
|
||||
srcs = [
|
||||
"configapi_test.go",
|
||||
"versionapi_test.go",
|
||||
],
|
||||
embed = [":fetcher"],
|
||||
deps = [
|
||||
"//internal/versionsapi",
|
||||
"//internal/api/versionsapi",
|
||||
"@com_github_stretchr_testify//assert",
|
||||
"@com_github_stretchr_testify//require",
|
||||
"@org_uber_go_goleak//:goleak",
|
||||
47
internal/api/fetcher/configapi.go
Normal file
47
internal/api/fetcher/configapi.go
Normal file
@ -0,0 +1,47 @@
|
||||
package fetcher
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/configapi"
|
||||
)
|
||||
|
||||
// ConfigAPIFetcher fetches config API resources without authentication.
|
||||
type ConfigAPIFetcher struct {
|
||||
*fetcher
|
||||
}
|
||||
|
||||
// NewConfigAPIFetcher returns a new Fetcher.
|
||||
func NewConfigAPIFetcher() *ConfigAPIFetcher {
|
||||
return &ConfigAPIFetcher{newFetcher()}
|
||||
}
|
||||
|
||||
// FetchAzureSEVSNPVersionList fetches the version list information from the config API.
|
||||
func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error) {
|
||||
return fetch(ctx, f.httpc, attestation)
|
||||
}
|
||||
|
||||
// FetchAzureSEVSNPVersion fetches the version information from the config API.
|
||||
func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersion(ctx context.Context, attestation configapi.AzureSEVSNPVersionGet) (configapi.AzureSEVSNPVersionGet, error) {
|
||||
return fetch(ctx, f.httpc, attestation)
|
||||
}
|
||||
|
||||
// FetchLatestAzureSEVSNPVersion returns the latest versions of the given type.
|
||||
func (f *ConfigAPIFetcher) FetchLatestAzureSEVSNPVersion(ctx context.Context) (res configapi.AzureSEVSNPVersion, err error) {
|
||||
var versions configapi.AzureSEVSNPVersionList
|
||||
versions, err = f.FetchAzureSEVSNPVersionList(ctx, versions)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf("failed fetching versions list: %w", err)
|
||||
}
|
||||
if len(versions) < 1 {
|
||||
return res, errors.New("no versions found in /list")
|
||||
}
|
||||
get := configapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically)
|
||||
get, err = f.FetchAzureSEVSNPVersion(ctx, get)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf("failed fetching version: %w", err)
|
||||
}
|
||||
return get.AzureSEVSNPVersion, nil
|
||||
}
|
||||
18
internal/api/fetcher/configapi_test.go
Normal file
18
internal/api/fetcher/configapi_test.go
Normal file
@ -0,0 +1,18 @@
|
||||
package fetcher_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestGetVersion(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
fetcher := fetcher.NewConfigAPIFetcher()
|
||||
res, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, uint8(2), res.Bootloader)
|
||||
}
|
||||
@ -18,50 +18,19 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// Fetcher fetches versions API resources without authentication.
|
||||
type Fetcher struct {
|
||||
// fetcher fetches versions API resources without authentication.
|
||||
type fetcher struct {
|
||||
httpc httpc
|
||||
}
|
||||
|
||||
// NewFetcher returns a new Fetcher.
|
||||
func NewFetcher() *Fetcher {
|
||||
return &Fetcher{
|
||||
func newFetcher() *fetcher {
|
||||
return &fetcher{
|
||||
httpc: &http.Client{Transport: &http.Transport{DisableKeepAlives: true}}, // DisableKeepAlives fixes concurrency issue see https://stackoverflow.com/a/75816347
|
||||
}
|
||||
}
|
||||
|
||||
// FetchVersionList fetches the given version list from the versions API.
|
||||
func (f *Fetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) {
|
||||
return fetch(ctx, f.httpc, list)
|
||||
}
|
||||
|
||||
// FetchVersionLatest fetches the latest version from the versions API.
