Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-07 06:03:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

fix linting + tests

Browse source
This commit is contained in:
Adrian Stobbe 2023-05-20 01:08:37 +02:00
parent 002779ac96
commit b9cd9807bd
73 changed files with 410 additions and 353 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/actions/versionsapi/Dockerfile vendored
View file

@ -13,11 +13,11 @@ RUN go mod download
COPY . . COPY . .
# Build # Build
WORKDIR /workspace/internal/versionsapi/cli WORKDIR /workspace/internal/api/versionsapi/cli
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o versionsapi . RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o versionsapi .
FROM scratch as release FROM scratch as release
COPY --from=builder /workspace/internal/versionsapi/cli/versionsapi . COPY --from=builder /workspace/internal/api/versionsapi/cli/versionsapi .
CMD ["/notIntendedToBeExecuted"] CMD ["/notIntendedToBeExecuted"]

2
.github/workflows/build-versionsapi-ci-image.yml vendored
View file

@ -6,7 +6,7 @@ on:
branches: branches:
- main - main
paths: paths:
- "internal/versionsapi/**" - "internal/api/versionsapi/**"
- ".github/workflows/build-versionsapi-ci-image.yml" - ".github/workflows/build-versionsapi-ci-image.yml"
- ".github/actions/versionsapi/**" - ".github/actions/versionsapi/**"

2
CODEOWNERS
View file

@ -36,7 +36,7 @@
/internal/retry @katexochen /internal/retry @katexochen
/internal/sigstore @malt3 /internal/sigstore @malt3
/internal/versions @katexochen /internal/versions @katexochen
/internal/versionsapi @katexochen /internal/api/versionsapi @katexochen
/joinservice @daniel-weisse /joinservice @daniel-weisse
/keyservice @daniel-weisse /keyservice @daniel-weisse
/operators @malt3 /operators @malt3

6
cli/internal/cmd/BUILD.bazel
View file

@ -47,6 +47,8 @@ go_library(
"//cli/internal/terraform", "//cli/internal/terraform",
"//cli/internal/upgrade", "//cli/internal/upgrade",
"//disk-mapper/recoverproto", "//disk-mapper/recoverproto",
"//internal/api/fetcher",
"//internal/api/versionsapi",
"//internal/atls", "//internal/atls",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/cloud/azureshared", "//internal/cloud/azureshared",
@ -71,8 +73,6 @@ go_library(
"//internal/sigstore", "//internal/sigstore",
"//internal/variant", "//internal/variant",
"//internal/versions", "//internal/versions",
"//internal/versionsapi",
"//internal/versionsapi/fetcher",
"//operators/constellation-node-operator/api/v1alpha1", "//operators/constellation-node-operator/api/v1alpha1",
"//verify/verifyproto", "//verify/verifyproto",
"@com_github_mattn_go_isatty//:go-isatty", "@com_github_mattn_go_isatty//:go-isatty",
@ -126,6 +126,7 @@ go_test(
"//cli/internal/terraform", "//cli/internal/terraform",
"//cli/internal/upgrade", "//cli/internal/upgrade",
"//disk-mapper/recoverproto", "//disk-mapper/recoverproto",
"//internal/api/versionsapi",
"//internal/atls", "//internal/atls",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
@ -142,7 +143,6 @@ go_test(
"//internal/logger", "//internal/logger",
"//internal/variant", "//internal/variant",
"//internal/versions", "//internal/versions",
"//internal/versionsapi",
"//operators/constellation-node-operator/api/v1alpha1", "//operators/constellation-node-operator/api/v1alpha1",
"//verify/verifyproto", "//verify/verifyproto",
"@com_github_spf13_afero//:afero", "@com_github_spf13_afero//:afero",

2
cli/internal/cmd/configfetchmeasurements.go
View file

@ -14,12 +14,12 @@ import (
"net/url" "net/url"
"time" "time"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/sigstore" "github.com/edgelesssys/constellation/v2/internal/sigstore"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )

2
cli/internal/cmd/configfetchmeasurements_test.go
View file

@ -15,12 +15,12 @@ import (
"net/url" "net/url"
"testing" "testing"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"

8
cli/internal/cmd/upgradecheck.go
View file

@ -17,6 +17,8 @@ import (
"github.com/edgelesssys/constellation/v2/cli/internal/helm" "github.com/edgelesssys/constellation/v2/cli/internal/helm"
"github.com/edgelesssys/constellation/v2/cli/internal/kubernetes" "github.com/edgelesssys/constellation/v2/cli/internal/kubernetes"
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/compatibility" "github.com/edgelesssys/constellation/v2/internal/compatibility"
@ -27,8 +29,6 @@ import (
conSemver "github.com/edgelesssys/constellation/v2/internal/semver" conSemver "github.com/edgelesssys/constellation/v2/internal/semver"
"github.com/edgelesssys/constellation/v2/internal/sigstore" "github.com/edgelesssys/constellation/v2/internal/sigstore"
"github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
"github.com/siderolabs/talos/pkg/machinery/config/encoder" "github.com/siderolabs/talos/pkg/machinery/config/encoder"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -66,7 +66,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
if err != nil { if err != nil {
return err return err
} }
versionListFetcher := fetcher.NewFetcher() versionListFetcher := fetcher.NewVersionAPIFetcher()
rekor, err := sigstore.NewRekor() rekor, err := sigstore.NewRekor()
if err != nil { if err != nil {
return fmt.Errorf("constructing Rekor client: %w", err) return fmt.Errorf("constructing Rekor client: %w", err)
@ -82,7 +82,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
flags: flags, flags: flags,
cliVersion: compatibility.EnsurePrefixV(constants.VersionInfo()), cliVersion: compatibility.EnsurePrefixV(constants.VersionInfo()),
log: log, log: log,
versionsapi: fetcher.NewFetcher(), versionsapi: fetcher.NewVersionAPIFetcher(),
}, },
log: log, log: log,
} }

2
cli/internal/cmd/upgradecheck_test.go
View file

@ -15,6 +15,7 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
@ -22,7 +23,6 @@ import (
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"

6
cli/internal/image/BUILD.bazel
View file

@ -10,11 +10,11 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/cli/internal/image", importpath = "github.com/edgelesssys/constellation/v2/cli/internal/image",
visibility = ["//cli:__subpackages__"], visibility = ["//cli:__subpackages__"],
deps = [ deps = [
"//internal/api/fetcher",
"//internal/api/versionsapi",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/config", "//internal/config",
"//internal/variant", "//internal/variant",
"//internal/versionsapi",
"//internal/versionsapi/fetcher",
"@com_github_schollz_progressbar_v3//:progressbar", "@com_github_schollz_progressbar_v3//:progressbar",
"@com_github_spf13_afero//:afero", "@com_github_spf13_afero//:afero",
], ],
@ -28,10 +28,10 @@ go_test(
], ],
embed = [":image"], embed = [":image"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/config", "//internal/config",
"//internal/file", "//internal/file",
"//internal/versionsapi",
"@com_github_spf13_afero//:afero", "@com_github_spf13_afero//:afero",
"@com_github_stretchr_testify//assert", "@com_github_stretchr_testify//assert",
"@com_github_stretchr_testify//require", "@com_github_stretchr_testify//require",

