Add aTLS endpoint to KMS (#236)

* Move file watcher and validator to internal * Add aTLS endpoint to KMS for Kubernetes external requests * Update Go version in Dockerfiles * Move most KMS packages to internal Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-08-13 01:05:31 -04:00 · 2022-06-29 16:13:01 +02:00 · 2022-06-29 16:13:01 +02:00 · f9a581f329
commit f9a581f329
parent 042f668d20
66 changed files with 550 additions and 355 deletions
--- a/coordinator/kubernetes/k8sapi/resources/activation.go
+++ b/coordinator/kubernetes/k8sapi/resources/activation.go
@ -138,7 +138,7 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae
 								Image: activationImage,
 								Ports: []k8s.ContainerPort{
 									{
-										ContainerPort: 9090,
+										ContainerPort: constants.ActivationServicePort,
 										Name:          "tcp",
 									},
 								},
@ -148,13 +148,12 @@ func NewActivationDaemonset(csp, measurementsJSON, idJSON string) *activationDae
 								Args: []string{
 									fmt.Sprintf("--cloud-provider=%s", csp),
 									fmt.Sprintf("--kms-endpoint=kms.kube-system:%d", constants.KMSPort),
-									"--v=5",
 								},
 								VolumeMounts: []k8s.VolumeMount{
 									{
 										Name:      "config",
 										ReadOnly:  true,
-										MountPath: constants.ActivationBasePath,
+										MountPath: constants.ServiceBasePath,
 									},
 									{
 										Name:      "kubeadm",