|
||||
func (f *Fetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) {
|
||||
return fetch(ctx, f.httpc, latest)
|
||||
}
|
||||
|
||||
// FetchImageInfo fetches the given image info from the versions API.
|
||||
func (f *Fetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
|
||||
return fetch(ctx, f.httpc, imageInfo)
|
||||
}
|
||||
|
||||
// FetchCLIInfo fetches the given cli info from the versions API.
|
||||
func (f *Fetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) {
|
||||
return fetch(ctx, f.httpc, cliInfo)
|
||||
}
|
||||
|
||||
func (f *Fetcher) FetchAttestationList(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionList) (versionsapi.AzureSEVSNPVersionList, error) {
|
||||
return fetch(ctx, f.httpc, attestation)
|
||||
}
|
||||
|
||||
func (f *Fetcher) FetchAttestationVersion(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionGet) (versionsapi.AzureSEVSNPVersionGet, error) {
|
||||
return fetch(ctx, f.httpc, attestation)
|
||||
}
|
||||
|
||||
type apiObject interface {
|
||||
ValidateRequest() error
|
||||
Validate() error
|
||||
37
internal/api/fetcher/versionapi.go
Normal file
37
internal/api/fetcher/versionapi.go
Normal file
@ -0,0 +1,37 @@
|
||||
package fetcher
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
)
|
||||
|
||||
// VersionAPIFetcher fetches version API resources without authentication.
|
||||
type VersionAPIFetcher struct {
|
||||
*fetcher
|
||||
}
|
||||
|
||||
// NewVersionAPIFetcher returns a new Fetcher.
|
||||
func NewVersionAPIFetcher() *VersionAPIFetcher {
|
||||
return &VersionAPIFetcher{newFetcher()}
|
||||
}
|
||||
|
||||
// FetchVersionList fetches the given version list from the versions API.
|
||||
func (f *VersionAPIFetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) {
|
||||
return fetch(ctx, f.httpc, list)
|
||||
}
|
||||
|
||||
// FetchVersionLatest fetches the latest version from the versions API.
|
||||
func (f *VersionAPIFetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) {
|
||||
return fetch(ctx, f.httpc, latest)
|
||||
}
|
||||
|
||||
// FetchImageInfo fetches the given image info from the versions API.
|
||||
func (f *VersionAPIFetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
|
||||
return fetch(ctx, f.httpc, imageInfo)
|
||||
}
|
||||
|
||||
// FetchCLIInfo fetches the given cli info from the versions API.
|
||||
func (f *VersionAPIFetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) {
|
||||
return fetch(ctx, f.httpc, cliInfo)
|
||||
}
|
||||
@ -14,7 +14,7 @@ import (
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/goleak"
|
||||
@ -190,7 +190,7 @@ func TestFetchVersionList(t *testing.T) {
|
||||
return tc.serverResp
|
||||
})
|
||||
|
||||
fetcher := &Fetcher{httpc: client}
|
||||
fetcher := VersionAPIFetcher{&fetcher{httpc: client}}
|
||||
|
||||
list, err := fetcher.FetchVersionList(context.Background(), tc.list)
|
||||
|
||||
@ -4,7 +4,6 @@ load("//bazel/go:go_test.bzl", "go_test")
|
||||
go_library(
|
||||
name = "versionsapi",
|
||||
srcs = [
|
||||
"attestation.go",
|
||||
"cliinfo.go",
|
||||
"imageinfo.go",
|
||||
"latest.go",
|
||||
@ -12,12 +11,11 @@ go_library(
|
||||
"version.go",
|
||||
"versionsapi.go",
|
||||
],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi",
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/constants",
|
||||
"//internal/variant",
|
||||
"@org_golang_x_mod//semver",
|
||||
],
|
||||
)
|
||||
@ -9,12 +9,12 @@ go_library(
|
||||
"main.go",
|
||||
"rm.go",
|
||||
],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/cli",
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/cli",
|
||||
visibility = ["//visibility:private"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/api/versionsapi/client",
|
||||
"//internal/logger",
|
||||
"//internal/versionsapi",
|
||||
"//internal/versionsapi/client",
|
||||
"@com_github_aws_aws_sdk_go_v2_config//:config",
|
||||
"@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2",
|
||||
"@com_github_aws_smithy_go//:smithy-go",
|
||||
@ -11,9 +11,9 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
|
||||
"github.com/spf13/cobra"
|
||||
"go.uber.org/zap/zapcore"
