constants

package

v2.16.4 Latest Latest Go to latest Published: May 14, 2024 License: AGPL-3.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgelesssys/constellation

Links

Open Source Insights

Documentation ¶

Overview ¶

Package constants contains the constants used by Constellation. Constants should never be overwritable by command line flags or configuration files.

Constants ¶

View Source

const (

	// ConstellationNameLength is the maximum length of a Constellation's name.
	ConstellationNameLength = 37
	// AWSConstellationNameLength is the maximum length of a Constellation's name on AWS.
	AWSConstellationNameLength = 10
	// ConstellationMasterSecretStoreName is the name for the Constellation secrets in Kubernetes.
	ConstellationMasterSecretStoreName = "constellation-mastersecret"
	// ConstellationMasterSecretKey is the name of the key for the master secret in the master secret kubernetes secret.
	ConstellationMasterSecretKey = "mastersecret"
	// ConstellationSaltKey is the name of the key for the salt in the master secret kubernetes secret.
	ConstellationSaltKey = "salt"
	// ConstellationVerifyServiceUserData is the user data that the verification service includes in the attestation.
	ConstellationVerifyServiceUserData = "VerifyService"
	// AttestationVariant is the name of the environment variable that contains the attestation variant.
	AttestationVariant = "CONSTEL_ATTESTATION_VARIANT"
	// DefaultControlPlaneGroupName is the name of the default control plane node group.
	DefaultControlPlaneGroupName = "control_plane_default"
	// DefaultWorkerGroupName is the name of the default worker node group.
	DefaultWorkerGroupName = "worker_default"
	// CLIDebugLogFile is the name of the debug log file for constellation init/constellation apply.
	CLIDebugLogFile = "constellation-debug.log"

	// JoinServicePort is the port for reaching the join service within Kubernetes.
	JoinServicePort = 9090
	// JoinServiceNodePort is the port for reaching the join service outside of Kubernetes.
	JoinServiceNodePort = 30090
	// VerifyServicePortHTTP HTTP port for verification service.
	VerifyServicePortHTTP = 8080
	// VerifyServicePortGRPC GRPC port for verification service.
	VerifyServicePortGRPC = 9090
	// VerifyServiceNodePortHTTP HTTP node port for verification service.
	VerifyServiceNodePortHTTP = 30080
	// VerifyServiceNodePortGRPC GRPC node port for verification service.
	VerifyServiceNodePortGRPC = 30081
	// KeyServicePort is the port the KMS server listens on.
	KeyServicePort = 9000
	// BootstrapperPort port of bootstrapper.
	BootstrapperPort = 9000
	// KubernetesPort port for Kubernetes API.
	KubernetesPort = 6443
	// RecoveryPort port for Constellation recovery server.
	RecoveryPort = 9999
	// DebugdPort port for debugd process.
	DebugdPort = 4000

	// StateFilename filename that contains the entire state of the Constellation cluster.
	StateFilename = "constellation-state.yaml"
	// ConfigFilename filename of Constellation config file.
	ConfigFilename = "constellation-conf.yaml"
	// LicenseFilename filename of Constellation license file.
	LicenseFilename = "constellation.license"
	// AdminConfFilename filename of KubeConfig for admin access to Constellation.
	AdminConfFilename = "constellation-admin.conf"
	// MasterSecretFilename filename of Constellation mastersecret.
	MasterSecretFilename = "constellation-mastersecret.json"
	// TerraformWorkingDir is the directory name for the TerraformClient workspace.
	TerraformWorkingDir = "constellation-terraform"
	// TerraformIAMWorkingDir is the directory name for the Terraform IAM Client workspace.
	TerraformIAMWorkingDir = "constellation-iam-terraform"
	// GCPServiceAccountKeyFilename is the file name for the GCP service account key file.
	GCPServiceAccountKeyFilename = "gcpServiceAccountKey.json"
	// ErrorLog file which contains server errors during init.
	ErrorLog = "constellation-cluster.log"
	// ControlPlaneAdminConfFilename filepath to control plane kubernetes admin config.
	ControlPlaneAdminConfFilename = "/etc/kubernetes/admin.conf"
	// KubectlPath path to kubectl binary.
	KubectlPath = "/run/state/bin/kubectl"
	// UpgradeAgentSocketPath is the path to the UDS that is used for the gRPC connection to the upgrade agent.
	UpgradeAgentSocketPath = "/run/constellation-upgrade-agent.sock"
	// UpgradeAgentMountPath is the path inside the operator container where the UDS is mounted.
	UpgradeAgentMountPath = "/etc/constellation-upgrade-agent.sock"
	// CniPluginsDir path directory for CNI plugins.
	CniPluginsDir = "/opt/cni/bin"
	// BinDir install path for CNI config.
	BinDir = "/run/state/bin"
	// KubeadmPath install path for kubeadm.
	KubeadmPath = "/run/state/bin/kubeadm"
	// KubeletPath install path for kubelet.
	KubeletPath = "/run/state/bin/kubelet"
	// KubeadmPatchDir directory for kubeadm patches .
	KubeadmPatchDir = "/opt/kubernetes/patches"

