config: add separate option for handling attestation parameters (#1623)

* Add attestation options to config * Add join-config migration path for clusters with old measurement format * Always create MAA provider for Azure SNP clusters * Remove confidential VM option from provider in favor of attestation options * cli: add config migrate command to handle config migration (#1678) --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-08-03 12:36:09 -04:00 · 2023-05-03 11:11:53 +02:00 · 2023-05-03 11:11:53 +02:00 · d7a2ddd939
commit d7a2ddd939
parent 6027b066e5
74 changed files with 1339 additions and 1282 deletions
--- a/cli/internal/image/BUILD.bazel
+++ b/cli/internal/image/BUILD.bazel
@ -31,7 +31,6 @@ go_test(
        "//internal/cloud/cloudprovider",
        "//internal/config",
        "//internal/file",
-        "//internal/variant",
        "//internal/versionsapi",
        "@com_github_spf13_afero//:afero",
        "@com_github_stretchr_testify//assert",
--- a/cli/internal/image/image.go
+++ b/cli/internal/image/image.go
@ -92,11 +92,7 @@ func imageVariant(provider cloudprovider.Provider, config *config.Config) (strin
 	case cloudprovider.AWS:
 		return config.Provider.AWS.Region, nil
 	case cloudprovider.Azure:
-		attestVariant, err := variant.FromString(config.AttestationVariant)
-		if err != nil {
-			return "", fmt.Errorf("parsing attestation variant: %w", err)
-		}
-		if attestVariant.Equal(variant.AzureTrustedLaunch{}) {
+		if config.GetAttestationConfig().GetVariant().Equal(variant.AzureTrustedLaunch{}) {
 			return "trustedlaunch", nil
 		}
 		return "cvm", nil
--- a/cli/internal/image/image_test.go
+++ b/cli/internal/image/image_test.go
@ -16,7 +16,6 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/file"
-	"github.com/edgelesssys/constellation/v2/internal/variant"
 	"github.com/edgelesssys/constellation/v2/internal/versionsapi"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
@ -126,16 +125,16 @@ func TestImageVariant(t *testing.T) {
 		"Azure cvm": {
 			csp: cloudprovider.Azure,
 			config: &config.Config{
-				AttestationVariant: variant.AzureSEVSNP{}.String(),
-				Image:              "someImage", Provider: config.ProviderConfig{Azure: &config.AzureConfig{}},
+				Image: "someImage", Provider: config.ProviderConfig{Azure: &config.AzureConfig{}},
+				Attestation: config.AttestationConfig{AzureSEVSNP: &config.AzureSEVSNP{}},
 			},
 			wantVariant: "cvm",
 		},
 		"Azure trustedlaunch": {
 			csp: cloudprovider.Azure,
 			config: &config.Config{
-				AttestationVariant: variant.AzureTrustedLaunch{}.String(),
-				Image:              "someImage", Provider: config.ProviderConfig{Azure: &config.AzureConfig{}},
+				Image: "someImage", Provider: config.ProviderConfig{Azure: &config.AzureConfig{}},
+				Attestation: config.AttestationConfig{AzureTrustedLaunch: &config.AzureTrustedLaunch{}},
 			},
 			wantVariant: "trustedlaunch",
 		},