Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add support for AWS to disk-mapper (#329)

Browse Source 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2022-10-21 15:04:34 +02:00 committed by GitHub
parent 90c94ec53e
commit c1b4193791
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
disk-mapper/cmd/main.go
View File

@ -15,7 +15,6 @@ import (
"net/http"
"net/url"
"path/filepath"
"strings"
"github.com/edgelesssys/constellation/v2/disk-mapper/internal/mapper"
"github.com/edgelesssys/constellation/v2/disk-mapper/internal/recoveryserver"
@ -26,7 +25,9 @@ import (
"github.com/edgelesssys/constellation/v2/internal/attestation/gcp"
"github.com/edgelesssys/constellation/v2/internal/attestation/qemu"
"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
awscloud "github.com/edgelesssys/constellation/v2/internal/cloud/aws"
azurecloud "github.com/edgelesssys/constellation/v2/internal/cloud/azure"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
gcpcloud "github.com/edgelesssys/constellation/v2/internal/cloud/gcp"
"github.com/edgelesssys/constellation/v2/internal/cloud/metadata"
qemucloud "github.com/edgelesssys/constellation/v2/internal/cloud/qemu"
@ -43,6 +44,7 @@ import (
const (
gcpStateDiskPath = "/dev/disk/by-id/google-state-disk"
azureStateDiskPath = "/dev/disk/azure/scsi1/lun0"
awsStateDiskPath = "/dev/sdb"
qemuStateDiskPath = "/dev/vda"
)
@ -60,8 +62,24 @@ func main() {
var diskPath string
var issuer atls.Issuer
var metadataAPI setup.MetadataAPI
switch strings.ToLower(*csp) {
case "azure":
switch cloudprovider.FromString(*csp) {
case cloudprovider.AWS:
// on AWS Nitro platform, disks are attached over NVMe
// using udev rules, a symlink for our disk is created at /dev/sdb
diskPath, err = filepath.EvalSymlinks(awsStateDiskPath)
if err != nil {
_ = exportPCRs()
log.With(zap.Error(err)).Fatalf("Unable to resolve Azure state disk path")
}
metadataAPI, err = awscloud.New(context.Background())
if err != nil {
log.With(zap.Error(err)).Fatalf("Failed to set up AWS metadata API")
}
// TODO: Add attestation issuer for AWS
// issuer = aws.NewIssuer()
case cloudprovider.Azure:
diskPath, err = filepath.EvalSymlinks(azureStateDiskPath)
if err != nil {
_ = exportPCRs()
@ -69,12 +87,12 @@ func main() {
}
metadataAPI, err = azurecloud.NewMetadata(context.Background())
if err != nil {
log.With(zap.Error).Fatalf("Failed to create Azure metadata API")
log.With(zap.Error).Fatalf("Failed to set up Azure metadata API")
}
issuer = azure.NewIssuer()
case "gcp":
case cloudprovider.GCP:
diskPath, err = filepath.EvalSymlinks(gcpStateDiskPath)
if err != nil {
_ = exportPCRs()
@ -87,7 +105,7 @@ func main() {
}
metadataAPI = gcpcloud.New(gcpClient)
case "qemu":
case cloudprovider.QEMU:
diskPath = qemuStateDiskPath
issuer = qemu.NewIssuer()
metadataAPI = &qemucloud.Metadata{}