	// ServiceBasePath is the base path for the mounted micro service's files.
	ServiceBasePath = "/var/config"
	// AttestationConfigFilename is the filename of the config used for CC validation.
	AttestationConfigFilename = "attestationConfig"
	// MeasurementSaltFilename is the filename of the salt used in creation of the clusterID.
	MeasurementSaltFilename = "measurementSalt"
	// MeasurementSecretFilename is the filename of the secret used in creation of the clusterID.
	MeasurementSecretFilename = "measurementSecret"

	// K8sVersionFieldName is the name of the of the key holding the wanted Kubernetes version.
	K8sVersionFieldName = "cluster-version"
	// ComponentsListKey is the name of the key holding the list of components in the components configMap.
	ComponentsListKey = "components"
	// SevSnpCertCacheConfigMapName is the name of the configMap holding the SEV-SNP certificate cache in the join service.
	SevSnpCertCacheConfigMapName = "sev-snp-cert-cache"
	// CertCacheAskKey is the name of the key holding the ASK certificate in the SEV-SNP certificate cache.
	CertCacheAskKey = "ask"
	// CertCacheArkKey is the name of the key holding the ARK certificate in the SEV-SNP certificate cache.
	CertCacheArkKey = "ark"
	// NodeVersionResourceName resource name used for NodeVersion in constellation-operator and CLI.
	NodeVersionResourceName = "constellation-version"
	// NodeKubernetesComponentsAnnotationKey is the name of the annotation holding the reference to the ConfigMap listing all K8s components.
	NodeKubernetesComponentsAnnotationKey = "constellation.edgeless.systems/kubernetes-components"
	// JoiningNodesConfigMapName is the name of the configMap holding the joining nodes with the components hashes the node-operator should annotate the nodes with.
	JoiningNodesConfigMapName = "joining-nodes"

	// MinControllerCount is the minimum number of control nodes.
	MinControllerCount = 1
	// MinWorkerCount is the minimum number of worker nodes.
	MinWorkerCount = 1
	// EnvVarPrefix is expected prefix for environment variables used to overwrite config parameters.
	EnvVarPrefix = "CONSTELL_"
	// EnvVarAzureClientSecretValue is environment variable to overwrite
	// provider.azure.clientSecretValue .
	EnvVarAzureClientSecretValue = EnvVarPrefix + "AZURE_CLIENT_SECRET_VALUE"
	// EnvVarOpenStackPassword is environment variable to overwrite
	// provider.openstack.password .
	EnvVarOpenStackPassword = EnvVarPrefix + "OS_PASSWORD"
	// EnvVarNoSpinner is environment variable used to disable the loading indicator (spinner)
	// displayed in Constellation CLI. Any non-empty value, e.g., CONSTELL_NO_SPINNER=1,
	// can be used to disable the spinner.
	EnvVarNoSpinner = EnvVarPrefix + "NO_SPINNER"
	// MiniConstellationUID is a sentinel value for the UID of a mini constellation.
	MiniConstellationUID = "mini"
	// MiniConstellationName is a sentinel value for the name of a mini constellation.
	MiniConstellationName = MiniConstellationUID + "-qemu"
	// TerraformLogFile is the file name of the Terraform log file.
	TerraformLogFile = "terraform.log"
	// TerraformUpgradeWorkingDir is the directory name for the Terraform workspace being used in an upgrade.
	TerraformUpgradeWorkingDir = "terraform"
	// TerraformIAMUpgradeWorkingDir is the directory name for the Terraform IAM workspace being used in an upgrade.
	TerraformIAMUpgradeWorkingDir = "terraform-iam"
	// TerraformUpgradeBackupDir is the directory name being used to backup the pre-upgrade state in an upgrade.
	TerraformUpgradeBackupDir = "terraform-backup"
	// TerraformIAMUpgradeBackupDir is the directory name being used to backup the pre-upgrade state of iam in an upgrade.
	TerraformIAMUpgradeBackupDir = "terraform-iam-backup"
	// TerraformEmbeddedDir is the name of the base directory embedded in the CLI binary containing the Terraform files.
	TerraformEmbeddedDir = "infrastructure"
	// UpgradeDir is the name of the directory being used for cluster upgrades.
	UpgradeDir = "constellation-upgrade"
	// ControlPlaneDefault is the name of the default control plane worker group.
	ControlPlaneDefault = "control_plane_default"
	// WorkerDefault is the name of the default worker group.
	WorkerDefault = "worker_default"