6
cli/internal/image/image.go
View file

@ -19,11 +19,11 @@ import (
"io/fs" "io/fs"
"regexp" "regexp"
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
"github.com/spf13/afero" "github.com/spf13/afero"
) )
@ -36,7 +36,7 @@ type Fetcher struct {
// New returns a new image fetcher. // New returns a new image fetcher.
func New() *Fetcher { func New() *Fetcher {
return &Fetcher{ return &Fetcher{
fetcher: fetcher.NewFetcher(), fetcher: fetcher.NewVersionAPIFetcher(),
fs: &afero.Afero{Fs: afero.NewOsFs()}, fs: &afero.Afero{Fs: afero.NewOsFs()},
} }
} }

2
cli/internal/image/image_test.go
View file

@ -13,10 +13,10 @@ import (
"net/http" "net/http"
"testing" "testing"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"

2
cli/internal/kubernetes/BUILD.bazel
View file

@ -15,6 +15,7 @@ go_library(
"//cli/internal/image", "//cli/internal/image",
"//cli/internal/terraform", "//cli/internal/terraform",
"//cli/internal/upgrade", "//cli/internal/upgrade",
"//internal/api/versionsapi",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/compatibility", "//internal/compatibility",
"//internal/config", "//internal/config",
@ -25,7 +26,6 @@ go_library(
"//internal/variant", "//internal/variant",
"//internal/versions", "//internal/versions",
"//internal/versions/components", "//internal/versions/components",
"//internal/versionsapi",
"//operators/constellation-node-operator/api/v1alpha1", "//operators/constellation-node-operator/api/v1alpha1",
"@io_k8s_api//core/v1:core", "@io_k8s_api//core/v1:core",
"@io_k8s_apimachinery//pkg/api/errors", "@io_k8s_apimachinery//pkg/api/errors",

2
cli/internal/kubernetes/upgrade.go
View file

@ -19,6 +19,7 @@ import (
"github.com/edgelesssys/constellation/v2/cli/internal/image" "github.com/edgelesssys/constellation/v2/cli/internal/image"
"github.com/edgelesssys/constellation/v2/cli/internal/terraform" "github.com/edgelesssys/constellation/v2/cli/internal/terraform"
"github.com/edgelesssys/constellation/v2/cli/internal/upgrade" "github.com/edgelesssys/constellation/v2/cli/internal/upgrade"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/compatibility" "github.com/edgelesssys/constellation/v2/internal/compatibility"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
@ -29,7 +30,6 @@ import (
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions"
"github.com/edgelesssys/constellation/v2/internal/versions/components" "github.com/edgelesssys/constellation/v2/internal/versions/components"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
updatev1alpha1 "github.com/edgelesssys/constellation/v2/operators/constellation-node-operator/v2/api/v1alpha1" updatev1alpha1 "github.com/edgelesssys/constellation/v2/operators/constellation-node-operator/v2/api/v1alpha1"
corev1 "k8s.io/api/core/v1" corev1 "k8s.io/api/core/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors" k8serrors "k8s.io/apimachinery/pkg/api/errors"

2
debugd/README.md
View file

@ -22,7 +22,7 @@ With `cdbg` and `yq` installed in your path:
1. Run `constellation config generate` to create a new default configuration 1. Run `constellation config generate` to create a new default configuration
2. Locate the latest debugd images by running `(cd internal/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)` 2. Locate the latest debugd images by running `(cd internal/api/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)`
3. Modify the `constellation-conf.yaml` to use an image with the debugd already included and add required firewall rules: 3. Modify the `constellation-conf.yaml` to use an image with the debugd already included and add required firewall rules:

4
e2e/internal/upgrade/BUILD.bazel
View file

@ -11,12 +11,12 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/e2e/internal/upgrade", importpath = "github.com/edgelesssys/constellation/v2/e2e/internal/upgrade",
visibility = ["//e2e:__subpackages__"], visibility = ["//e2e:__subpackages__"],
deps = [ deps = [
"//internal/api/fetcher",
"//internal/api/versionsapi",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/constants", "//internal/constants",
"//internal/logger", "//internal/logger",
"//internal/versionsapi",
"//internal/versionsapi/fetcher",
"@in_gopkg_yaml_v3//:yaml_v3", "@in_gopkg_yaml_v3//:yaml_v3",
"@sh_helm_helm_v3//pkg/action", "@sh_helm_helm_v3//pkg/action",
"@sh_helm_helm_v3//pkg/cli", "@sh_helm_helm_v3//pkg/cli",

8
e2e/internal/upgrade/image.go
View file

@ -19,10 +19,10 @@ import (
"gopkg.in/yaml.v3" "gopkg.in/yaml.v3"
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
) )
type upgradeInfo struct { type upgradeInfo struct {
@ -36,7 +36,7 @@ func fetchUpgradeInfo(ctx context.Context, csp cloudprovider.Provider, toImage s
measurements: make(measurements.M), measurements: make(measurements.M),
shortPath: toImage, shortPath: toImage,
} }
versionsClient := fetcher.NewFetcher() versionsClient := fetcher.NewVersionAPIFetcher()
ver, err := versionsapi.NewVersionFromShortPath(toImage, versionsapi.VersionKindImage) ver, err := versionsapi.NewVersionFromShortPath(toImage, versionsapi.VersionKindImage)
if err != nil { if err != nil {
@ -124,7 +124,7 @@ func getFromURL(ctx context.Context, client *http.Client, sourceURL *url.URL) ([
return content, nil return content, nil
} }
func fetchImageRef(ctx context.Context, client *fetcher.Fetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) { func fetchImageRef(ctx context.Context, client *fetcher.VersionAPIFetcher, csp cloudprovider.Provider, imageInfo versionsapi.ImageInfo) (string, error) {
imageInfo, err := client.FetchImageInfo(ctx, imageInfo) imageInfo, err := client.FetchImageInfo(ctx, imageInfo)
if err != nil { if err != nil {
return "", err return "", err

4
hack/cli-k8s-compatibility/BUILD.bazel
View file

@ -6,10 +6,10 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/hack/cli-k8s-compatibility", importpath = "github.com/edgelesssys/constellation/v2/hack/cli-k8s-compatibility",
visibility = ["//visibility:private"], visibility = ["//visibility:private"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/api/versionsapi/client",
"//internal/logger", "//internal/logger",
"//internal/versions", "//internal/versions",
"//internal/versionsapi",
"//internal/versionsapi/client",
"@org_uber_go_zap//zapcore", "@org_uber_go_zap//zapcore",
], ],
) )

4
hack/cli-k8s-compatibility/main.go
View file

@ -11,10 +11,10 @@ import (
"context" "context"
"flag" "flag"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
) )

2
image/upload/internal/cmd/BUILD.bazel
View file

@ -18,6 +18,7 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/image/upload/internal/cmd", importpath = "github.com/edgelesssys/constellation/v2/image/upload/internal/cmd",
visibility = ["//image/upload:__subpackages__"], visibility = ["//image/upload:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/logger", "//internal/logger",
"//internal/osimage", "//internal/osimage",
@ -27,7 +28,6 @@ go_library(
"//internal/osimage/gcp", "//internal/osimage/gcp",
"//internal/osimage/nop", "//internal/osimage/nop",
"//internal/osimage/secureboot", "//internal/osimage/secureboot",
"//internal/versionsapi",
"@com_github_spf13_afero//:afero", "@com_github_spf13_afero//:afero",
"@com_github_spf13_cobra//:cobra", "@com_github_spf13_cobra//:cobra",
"@org_uber_go_zap//zapcore", "@org_uber_go_zap//zapcore",

2
image/upload/internal/cmd/api.go
View file

@ -10,8 +10,8 @@ import (
"context" "context"
"io" "io"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
type archivist interface { type archivist interface {

