diff --git a/.github/actions/versionsapi/Dockerfile b/.github/actions/versionsapi/Dockerfile index 3cafdc0e7..145703dff 100644 --- a/.github/actions/versionsapi/Dockerfile +++ b/.github/actions/versionsapi/Dockerfile @@ -13,11 +13,11 @@ RUN go mod download COPY . . # Build -WORKDIR /workspace/internal/versionsapi/cli +WORKDIR /workspace/internal/api/versionsapi/cli RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o versionsapi . FROM scratch as release -COPY --from=builder /workspace/internal/versionsapi/cli/versionsapi . +COPY --from=builder /workspace/internal/api/versionsapi/cli/versionsapi . CMD ["/notIntendedToBeExecuted"] diff --git a/.github/workflows/build-versionsapi-ci-image.yml b/.github/workflows/build-versionsapi-ci-image.yml index 50e429cab..282859684 100644 --- a/.github/workflows/build-versionsapi-ci-image.yml +++ b/.github/workflows/build-versionsapi-ci-image.yml @@ -6,7 +6,7 @@ on: branches: - main paths: - - "internal/versionsapi/**" + - "internal/api/versionsapi/**" - ".github/workflows/build-versionsapi-ci-image.yml" - ".github/actions/versionsapi/**" diff --git a/CODEOWNERS b/CODEOWNERS index dae290217..e0117a40c 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -36,7 +36,7 @@ /internal/retry @katexochen /internal/sigstore @malt3 /internal/versions @katexochen -/internal/versionsapi @katexochen +/internal/api/versionsapi @katexochen /joinservice @daniel-weisse /keyservice @daniel-weisse /operators @malt3 diff --git a/cli/internal/cmd/BUILD.bazel b/cli/internal/cmd/BUILD.bazel index 386adaa65..e31d266d2 100644 --- a/cli/internal/cmd/BUILD.bazel +++ b/cli/internal/cmd/BUILD.bazel @@ -47,6 +47,8 @@ go_library( "//cli/internal/terraform", "//cli/internal/upgrade", "//disk-mapper/recoverproto", + "//internal/api/fetcher", + "//internal/api/versionsapi", "//internal/atls", "//internal/attestation/measurements", "//internal/cloud/azureshared", @@ -71,8 +73,6 @@ go_library( "//internal/sigstore", "//internal/variant", "//internal/versions", - "//internal/versionsapi", - "//internal/versionsapi/fetcher", "//operators/constellation-node-operator/api/v1alpha1", "//verify/verifyproto", "@com_github_mattn_go_isatty//:go-isatty", @@ -126,6 +126,7 @@ go_test( "//cli/internal/terraform", "//cli/internal/upgrade", "//disk-mapper/recoverproto", + "//internal/api/versionsapi", "//internal/atls", "//internal/attestation/measurements", "//internal/cloud/cloudprovider", @@ -142,7 +143,6 @@ go_test( "//internal/logger", "//internal/variant", "//internal/versions", - "//internal/versionsapi", "//operators/constellation-node-operator/api/v1alpha1", "//verify/verifyproto", "@com_github_spf13_afero//:afero", diff --git a/cli/internal/cmd/configfetchmeasurements.go b/cli/internal/cmd/configfetchmeasurements.go index 21b4add68..8183caeb8 100644 --- a/cli/internal/cmd/configfetchmeasurements.go +++ b/cli/internal/cmd/configfetchmeasurements.go @@ -14,12 +14,12 @@ import ( "net/url" "time" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/sigstore" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/spf13/afero" "github.com/spf13/cobra" ) diff --git a/cli/internal/cmd/configfetchmeasurements_test.go b/cli/internal/cmd/configfetchmeasurements_test.go index 49610720b..a7e4f39f7 100644 --- a/cli/internal/cmd/configfetchmeasurements_test.go +++ b/cli/internal/cmd/configfetchmeasurements_test.go @@ -15,12 +15,12 @@ import ( "net/url" "testing" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/spf13/afero" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/cli/internal/cmd/upgradecheck.go b/cli/internal/cmd/upgradecheck.go index 60668637f..d7171b013 100644 --- a/cli/internal/cmd/upgradecheck.go +++ b/cli/internal/cmd/upgradecheck.go @@ -17,6 +17,8 @@ import ( "github.com/edgelesssys/constellation/v2/cli/internal/helm" "github.com/edgelesssys/constellation/v2/cli/internal/kubernetes" + "github.com/edgelesssys/constellation/v2/internal/api/fetcher" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/compatibility" @@ -27,8 +29,6 @@ import ( conSemver "github.com/edgelesssys/constellation/v2/internal/semver" "github.com/edgelesssys/constellation/v2/internal/sigstore" "github.com/edgelesssys/constellation/v2/internal/versions" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher" "github.com/siderolabs/talos/pkg/machinery/config/encoder" "github.com/spf13/afero" "github.com/spf13/cobra" @@ -66,7 +66,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error { if err != nil { return err } - versionListFetcher := fetcher.NewFetcher() + versionListFetcher := fetcher.NewVersionAPIFetcher() rekor, err := sigstore.NewRekor() if err != nil { return fmt.Errorf("constructing Rekor client: %w", err) @@ -82,7 +82,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error { flags: flags, cliVersion: compatibility.EnsurePrefixV(constants.VersionInfo()), log: log, - versionsapi: fetcher.NewFetcher(), + versionsapi: fetcher.NewVersionAPIFetcher(), }, log: log, } diff --git a/cli/internal/cmd/upgradecheck_test.go b/cli/internal/cmd/upgradecheck_test.go index 358e44ad2..c9e656986 100644 --- a/cli/internal/cmd/upgradecheck_test.go +++ b/cli/internal/cmd/upgradecheck_test.go @@ -15,6 +15,7 @@ import ( "strings" "testing" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/config" @@ -22,7 +23,6 @@ import ( "github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/spf13/afero" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/cli/internal/image/BUILD.bazel b/cli/internal/image/BUILD.bazel index 68a4cdcab..13462e3ba 100644 --- a/cli/internal/image/BUILD.bazel +++ b/cli/internal/image/BUILD.bazel @@ -10,11 +10,11 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/cli/internal/image", visibility = ["//cli:__subpackages__"], deps = [ + "//internal/api/fetcher", + "//internal/api/versionsapi", "//internal/cloud/cloudprovider", "//internal/config", "//internal/variant", - "//internal/versionsapi", - "//internal/versionsapi/fetcher", "@com_github_schollz_progressbar_v3//:progressbar", "@com_github_spf13_afero//:afero", ], @@ -28,10 +28,10 @@ go_test( ], embed = [":image"], deps = [ + "//internal/api/versionsapi", "//internal/cloud/cloudprovider", "//internal/config", "//internal/file", - "//internal/versionsapi", "@com_github_spf13_afero//:afero", "@com_github_stretchr_testify//assert", "@com_github_stretchr_testify//require", diff --git a/cli/internal/image/image.go b/cli/internal/image/image.go index c9e246389..973b365c3 100644 --- a/cli/internal/image/image.go +++ b/cli/internal/image/image.go @@ -19,11 +19,11 @@ import ( "io/fs" "regexp" + "github.com/edgelesssys/constellation/v2/internal/api/fetcher" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher" "github.com/spf13/afero" ) @@ -36,7 +36,7 @@ type Fetcher struct { // New returns a new image fetcher. func New() *Fetcher { return &Fetcher{ - fetcher: fetcher.NewFetcher(), + fetcher: fetcher.NewVersionAPIFetcher(), fs: &afero.Afero{Fs: afero.NewOsFs()}, } } diff --git a/cli/internal/image/image_test.go b/cli/internal/image/image_test.go index 88d9082cb..f30ce5c31 100644 --- a/cli/internal/image/image_test.go +++ b/cli/internal/image/image_test.go @@ -13,10 +13,10 @@ import ( "net/http" "testing" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/file" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/spf13/afero" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/cli/internal/kubernetes/BUILD.bazel b/cli/internal/kubernetes/BUILD.bazel index a676eba4c..6fa4a431e 100644 --- a/cli/internal/kubernetes/BUILD.bazel +++ b/cli/internal/kubernetes/BUILD.bazel @@ -15,6 +15,7 @@ go_library( "//cli/internal/image", "//cli/internal/terraform", "//cli/internal/upgrade", + "//internal/api/versionsapi", "//internal/attestation/measurements", "//internal/compatibility", "//internal/config", @@ -25,7 +26,6 @@ go_library( "//internal/variant", "//internal/versions", "//internal/versions/components", - "//internal/versionsapi", "//operators/constellation-node-operator/api/v1alpha1", "@io_k8s_api//core/v1:core", "@io_k8s_apimachinery//pkg/api/errors", diff --git a/cli/internal/kubernetes/upgrade.go b/cli/internal/kubernetes/upgrade.go index 5ffc6c1ff..43f1ebeb5 100644 --- a/cli/internal/kubernetes/upgrade.go +++ b/cli/internal/kubernetes/upgrade.go @@ -19,6 +19,7 @@ import ( "github.com/edgelesssys/constellation/v2/cli/internal/image" "github.com/edgelesssys/constellation/v2/cli/internal/terraform" "github.com/edgelesssys/constellation/v2/cli/internal/upgrade" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/compatibility" "github.com/edgelesssys/constellation/v2/internal/config" @@ -29,7 +30,6 @@ import ( "github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions/components" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" updatev1alpha1 "github.com/edgelesssys/constellation/v2/operators/constellation-node-operator/v2/api/v1alpha1" corev1 "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" diff --git a/debugd/README.md b/debugd/README.md index f1c39a608..f6c516ee0 100644 --- a/debugd/README.md +++ b/debugd/README.md @@ -22,7 +22,7 @@ With `cdbg` and `yq` installed in your path: 1. Run `constellation config generate` to create a new default configuration -2. Locate the latest debugd images by running `(cd internal/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)` +2. Locate the latest debugd images by running `(cd internal/api/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)` 3. Modify the `constellation-conf.yaml` to use an image with the debugd already included and add required firewall rules: diff --git a/e2e/internal/upgrade/BUILD.bazel b/e2e/internal/upgrade/BUILD.bazel index 044656e62..c713bf960 100644 --- a/e2e/internal/upgrade/BUILD.bazel +++ b/e2e/internal/upgrade/BUILD.bazel @@ -11,12 +11,12 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/e2e/internal/upgrade", visibility = ["//e2e:__subpackages__"], deps = [ + "//internal/api/fetcher", + "//internal/api/versionsapi", "//internal/attestation/measurements", "//internal/cloud/cloudprovider", "//internal/constants", "//internal/logger", - "//internal/versionsapi", - "//internal/versionsapi/fetcher", "@in_gopkg_yaml_v3//:yaml_v3", "@sh_helm_helm_v3//pkg/action", "@sh_helm_helm_v3//pkg/cli", diff --git a/e2e/internal/upgrade/image.go b/e2e/internal/upgrade/image.go index 42afddc74..c30de1a7f 100644 --- a/e2e/internal/upgrade/image.go +++ b/e2e/internal/upgrade/image.go @@ -19,10 +19,10 @@ import ( "gopkg.in/yaml.v3" + "github.com/edgelesssys/constellation/v2/internal/api/fetcher" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher" ) type upgradeInfo struct { @@ -36,7 +36,7 @@ func fetchUpgradeInfo(ctx context.Context, csp cloudprovider.Provider, toImage s measurements: make(measurements.M), shortPath: toImage, } - versionsClient := fetcher.NewFetcher() + versionsClient := fetcher.NewVersionAPIFetcher() ver, err := versionsapi.NewVersionFromShortPath(toImage, versionsapi.VersionKindImage) if err != nil { @@ -124,7 +124,7 @@ func getFromURL(ctx context.Context, client *http.Client, sourceURL *url.URL) ([ return content, nil } -func fetchImageRef(ctx context.Context, client *fetcher.Fetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) { +func fetchImageRef(ctx context.Context, client *fetcher.VersionAPIFetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) { imageInfo, err := client.FetchImageInfo(ctx, imageInfo) if err != nil { return "", err diff --git a/hack/cli-k8s-compatibility/BUILD.bazel b/hack/cli-k8s-compatibility/BUILD.bazel index cae5918cd..83d755b19 100644 --- a/hack/cli-k8s-compatibility/BUILD.bazel +++ b/hack/cli-k8s-compatibility/BUILD.bazel @@ -6,10 +6,10 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/hack/cli-k8s-compatibility", visibility = ["//visibility:private"], deps = [ + "//internal/api/versionsapi", + "//internal/api/versionsapi/client", "//internal/logger", "//internal/versions", - "//internal/versionsapi", - "//internal/versionsapi/client", "@org_uber_go_zap//zapcore", ], ) diff --git a/hack/cli-k8s-compatibility/main.go b/hack/cli-k8s-compatibility/main.go index f840e5f60..c1cf2c672 100644 --- a/hack/cli-k8s-compatibility/main.go +++ b/hack/cli-k8s-compatibility/main.go @@ -11,10 +11,10 @@ import ( "context" "flag" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client" "github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/versions" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - "github.com/edgelesssys/constellation/v2/internal/versionsapi/client" "go.uber.org/zap/zapcore" ) diff --git a/image/upload/internal/cmd/BUILD.bazel b/image/upload/internal/cmd/BUILD.bazel index 5b1d77371..bbffee8b8 100644 --- a/image/upload/internal/cmd/BUILD.bazel +++ b/image/upload/internal/cmd/BUILD.bazel @@ -18,6 +18,7 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/image/upload/internal/cmd", visibility = ["//image/upload:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/cloud/cloudprovider", "//internal/logger", "//internal/osimage", @@ -27,7 +28,6 @@ go_library( "//internal/osimage/gcp", "//internal/osimage/nop", "//internal/osimage/secureboot", - "//internal/versionsapi", "@com_github_spf13_afero//:afero", "@com_github_spf13_cobra//:cobra", "@org_uber_go_zap//zapcore", diff --git a/image/upload/internal/cmd/api.go b/image/upload/internal/cmd/api.go index f2b3445b3..fd219b671 100644 --- a/image/upload/internal/cmd/api.go +++ b/image/upload/internal/cmd/api.go @@ -10,8 +10,8 @@ import ( "context" "io" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/osimage" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) type archivist interface { diff --git a/image/upload/internal/cmd/flags.go b/image/upload/internal/cmd/flags.go index 06b3fbf42..5495b06f6 100644 --- a/image/upload/internal/cmd/flags.go +++ b/image/upload/internal/cmd/flags.go @@ -11,8 +11,8 @@ import ( "path/filepath" "time" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/spf13/cobra" "go.uber.org/zap/zapcore" ) diff --git a/image/upload/internal/cmd/upload.go b/image/upload/internal/cmd/upload.go index 7439efada..7287edb8e 100644 --- a/image/upload/internal/cmd/upload.go +++ b/image/upload/internal/cmd/upload.go @@ -13,9 +13,9 @@ import ( "io" "strings" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/osimage" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) func uploadImage(ctx context.Context, archiveC archivist, uploadC uploader, req *osimage.UploadRequest, out io.Writer) error { diff --git a/internal/attestationapi/BUILD.bazel b/internal/api/configapi/BUILD.bazel similarity index 62% rename from internal/attestationapi/BUILD.bazel rename to internal/api/configapi/BUILD.bazel index ab0a6b762..1380f629a 100644 --- a/internal/attestationapi/BUILD.bazel +++ b/internal/api/configapi/BUILD.bazel @@ -2,28 +2,30 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") load("//bazel/go:go_test.bzl", "go_test") go_library( - name = "attestationapi", - srcs = ["attestationapi.go"], - importpath = "github.com/edgelesssys/constellation/v2/internal/attestationapi", + name = "configapi", + srcs = [ + "attestation.go", + "configapi.go", + "repo.go", + ], + importpath = "github.com/edgelesssys/constellation/v2/internal/api/configapi", visibility = ["//:__subpackages__"], deps = [ + "//internal/constants", "//internal/kms/storage", "//internal/kms/storage/awss3", "//internal/kms/uri", "//internal/variant", - "//internal/versionsapi", - "//internal/versionsapi/fetcher", ], ) go_test( - name = "attestationapi_test", - srcs = ["attestationapi_test.go"], + name = "configapi_test", + srcs = ["repo_test.go"], deps = [ - ":attestationapi", + ":configapi", "//internal/kms/uri", "//internal/variant", - "@com_github_stretchr_testify//assert", "@com_github_stretchr_testify//require", ], ) diff --git a/internal/api/configapi/attestation.go b/internal/api/configapi/attestation.go new file mode 100644 index 000000000..b39647434 --- /dev/null +++ b/internal/api/configapi/attestation.go @@ -0,0 +1,125 @@ +/* +Copyright (c) Edgeless Systems GmbH + +SPDX-License-Identifier: AGPL-3.0-only +*/ +package configapi + +import ( + "fmt" + "net/url" + "path" + + "github.com/edgelesssys/constellation/v2/internal/constants" + "github.com/edgelesssys/constellation/v2/internal/variant" +) + +const ( + Bootloader AzureSEVSNPVersionType = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader. + TEE AzureSEVSNPVersionType = "tee" // TEE is the version of the Azure SEVSNP TEE. + SNP AzureSEVSNPVersionType = "snp" // SNP is the version of the Azure SEVSNP SNP. + Microcode AzureSEVSNPVersionType = "microcode" // Microcode is the version of the Azure SEVSNP microcode. +) + +// AttestationURLPath is the URL path to the attestation versions. +const AttestationURLPath = "constellation/v1/attestation" + +// AzureSEVSNP is the latest version of each component of the Azure SEVSNP. +// used for testing only. +// TODO remove? (or use for fallback?) +var AzureSEVSNP = AzureSEVSNPVersion{ + Bootloader: 2, + TEE: 0, + SNP: 6, + Microcode: 93, +} + +// AzureSEVSNPVersionType is the type of the version to be requested. +type AzureSEVSNPVersionType (string) + +// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP. +type AzureSEVSNPVersion struct { + // Bootloader is the latest version of the Azure SEVSNP bootloader. + Bootloader uint8 `json:"bootloader"` + // TEE is the latest version of the Azure SEVSNP TEE. + TEE uint8 `json:"tee"` + // SNP is the latest version of the Azure SEVSNP SNP. + SNP uint8 `json:"snp"` + // Microcode is the latest version of the Azure SEVSNP microcode. + Microcode uint8 `json:"microcode"` +} + +// AzureSEVSNPVersionGet is the request to get the version information of the specific version in the config api. +type AzureSEVSNPVersionGet struct { + Version string `json:"-"` + AzureSEVSNPVersion +} + +// URL returns the URL for the request to the config api. +func (i AzureSEVSNPVersionGet) URL() (string, error) { + url, err := url.Parse(constants.CDNRepositoryURL) + if err != nil { + return "", fmt.Errorf("parsing CDN URL: %w", err) + } + url.Path = i.JSONPath() + return url.String(), nil +} + +// JSONPath returns the path to the JSON file for the request to the config api. +func (i AzureSEVSNPVersionGet) JSONPath() string { + return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), i.Version) +} + +// ValidateRequest validates the request. +func (i AzureSEVSNPVersionGet) ValidateRequest() error { + return nil +} + +// Validate validates the request. +func (i AzureSEVSNPVersionGet) Validate() error { + return nil +} + +// AzureSEVSNPVersionList is the request to list all versions in the config api. +type AzureSEVSNPVersionList ([]string) + +// URL returns the URL for the request to the config api. +func (i AzureSEVSNPVersionList) URL() (string, error) { + url, err := url.Parse(constants.CDNRepositoryURL) + if err != nil { + return "", fmt.Errorf("parsing CDN URL: %w", err) + } + url.Path = i.JSONPath() + return url.String(), nil +} + +// JSONPath returns the path to the JSON file for the request to the config api. +func (i AzureSEVSNPVersionList) JSONPath() string { + return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), "list") +} + +// ValidateRequest validates the request. +func (i AzureSEVSNPVersionList) ValidateRequest() error { + return nil +} + +// Validate validates the request. +func (i AzureSEVSNPVersionList) Validate() error { + return nil +} + +// GetVersionByType returns the requested version of the given type. +func GetVersionByType(res AzureSEVSNPVersion, t AzureSEVSNPVersionType) uint8 { + switch t { + case Bootloader: + return res.Bootloader + case TEE: + return res.TEE + case SNP: + return res.SNP + case Microcode: + return res.Microcode + default: + return 1 + } +} diff --git a/internal/api/configapi/configapi.go b/internal/api/configapi/configapi.go new file mode 100644 index 000000000..4b5d201c1 --- /dev/null +++ b/internal/api/configapi/configapi.go @@ -0,0 +1,20 @@ +/* +Copyright (c) Edgeless Systems GmbH + +SPDX-License-Identifier: AGPL-3.0-only +*/ + +/* +# Config API + +The Config API provides information about versions of Constellation components. + +This package defines API types that represents objects of the config API. +The types provide helper methods for validation and commonly used operations on the +information contained in the objects. Especially the paths used for the API are defined +in these helper methods. + +The package also provides helper functions that can be used in context of the config API, +e.g. to validate versions. +*/ +package configapi diff --git a/internal/attestationapi/attestationapi.go b/internal/api/configapi/repo.go similarity index 50% rename from internal/attestationapi/attestationapi.go rename to internal/api/configapi/repo.go index 99971d2b2..563d0eab3 100644 --- a/internal/attestationapi/attestationapi.go +++ b/internal/api/configapi/repo.go @@ -1,4 +1,9 @@ -package attestationapi +/* +Copyright (c) Edgeless Systems GmbH + +SPDX-License-Identifier: AGPL-3.0-only +*/ +package configapi import ( "context" @@ -13,32 +18,8 @@ import ( "github.com/edgelesssys/constellation/v2/internal/kms/storage/awss3" "github.com/edgelesssys/constellation/v2/internal/kms/uri" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher" ) -const ( - Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader. - TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE. - SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP. - Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode. -) - -// AttestationPath is the path to the attestation versions. -const AttestationPath = "constellation/v1/attestation" - -// AzureSEVSNP is the latest version of each component of the Azure SEVSNP. -// used for testing only -var AzureSEVSNP = versionsapi.AzureSEVSNPVersion{ - Bootloader: 2, - TEE: 0, - SNP: 6, - Microcode: 93, -} - -// Type is the type of the version to be requested. -type Type (string) - // AttestationVersionRepo manages (modifies) the version information for the attestation variants. type AttestationVersionRepo struct { *awss3.Storage @@ -54,7 +35,7 @@ func NewAttestationVersionRepo(ctx context.Context, cfg uri.AWSS3Config) (*Attes } // UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP. -func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions versionsapi.AzureSEVSNPVersion, date time.Time) error { +func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions AzureSEVSNPVersion, date time.Time) error { bt, err := json.Marshal(versions) if err != nil { return err @@ -62,37 +43,16 @@ func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions variant := variant.AzureSEVSNP{} fname := date.Format("2006-01-02-15-04") + ".json" - err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationPath, variant.String(), fname), bt) + err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationURLPath, variant.String(), fname), bt) if err != nil { return err } return a.addVersionToList(ctx, variant, fname) } -func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error { - versions := []string{} - key := path.Join(AttestationPath, attestation.String(), "list") - bt, err := a.Get(ctx, key) - if err == nil { - if err := json.Unmarshal(bt, &versions); err != nil { - return err - } - } else if !errors.Is(err, storage.ErrDEKUnset) { - return err - } - versions = append(versions, fname) - versions = variant.RemoveDuplicate(versions) - sort.Sort(sort.Reverse(sort.StringSlice(versions))) - json, err := json.Marshal(versions) - if err != nil { - return err - } - return a.Put(ctx, key, json) -} - // List returns the list of versions for the given attestation type. func (a AttestationVersionRepo) List(ctx context.Context, attestation variant.Variant) ([]string, error) { - key := path.Join(AttestationPath, attestation.String(), "list") + key := path.Join(AttestationURLPath, attestation.String(), "list") bt, err := a.Get(ctx, key) if err != nil { return nil, err @@ -111,39 +71,26 @@ func (a AttestationVersionRepo) DeleteList(ctx context.Context, attestation vari if err != nil { return err } - return a.Put(ctx, path.Join(AttestationPath, attestation.String(), "list"), bt) + return a.Put(ctx, path.Join(AttestationURLPath, attestation.String(), "list"), bt) } -func GetVersionByType(res versionsapi.AzureSEVSNPVersion, t Type) uint8 { - switch t { - case Bootloader: - return res.Bootloader - case TEE: - return res.TEE - case SNP: - return res.SNP - case Microcode: - return res.Microcode - default: - return 1 +func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error { + versions := []string{} + key := path.Join(AttestationURLPath, attestation.String(), "list") + bt, err := a.Get(ctx, key) + if err == nil { + if err := json.Unmarshal(bt, &versions); err != nil { + return err + } + } else if !errors.Is(err, storage.ErrDEKUnset) { + return err } -} - -// GetAzureSEVSNPVersion returns the requested version of the given type. -func GetAzureSEVSNPVersion(ctx context.Context) (res versionsapi.AzureSEVSNPVersion, err error) { - var versions versionsapi.AzureSEVSNPVersionList - fetcher := fetcher.NewFetcher() - versions, err = fetcher.FetchAttestationList(ctx, versions) + versions = append(versions, fname) + versions = variant.RemoveDuplicate(versions) + sort.Sort(sort.Reverse(sort.StringSlice(versions))) + json, err := json.Marshal(versions) if err != nil { - return res, fmt.Errorf("failed fetching versions list: %w", err) + return err } - if len(versions) < 1 { - return res, errors.New("no versions found in /list") - } - get := versionsapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically) - get, err = fetcher.FetchAttestationVersion(ctx, get) - if err != nil { - return res, fmt.Errorf("failed fetching version: %w", err) - } - return get.AzureSEVSNPVersion, nil + return a.Put(ctx, key, json) } diff --git a/internal/attestationapi/attestationapi_test.go b/internal/api/configapi/repo_test.go similarity index 71% rename from internal/attestationapi/attestationapi_test.go rename to internal/api/configapi/repo_test.go index ac9e05115..a51ba3dba 100644 --- a/internal/attestationapi/attestationapi_test.go +++ b/internal/api/configapi/repo_test.go @@ -1,16 +1,21 @@ -package attestationapi_test +/* +Copyright (c) Edgeless Systems GmbH + +SPDX-License-Identifier: AGPL-3.0-only +*/ +package configapi_test import ( "context" "flag" + "fmt" "os" "testing" "time" - "github.com/edgelesssys/constellation/v2/internal/attestationapi" + "github.com/edgelesssys/constellation/v2/internal/api/configapi" "github.com/edgelesssys/constellation/v2/internal/kms/uri" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -25,7 +30,8 @@ func TestMain(m *testing.M) { flag.Parse() if *awsAccessKey == "" || *awsAccessKeyID == "" || *awsBucket == "" || *awsRegion == "" { flag.Usage() - panic("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region") + fmt.Println("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region. Skipping tests.") + os.Exit(0) } os.Exit(m.Run()) } @@ -39,16 +45,16 @@ var cfg = uri.AWSS3Config{ func TestUploadAzureSEVSNPVersions(t *testing.T) { ctx := context.Background() - sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg) + sut, err := configapi.NewAttestationVersionRepo(ctx, cfg) require.NoError(t, err) d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC) - require.NoError(t, sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d)) + require.NoError(t, sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d)) } func TestListVersions(t *testing.T) { ctx := context.Background() - sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg) + sut, err := configapi.NewAttestationVersionRepo(ctx, cfg) require.NoError(t, err) err = sut.DeleteList(ctx, variant.AzureSEVSNP{}) @@ -59,7 +65,7 @@ func TestListVersions(t *testing.T) { require.Equal(t, []string{}, res) d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC) - err = sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d) + err = sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d) require.NoError(t, err) res, err = sut.List(ctx, variant.AzureSEVSNP{}) require.NoError(t, err) @@ -68,10 +74,3 @@ func TestListVersions(t *testing.T) { err = sut.DeleteList(ctx, variant.AzureSEVSNP{}) require.NoError(t, err) } - -func TestGetVersion(t *testing.T) { - ctx := context.Background() - res, err := attestationapi.GetAzureSEVSNPVersion(ctx) - require.NoError(t, err) - assert.Equal(t, uint8(2), res.Bootloader) -} diff --git a/internal/versionsapi/fetcher/BUILD.bazel b/internal/api/fetcher/BUILD.bazel similarity index 58% rename from internal/versionsapi/fetcher/BUILD.bazel rename to internal/api/fetcher/BUILD.bazel index 5e80f1b29..3fb3b4e5d 100644 --- a/internal/versionsapi/fetcher/BUILD.bazel +++ b/internal/api/fetcher/BUILD.bazel @@ -3,18 +3,28 @@ load("//bazel/go:go_test.bzl", "go_test") go_library( name = "fetcher", - srcs = ["fetcher.go"], - importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher", + srcs = [ + "configapi.go", + "fetcher.go", + "versionapi.go", + ], + importpath = "github.com/edgelesssys/constellation/v2/internal/api/fetcher", visibility = ["//:__subpackages__"], - deps = ["//internal/versionsapi"], + deps = [ + "//internal/api/configapi", + "//internal/api/versionsapi", + ], ) go_test( name = "fetcher_test", - srcs = ["fetcher_test.go"], + srcs = [ + "configapi_test.go", + "versionapi_test.go", + ], embed = [":fetcher"], deps = [ - "//internal/versionsapi", + "//internal/api/versionsapi", "@com_github_stretchr_testify//assert", "@com_github_stretchr_testify//require", "@org_uber_go_goleak//:goleak", diff --git a/internal/api/fetcher/configapi.go b/internal/api/fetcher/configapi.go new file mode 100644 index 000000000..8e58c305a --- /dev/null +++ b/internal/api/fetcher/configapi.go @@ -0,0 +1,47 @@ +package fetcher + +import ( + "context" + "errors" + "fmt" + + "github.com/edgelesssys/constellation/v2/internal/api/configapi" +) + +// ConfigAPIFetcher fetches config API resources without authentication. +type ConfigAPIFetcher struct { + *fetcher +} + +// NewConfigAPIFetcher returns a new Fetcher. +func NewConfigAPIFetcher() *ConfigAPIFetcher { + return &ConfigAPIFetcher{newFetcher()} +} + +// FetchAzureSEVSNPVersionList fetches the version list information from the config API. +func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error) { + return fetch(ctx, f.httpc, attestation) +} + +// FetchAzureSEVSNPVersion fetches the version information from the config API. +func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersion(ctx context.Context, attestation configapi.AzureSEVSNPVersionGet) (configapi.AzureSEVSNPVersionGet, error) { + return fetch(ctx, f.httpc, attestation) +} + +// FetchLatestAzureSEVSNPVersion