GO-2024-2727: Constellation has pods exposed to peers in VPC in github.com/edgelesssys/constellation/v2

internal/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
atls aTLS provides config generation functions to bootstrap attested TLS connections.	aTLS provides config generation functions to bootstrap attested TLS connections.
attestation This package deals with the low level attestation and verification logic of Constellation nodes.	This package deals with the low level attestation and verification logic of Constellation nodes.
aws
azure
azure/snp
azure/trustedlaunch
gcp
idkeydigest
measurements
measurements/measurement-generator
qemu
simulator TPM2 simulator used for unit tests.	TPM2 simulator used for unit tests.
vtpm
cloud
aws Implements interaction with the AWS API.	Implements interaction with the AWS API.
azure Implements interaction with the Azure API.	Implements interaction with the Azure API.
azureshared Package gcpshared contains code to parse and define data types relevant for Microsoft Azure.	Package gcpshared contains code to parse and define data types relevant for Microsoft Azure.
cloudprovider
gcp Implements interaction with the GCP API.	Implements interaction with the GCP API.
gcpshared Package gcpshared contains code to parse and define data types relevant for Google Cloud Platform.	Package gcpshared contains code to parse and define data types relevant for Google Cloud Platform.
metadata
qemu This package provides an interface to fake a CSP API for QEMU instances.	This package provides an interface to fake a CSP API for QEMU instances.
compatibility Package compatibility offers helper functions for comparing and filtering versions.	Package compatibility offers helper functions for comparing and filtering versions.
config Definitions for Constellation's user config file.	Definitions for Constellation's user config file.
instancetypes
constants Package constants contains the constants used by Constellation.	Package constants contains the constants used by Constellation.
crypto Package crypto provides functions to for cryptography and random numbers.	Package crypto provides functions to for cryptography and random numbers.
testvector Package testvector provides test vectors for key derivation and crypto functions.	Package testvector provides test vectors for key derivation and crypto functions.
cryptsetup Package cryptsetup contains CGO bindings for cryptsetup.	Package cryptsetup contains CGO bindings for cryptsetup.
deploy
helm Package helm provides types and functions shared across services.	Package helm provides types and functions shared across services.
file Package file provides functions that combine file handling, JSON marshaling and file system abstraction.	Package file provides functions that combine file handling, JSON marshaling and file system abstraction.
grpc
atlscredentials Package atlscredentials handles creation of TLS credentials for attested TLS (ATLS).	Package atlscredentials handles creation of TLS credentials for attested TLS (ATLS).
dialer Package dialer provides a grpc dialer that can be used to create grpc client connections with different levels of ATLS encryption / verification.	Package dialer provides a grpc dialer that can be used to create grpc client connections with different levels of ATLS encryption / verification.
grpclog grpclog provides a logging utilities for gRPC.	grpclog provides a logging utilities for gRPC.
retry Package retry provides functions to check if a gRPC error is retryable.	Package retry provides functions to check if a gRPC error is retryable.
testdialer Package testdialer provides a fake dialer for testing.	Package testdialer provides a fake dialer for testing.
installer Package installer provides functionality to install binary components of supported kubernetes versions.	Package installer provides functionality to install binary components of supported kubernetes versions.
kms Package kms provides an abstract interface for Key Management Services.	Package kms provides an abstract interface for Key Management Services.
config Package config provides configuration constants for the KeyService.	Package config provides configuration constants for the KeyService.
kms/aws Package aws implements a KMS backend for AWS KMS.	Package aws implements a KMS backend for AWS KMS.
kms/azure Package azure implements KMS backends for Azure Key Vault and Azure managed HSM.	Package azure implements KMS backends for Azure Key Vault and Azure managed HSM.
kms/cluster Package cluster implements a KMS backend for in cluster key management.	Package cluster implements a KMS backend for in cluster key management.
kms/gcp Package gcp implements a KMS backend for Google Cloud KMS.	Package gcp implements a KMS backend for Google Cloud KMS.
kms/internal Package internal implements the CloudKMS interface using go-kms-wrapping.	Package internal implements the CloudKMS interface using go-kms-wrapping.
setup Package setup provides functions to create a KMS and key store from a given URI.	Package setup provides functions to create a KMS and key store from a given URI.
storage Package storage implements storage backends for DEKs.	Package storage implements storage backends for DEKs.
storage/awss3 Package awss3 implements a storage backend for the KMS using AWS S3: https://aws.amazon.com/s3/	Package awss3 implements a storage backend for the KMS using AWS S3: https://aws.amazon.com/s3/
storage/azureblob Package azureblob implements a storage backend for the KMS using Azure Blob Storage.	Package azureblob implements a storage backend for the KMS using Azure Blob Storage.
storage/gcs Package gcs implements a storage backend for the KMS using Google Cloud Storage (GCS).	Package gcs implements a storage backend for the KMS using Google Cloud Storage (GCS).
storage/memfs Package memfs implements a storage backend for the KMS that stores keys in memory only.	Package memfs implements a storage backend for the KMS that stores keys in memory only.
uri Package uri provides URIs and parsing logic for KMS and storage URIs.	Package uri provides URIs and parsing logic for KMS and storage URIs.
kubernetes Package kubernetes provides data types and custom marshalers for Kubernetes API objects.	Package kubernetes provides data types and custom marshalers for Kubernetes API objects.
kubectl Package kubectl provides a kubectl-like interface for Kubernetes.	Package kubectl provides a kubectl-like interface for Kubernetes.
license Package license provides functions to check a user's Constellation license.	Package license provides functions to check a user's Constellation license.
logger Package logger provides logging functionality for Constellation services.	Package logger provides logging functionality for Constellation services.
nodestate Package nodestate is used to persist the state of a Constellation node to disk.	Package nodestate is used to persist the state of a Constellation node to disk.
oid Package oid defines OIDs for different CSPs.	Package oid defines OIDs for different CSPs.
retry Package retry provides a simple interface for retrying operations.	Package retry provides a simple interface for retrying operations.
role
semver Package semver provides functionality to parse and process semantic versions, as they are used in multiple components of Constellation.	Package semver provides functionality to parse and process semantic versions, as they are used in multiple components of Constellation.
sigstore Package sigstore is used to verify Constellation components using sigstore, cosign and rekor.	Package sigstore is used to verify Constellation components using sigstore, cosign and rekor.
versions Package versions defines the supported versions of Constellation components.	Package versions defines the supported versions of Constellation components.
components
hash-generator
versionsapi
cli This package provides a CLI tool to interact with the Constellation versions API.	This package provides a CLI tool to interact with the Constellation versions API.
client Package client provides a client for the versions API.	Package client provides a client for the versions API.
fetcher Package fetcher implements a client for the versions API.	Package fetcher implements a client for the versions API.
watcher Package watcher implements a file watcher to update an object on file changes.	Package watcher implements a file watcher to update an object on file changes.