Directories ¶
Path | Synopsis |
---|---|
api
|
|
attestationconfigapi/cli/client
package client contains code to manage CVM versions in Constellation's CDN API.
|
package client contains code to manage CVM versions in Constellation's CDN API. |
client
Package client provides a client for the versions API.
|
Package client provides a client for the versions API. |
fetcher
Package fetcher implements a client for the Constellation Resource API.
|
Package fetcher implements a client for the Constellation Resource API. |
versionsapi/cli
This package provides a CLI tool to interact with the Constellation versions API.
|
This package provides a CLI tool to interact with the Constellation versions API. |
aTLS provides config generation functions to bootstrap attested TLS connections.
|
aTLS provides config generation functions to bootstrap attested TLS connections. |
This package deals with the low level attestation and verification logic of Constellation nodes.
|
This package deals with the low level attestation and verification logic of Constellation nodes. |
aws/snp
--------- WARNING! ---------
|
--------- WARNING! --------- |
azure/tdx
package tdx implements attestation for TDX on Azure.
|
package tdx implements attestation for TDX on Azure. |
idkeydigest
Package idkeydigest provides type definitions for the `idkeydigest` value of SEV-SNP attestation.
|
Package idkeydigest provides type definitions for the `idkeydigest` value of SEV-SNP attestation. |
initialize
Package initialize implements functions to mark a node as initialized in the context of cluster attestation.
|
Package initialize implements functions to mark a node as initialized in the context of cluster attestation. |
simulator
TPM2 simulator used for unit tests.
|
TPM2 simulator used for unit tests. |
snp
Package SNP provides types shared by SNP-based attestation implementations.
|
Package SNP provides types shared by SNP-based attestation implementations. |
tdx
Package TDX implements attestation for Intel TDX.
|
Package TDX implements attestation for Intel TDX. |
variant
Package variant defines Attestation variants for different CSPs.
|
Package variant defines Attestation variants for different CSPs. |
aws
Implements interaction with the AWS API.
|
Implements interaction with the AWS API. |
azure
Implements interaction with the Azure API.
|
Implements interaction with the Azure API. |
azureshared
Package gcpshared contains code to parse and define data types relevant for Microsoft Azure.
|
Package gcpshared contains code to parse and define data types relevant for Microsoft Azure. |
gcp
Implements interaction with the GCP API.
|
Implements interaction with the GCP API. |
gcpshared
Package gcpshared contains code to parse and define data types relevant for Google Cloud Platform.
|
Package gcpshared contains code to parse and define data types relevant for Google Cloud Platform. |
qemu
This package provides an interface to fake a CSP API for QEMU instances.
|
This package provides an interface to fake a CSP API for QEMU instances. |
Package compatibility offers helper functions for comparing and filtering versions.
|
Package compatibility offers helper functions for comparing and filtering versions. |
imageversion
Package imageversion contains the pinned container images for the config.
|
Package imageversion contains the pinned container images for the config. |
migration
Package migration contains outdated configuration formats and their migration functions.
|
Package migration contains outdated configuration formats and their migration functions. |
Package constants contains the constants used by Constellation.
|
Package constants contains the constants used by Constellation. |
This package capsulates the Constellation API, which is used to manage and interact with Constellation clusters.
|
This package capsulates the Constellation API, which is used to manage and interact with Constellation clusters. |
featureset
package featureset provides a way to check whether a feature is enabled in the current build.
|
package featureset provides a way to check whether a feature is enabled in the current build. |
helm
Package helm provides a higher level interface to the Helm Go SDK.
|
Package helm provides a higher level interface to the Helm Go SDK. |
helm/imageversion
Package imageversion contains the pinned container images for the helm charts.
|
Package imageversion contains the pinned container images for the helm charts. |
kubecmd
Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI.
|
Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI. |
state
package state defines the structure of the Constellation state file.
|
package state defines the structure of the Constellation state file. |
This package provides container image names, registry info and digests.
|
This package provides container image names, registry info and digests. |
Package crypto provides functions to for cryptography and random numbers.
|
Package crypto provides functions to for cryptography and random numbers. |
testvector
Package testvector provides test vectors for key derivation and crypto functions.
|
Package testvector provides test vectors for key derivation and crypto functions. |
Package cryptsetup provides a wrapper around libcryptsetup.
|
Package cryptsetup provides a wrapper around libcryptsetup. |
Package encoding provides data types and functions for JSON or YAML encoding/decoding.
|
Package encoding provides data types and functions for JSON or YAML encoding/decoding. |
Package file provides functions that combine file handling, JSON marshaling and file system abstraction.
|
Package file provides functions that combine file handling, JSON marshaling and file system abstraction. |
grpc
|
|
atlscredentials
Package atlscredentials handles creation of TLS credentials for attested TLS (ATLS).
|
Package atlscredentials handles creation of TLS credentials for attested TLS (ATLS). |
dialer
Package dialer provides a grpc dialer that can be used to create grpc client connections with different levels of ATLS encryption / verification.
|
Package dialer provides a grpc dialer that can be used to create grpc client connections with different levels of ATLS encryption / verification. |
grpclog
grpclog provides a logging utilities for gRPC.
|
grpclog provides a logging utilities for gRPC. |
retry
Package retry provides functions to check if a gRPC error is retryable.
|
Package retry provides functions to check if a gRPC error is retryable. |
testdialer
Package testdialer provides a fake dialer for testing.
|
Package testdialer provides a fake dialer for testing. |
Package imagefetcher provides helping wrappers around a versionsapi fetcher.