2
image/upload/internal/cmd/flags.go
View file

@ -11,8 +11,8 @@ import (
"path/filepath" "path/filepath"
"time" "time"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
) )

2
image/upload/internal/cmd/upload.go
View file

@ -13,9 +13,9 @@ import (
"io" "io"
"strings" "strings"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
func uploadImage(ctx context.Context, archiveC archivist, uploadC uploader, req *osimage.UploadRequest, out io.Writer) error { func uploadImage(ctx context.Context, archiveC archivist, uploadC uploader, req *osimage.UploadRequest, out io.Writer) error {

20
internal/attestationapi/BUILD.bazel → internal/api/configapi/BUILD.bazel
View file

@ -2,28 +2,30 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("//bazel/go:go_test.bzl", "go_test") load("//bazel/go:go_test.bzl", "go_test")
go_library( go_library(
name = "attestationapi", name = "configapi",
srcs = ["attestationapi.go"], srcs = [
importpath = "github.com/edgelesssys/constellation/v2/internal/attestationapi", "attestation.go",
"configapi.go",
"repo.go",
],
importpath = "github.com/edgelesssys/constellation/v2/internal/api/configapi",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/constants",
"//internal/kms/storage", "//internal/kms/storage",
"//internal/kms/storage/awss3", "//internal/kms/storage/awss3",
"//internal/kms/uri", "//internal/kms/uri",
"//internal/variant", "//internal/variant",
"//internal/versionsapi",
"//internal/versionsapi/fetcher",
], ],
) )
go_test( go_test(
name = "attestationapi_test", name = "configapi_test",
srcs = ["attestationapi_test.go"], srcs = ["repo_test.go"],
deps = [ deps = [
":attestationapi", ":configapi",
"//internal/kms/uri", "//internal/kms/uri",
"//internal/variant", "//internal/variant",
"@com_github_stretchr_testify//assert",
"@com_github_stretchr_testify//require", "@com_github_stretchr_testify//require",
], ],
) )

125
internal/api/configapi/attestation.go Normal file
View file

@ -0,0 +1,125 @@
/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package configapi
import (
"fmt"
"net/url"
"path"
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/variant"
)
const (
Bootloader AzureSEVSNPVersionType = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
TEE AzureSEVSNPVersionType = "tee" // TEE is the version of the Azure SEVSNP TEE.
SNP AzureSEVSNPVersionType = "snp" // SNP is the version of the Azure SEVSNP SNP.
Microcode AzureSEVSNPVersionType = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
)
// AttestationURLPath is the URL path to the attestation versions.
const AttestationURLPath = "constellation/v1/attestation"
// AzureSEVSNP is the latest version of each component of the Azure SEVSNP.
// used for testing only.
// TODO remove? (or use for fallback?)
var AzureSEVSNP = AzureSEVSNPVersion{
Bootloader: 2,
TEE: 0,
SNP: 6,
Microcode: 93,
}
// AzureSEVSNPVersionType is the type of the version to be requested.
type AzureSEVSNPVersionType (string)
// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP.
type AzureSEVSNPVersion struct {
// Bootloader is the latest version of the Azure SEVSNP bootloader.
Bootloader uint8 `json:"bootloader"`
// TEE is the latest version of the Azure SEVSNP TEE.
TEE uint8 `json:"tee"`
// SNP is the latest version of the Azure SEVSNP SNP.
SNP uint8 `json:"snp"`
// Microcode is the latest version of the Azure SEVSNP microcode.
Microcode uint8 `json:"microcode"`
}
// AzureSEVSNPVersionGet is the request to get the version information of the specific version in the config api.
type AzureSEVSNPVersionGet struct {
Version string `json:"-"`
AzureSEVSNPVersion
}
// URL returns the URL for the request to the config api.
func (i AzureSEVSNPVersionGet) URL() (string, error) {
url, err := url.Parse(constants.CDNRepositoryURL)
if err != nil {
return "", fmt.Errorf("parsing CDN URL: %w", err)
}
url.Path = i.JSONPath()
return url.String(), nil
}
// JSONPath returns the path to the JSON file for the request to the config api.
func (i AzureSEVSNPVersionGet) JSONPath() string {
return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), i.Version)
}
// ValidateRequest validates the request.
func (i AzureSEVSNPVersionGet) ValidateRequest() error {
return nil
}
// Validate validates the request.
func (i AzureSEVSNPVersionGet) Validate() error {
return nil
}
// AzureSEVSNPVersionList is the request to list all versions in the config api.
type AzureSEVSNPVersionList ([]string)
// URL returns the URL for the request to the config api.
func (i AzureSEVSNPVersionList) URL() (string, error) {
url, err := url.Parse(constants.CDNRepositoryURL)
if err != nil {
return "", fmt.Errorf("parsing CDN URL: %w", err)
}
url.Path = i.JSONPath()
return url.String(), nil
}
// JSONPath returns the path to the JSON file for the request to the config api.
func (i AzureSEVSNPVersionList) JSONPath() string {
return path.Join(AttestationURLPath, variant.AzureSEVSNP{}.String(), "list")
}
// ValidateRequest validates the request.
func (i AzureSEVSNPVersionList) ValidateRequest() error {
return nil
}
// Validate validates the request.
func (i AzureSEVSNPVersionList) Validate() error {
return nil
}
// GetVersionByType returns the requested version of the given type.
func GetVersionByType(res AzureSEVSNPVersion, t AzureSEVSNPVersionType) uint8 {
switch t {
case Bootloader:
return res.Bootloader
case TEE:
return res.TEE
case SNP:
return res.SNP
case Microcode:
return res.Microcode
default:
return 1
}
}

20
internal/api/configapi/configapi.go Normal file
View file

@ -0,0 +1,20 @@
/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
/*
# Config API
The Config API provides information about versions of Constellation components.
This package defines API types that represents objects of the config API.
The types provide helper methods for validation and commonly used operations on the
information contained in the objects. Especially the paths used for the API are defined
in these helper methods.
The package also provides helper functions that can be used in context of the config API,
e.g. to validate versions.
*/
package configapi

105
internal/attestationapi/attestationapi.go → internal/api/configapi/repo.go
View file