returns the latest versions of the given type. +func (f *ConfigAPIFetcher) FetchLatestAzureSEVSNPVersion(ctx context.Context) (res configapi.AzureSEVSNPVersion, err error) { + var versions configapi.AzureSEVSNPVersionList + versions, err = f.FetchAzureSEVSNPVersionList(ctx, versions) + if err != nil { + return res, fmt.Errorf("failed fetching versions list: %w", err) + } + if len(versions) < 1 { + return res, errors.New("no versions found in /list") + } + get := configapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically) + get, err = f.FetchAzureSEVSNPVersion(ctx, get) + if err != nil { + return res, fmt.Errorf("failed fetching version: %w", err) + } + return get.AzureSEVSNPVersion, nil +} diff --git a/internal/api/fetcher/configapi_test.go b/internal/api/fetcher/configapi_test.go new file mode 100644 index 000000000..201de932d --- /dev/null +++ b/internal/api/fetcher/configapi_test.go @@ -0,0 +1,18 @@ +package fetcher_test + +import ( + "context" + "testing" + + "github.com/edgelesssys/constellation/v2/internal/api/fetcher" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestGetVersion(t *testing.T) { + ctx := context.Background() + fetcher := fetcher.NewConfigAPIFetcher() + res, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx) + require.NoError(t, err) + assert.Equal(t, uint8(2), res.Bootloader) +} diff --git a/internal/versionsapi/fetcher/fetcher.go b/internal/api/fetcher/fetcher.go similarity index 60% rename from internal/versionsapi/fetcher/fetcher.go rename to internal/api/fetcher/fetcher.go index 8be8daf34..ab4812db1 100644 --- a/internal/versionsapi/fetcher/fetcher.go +++ b/internal/api/fetcher/fetcher.go @@ -18,50 +18,19 @@ import ( "encoding/json" "fmt" "net/http" - - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) -// Fetcher fetches versions API resources without authentication. -type Fetcher struct { +// fetcher fetches versions API resources without authentication. +type fetcher struct { httpc httpc } -// NewFetcher returns a new Fetcher. -func NewFetcher() *Fetcher { - return &Fetcher{ +func newFetcher() *fetcher { + return &fetcher{ httpc: &http.Client{Transport: &http.Transport{DisableKeepAlives: true}}, // DisableKeepAlives fixes concurrency issue see https://stackoverflow.com/a/75816347 } } -// FetchVersionList fetches the given version list from the versions API. -func (f *Fetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) { - return fetch(ctx, f.httpc, list) -} - -// FetchVersionLatest fetches the latest version from the versions API. -func (f *Fetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) { - return fetch(ctx, f.httpc, latest) -} - -// FetchImageInfo fetches the given image info from the versions API. -func (f *Fetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) { - return fetch(ctx, f.httpc, imageInfo) -} - -// FetchCLIInfo fetches the given cli info from the versions API. -func (f *Fetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) { - return fetch(ctx, f.httpc, cliInfo) -} - -func (f *Fetcher) FetchAttestationList(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionList) (versionsapi.AzureSEVSNPVersionList, error) { - return fetch(ctx, f.httpc, attestation) -} - -func (f *Fetcher) FetchAttestationVersion(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionGet) (versionsapi.AzureSEVSNPVersionGet, error) { - return fetch(ctx, f.httpc, attestation) -} - type apiObject interface { ValidateRequest() error Validate() error diff --git a/internal/api/fetcher/versionapi.go b/internal/api/fetcher/versionapi.go new file mode 100644 index 000000000..0e6afb0ce --- /dev/null +++ b/internal/api/fetcher/versionapi.go @@ -0,0 +1,37 @@ +package fetcher + +import ( + "context" + + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" +) + +// VersionAPIFetcher fetches version API resources without authentication. +type VersionAPIFetcher struct { + *fetcher +} + +// NewVersionAPIFetcher returns a new Fetcher. +func NewVersionAPIFetcher() *VersionAPIFetcher { + return &VersionAPIFetcher{newFetcher()} +} + +// FetchVersionList fetches the given version list from the versions API. +func (f *VersionAPIFetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) { + return fetch(ctx, f.httpc, list) +} + +// FetchVersionLatest fetches the latest version from the versions API. +func (f *VersionAPIFetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) { + return fetch(ctx, f.httpc, latest) +} + +// FetchImageInfo fetches the given image info from the versions API. +func (f *VersionAPIFetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) { + return fetch(ctx, f.httpc, imageInfo) +} + +// FetchCLIInfo fetches the given cli info from the versions API. +func (f *VersionAPIFetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) { + return fetch(ctx, f.httpc, cliInfo) +} diff --git a/internal/versionsapi/fetcher/fetcher_test.go b/internal/api/fetcher/versionapi_test.go similarity index 97% rename from internal/versionsapi/fetcher/fetcher_test.go rename to internal/api/fetcher/versionapi_test.go index 15999ce49..af2d5da67 100644 --- a/internal/versionsapi/fetcher/fetcher_test.go +++ b/internal/api/fetcher/versionapi_test.go @@ -14,7 +14,7 @@ import ( "net/http" "testing" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "go.uber.org/goleak" @@ -190,7 +190,7 @@ func TestFetchVersionList(t *testing.T) { return tc.serverResp }) - fetcher := &Fetcher{httpc: client} + fetcher := VersionAPIFetcher{&fetcher{httpc: client}} list, err := fetcher.FetchVersionList(context.Background(), tc.list) diff --git a/internal/versionsapi/BUILD.bazel b/internal/api/versionsapi/BUILD.bazel similarity index 92% rename from internal/versionsapi/BUILD.bazel rename to internal/api/versionsapi/BUILD.bazel index f2b20fb5b..cbba2a00b 100644 --- a/internal/versionsapi/BUILD.bazel +++ b/internal/api/versionsapi/BUILD.bazel @@ -4,7 +4,6 @@ load("//bazel/go:go_test.bzl", "go_test") go_library( name = "versionsapi", srcs = [ - "attestation.go", "cliinfo.go", "imageinfo.go", "latest.go", @@ -12,12 +11,11 @@ go_library( "version.go", "versionsapi.go", ], - importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi", + importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi", visibility = ["//:__subpackages__"], deps = [ "//internal/cloud/cloudprovider", "//internal/constants", - "//internal/variant", "@org_golang_x_mod//semver", ], ) diff --git a/internal/versionsapi/cli/BUILD.bazel b/internal/api/versionsapi/cli/BUILD.bazel similarity index 91% rename from internal/versionsapi/cli/BUILD.bazel rename to internal/api/versionsapi/cli/BUILD.bazel index 255ced3c2..50d952a8b 100644 --- a/internal/versionsapi/cli/BUILD.bazel +++ b/internal/api/versionsapi/cli/BUILD.bazel @@ -9,12 +9,12 @@ go_library( "main.go", "rm.go", ], - importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/cli", + importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/cli", visibility = ["//visibility:private"], deps = [ + "//internal/api/versionsapi", + "//internal/api/versionsapi/client", "//internal/logger", - "//internal/versionsapi", - "//internal/versionsapi/client", "@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2", "@com_github_aws_smithy_go//:smithy-go", diff --git a/internal/versionsapi/cli/add.go b/internal/api/versionsapi/cli/add.go similarity index 98% rename from internal/versionsapi/cli/add.go rename to internal/api/versionsapi/cli/add.go index e07e576ec..f1df7a25d 100644 --- a/internal/versionsapi/cli/add.go +++ b/internal/api/versionsapi/cli/add.go @@ -11,9 +11,9 @@ import ( "errors" "fmt" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" + verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client" "github.com/spf13/cobra" "go.uber.org/zap/zapcore" "golang.org/x/mod/semver" diff --git a/internal/versionsapi/cli/latest.go b/internal/api/versionsapi/cli/latest.go similarity index 95% rename from internal/versionsapi/cli/latest.go rename to internal/api/versionsapi/cli/latest.go index 437cafcb0..03af7ab83 100644 --- a/internal/versionsapi/cli/latest.go +++ b/internal/api/versionsapi/cli/latest.go @@ -10,9 +10,9 @@ import ( "encoding/json" "fmt" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" + verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client" "github.com/spf13/cobra" "go.uber.org/zap/zapcore" ) diff --git a/internal/versionsapi/cli/list.go b/internal/api/versionsapi/cli/list.go similarity index 97% rename from internal/versionsapi/cli/list.go rename to internal/api/versionsapi/cli/list.go index 97c07d32b..d9fcc4139 100644 --- a/internal/versionsapi/cli/list.go +++ b/internal/api/versionsapi/cli/list.go @@ -16,9 +16,9 @@ import ( "go.uber.org/zap/zapcore" "golang.org/x/mod/semver" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" + verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client" ) func newListCmd() *cobra.Command { diff --git a/internal/versionsapi/cli/main.go b/internal/api/versionsapi/cli/main.go similarity index 100% rename from internal/versionsapi/cli/main.go rename to internal/api/versionsapi/cli/main.go diff --git a/internal/versionsapi/cli/rm.go b/internal/api/versionsapi/cli/rm.go similarity index 99% rename from internal/versionsapi/cli/rm.go rename to internal/api/versionsapi/cli/rm.go index a42de7463..70245fd33 100644 --- a/internal/versionsapi/cli/rm.go +++ b/internal/api/versionsapi/cli/rm.go @@ -24,9 +24,9 @@ import ( awsconfig "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/ec2" "github.com/aws/smithy-go" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" + verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" - verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client" gaxv2 "github.com/googleapis/gax-go/v2" "github.com/spf13/cobra" "go.uber.org/zap/zapcore" diff --git a/internal/versionsapi/client/BUILD.bazel b/internal/api/versionsapi/client/BUILD.bazel similarity index 92% rename from internal/versionsapi/client/BUILD.bazel rename to internal/api/versionsapi/client/BUILD.bazel index 67970662b..521ddc3d4 100644 --- a/internal/versionsapi/client/BUILD.bazel +++ b/internal/api/versionsapi/client/BUILD.bazel @@ -3,12 +3,12 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "client", srcs = ["client.go"], - importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/client", + importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/constants", "//internal/logger", - "//internal/versionsapi", "@com_github_aws_aws_sdk_go_v2//aws", "@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", diff --git a/internal/versionsapi/client/client.go b/internal/api/versionsapi/client/client.go similarity index 99% rename from internal/versionsapi/client/client.go rename to internal/api/versionsapi/client/client.go index 6ef2c37c1..f5411f9ba 100644 --- a/internal/versionsapi/client/client.go +++ b/internal/api/versionsapi/client/client.go @@ -42,9 +42,9 @@ import ( s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" "golang.org/x/mod/semver" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // Client is the client for the versions API. diff --git a/internal/versionsapi/cliinfo.go b/internal/api/versionsapi/cliinfo.go similarity index 100% rename from internal/versionsapi/cliinfo.go rename to internal/api/versionsapi/cliinfo.go diff --git a/internal/versionsapi/cliinfo_test.go b/internal/api/versionsapi/cliinfo_test.go similarity index 100% rename from internal/versionsapi/cliinfo_test.go rename to internal/api/versionsapi/cliinfo_test.go diff --git a/internal/versionsapi/imageinfo.go b/internal/api/versionsapi/imageinfo.go similarity index 100% rename from internal/versionsapi/imageinfo.go rename to internal/api/versionsapi/imageinfo.go diff --git a/internal/versionsapi/imageinfo_test.go b/internal/api/versionsapi/imageinfo_test.go similarity index 100% rename from internal/versionsapi/imageinfo_test.go rename to internal/api/versionsapi/imageinfo_test.go diff --git a/internal/versionsapi/latest.go b/internal/api/versionsapi/latest.go similarity index 100% rename from internal/versionsapi/latest.go rename to internal/api/versionsapi/latest.go diff --git a/internal/versionsapi/latest_test.go b/internal/api/versionsapi/latest_test.go similarity index 100% rename from internal/versionsapi/latest_test.go rename to internal/api/versionsapi/latest_test.go diff --git a/internal/versionsapi/list.go b/internal/api/versionsapi/list.go similarity index 100% rename from internal/versionsapi/list.go rename to internal/api/versionsapi/list.go diff --git a/internal/versionsapi/list_test.go b/internal/api/versionsapi/list_test.go similarity index 100% rename from internal/versionsapi/list_test.go rename to internal/api/versionsapi/list_test.go diff --git a/internal/versionsapi/version.go b/internal/api/versionsapi/version.go similarity index 100% rename from internal/versionsapi/version.go rename to internal/api/versionsapi/version.go diff --git a/internal/versionsapi/version_test.go b/internal/api/versionsapi/version_test.go similarity index 100% rename from internal/versionsapi/version_test.go rename to internal/api/versionsapi/version_test.go diff --git a/internal/versionsapi/versionsapi.go b/internal/api/versionsapi/versionsapi.go similarity index 85% rename from internal/versionsapi/versionsapi.go rename to internal/api/versionsapi/versionsapi.go index 20ce5a67e..54fa65123 100644 --- a/internal/versionsapi/versionsapi.go +++ b/internal/api/versionsapi/versionsapi.go @@ -7,7 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-only /* # Versions API -The Versions API is a provides information about versions of Constellation components. +The Versions API provides information about versions of Constellation components. This package defines API types that represents objects of the versions API. The types provide helper methods for validation and commonly used operations on the diff --git a/internal/attestation/measurements/measurement-generator/BUILD.bazel b/internal/attestation/measurements/measurement-generator/BUILD.bazel index 2e5b3e905..b8bb0137c 100644 --- a/internal/attestation/measurements/measurement-generator/BUILD.bazel +++ b/internal/attestation/measurements/measurement-generator/BUILD.bazel @@ -7,13 +7,13 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements/measurement-generator", visibility = ["//visibility:private"], deps = [ + "//internal/api/versionsapi", "//internal/attestation/measurements", "//internal/cloud/cloudprovider", "//internal/config", "//internal/constants", "//internal/sigstore", "//internal/variant", - "//internal/versionsapi", "@org_golang_x_tools//go/ast/astutil", ], ) diff --git a/internal/attestation/measurements/measurement-generator/generate.go b/internal/attestation/measurements/measurement-generator/generate.go index 6bd9776a0..438c201f2 100644 --- a/internal/attestation/measurements/measurement-generator/generate.go +++ b/internal/attestation/measurements/measurement-generator/generate.go @@ -23,13 +23,13 @@ import ( "sort" "strings" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/sigstore" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" "golang.org/x/tools/go/ast/astutil" ) diff --git a/internal/config/BUILD.bazel b/internal/config/BUILD.bazel index b4710df0e..a81a73360 100644 --- a/internal/config/BUILD.bazel +++ b/internal/config/BUILD.bazel @@ -18,19 +18,19 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/config", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/configapi", + "//internal/api/fetcher", + "//internal/api/versionsapi", "//internal/attestation/idkeydigest", "//internal/attestation/measurements", - "//internal/attestationapi", "//internal/cloud/cloudprovider", "//internal/compatibility", "//internal/config/imageversion", "//internal/config/instancetypes", - "//internal/config/snpversion", "//internal/constants", "//internal/file", "//internal/variant", "//internal/versions", - "//internal/versionsapi", "@com_github_go_playground_locales//en", "@com_github_go_playground_universal_translator//:universal-translator", "@com_github_go_playground_validator_v10//:validator", diff --git a/internal/config/azure.go b/internal/config/azure.go index 0a2ccfb3c..354bc45df 100644 --- a/internal/config/azure.go +++ b/internal/config/azure.go @@ -13,14 +13,12 @@ import ( "strconv" "strings" + "github.com/edgelesssys/constellation/v2/internal/api/configapi" + "github.com/edgelesssys/constellation/v2/internal/api/fetcher" "github.com/edgelesssys/constellation/v2/internal/attestation/idkeydigest" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" - "github.com/edgelesssys/constellation/v2/internal/attestationapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" - "github.com/edgelesssys/constellation/v2/internal/config/snpversion" - "github.com/edgelesssys/constellation/v2/internal/config/version" "github.com/edgelesssys/constellation/v2/internal/variant" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // AzureSEVSNP is the configuration for Azure SEV-SNP attestation. @@ -52,7 +50,8 @@ type AzureSEVSNP struct { // Version numbers are hard coded and should be updated with each new release. func DefaultForAzureSEVSNP() (*AzureSEVSNP, error) { ctx := context.Background() - version, err := attestationapi.GetAzureSEVSNPVersion(ctx) + fetcher := fetcher.NewConfigAPIFetcher() + version, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx) if err != nil { return nil, err } @@ -106,22 +105,23 @@ func (c AzureSEVSNP) EqualTo(old AttestationCfg) (bool, error) { } // UnmarshalYAML implements a custom unmarshaler to support setting "latest" as version. -func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error { +func (c *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error { aux := &fusedAzureSEVSNP{ - auxAzureSEVSNP: (*auxAzureSEVSNP)(a), + auxAzureSEVSNP: (*auxAzureSEVSNP)(c), } if err := unmarshal(aux); err != nil { return fmt.Errorf("unmarshal AzureSEVSNP: %w", err) } - a = (*AzureSEVSNP)(aux.auxAzureSEVSNP) + c = (*AzureSEVSNP)(aux.auxAzureSEVSNP) - versions, err := attestationapi.GetAzureSEVSNPVersion(context.Background()) + fetcher := fetcher.NewConfigAPIFetcher() + versions, err := fetcher.FetchLatestAzureSEVSNPVersion(context.Background()) if err != nil { return fmt.Errorf("failed to get AzureSEVSNP versions: %w", err) } - for _, versionType := range []attestationapi.Type{attestationapi.Bootloader, attestationapi.TEE, attestationapi.SNP, attestationapi.Microcode} { - if !convertLatestToNumber(a, versions, versionType, aux) { - if err := convertStringToUint(a, versionType, aux); err != nil { + for _, versionType := range []configapi.AzureSEVSNPVersionType{configapi.Bootloader, configapi.TEE, configapi.SNP, configapi.Microcode} { + if !convertLatestToNumber(c, versions, versionType, aux) { + if err := convertStringToUint(c, versionType, aux); err != nil { return fmt.Errorf("failed to convert %s version to number: %w", versionType, err) } } @@ -129,20 +129,20 @@ func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error { return nil } -func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType attestationapi.Type, aux *fusedAzureSEVSNP) (*uint8, *string) { +func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) (*uint8, *string) { var v *uint8 var stringV *string switch versionType { - case attestationapi.Bootloader: + case configapi.Bootloader: v = &c.BootloaderVersion stringV = &aux.BootloaderVersion - case attestationapi.TEE: + case configapi.TEE: v = &c.TEEVersion stringV = &aux.TEEVersion - case attestationapi.SNP: + case configapi.SNP: v = &c.SNPVersion stringV = &aux.SNPVersion - case attestationapi.Microcode: + case configapi.Microcode: v = &c.MicrocodeVersion stringV = &aux.MicrocodeVersion } @@ -223,7 +223,7 @@ type fusedAzureSEVSNP struct { MicrocodeVersion string `yaml:"microcodeVersion"` } -func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fusedAzureSEVSNP) error { +func convertStringToUint(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) error { v, stringV := getUintAndStringPtrToVersion(c, versionType, aux) bvInt, err := strconv.ParseInt(*stringV, 10, 8) @@ -234,10 +234,10 @@ func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fused return nil } -func convertLatestToNumber(c *AzureSEVSNP, versions versionsapi.AzureSEVSNPVersion, versionType version.Type, aux *fusedAzureSEVSNP) bool { +func convertLatestToNumber(c *AzureSEVSNP, versions configapi.AzureSEVSNPVersion, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) bool { v, stringV := getUintAndStringPtrToVersion(c, versionType, aux) if strings.ToLower(*stringV) == "latest" { - *v = attestationapi.GetVersionByType(versions, versionType) + *v = configapi.GetVersionByType(versions, versionType) return true } return false diff --git a/internal/config/config.go b/internal/config/config.go index e061a97b3..8b41f8479 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -739,7 +739,6 @@ func (c AWSNitroTPM) EqualTo(other AttestationCfg) (bool, error) { return false, fmt.Errorf("cannot compare %T with %T", c, other) } return c.Measurements.EqualTo(otherCfg.Measurements), nil - } // SNPFirmwareSignerConfig is the configuration for validating the firmware signer. diff --git a/internal/config/snpversion/BUILD.bazel b/internal/config/snpversion/BUILD.bazel deleted file mode 100644 index 190a445df..000000000 --- a/internal/config/snpversion/BUILD.bazel +++ /dev/null @@ -1,8 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "snpversion", - srcs = ["snpversion.go"], - importpath = "github.com/edgelesssys/constellation/v2/internal/config/snpversion", - visibility = ["//:__subpackages__"], -) diff --git a/internal/config/snpversion/snpversion.go b/internal/config/snpversion/snpversion.go deleted file mode 100644 index be0ead82c..000000000 --- a/internal/config/snpversion/snpversion.go +++ /dev/null @@ -1,33 +0,0 @@ -/* -Copyright (c) Edgeless Systems GmbH - -SPDX-License-Identifier: AGPL-3.0-only -*/ - -package snpversion - -const ( - Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader. - TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE. - SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP. - Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode. -) - -// Type is the type of the version to be requested. -type Type string - -// GetLatest returns the version of the given type. -func GetLatest(t Type) uint8 { - switch t { - case Bootloader: - return 2 - case TEE: - return 0 - case SNP: - return 6 - case Microcode: - return 93 - default: - panic("invalid version type") - } -} diff --git a/internal/config/validation.go b/internal/config/validation.go index 28c2999c5..4246ff71b 100644 --- a/internal/config/validation.go +++ b/internal/config/validation.go @@ -19,6 +19,7 @@ import ( "github.com/go-playground/validator/v10" "golang.org/x/mod/semver" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/compatibility" @@ -26,7 +27,6 @@ import ( "github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/versions" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // ValidationError