|
Package imagefetcher provides helping wrappers around a versionsapi fetcher. |
Package installer provides functionality to install binary components of supported kubernetes versions.
|
Package installer provides functionality to install binary components of supported kubernetes versions. |
Package kms provides an abstract interface for Key Management Services.
|
Package kms provides an abstract interface for Key Management Services. |
config
Package config provides configuration constants for the KeyService.
|
Package config provides configuration constants for the KeyService. |
kms/aws
Package aws implements a KMS backend for AWS KMS.
|
Package aws implements a KMS backend for AWS KMS. |
kms/azure
Package azure implements KMS backends for Azure Key Vault and Azure managed HSM.
|
Package azure implements KMS backends for Azure Key Vault and Azure managed HSM. |
kms/cluster
Package cluster implements a KMS backend for in cluster key management.
|
Package cluster implements a KMS backend for in cluster key management. |
kms/gcp
Package gcp implements a KMS backend for Google Cloud KMS.
|
Package gcp implements a KMS backend for Google Cloud KMS. |
kms/internal
Package internal implements the CloudKMS interface using go-kms-wrapping.
|
Package internal implements the CloudKMS interface using go-kms-wrapping. |
setup
Package setup provides functions to create a KMS and key store from a given URI.
|
Package setup provides functions to create a KMS and key store from a given URI. |
storage
Package storage implements storage backends for DEKs.
|
Package storage implements storage backends for DEKs. |
storage/awss3
Package awss3 implements a storage backend for the KMS using AWS S3: https://aws.amazon.com/s3/
|
Package awss3 implements a storage backend for the KMS using AWS S3: https://aws.amazon.com/s3/ |
storage/azureblob
Package azureblob implements a storage backend for the KMS using Azure Blob Storage.
|
Package azureblob implements a storage backend for the KMS using Azure Blob Storage. |
storage/gcs
Package gcs implements a storage backend for the KMS using Google Cloud Storage (GCS).
|
Package gcs implements a storage backend for the KMS using Google Cloud Storage (GCS). |
storage/memfs
Package memfs implements a storage backend for the KMS that stores keys in memory only.
|
Package memfs implements a storage backend for the KMS that stores keys in memory only. |
uri
Package uri provides URIs and parsing logic for KMS and storage URIs.
|
Package uri provides URIs and parsing logic for KMS and storage URIs. |
Package kubernetes provides data types and custom marshalers for Kubernetes API objects.
|
Package kubernetes provides data types and custom marshalers for Kubernetes API objects. |
kubectl
Package kubectl provides a kubectl-like interface for Kubernetes.
|
Package kubectl provides a kubectl-like interface for Kubernetes. |
Package license provides functions to check a user's Constellation license.
|
Package license provides functions to check a user's Constellation license. |
Package logger provides helper functions that can be used in combination with slog to increase functionality or make working with slog easier.
|
Package logger provides helper functions that can be used in combination with slog to increase functionality or make working with slog easier. |
Package maa provides an interface for interacting with an MAA service on an infrastructure level.
|
Package maa provides an interface for interacting with an MAA service on an infrastructure level. |
The mpimage package provides utilities for handling CSP marketplace OS images.
|
The mpimage package provides utilities for handling CSP marketplace OS images. |
Package nodestate is used to persist the state of a Constellation node to disk.
|
Package nodestate is used to persist the state of a Constellation node to disk. |
package osimage is used to handle osimages in the CI (uploading and maintenance).
|
package osimage is used to handle osimages in the CI (uploading and maintenance). |
archive
package archive is used to archive OS images in S3.
|
package archive is used to archive OS images in S3. |
imageinfo
package imageinfo is used to upload image info JSON files to S3.
|
package imageinfo is used to upload image info JSON files to S3. |
measurementsuploader
package measurementsuploader is used to upload measurements (v2) JSON files (and signatures) to S3.
|
package measurementsuploader is used to upload measurements (v2) JSON files (and signatures) to S3. |
nop
package nop implements a no-op for CSPs that don't require custom image upload functionality.
|
package nop implements a no-op for CSPs that don't require custom image upload functionality. |
secureboot
package secureboot holds secure boot configuration for image uploads.
|
package secureboot holds secure boot configuration for image uploads. |
uplosi
package uplosi implements uploading os images using uplosi.
|
package uplosi implements uploading os images using uplosi. |
Package retry provides a simple interface for retrying operations.
|
Package retry provides a simple interface for retrying operations. |
Package semver provides functionality to parse and process semantic versions, as they are used in multiple components of Constellation.
|
Package semver provides functionality to parse and process semantic versions, as they are used in multiple components of Constellation. |
keyselect
Package keyselect is used to select the correct public key for signature verification.
|
Package keyselect is used to select the correct public key for signature verification. |
Package staticupload provides a static file uploader/updater/remover for the CDN / static API.
|
Package staticupload provides a static file uploader/updater/remover for the CDN / static API. |
Package validation provides a unified document validation interface for use within the Constellation CLI.
|
Package validation provides a unified document validation interface for use within the Constellation CLI. |
Package verify provides the types for the verify report in JSON format.
|
Package verify provides the types for the verify report in JSON format. |
Package versions defines the supported versions of Constellation components.
|
Package versions defines the supported versions of Constellation components. |
hash-generator
hash-generator updates the binary hashes and kubeadm patches in versions.go in place.
|
hash-generator updates the binary hashes and kubeadm patches in versions.go in place. |
Click to show internal directories.
Click to hide internal directories.