|
||||
"golang.org/x/mod/semver"
|
||||
@ -10,9 +10,9 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
|
||||
"github.com/spf13/cobra"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
@ -16,9 +16,9 @@ import (
|
||||
"go.uber.org/zap/zapcore"
|
||||
"golang.org/x/mod/semver"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
|
||||
)
|
||||
|
||||
func newListCmd() *cobra.Command {
|
||||
@ -24,9 +24,9 @@ import (
|
||||
awsconfig "github.com/aws/aws-sdk-go-v2/config"
|
||||
"github.com/aws/aws-sdk-go-v2/service/ec2"
|
||||
"github.com/aws/smithy-go"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
|
||||
gaxv2 "github.com/googleapis/gax-go/v2"
|
||||
"github.com/spf13/cobra"
|
||||
"go.uber.org/zap/zapcore"
|
||||
@ -3,12 +3,12 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
||||
go_library(
|
||||
name = "client",
|
||||
srcs = ["client.go"],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/client",
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/constants",
|
||||
"//internal/logger",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_aws_aws_sdk_go_v2//aws",
|
||||
"@com_github_aws_aws_sdk_go_v2_config//:config",
|
||||
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",
|
||||
@ -42,9 +42,9 @@ import (
|
||||
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
||||
"golang.org/x/mod/semver"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// Client is the client for the versions API.
|
||||
@ -7,7 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-only
|
||||
/*
|
||||
# Versions API
|
||||
|
||||
The Versions API is a provides information about versions of Constellation components.
|
||||
The Versions API provides information about versions of Constellation components.
|
||||
|
||||
This package defines API types that represents objects of the versions API.
|
||||
The types provide helper methods for validation and commonly used operations on the
|
||||
@ -7,13 +7,13 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements/measurement-generator",
|
||||
visibility = ["//visibility:private"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/config",
|
||||
"//internal/constants",
|
||||
"//internal/sigstore",
|
||||
"//internal/variant",
|
||||
"//internal/versionsapi",
|
||||
"@org_golang_x_tools//go/ast/astutil",
|
||||
],
|
||||
)
|
||||
|
||||
@ -23,13 +23,13 @@ import (
|
||||
"sort"
|
||||
"strings"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config"
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/sigstore"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
"golang.org/x/tools/go/ast/astutil"
|
||||
)
|
||||
|
||||
|
||||
@ -18,19 +18,19 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/config",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/configapi",
|
||||
"//internal/api/fetcher",
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/attestation/idkeydigest",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/attestationapi",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/compatibility",
|
||||
"//internal/config/imageversion",
|
||||
"//internal/config/instancetypes",
|
||||
"//internal/config/snpversion",
|
||||
"//internal/constants",
|
||||
"//internal/file",
|
||||
"//internal/variant",
|
||||
"//internal/versions",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_go_playground_locales//en",
|
||||
"@com_github_go_playground_universal_translator//:universal-translator",
|
||||
"@com_github_go_playground_validator_v10//:validator",
|
||||
|
||||
@ -13,14 +13,12 @@ import (
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/configapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/idkeydigest"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestationapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config/snpversion"
|
||||
"github.com/edgelesssys/constellation/v2/internal/config/version"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// AzureSEVSNP is the configuration for Azure SEV-SNP attestation.
|
||||
@ -52,7 +50,8 @@ type AzureSEVSNP struct {
|
||||
// Version numbers are hard coded and should be updated with each new release.