@ -1,4 +1,9 @@
package attestationapi /*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package configapi
import ( import (
"context" "context"
@ -13,32 +18,8 @@ import (
"github.com/edgelesssys/constellation/v2/internal/kms/storage/awss3" "github.com/edgelesssys/constellation/v2/internal/kms/storage/awss3"
"github.com/edgelesssys/constellation/v2/internal/kms/uri" "github.com/edgelesssys/constellation/v2/internal/kms/uri"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
) )
const (
Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE.
SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP.
Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
)
// AttestationPath is the path to the attestation versions.
const AttestationPath = "constellation/v1/attestation"
// AzureSEVSNP is the latest version of each component of the Azure SEVSNP.
// used for testing only
var AzureSEVSNP = versionsapi.AzureSEVSNPVersion{
Bootloader: 2,
TEE: 0,
SNP: 6,
Microcode: 93,
}
// Type is the type of the version to be requested.
type Type (string)
// AttestationVersionRepo manages (modifies) the version information for the attestation variants. // AttestationVersionRepo manages (modifies) the version information for the attestation variants.
type AttestationVersionRepo struct { type AttestationVersionRepo struct {
*awss3.Storage *awss3.Storage
@ -54,7 +35,7 @@ func NewAttestationVersionRepo(ctx context.Context, cfg uri.AWSS3Config) (*Attes
} }
// UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP. // UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP.
func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions versionsapi.AzureSEVSNPVersion, date time.Time) error { func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions AzureSEVSNPVersion, date time.Time) error {
bt, err := json.Marshal(versions) bt, err := json.Marshal(versions)
if err != nil { if err != nil {
return err return err
@ -62,37 +43,16 @@ func (a AttestationVersionRepo) UploadAzureSEVSNP(ctx context.Context, versions
variant := variant.AzureSEVSNP{} variant := variant.AzureSEVSNP{}
fname := date.Format("2006-01-02-15-04") + ".json" fname := date.Format("2006-01-02-15-04") + ".json"
err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationPath, variant.String(), fname), bt) err = a.Put(ctx, fmt.Sprintf("%s/%s/%s", AttestationURLPath, variant.String(), fname), bt)
if err != nil { if err != nil {
return err return err
} }
return a.addVersionToList(ctx, variant, fname) return a.addVersionToList(ctx, variant, fname)
} }
func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error {
versions := []string{}
key := path.Join(AttestationPath, attestation.String(), "list")
bt, err := a.Get(ctx, key)
if err == nil {
if err := json.Unmarshal(bt, &versions); err != nil {
return err
}
} else if !errors.Is(err, storage.ErrDEKUnset) {
return err
}
versions = append(versions, fname)
versions = variant.RemoveDuplicate(versions)
sort.Sort(sort.Reverse(sort.StringSlice(versions)))
json, err := json.Marshal(versions)
if err != nil {
return err
}
return a.Put(ctx, key, json)
}
// List returns the list of versions for the given attestation type. // List returns the list of versions for the given attestation type.
func (a AttestationVersionRepo) List(ctx context.Context, attestation variant.Variant) ([]string, error) { func (a AttestationVersionRepo) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
key := path.Join(AttestationPath, attestation.String(), "list") key := path.Join(AttestationURLPath, attestation.String(), "list")
bt, err := a.Get(ctx, key) bt, err := a.Get(ctx, key)
if err != nil { if err != nil {
return nil, err return nil, err
@ -111,39 +71,26 @@ func (a AttestationVersionRepo) DeleteList(ctx context.Context, attestation vari
if err != nil { if err != nil {
return err return err
} }
return a.Put(ctx, path.Join(AttestationPath, attestation.String(), "list"), bt) return a.Put(ctx, path.Join(AttestationURLPath, attestation.String(), "list"), bt)
} }
func GetVersionByType(res versionsapi.AzureSEVSNPVersion, t Type) uint8 { func (a AttestationVersionRepo) addVersionToList(ctx context.Context, attestation variant.Variant, fname string) error {
switch t { versions := []string{}
case Bootloader: key := path.Join(AttestationURLPath, attestation.String(), "list")
return res.Bootloader bt, err := a.Get(ctx, key)
case TEE: if err == nil {
return res.TEE if err := json.Unmarshal(bt, &versions); err != nil {
case SNP: return err
return res.SNP
case Microcode:
return res.Microcode
default:
return 1
} }
} } else if !errors.Is(err, storage.ErrDEKUnset) {
return err
// GetAzureSEVSNPVersion returns the requested version of the given type. }
func GetAzureSEVSNPVersion(ctx context.Context) (res versionsapi.AzureSEVSNPVersion, err error) { versions = append(versions, fname)
var versions versionsapi.AzureSEVSNPVersionList versions = variant.RemoveDuplicate(versions)
fetcher := fetcher.NewFetcher() sort.Sort(sort.Reverse(sort.StringSlice(versions)))
versions, err = fetcher.FetchAttestationList(ctx, versions) json, err := json.Marshal(versions)
if err != nil { if err != nil {
return res, fmt.Errorf("failed fetching versions list: %w", err) return err
} }
if len(versions) < 1 { return a.Put(ctx, key, json)
return res, errors.New("no versions found in /list")
}
get := versionsapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically)
get, err = fetcher.FetchAttestationVersion(ctx, get)
if err != nil {
return res, fmt.Errorf("failed fetching version: %w", err)
}
return get.AzureSEVSNPVersion, nil
} }

29
internal/attestationapi/attestationapi_test.go → internal/api/configapi/repo_test.go
View file

@ -1,16 +1,21 @@
package attestationapi_test /*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package configapi_test
import ( import (
"context" "context"
"flag" "flag"
"fmt"
"os" "os"
"testing" "testing"
"time" "time"
"github.com/edgelesssys/constellation/v2/internal/attestationapi" "github.com/edgelesssys/constellation/v2/internal/api/configapi"
"github.com/edgelesssys/constellation/v2/internal/kms/uri" "github.com/edgelesssys/constellation/v2/internal/kms/uri"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
@ -25,7 +30,8 @@ func TestMain(m *testing.M) {
flag.Parse() flag.Parse()
if *awsAccessKey == "" || *awsAccessKeyID == "" || *awsBucket == "" || *awsRegion == "" { if *awsAccessKey == "" || *awsAccessKeyID == "" || *awsBucket == "" || *awsRegion == "" {
flag.Usage() flag.Usage()
panic("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region") fmt.Println("Required flags not set: --aws-access-key, --aws-access-key-id, --aws-bucket, --aws-region. Skipping tests.")
os.Exit(0)
} }
os.Exit(m.Run()) os.Exit(m.Run())
} }
@ -39,16 +45,16 @@ var cfg = uri.AWSS3Config{
func TestUploadAzureSEVSNPVersions(t *testing.T) { func TestUploadAzureSEVSNPVersions(t *testing.T) {
ctx := context.Background() ctx := context.Background()
sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg) sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
require.NoError(t, err) require.NoError(t, err)
d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC) d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
require.NoError(t, sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d)) require.NoError(t, sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d))
} }
func TestListVersions(t *testing.T) { func TestListVersions(t *testing.T) {
ctx := context.Background() ctx := context.Background()
sut, err := attestationapi.NewAttestationVersionRepo(ctx, cfg) sut, err := configapi.NewAttestationVersionRepo(ctx, cfg)
require.NoError(t, err) require.NoError(t, err)
err = sut.DeleteList(ctx, variant.AzureSEVSNP{}) err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
@ -59,7 +65,7 @@ func TestListVersions(t *testing.T) {
require.Equal(t, []string{}, res) require.Equal(t, []string{}, res)
d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC) d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)
err = sut.UploadAzureSEVSNP(ctx, attestationapi.AzureSEVSNP, d) err = sut.UploadAzureSEVSNP(ctx, configapi.AzureSEVSNP, d)
require.NoError(t, err) require.NoError(t, err)
res, err = sut.List(ctx, variant.AzureSEVSNP{}) res, err = sut.List(ctx, variant.AzureSEVSNP{})
require.NoError(t, err) require.NoError(t, err)
@ -68,10 +74,3 @@ func TestListVersions(t *testing.T) {
err = sut.DeleteList(ctx, variant.AzureSEVSNP{}) err = sut.DeleteList(ctx, variant.AzureSEVSNP{})
require.NoError(t, err) require.NoError(t, err)
} }
func TestGetVersion(t *testing.T) {
ctx := context.Background()
res, err := attestationapi.GetAzureSEVSNPVersion(ctx)
require.NoError(t, err)
assert.Equal(t, uint8(2), res.Bootloader)
}

20
internal/versionsapi/fetcher/BUILD.bazel → internal/api/fetcher/BUILD.bazel
View file

