Fix various small things throughout the codebase (#2800)

* bootstrapper: remove obsolete log statement * ci: simplify variable usage Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com> * cli: add missing formatting directive * helm: fix rm invocation * ci: document reproducible-builds workflow * constants: use variables for measurement files * constants: use variables for CDN distribution ID * ci: make Helm version explicit * api: prettify versionsapi-list output * ci: remove obsolete docstring --------- Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>
2025-08-02 20:16:15 -04:00 · 2024-01-09 19:37:56 +01:00 · 2024-01-09 19:37:56 +01:00 · ef6f63dc48
commit ef6f63dc48
parent badcdcb764
19 changed files with 33 additions and 26 deletions
--- a/internal/api/versionsapi/cli/list.go
+++ b/internal/api/versionsapi/cli/list.go
@ -94,7 +94,7 @@ func runList(cmd *cobra.Command, _ []string) (retErr error) {
 		for _, v := range patchVersions {
 			vers = append(vers, v.Version())
 		}
-		raw, err := json.Marshal(vers)
+		raw, err := json.MarshalIndent(vers, "", "  ")
 		if err != nil {
 			return fmt.Errorf("marshaling versions: %w", err)
 		}
--- a/internal/attestation/measurements/measurement-generator/BUILD.bazel
+++ b/internal/attestation/measurements/measurement-generator/BUILD.bazel
@ -11,6 +11,7 @@ go_library(
        "//internal/attestation/measurements",
        "//internal/attestation/variant",
        "//internal/cloud/cloudprovider",
+        "//internal/constants",
        "//internal/sigstore",
        "//internal/sigstore/keyselect",
        "@org_golang_x_tools//go/ast/astutil",
--- a/internal/attestation/measurements/measurement-generator/generate.go
+++ b/internal/attestation/measurements/measurement-generator/generate.go
@ -27,6 +27,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/variant"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
+	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore/keyselect"
 	"golang.org/x/tools/go/ast/astutil"
@ -109,11 +110,11 @@ func main() {

 // mustGetMeasurements fetches the measurements for the given image and CSP and verifies them.
 func mustGetMeasurements(ctx context.Context, verifier rekorVerifier, provider cloudprovider.Provider, attestationVariant variant.Variant, image string) measurements.M {
-	measurementsURL, err := measurementURL(image, "measurements.json")
+	measurementsURL, err := measurementURL(image, constants.CDNMeasurementsFile)
 	if err != nil {
 		panic(err)
 	}
-	signatureURL, err := measurementURL(image, "measurements.json.sig")
+	signatureURL, err := measurementURL(image, constants.CDNMeasurementsSignature)
 	if err != nil {
 		panic(err)
 	}
--- a/internal/constellation/helm/generateCertManager.sh
+++ b/internal/constellation/helm/generateCertManager.sh
@ -8,7 +8,7 @@ echo "Pulling cert-manager Helm chart..."
 version="1.12.6"

 function cleanup {
-  rm -r "charts/cert-manager/README.md" "charts/cert-manager-v${version}.tgz"
+  rm -rf "charts/cert-manager/README.md" "charts/cert-manager-v${version}.tgz"
 }

 trap cleanup EXIT
--- a/internal/constellation/helm/generateCilium.sh
+++ b/internal/constellation/helm/generateCilium.sh
@ -7,7 +7,7 @@ shopt -s inherit_errexit
 echo "Pulling Cilium Helm chart..."

 function cleanup {
-  rm -r "${ciliumTmpDir}"
+  rm -rf -- "${ciliumTmpDir}"
 }

 trap cleanup EXIT
--- a/internal/constellation/helm/update-csi-charts.sh
+++ b/internal/constellation/helm/update-csi-charts.sh
@ -27,9 +27,6 @@ fi
 #   $3: path to the Helm chart in the git repo
 #   $4: name of the Helm chart
 download_chart() {
-  cleanup() {
-    rm -r "${repo_tmp_dir}"
-  }
  chart_url=$1
  branch=$2
  chart_dir=$3
@ -55,19 +52,19 @@ download_chart() {
  cd "${callDir}"

  # remove old chart
-  rm -r "${chart_base_path:?}/${chart_name}"
+  rm -rf -- "${chart_base_path:?}/${chart_name}"

  # move new chart
  mkdir -p "${chart_base_path}/${chart_name}"
  cp -r "${repo_tmp_dir}/${chart_dir}"/* "${chart_base_path}/${chart_name}"

+  rm -r -- "${repo_tmp_dir}"
+
  # get new version from Chart.yaml
  new_version=$(yq '.version' "${chart_base_path}/${chart_name}/Chart.yaml")

  # update dependency version in parent Chart.yaml
  yq -i "(.dependencies[] | select( .name== \"${chart_name}\").version) = \"${new_version}\"" "${csi_chart_path}/Chart.yaml"
-
-  return
 }

 ## AWS CSI Driver
--- a/internal/osimage/measurementsuploader/measurementsuploader.go
+++ b/internal/osimage/measurementsuploader/measurementsuploader.go
@ -84,11 +84,11 @@ func (a *Uploader) Upload(ctx context.Context, rawMeasurement, signature io.Read
 	if err != nil {
 		return "", "", fmt.Errorf("creating version: %w", err)
 	}
-	key, err := url.JoinPath(ver.ArtifactPath(versionsapi.APIV2), ver.Kind().String(), "measurements.json")
+	key, err := url.JoinPath(ver.ArtifactPath(versionsapi.APIV2), ver.Kind().String(), constants.CDNMeasurementsFile)
 	if err != nil {
 		return "", "", err
 	}
-	sigKey, err := url.JoinPath(ver.ArtifactPath(versionsapi.APIV2), ver.Kind().String(), "measurements.json.sig")
+	sigKey, err := url.JoinPath(ver.ArtifactPath(versionsapi.APIV2), ver.Kind().String(), constants.CDNMeasurementsSignature)
 	if err != nil {
 		return "", "", err
 	}