|
||||
func DefaultForAzureSEVSNP() (*AzureSEVSNP, error) {
|
||||
ctx := context.Background()
|
||||
version, err := attestationapi.GetAzureSEVSNPVersion(ctx)
|
||||
fetcher := fetcher.NewConfigAPIFetcher()
|
||||
version, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -106,22 +105,23 @@ func (c AzureSEVSNP) EqualTo(old AttestationCfg) (bool, error) {
|
||||
}
|
||||
|
||||
// UnmarshalYAML implements a custom unmarshaler to support setting "latest" as version.
|
||||
func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||
func (c *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||
aux := &fusedAzureSEVSNP{
|
||||
auxAzureSEVSNP: (*auxAzureSEVSNP)(a),
|
||||
auxAzureSEVSNP: (*auxAzureSEVSNP)(c),
|
||||
}
|
||||
if err := unmarshal(aux); err != nil {
|
||||
return fmt.Errorf("unmarshal AzureSEVSNP: %w", err)
|
||||
}
|
||||
a = (*AzureSEVSNP)(aux.auxAzureSEVSNP)
|
||||
c = (*AzureSEVSNP)(aux.auxAzureSEVSNP)
|
||||
|
||||
versions, err := attestationapi.GetAzureSEVSNPVersion(context.Background())
|
||||
fetcher := fetcher.NewConfigAPIFetcher()
|
||||
versions, err := fetcher.FetchLatestAzureSEVSNPVersion(context.Background())
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get AzureSEVSNP versions: %w", err)
|
||||
}
|
||||
for _, versionType := range []attestationapi.Type{attestationapi.Bootloader, attestationapi.TEE, attestationapi.SNP, attestationapi.Microcode} {
|
||||
if !convertLatestToNumber(a, versions, versionType, aux) {
|
||||
if err := convertStringToUint(a, versionType, aux); err != nil {
|
||||
for _, versionType := range []configapi.AzureSEVSNPVersionType{configapi.Bootloader, configapi.TEE, configapi.SNP, configapi.Microcode} {
|
||||
if !convertLatestToNumber(c, versions, versionType, aux) {
|
||||
if err := convertStringToUint(c, versionType, aux); err != nil {
|
||||
return fmt.Errorf("failed to convert %s version to number: %w", versionType, err)
|
||||
}
|
||||
}
|
||||
@ -129,20 +129,20 @@ func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType attestationapi.Type, aux *fusedAzureSEVSNP) (*uint8, *string) {
|
||||
func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) (*uint8, *string) {
|
||||
var v *uint8
|
||||
var stringV *string
|
||||
switch versionType {
|
||||
case attestationapi.Bootloader:
|
||||
case configapi.Bootloader:
|
||||
v = &c.BootloaderVersion
|
||||
stringV = &aux.BootloaderVersion
|
||||
case attestationapi.TEE:
|
||||
case configapi.TEE:
|
||||
v = &c.TEEVersion
|
||||
stringV = &aux.TEEVersion
|
||||
case attestationapi.SNP:
|
||||
case configapi.SNP:
|
||||
v = &c.SNPVersion
|
||||
stringV = &aux.SNPVersion
|
||||
case attestationapi.Microcode:
|
||||
case configapi.Microcode:
|
||||
v = &c.MicrocodeVersion
|
||||
stringV = &aux.MicrocodeVersion
|
||||
}
|
||||
@ -223,7 +223,7 @@ type fusedAzureSEVSNP struct {
|
||||
MicrocodeVersion string `yaml:"microcodeVersion"`
|
||||
}
|
||||
|
||||
func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fusedAzureSEVSNP) error {
|
||||
func convertStringToUint(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) error {
|
||||
v, stringV := getUintAndStringPtrToVersion(c, versionType, aux)
|
||||
|
||||
bvInt, err := strconv.ParseInt(*stringV, 10, 8)
|
||||
@ -234,10 +234,10 @@ func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fused
|
||||
return nil
|
||||
}
|
||||
|
||||
func convertLatestToNumber(c *AzureSEVSNP, versions versionsapi.AzureSEVSNPVersion, versionType version.Type, aux *fusedAzureSEVSNP) bool {
|
||||
func convertLatestToNumber(c *AzureSEVSNP, versions configapi.AzureSEVSNPVersion, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) bool {
|
||||
v, stringV := getUintAndStringPtrToVersion(c, versionType, aux)
|
||||
if strings.ToLower(*stringV) == "latest" {
|
||||
*v = attestationapi.GetVersionByType(versions, versionType)
|
||||
*v = configapi.GetVersionByType(versions, versionType)
|
||||
return true
|
||||
}
|
||||
return false
|
||||
|
||||
@ -739,7 +739,6 @@ func (c AWSNitroTPM) EqualTo(other AttestationCfg) (bool, error) {
|
||||
return false, fmt.Errorf("cannot compare %T with %T", c, other)
|
||||
}
|
||||
return c.Measurements.EqualTo(otherCfg.Measurements), nil
|
||||
|
||||
}
|
||||
|
||||
// SNPFirmwareSignerConfig is the configuration for validating the firmware signer.