@ -3,18 +3,28 @@ load("//bazel/go:go_test.bzl", "go_test")
go_library( go_library(
name = "fetcher", name = "fetcher",
srcs = ["fetcher.go"], srcs = [
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher", "configapi.go",
"fetcher.go",
"versionapi.go",
],
importpath = "github.com/edgelesssys/constellation/v2/internal/api/fetcher",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = ["//internal/versionsapi"], deps = [
"//internal/api/configapi",
"//internal/api/versionsapi",
],
) )
go_test( go_test(
name = "fetcher_test", name = "fetcher_test",
srcs = ["fetcher_test.go"], srcs = [
"configapi_test.go",
"versionapi_test.go",
],
embed = [":fetcher"], embed = [":fetcher"],
deps = [ deps = [
"//internal/versionsapi", "//internal/api/versionsapi",
"@com_github_stretchr_testify//assert", "@com_github_stretchr_testify//assert",
"@com_github_stretchr_testify//require", "@com_github_stretchr_testify//require",
"@org_uber_go_goleak//:goleak", "@org_uber_go_goleak//:goleak",

47
internal/api/fetcher/configapi.go Normal file
View file

@ -0,0 +1,47 @@
package fetcher
import (
"context"
"errors"
"fmt"
"github.com/edgelesssys/constellation/v2/internal/api/configapi"
)
// ConfigAPIFetcher fetches config API resources without authentication.
type ConfigAPIFetcher struct {
*fetcher
}
// NewConfigAPIFetcher returns a new Fetcher.
func NewConfigAPIFetcher() *ConfigAPIFetcher {
return &ConfigAPIFetcher{newFetcher()}
}
// FetchAzureSEVSNPVersionList fetches the version list information from the config API.
func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation configapi.AzureSEVSNPVersionList) (configapi.AzureSEVSNPVersionList, error) {
return fetch(ctx, f.httpc, attestation)
}
// FetchAzureSEVSNPVersion fetches the version information from the config API.
func (f *ConfigAPIFetcher) FetchAzureSEVSNPVersion(ctx context.Context, attestation configapi.AzureSEVSNPVersionGet) (configapi.AzureSEVSNPVersionGet, error) {
return fetch(ctx, f.httpc, attestation)
}
// FetchLatestAzureSEVSNPVersion returns the latest versions of the given type.
func (f *ConfigAPIFetcher) FetchLatestAzureSEVSNPVersion(ctx context.Context) (res configapi.AzureSEVSNPVersion, err error) {
var versions configapi.AzureSEVSNPVersionList
versions, err = f.FetchAzureSEVSNPVersionList(ctx, versions)
if err != nil {
return res, fmt.Errorf("failed fetching versions list: %w", err)
}
if len(versions) < 1 {
return res, errors.New("no versions found in /list")
}
get := configapi.AzureSEVSNPVersionGet{Version: versions[0]} // get latest version (as sorted reversely alphanumerically)
get, err = f.FetchAzureSEVSNPVersion(ctx, get)
if err != nil {
return res, fmt.Errorf("failed fetching version: %w", err)
}
return get.AzureSEVSNPVersion, nil
}

18
internal/api/fetcher/configapi_test.go Normal file
View file

@ -0,0 +1,18 @@
package fetcher_test
import (
"context"
"testing"
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestGetVersion(t *testing.T) {
ctx := context.Background()
fetcher := fetcher.NewConfigAPIFetcher()
res, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx)
require.NoError(t, err)
assert.Equal(t, uint8(2), res.Bootloader)
}

39
internal/versionsapi/fetcher/fetcher.go → internal/api/fetcher/fetcher.go
View file

@ -18,50 +18,19 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// Fetcher fetches versions API resources without authentication. // fetcher fetches versions API resources without authentication.
type Fetcher struct { type fetcher struct {
httpc httpc httpc httpc
} }
// NewFetcher returns a new Fetcher. func newFetcher() *fetcher {
func NewFetcher() *Fetcher { return &fetcher{
return &Fetcher{
httpc: &http.Client{Transport: &http.Transport{DisableKeepAlives: true}}, // DisableKeepAlives fixes concurrency issue see https://stackoverflow.com/a/75816347 httpc: &http.Client{Transport: &http.Transport{DisableKeepAlives: true}}, // DisableKeepAlives fixes concurrency issue see https://stackoverflow.com/a/75816347
} }
} }
// FetchVersionList fetches the given version list from the versions API.
func (f *Fetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) {
return fetch(ctx, f.httpc, list)
}
// FetchVersionLatest fetches the latest version from the versions API.
func (f *Fetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) {
return fetch(ctx, f.httpc, latest)
}
// FetchImageInfo fetches the given image info from the versions API.
func (f *Fetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
return fetch(ctx, f.httpc, imageInfo)
}
// FetchCLIInfo fetches the given cli info from the versions API.
func (f *Fetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) {
return fetch(ctx, f.httpc, cliInfo)
}
func (f *Fetcher) FetchAttestationList(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionList) (versionsapi.AzureSEVSNPVersionList, error) {
return fetch(ctx, f.httpc, attestation)
}
func (f *Fetcher) FetchAttestationVersion(ctx context.Context, attestation versionsapi.AzureSEVSNPVersionGet) (versionsapi.AzureSEVSNPVersionGet, error) {
return fetch(ctx, f.httpc, attestation)
}
type apiObject interface { type apiObject interface {
ValidateRequest() error ValidateRequest() error
Validate() error Validate() error

37
internal/api/fetcher/versionapi.go Normal file
View file

@ -0,0 +1,37 @@
package fetcher
import (
"context"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
)
// VersionAPIFetcher fetches version API resources without authentication.
type VersionAPIFetcher struct {
*fetcher
}
// NewVersionAPIFetcher returns a new Fetcher.
func NewVersionAPIFetcher() *VersionAPIFetcher {
return &VersionAPIFetcher{newFetcher()}
}
// FetchVersionList fetches the given version list from the versions API.
func (f *VersionAPIFetcher) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) {
return fetch(ctx, f.httpc, list)
}
// FetchVersionLatest fetches the latest version from the versions API.
func (f *VersionAPIFetcher) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) {
return fetch(ctx, f.httpc, latest)
}
// FetchImageInfo fetches the given image info from the versions API.
func (f *VersionAPIFetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
return fetch(ctx, f.httpc, imageInfo)
}
// FetchCLIInfo fetches the given cli info from the versions API.
func (f *VersionAPIFetcher) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) {
return fetch(ctx, f.httpc, cliInfo)
}

4
internal/versionsapi/fetcher/fetcher_test.go → internal/api/fetcher/versionapi_test.go
View file

@ -14,7 +14,7 @@ import (
"net/http" "net/http"
"testing" "testing"
"github.com/edgelesssys/constellation/v2/internal/versionsapi" "github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"go.uber.org/goleak" "go.uber.org/goleak"
@ -190,7 +190,7 @@ func TestFetchVersionList(t *testing.T) {
return tc.serverResp return tc.serverResp
}) })
fetcher := &Fetcher{httpc: client} fetcher := VersionAPIFetcher{&fetcher{httpc: client}}
list, err := fetcher.FetchVersionList(context.Background(), tc.list) list, err := fetcher.FetchVersionList(context.Background(), tc.list)

4
internal/versionsapi/BUILD.bazel → internal/api/versionsapi/BUILD.bazel
View file