occurs when the validation of a config fails. diff --git a/internal/kms/storage/awss3/awss3.go b/internal/kms/storage/awss3/awss3.go index 7b078a8bc..535ab944e 100644 --- a/internal/kms/storage/awss3/awss3.go +++ b/internal/kms/storage/awss3/awss3.go @@ -77,6 +77,7 @@ func (s *Storage) Get(ctx context.Context, keyID string) ([]byte, error) { return io.ReadAll(output.Body) } +// Delete removes a DEK from AWS S3 Storage by key ID. func (s *Storage) Delete(ctx context.Context, keyID string) error { deleteObjectInput := &s3.DeleteObjectInput{ Bucket: &s.bucketID, diff --git a/internal/osimage/BUILD.bazel b/internal/osimage/BUILD.bazel index 111c5884b..3e9285662 100644 --- a/internal/osimage/BUILD.bazel +++ b/internal/osimage/BUILD.bazel @@ -6,8 +6,8 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/osimage", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/cloud/cloudprovider", "//internal/osimage/secureboot", - "//internal/versionsapi", ], ) diff --git a/internal/osimage/archive/BUILD.bazel b/internal/osimage/archive/BUILD.bazel index 2a23a3efb..a69481e9f 100644 --- a/internal/osimage/archive/BUILD.bazel +++ b/internal/osimage/archive/BUILD.bazel @@ -6,8 +6,8 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/archive", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/logger", - "//internal/versionsapi", "@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", "@com_github_aws_aws_sdk_go_v2_service_s3//:s3", diff --git a/internal/osimage/archive/archive.go b/internal/osimage/archive/archive.go index 3937e61fc..f6f0b08d1 100644 --- a/internal/osimage/archive/archive.go +++ b/internal/osimage/archive/archive.go @@ -16,8 +16,8 @@ import ( s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager" "github.com/aws/aws-sdk-go-v2/service/s3" s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/logger" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // Archivist uploads OS images to S3. diff --git a/internal/osimage/aws/BUILD.bazel b/internal/osimage/aws/BUILD.bazel index 7721504b3..640714442 100644 --- a/internal/osimage/aws/BUILD.bazel +++ b/internal/osimage/aws/BUILD.bazel @@ -6,10 +6,10 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/aws", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/logger", "//internal/osimage", "//internal/osimage/secureboot", - "//internal/versionsapi", "@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", "@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2", diff --git a/internal/osimage/aws/awsupload.go b/internal/osimage/aws/awsupload.go index 43fab5d6e..0c07c241b 100644 --- a/internal/osimage/aws/awsupload.go +++ b/internal/osimage/aws/awsupload.go @@ -23,10 +23,10 @@ import ( s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/aws/smithy-go" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // Uploader can upload and remove os images on GCP. diff --git a/internal/osimage/azure/BUILD.bazel b/internal/osimage/azure/BUILD.bazel index 86dec0251..8951f29dc 100644 --- a/internal/osimage/azure/BUILD.bazel +++ b/internal/osimage/azure/BUILD.bazel @@ -9,9 +9,9 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/azure", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/logger", "//internal/osimage", - "//internal/versionsapi", "@com_github_azure_azure_sdk_for_go_sdk_azcore//runtime", "@com_github_azure_azure_sdk_for_go_sdk_azidentity//:azidentity", "@com_github_azure_azure_sdk_for_go_sdk_resourcemanager_compute_armcompute_v4//:armcompute", diff --git a/internal/osimage/azure/azureupload.go b/internal/osimage/azure/azureupload.go index bc8154ada..81e24b623 100644 --- a/internal/osimage/azure/azureupload.go +++ b/internal/osimage/azure/azureupload.go @@ -21,9 +21,9 @@ import ( armcomputev4 "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/osimage" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // Uploader can upload and remove os images on Azure. diff --git a/internal/osimage/gcp/BUILD.bazel b/internal/osimage/gcp/BUILD.bazel index d6883f2f1..d2b5afcaf 100644 --- a/internal/osimage/gcp/BUILD.bazel +++ b/internal/osimage/gcp/BUILD.bazel @@ -6,10 +6,10 @@ go_library( importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/gcp", visibility = ["//:__subpackages__"], deps = [ + "//internal/api/versionsapi", "//internal/logger", "//internal/osimage", "//internal/osimage/secureboot", - "//internal/versionsapi", "@com_github_googleapis_gax_go_v2//:gax-go", "@com_google_cloud_go_compute//apiv1", "@com_google_cloud_go_compute//apiv1/computepb", diff --git a/internal/osimage/gcp/gcpupload.go b/internal/osimage/gcp/gcpupload.go index 846af7d70..169c9dd34 100644 --- a/internal/osimage/gcp/gcpupload.go +++ b/internal/osimage/gcp/gcpupload.go @@ -19,10 +19,10 @@ import ( compute "cloud.google.com/go/compute/apiv1" "cloud.google.com/go/compute/apiv1/computepb" "cloud.google.com/go/storage" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" gaxv2 "github.com/googleapis/gax-go/v2" ) diff --git a/internal/osimage/osimage.go b/internal/osimage/osimage.go index 8c46054e1..ff90283eb 100644 --- a/internal/osimage/osimage.go +++ b/internal/osimage/osimage.go @@ -11,9 +11,9 @@ import ( "io" "time" + "github.com/edgelesssys/constellation/v2/internal/api/versionsapi" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" - "github.com/edgelesssys/constellation/v2/internal/versionsapi" ) // UploadRequest is a request to upload an os image. diff --git a/internal/versionsapi/attestation.go b/internal/versionsapi/attestation.go deleted file mode 100644 index 43be71403..000000000 --- a/internal/versionsapi/attestation.go +++ /dev/null @@ -1,74 +0,0 @@ -package versionsapi - -import ( - "fmt" - "net/url" - "path" - - "github.com/edgelesssys/constellation/v2/internal/constants" - "github.com/edgelesssys/constellation/v2/internal/variant" -) - -// AttestationPath is the path to the attestation versions. -const AttestationPath = "constellation/v1/attestation" // TODO already in attestationonapi but import cycle otherwise - -// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP. -type AzureSEVSNPVersion struct { - // Bootloader is the latest version of the Azure SEVSNP bootloader. - Bootloader uint8 `json:"bootloader"` - // TEE is the latest version of the Azure SEVSNP TEE. - TEE uint8 `json:"tee"` - // SNP is the latest version of the Azure SEVSNP SNP. - SNP uint8 `json:"snp"` - // Microcode is the latest version of the Azure SEVSNP microcode. - Microcode uint8 `json:"microcode"` -} - -type AzureSEVSNPVersionGet struct { - Version string `json:"-"` - AzureSEVSNPVersion -} - -func (i AzureSEVSNPVersionGet) URL() (string, error) { - url, err := url.Parse(constants.CDNRepositoryURL) - if err != nil { - return "", fmt.Errorf("parsing CDN URL: %w", err) - } - url.Path = i.JSONPath() - return url.String(), nil -} - -func (i AzureSEVSNPVersionGet) JSONPath() string { - return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), i.Version) -} - -func (i AzureSEVSNPVersionGet) ValidateRequest() error { - return nil -} - -func (i AzureSEVSNPVersionGet) Validate() error { - return nil -} - -type AzureSEVSNPVersionList ([]string) - -func (i AzureSEVSNPVersionList) URL() (string, error) { - url, err := url.Parse(constants.CDNRepositoryURL) - if err != nil { - return "", fmt.Errorf("parsing CDN URL: %w", err) - } - url.Path = i.JSONPath() - return url.String(), nil -} - -func (i AzureSEVSNPVersionList) JSONPath() string { - return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), "list") -} - -func (i AzureSEVSNPVersionList) ValidateRequest() error { - return nil -} - -func (i AzureSEVSNPVersionList) Validate() error { - return nil -}