|
||||
|
||||
@ -1,8 +0,0 @@
|
||||
load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
||||
|
||||
go_library(
|
||||
name = "snpversion",
|
||||
srcs = ["snpversion.go"],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/config/snpversion",
|
||||
visibility = ["//:__subpackages__"],
|
||||
)
|
||||
@ -1,33 +0,0 @@
|
||||
/*
|
||||
Copyright (c) Edgeless Systems GmbH
|
||||
|
||||
SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package snpversion
|
||||
|
||||
const (
|
||||
Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
|
||||
TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE.
|
||||
SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP.
|
||||
Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
|
||||
)
|
||||
|
||||
// Type is the type of the version to be requested.
|
||||
type Type string
|
||||
|
||||
// GetLatest returns the version of the given type.
|
||||
func GetLatest(t Type) uint8 {
|
||||
switch t {
|
||||
case Bootloader:
|
||||
return 2
|
||||
case TEE:
|
||||
return 0
|
||||
case SNP:
|
||||
return 6
|
||||
case Microcode:
|
||||
return 93
|
||||
default:
|
||||
panic("invalid version type")
|
||||
}
|
||||
}
|
||||
@ -19,6 +19,7 @@ import (
|
||||
"github.com/go-playground/validator/v10"
|
||||
"golang.org/x/mod/semver"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/compatibility"
|
||||
@ -26,7 +27,6 @@ import (
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versions"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// ValidationError occurs when the validation of a config fails.
|
||||
|
||||
@ -77,6 +77,7 @@ func (s *Storage) Get(ctx context.Context, keyID string) ([]byte, error) {
|
||||
return io.ReadAll(output.Body)
|
||||
}
|
||||
|
||||
// Delete removes a DEK from AWS S3 Storage by key ID.
|
||||
func (s *Storage) Delete(ctx context.Context, keyID string) error {
|
||||
deleteObjectInput := &s3.DeleteObjectInput{
|
||||
Bucket: &s.bucketID,
|
||||
|
||||
@ -6,8 +6,8 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/cloud/cloudprovider",
|
||||
"//internal/osimage/secureboot",
|
||||
"//internal/versionsapi",
|
||||
],
|
||||
)
|
||||
|
||||
@ -6,8 +6,8 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/archive",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/logger",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_aws_aws_sdk_go_v2_config//:config",
|
||||
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",
|
||||
"@com_github_aws_aws_sdk_go_v2_service_s3//:s3",
|
||||
|
||||
@ -16,8 +16,8 @@ import (
|
||||
s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
|
||||
"github.com/aws/aws-sdk-go-v2/service/s3"
|
||||
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// Archivist uploads OS images to S3.
|
||||
|
||||
@ -6,10 +6,10 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/aws",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/logger",
|
||||
"//internal/osimage",
|
||||
"//internal/osimage/secureboot",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_aws_aws_sdk_go_v2_config//:config",
|
||||
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",
|
||||
"@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2",
|
||||
|
||||
@ -23,10 +23,10 @@ import (
|
||||
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
||||
"github.com/aws/smithy-go"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// Uploader can upload and remove os images on GCP.