@ -4,7 +4,6 @@ load("//bazel/go:go_test.bzl", "go_test")
go_library( go_library(
name = "versionsapi", name = "versionsapi",
srcs = [ srcs = [
"attestation.go",
"cliinfo.go", "cliinfo.go",
"imageinfo.go", "imageinfo.go",
"latest.go", "latest.go",
@ -12,12 +11,11 @@ go_library(
"version.go", "version.go",
"versionsapi.go", "versionsapi.go",
], ],
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi", importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/constants", "//internal/constants",
"//internal/variant",
"@org_golang_x_mod//semver", "@org_golang_x_mod//semver",
], ],
) )

6
internal/versionsapi/cli/BUILD.bazel → internal/api/versionsapi/cli/BUILD.bazel
View file

@ -9,12 +9,12 @@ go_library(
"main.go", "main.go",
"rm.go", "rm.go",
], ],
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/cli", importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/cli",
visibility = ["//visibility:private"], visibility = ["//visibility:private"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/api/versionsapi/client",
"//internal/logger", "//internal/logger",
"//internal/versionsapi",
"//internal/versionsapi/client",
"@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_config//:config",
"@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2", "@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2",
"@com_github_aws_smithy_go//:smithy-go", "@com_github_aws_smithy_go//:smithy-go",

4
internal/versionsapi/cli/add.go → internal/api/versionsapi/cli/add.go
View file

@ -11,9 +11,9 @@ import (
"errors" "errors"
"fmt" "fmt"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
"golang.org/x/mod/semver" "golang.org/x/mod/semver"

4
internal/versionsapi/cli/latest.go → internal/api/versionsapi/cli/latest.go
View file

@ -10,9 +10,9 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
) )

4
internal/versionsapi/cli/list.go → internal/api/versionsapi/cli/list.go
View file

@ -16,9 +16,9 @@ import (
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
"golang.org/x/mod/semver" "golang.org/x/mod/semver"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
) )
func newListCmd() *cobra.Command { func newListCmd() *cobra.Command {

0
internal/versionsapi/cli/main.go → internal/api/versionsapi/cli/main.go
View file

4
internal/versionsapi/cli/rm.go → internal/api/versionsapi/cli/rm.go
View file

@ -24,9 +24,9 @@ import (
awsconfig "github.com/aws/aws-sdk-go-v2/config" awsconfig "github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/ec2" "github.com/aws/aws-sdk-go-v2/service/ec2"
"github.com/aws/smithy-go" "github.com/aws/smithy-go"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
verclient "github.com/edgelesssys/constellation/v2/internal/versionsapi/client"
gaxv2 "github.com/googleapis/gax-go/v2" gaxv2 "github.com/googleapis/gax-go/v2"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"

4
internal/versionsapi/client/BUILD.bazel → internal/api/versionsapi/client/BUILD.bazel
View file

@ -3,12 +3,12 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library( go_library(
name = "client", name = "client",
srcs = ["client.go"], srcs = ["client.go"],
importpath = "github.com/edgelesssys/constellation/v2/internal/versionsapi/client", importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/client",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/constants", "//internal/constants",
"//internal/logger", "//internal/logger",
"//internal/versionsapi",
"@com_github_aws_aws_sdk_go_v2//aws", "@com_github_aws_aws_sdk_go_v2//aws",
"@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_config//:config",
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",

2
internal/versionsapi/client/client.go → internal/api/versionsapi/client/client.go
View file

@ -42,9 +42,9 @@ import (
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
"golang.org/x/mod/semver" "golang.org/x/mod/semver"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// Client is the client for the versions API. // Client is the client for the versions API.

0
internal/versionsapi/cliinfo.go → internal/api/versionsapi/cliinfo.go
View file

0
internal/versionsapi/cliinfo_test.go → internal/api/versionsapi/cliinfo_test.go
View file

0
internal/versionsapi/imageinfo.go → internal/api/versionsapi/imageinfo.go
View file

0
internal/versionsapi/imageinfo_test.go → internal/api/versionsapi/imageinfo_test.go
View file

0
internal/versionsapi/latest.go → internal/api/versionsapi/latest.go
View file

0
internal/versionsapi/latest_test.go → internal/api/versionsapi/latest_test.go
View file

0
internal/versionsapi/list.go → internal/api/versionsapi/list.go
View file

0
internal/versionsapi/list_test.go → internal/api/versionsapi/list_test.go
View file

0
internal/versionsapi/version.go → internal/api/versionsapi/version.go
View file

0
internal/versionsapi/version_test.go → internal/api/versionsapi/version_test.go
View file

2
internal/versionsapi/versionsapi.go → internal/api/versionsapi/versionsapi.go
View file

@ -7,7 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-only
/* /*
# Versions API # Versions API
The Versions API is a provides information about versions of Constellation components. The Versions API provides information about versions of Constellation components.
This package defines API types that represents objects of the versions API. This package defines API types that represents objects of the versions API.
The types provide helper methods for validation and commonly used operations on the The types provide helper methods for validation and commonly used operations on the

2
internal/attestation/measurements/measurement-generator/BUILD.bazel
View file

@ -7,13 +7,13 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements/measurement-generator", importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements/measurement-generator",
visibility = ["//visibility:private"], visibility = ["//visibility:private"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/config", "//internal/config",
"//internal/constants", "//internal/constants",
"//internal/sigstore", "//internal/sigstore",
"//internal/variant", "//internal/variant",
"//internal/versionsapi",
"@org_golang_x_tools//go/ast/astutil", "@org_golang_x_tools//go/ast/astutil",
], ],
) )

2
internal/attestation/measurements/measurement-generator/generate.go
View file

@ -23,13 +23,13 @@ import (
"sort" "sort"
"strings" "strings"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config" "github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/sigstore" "github.com/edgelesssys/constellation/v2/internal/sigstore"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"golang.org/x/tools/go/ast/astutil" "golang.org/x/tools/go/ast/astutil"
) )

6
internal/config/BUILD.bazel
View file

@ -18,19 +18,19 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/config", importpath = "github.com/edgelesssys/constellation/v2/internal/config",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/configapi",
"//internal/api/fetcher",
"//internal/api/versionsapi",
"//internal/attestation/idkeydigest", "//internal/attestation/idkeydigest",
"//internal/attestation/measurements", "//internal/attestation/measurements",
"//internal/attestationapi",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/compatibility", "//internal/compatibility",
"//internal/config/imageversion", "//internal/config/imageversion",
"//internal/config/instancetypes", "//internal/config/instancetypes",
"//internal/config/snpversion",
"//internal/constants", "//internal/constants",
"//internal/file", "//internal/file",
"//internal/variant", "//internal/variant",
"//internal/versions", "//internal/versions",
"//internal/versionsapi",
"@com_github_go_playground_locales//en", "@com_github_go_playground_locales//en",
"@com_github_go_playground_universal_translator//:universal-translator", "@com_github_go_playground_universal_translator//:universal-translator",
"@com_github_go_playground_validator_v10//:validator", "@com_github_go_playground_validator_v10//:validator",

40
internal/config/azure.go
View file

@ -13,14 +13,12 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/edgelesssys/constellation/v2/internal/api/configapi"
"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
"github.com/edgelesssys/constellation/v2/internal/attestation/idkeydigest" "github.com/edgelesssys/constellation/v2/internal/attestation/idkeydigest"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/attestationapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config/snpversion"
"github.com/edgelesssys/constellation/v2/internal/config/version"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// AzureSEVSNP is the configuration for Azure SEV-SNP attestation. // AzureSEVSNP is the configuration for Azure SEV-SNP attestation.
@ -52,7 +50,8 @@ type AzureSEVSNP struct {
// Version numbers are hard coded and should be updated with each new release. // Version numbers are hard coded and should be updated with each new release.
func DefaultForAzureSEVSNP() (*AzureSEVSNP, error) { func DefaultForAzureSEVSNP() (*AzureSEVSNP, error) {
ctx := context.Background() ctx := context.Background()
version, err := attestationapi.GetAzureSEVSNPVersion(ctx) fetcher := fetcher.NewConfigAPIFetcher()
version, err := fetcher.FetchLatestAzureSEVSNPVersion(ctx)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -106,22 +105,23 @@ func (c AzureSEVSNP) EqualTo(old AttestationCfg) (bool, error) {
} }
// UnmarshalYAML implements a custom unmarshaler to support setting "latest" as version. // UnmarshalYAML implements a custom unmarshaler to support setting "latest" as version.
func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error { func (c *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error {
aux := &fusedAzureSEVSNP{ aux := &fusedAzureSEVSNP{
auxAzureSEVSNP: (*auxAzureSEVSNP)(a), auxAzureSEVSNP: (*auxAzureSEVSNP)(c),
} }
if err := unmarshal(aux); err != nil { if err := unmarshal(aux); err != nil {
return fmt.Errorf("unmarshal AzureSEVSNP: %w", err) return fmt.Errorf("unmarshal AzureSEVSNP: %w", err)
} }
a = (*AzureSEVSNP)(aux.auxAzureSEVSNP) c = (*AzureSEVSNP)(aux.auxAzureSEVSNP)
versions, err := attestationapi.GetAzureSEVSNPVersion(context.Background()) fetcher := fetcher.NewConfigAPIFetcher()
versions, err := fetcher.FetchLatestAzureSEVSNPVersion(context.Background())
if err != nil { if err != nil {
return fmt.Errorf("failed to get AzureSEVSNP versions: %w", err) return fmt.Errorf("failed to get AzureSEVSNP versions: %w", err)
} }
for _, versionType := range []attestationapi.Type{attestationapi.Bootloader, attestationapi.TEE, attestationapi.SNP, attestationapi.Microcode} { for _, versionType := range []configapi.AzureSEVSNPVersionType{configapi.Bootloader, configapi.TEE, configapi.SNP, configapi.Microcode} {
if !convertLatestToNumber(a, versions, versionType, aux) { if !convertLatestToNumber(c, versions, versionType, aux) {
if err := convertStringToUint(a, versionType, aux); err != nil { if err := convertStringToUint(c, versionType, aux); err != nil {
return fmt.Errorf("failed to convert %s version to number: %w", versionType, err) return fmt.Errorf("failed to convert %s version to number: %w", versionType, err)
} }
} }
@ -129,20 +129,20 @@ func (a *AzureSEVSNP) UnmarshalYAML(unmarshal func(interface{}) error) error {
return nil return nil
} }
func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType attestationapi.Type, aux *fusedAzureSEVSNP) (*uint8, *string) { func getUintAndStringPtrToVersion(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) (*uint8, *string) {
var v *uint8 var v *uint8
var stringV *string var stringV *string
switch versionType { switch versionType {
case attestationapi.Bootloader: case configapi.Bootloader:
v = &c.BootloaderVersion v = &c.BootloaderVersion
stringV = &aux.BootloaderVersion stringV = &aux.BootloaderVersion
case attestationapi.TEE: case configapi.TEE:
v = &c.TEEVersion v = &c.TEEVersion
stringV = &aux.TEEVersion stringV = &aux.TEEVersion
case attestationapi.SNP: case configapi.SNP:
v = &c.SNPVersion v = &c.SNPVersion
stringV = &aux.SNPVersion stringV = &aux.SNPVersion
case attestationapi.Microcode: case configapi.Microcode:
v = &c.MicrocodeVersion v = &c.MicrocodeVersion
stringV = &aux.MicrocodeVersion stringV = &aux.MicrocodeVersion
} }
@ -223,7 +223,7 @@ type fusedAzureSEVSNP struct {
MicrocodeVersion string `yaml:"microcodeVersion"` MicrocodeVersion string `yaml:"microcodeVersion"`
} }
func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fusedAzureSEVSNP) error { func convertStringToUint(c *AzureSEVSNP, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) error {
v, stringV := getUintAndStringPtrToVersion(c, versionType, aux) v, stringV := getUintAndStringPtrToVersion(c, versionType, aux)
bvInt, err := strconv.ParseInt(*stringV, 10, 8) bvInt, err := strconv.ParseInt(*stringV, 10, 8)
@ -234,10 +234,10 @@ func convertStringToUint(c *AzureSEVSNP, versionType snpversion.Type, aux *fused
return nil return nil
} }
func convertLatestToNumber(c *AzureSEVSNP, versions versionsapi.AzureSEVSNPVersion, versionType version.Type, aux *fusedAzureSEVSNP) bool { func convertLatestToNumber(c *AzureSEVSNP, versions configapi.AzureSEVSNPVersion, versionType configapi.AzureSEVSNPVersionType, aux *fusedAzureSEVSNP) bool {
v, stringV := getUintAndStringPtrToVersion(c, versionType, aux) v, stringV := getUintAndStringPtrToVersion(c, versionType, aux)
if strings.ToLower(*stringV) == "latest" { if strings.ToLower(*stringV) == "latest" {
*v = attestationapi.GetVersionByType(versions, versionType) *v = configapi.GetVersionByType(versions, versionType)
return true return true
} }
return false return false

1
internal/config/config.go
View file

@ -739,7 +739,6 @@ func (c AWSNitroTPM) EqualTo(other AttestationCfg) (bool, error) {
return false, fmt.Errorf("cannot compare %T with %T", c, other) return false, fmt.Errorf("cannot compare %T with %T", c, other)
} }
return c.Measurements.EqualTo(otherCfg.Measurements), nil return c.Measurements.EqualTo(otherCfg.Measurements), nil
} }
// SNPFirmwareSignerConfig is the configuration for validating the firmware signer. // SNPFirmwareSignerConfig is the configuration for validating the firmware signer.

8
internal/config/snpversion/BUILD.bazel
View file

@ -1,8 +0,0 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "snpversion",
srcs = ["snpversion.go"],
importpath = "github.com/edgelesssys/constellation/v2/internal/config/snpversion",
visibility = ["//:__subpackages__"],
)

33
internal/config/snpversion/snpversion.go
View file

@ -1,33 +0,0 @@
/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package snpversion
const (
Bootloader Type = "bootloader" // Bootloader is the version of the Azure SEVSNP bootloader.
TEE Type = "tee" // TEE is the version of the Azure SEVSNP TEE.
SNP Type = "snp" // SNP is the version of the Azure SEVSNP SNP.
Microcode Type = "microcode" // Microcode is the version of the Azure SEVSNP microcode.
)
// Type is the type of the version to be requested.
type Type string
// GetLatest returns the version of the given type.
func GetLatest(t Type) uint8 {
switch t {
case Bootloader:
return 2
case TEE:
return 0
case SNP:
return 6
case Microcode:
return 93
default:
panic("invalid version type")
}
}

2
internal/config/validation.go
View file

@ -19,6 +19,7 @@ import (
"github.com/go-playground/validator/v10" "github.com/go-playground/validator/v10"
"golang.org/x/mod/semver" "golang.org/x/mod/semver"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/attestation/measurements" "github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/compatibility" "github.com/edgelesssys/constellation/v2/internal/compatibility"
@ -26,7 +27,6 @@ import (
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/variant" "github.com/edgelesssys/constellation/v2/internal/variant"
"github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// ValidationError occurs when the validation of a config fails. // ValidationError occurs when the validation of a config fails.