|
||||
|
||||
@ -9,9 +9,9 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/azure",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/logger",
|
||||
"//internal/osimage",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_azure_azure_sdk_for_go_sdk_azcore//runtime",
|
||||
"@com_github_azure_azure_sdk_for_go_sdk_azidentity//:azidentity",
|
||||
"@com_github_azure_azure_sdk_for_go_sdk_resourcemanager_compute_armcompute_v4//:armcompute",
|
||||
|
||||
@ -21,9 +21,9 @@ import (
|
||||
armcomputev4 "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// Uploader can upload and remove os images on Azure.
|
||||
|
||||
@ -6,10 +6,10 @@ go_library(
|
||||
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/gcp",
|
||||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/api/versionsapi",
|
||||
"//internal/logger",
|
||||
"//internal/osimage",
|
||||
"//internal/osimage/secureboot",
|
||||
"//internal/versionsapi",
|
||||
"@com_github_googleapis_gax_go_v2//:gax-go",
|
||||
"@com_google_cloud_go_compute//apiv1",
|
||||
"@com_google_cloud_go_compute//apiv1/computepb",
|
||||
|
||||
@ -19,10 +19,10 @@ import (
|
||||
compute "cloud.google.com/go/compute/apiv1"
|
||||
"cloud.google.com/go/compute/apiv1/computepb"
|
||||
"cloud.google.com/go/storage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/logger"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
gaxv2 "github.com/googleapis/gax-go/v2"
|
||||
)
|
||||
|
||||
|
||||
@ -11,9 +11,9 @@ import (
|
||||
"io"
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
|
||||
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
|
||||
)
|
||||
|
||||
// UploadRequest is a request to upload an os image.
|
||||
|
||||
@ -1,74 +0,0 @@
|
||||
package versionsapi
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/url"
|
||||
"path"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/internal/constants"
|
||||
"github.com/edgelesssys/constellation/v2/internal/variant"
|
||||
)
|
||||
|
||||
// AttestationPath is the path to the attestation versions.
|
||||
const AttestationPath = "constellation/v1/attestation" // TODO already in attestationonapi but import cycle otherwise
|
||||
|
||||
// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP.
|
||||
type AzureSEVSNPVersion struct {
|
||||
// Bootloader is the latest version of the Azure SEVSNP bootloader.
|
||||
Bootloader uint8 `json:"bootloader"`
|
||||
// TEE is the latest version of the Azure SEVSNP TEE.
|
||||
TEE uint8 `json:"tee"`
|
||||
// SNP is the latest version of the Azure SEVSNP SNP.
|
||||
SNP uint8 `json:"snp"`
|
||||
// Microcode is the latest version of the Azure SEVSNP microcode.
|
||||
Microcode uint8 `json:"microcode"`
|
||||
}
|
||||
|
||||
type AzureSEVSNPVersionGet struct {
|
||||
Version string `json:"-"`
|
||||
AzureSEVSNPVersion
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionGet) URL() (string, error) {
|
||||
url, err := url.Parse(constants.CDNRepositoryURL)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("parsing CDN URL: %w", err)
|
||||
}
|
||||
url.Path = i.JSONPath()
|
||||
return url.String(), nil
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionGet) JSONPath() string {
|
||||
return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), i.Version)
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionGet) ValidateRequest() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionGet) Validate() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type AzureSEVSNPVersionList ([]string)
|
||||
|
||||
func (i AzureSEVSNPVersionList) URL() (string, error) {
|
||||
url, err := url.Parse(constants.CDNRepositoryURL)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("parsing CDN URL: %w", err)
|
||||
}
|
||||
url.Path = i.JSONPath()
|
||||
return url.String(), nil
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionList) JSONPath() string {
|
||||
return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), "list")
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionList) ValidateRequest() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (i AzureSEVSNPVersionList) Validate() error {
|
||||
return nil
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user