1
internal/kms/storage/awss3/awss3.go
View file

@ -77,6 +77,7 @@ func (s *Storage) Get(ctx context.Context, keyID string) ([]byte, error) {
return io.ReadAll(output.Body) return io.ReadAll(output.Body)
} }
// Delete removes a DEK from AWS S3 Storage by key ID.
func (s *Storage) Delete(ctx context.Context, keyID string) error { func (s *Storage) Delete(ctx context.Context, keyID string) error {
deleteObjectInput := &s3.DeleteObjectInput{ deleteObjectInput := &s3.DeleteObjectInput{
Bucket: &s.bucketID, Bucket: &s.bucketID,

2
internal/osimage/BUILD.bazel
View file

@ -6,8 +6,8 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage", importpath = "github.com/edgelesssys/constellation/v2/internal/osimage",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/cloud/cloudprovider", "//internal/cloud/cloudprovider",
"//internal/osimage/secureboot", "//internal/osimage/secureboot",
"//internal/versionsapi",
], ],
) )

2
internal/osimage/archive/BUILD.bazel
View file

@ -6,8 +6,8 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/archive", importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/archive",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/logger", "//internal/logger",
"//internal/versionsapi",
"@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_config//:config",
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",
"@com_github_aws_aws_sdk_go_v2_service_s3//:s3", "@com_github_aws_aws_sdk_go_v2_service_s3//:s3",

2
internal/osimage/archive/archive.go
View file

@ -16,8 +16,8 @@ import (
s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager" s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
"github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3"
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// Archivist uploads OS images to S3. // Archivist uploads OS images to S3.

2
internal/osimage/aws/BUILD.bazel
View file

@ -6,10 +6,10 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/aws", importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/aws",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/logger", "//internal/logger",
"//internal/osimage", "//internal/osimage",
"//internal/osimage/secureboot", "//internal/osimage/secureboot",
"//internal/versionsapi",
"@com_github_aws_aws_sdk_go_v2_config//:config", "@com_github_aws_aws_sdk_go_v2_config//:config",
"@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager", "@com_github_aws_aws_sdk_go_v2_feature_s3_manager//:manager",
"@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2", "@com_github_aws_aws_sdk_go_v2_service_ec2//:ec2",

2
internal/osimage/aws/awsupload.go
View file

@ -23,10 +23,10 @@ import (
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
"github.com/aws/smithy-go" "github.com/aws/smithy-go"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage"
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// Uploader can upload and remove os images on GCP. // Uploader can upload and remove os images on GCP.

2
internal/osimage/azure/BUILD.bazel
View file

@ -9,9 +9,9 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/azure", importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/azure",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/logger", "//internal/logger",
"//internal/osimage", "//internal/osimage",
"//internal/versionsapi",
"@com_github_azure_azure_sdk_for_go_sdk_azcore//runtime", "@com_github_azure_azure_sdk_for_go_sdk_azcore//runtime",
"@com_github_azure_azure_sdk_for_go_sdk_azidentity//:azidentity", "@com_github_azure_azure_sdk_for_go_sdk_azidentity//:azidentity",
"@com_github_azure_azure_sdk_for_go_sdk_resourcemanager_compute_armcompute_v4//:armcompute", "@com_github_azure_azure_sdk_for_go_sdk_resourcemanager_compute_armcompute_v4//:armcompute",

2
internal/osimage/azure/azureupload.go
View file

@ -21,9 +21,9 @@ import (
armcomputev4 "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4" armcomputev4 "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4"
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// Uploader can upload and remove os images on Azure. // Uploader can upload and remove os images on Azure.

2
internal/osimage/gcp/BUILD.bazel
View file

@ -6,10 +6,10 @@ go_library(
importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/gcp", importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/gcp",
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
deps = [ deps = [
"//internal/api/versionsapi",
"//internal/logger", "//internal/logger",
"//internal/osimage", "//internal/osimage",
"//internal/osimage/secureboot", "//internal/osimage/secureboot",
"//internal/versionsapi",
"@com_github_googleapis_gax_go_v2//:gax-go", "@com_github_googleapis_gax_go_v2//:gax-go",
"@com_google_cloud_go_compute//apiv1", "@com_google_cloud_go_compute//apiv1",
"@com_google_cloud_go_compute//apiv1/computepb", "@com_google_cloud_go_compute//apiv1/computepb",

2
internal/osimage/gcp/gcpupload.go
View file

@ -19,10 +19,10 @@ import (
compute "cloud.google.com/go/compute/apiv1" compute "cloud.google.com/go/compute/apiv1"
"cloud.google.com/go/compute/apiv1/computepb" "cloud.google.com/go/compute/apiv1/computepb"
"cloud.google.com/go/storage" "cloud.google.com/go/storage"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/osimage" "github.com/edgelesssys/constellation/v2/internal/osimage"
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
gaxv2 "github.com/googleapis/gax-go/v2" gaxv2 "github.com/googleapis/gax-go/v2"
) )

2
internal/osimage/osimage.go
View file

@ -11,9 +11,9 @@ import (
"io" "io"
"time" "time"
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider" "github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot" "github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
) )
// UploadRequest is a request to upload an os image. // UploadRequest is a request to upload an os image.

74
internal/versionsapi/attestation.go
View file

@ -1,74 +0,0 @@
package versionsapi
import (
"fmt"
"net/url"
"path"
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/variant"
)
// AttestationPath is the path to the attestation versions.
const AttestationPath = "constellation/v1/attestation" // TODO already in attestationonapi but import cycle otherwise
// AzureSEVSNPVersion tracks the latest version of each component of the Azure SEVSNP.
type AzureSEVSNPVersion struct {
// Bootloader is the latest version of the Azure SEVSNP bootloader.
Bootloader uint8 `json:"bootloader"`
// TEE is the latest version of the Azure SEVSNP TEE.
TEE uint8 `json:"tee"`
// SNP is the latest version of the Azure SEVSNP SNP.
SNP uint8 `json:"snp"`
// Microcode is the latest version of the Azure SEVSNP microcode.
Microcode uint8 `json:"microcode"`
}
type AzureSEVSNPVersionGet struct {
Version string `json:"-"`
AzureSEVSNPVersion
}
func (i AzureSEVSNPVersionGet) URL() (string, error) {
url, err := url.Parse(constants.CDNRepositoryURL)
if err != nil {
return "", fmt.Errorf("parsing CDN URL: %w", err)
}
url.Path = i.JSONPath()
return url.String(), nil
}
func (i AzureSEVSNPVersionGet) JSONPath() string {
return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), i.Version)
}
func (i AzureSEVSNPVersionGet) ValidateRequest() error {
return nil
}
func (i AzureSEVSNPVersionGet) Validate() error {
return nil
}
type AzureSEVSNPVersionList ([]string)
func (i AzureSEVSNPVersionList) URL() (string, error) {
url, err := url.Parse(constants.CDNRepositoryURL)
if err != nil {
return "", fmt.Errorf("parsing CDN URL: %w", err)
}
url.Path = i.JSONPath()
return url.String(), nil
}
func (i AzureSEVSNPVersionList) JSONPath() string {
return path.Join(AttestationPath, variant.AzureSEVSNP{}.String(), "list")
}
func (i AzureSEVSNPVersionList) ValidateRequest() error {
return nil
}
func (i AzureSEVSNPVersionList) Validate() error {
return nil
}