	// MarketplaceImageURIScheme is the scheme used for Constellation marketplace OS images.
	MarketplaceImageURIScheme = "constellation-marketplace-image"

	// AzureMarketplaceImagePublisherKey is the URI key for the Azure Marketplace image publisher.
	AzureMarketplaceImagePublisherKey = "publisher"
	// AzureMarketplaceImageOfferKey is the URI key for the Azure Marketplace image offer.
	AzureMarketplaceImageOfferKey = "offer"
	// AzureMarketplaceImageSkuKey is the URI key for the Azure Marketplace image SKU.
	AzureMarketplaceImageSkuKey = "sku"
	// AzureMarketplaceImageVersionKey is the URI key for the Azure Marketplace image version.
	AzureMarketplaceImageVersionKey = "version"
	// AzureMarketplaceImagePublisher is the publisher of the Azure Marketplace image.
	AzureMarketplaceImagePublisher = "edgelesssystems"
	// AzureMarketplaceImageOffer is the offer of the Azure Marketplace image.
	AzureMarketplaceImageOffer = "constellation"
	// AzureMarketplaceImagePlan is the plan of the Azure Marketplace image.
	AzureMarketplaceImagePlan = "constellation"

	// KubernetesJoinTokenTTL time to live for Kubernetes join token.
	KubernetesJoinTokenTTL = 15 * time.Minute
	// ConstellationNamespace namespace to deploy Constellation components into.
	ConstellationNamespace = "kube-system"
	// JoinConfigMap k8s config map with node join config.
	JoinConfigMap = "join-config"
	// InternalConfigMap k8s config map with internal Constellation config.
	InternalConfigMap = "internal-config"
	// KubeadmConfigMap k8s config map with kubeadm config
	// (holds ClusterConfiguration).
	KubeadmConfigMap = "kubeadm-config"
	// ClusterConfigurationKey key in kubeadm config map with ClusterConfiguration.
	ClusterConfigurationKey = "ClusterConfiguration"

	// HelmNamespace namespace for helm charts.
	HelmNamespace = "kube-system"

	// CDNRepositoryURL is the base URL of the Constellation CDN artifact repository.
	CDNRepositoryURL = "https://cdn.confidential.cloud"
	// CDNAPIBase is the (un-versioned) prefix of the Constellation API.
	CDNAPIBase = "constellation"
	// CDNAPIPrefix is the prefix of the Constellation API (V1).
	CDNAPIPrefix = CDNAPIBase + "/v1"
	// CDNAPIPrefixV2 is the prefix of the Constellation API (v2).
	CDNAPIPrefixV2 = CDNAPIBase + "/v2"
	// CDNAttestationConfigPrefixV1 is the prefix of the Constellation AttestationConfig API (v1).
	CDNAttestationConfigPrefixV1 = CDNAPIPrefix + "/attestation"
	// CDNMeasurementsFile is name of file containing image measurements.
	CDNMeasurementsFile = "measurements.json"
	// CDNMeasurementsSignature is name of file containing signature for CDNMeasurementsFile.
	CDNMeasurementsSignature = "measurements.json.sig"
	// CDNDefaultDistributionID is the default CloudFront distribution ID to use.
	CDNDefaultDistributionID = "E1H77EZTHC3NE4"

	// CosignPublicKeyReleases signs all our releases.
	CosignPublicKeyReleases = `` /* 178-byte string literal not displayed */

	// CosignPublicKeyDev signs all our development builds.
	CosignPublicKeyDev = `` /* 178-byte string literal not displayed */

	// ConstellationClusterURIScheme is the scheme used in Terraform Constellation cluster import URIs.
	ConstellationClusterURIScheme = "constellation-cluster"
	// KubeConfigURIKey is the key used for the KubeConfig in Terraform Constellation cluster import URIs.
	KubeConfigURIKey = "kubeConfig"
	// ClusterEndpointURIKey is the key used for the cluster endpoint in Terraform Constellation cluster import URIs.
	ClusterEndpointURIKey = "clusterEndpoint"
	// MasterSecretURIKey is the key used for the master secret in Terraform Constellation cluster import URIs.
	MasterSecretURIKey = "masterSecret"
	// MasterSecretSaltURIKey is the key used for the master secret salt in Terraform Constellation cluster import URIs.
	MasterSecretSaltURIKey = "masterSecretSalt"
)

View Source

const VersionBuild = "Open-source software build; AGPL-3.0-only applies"

VersionBuild is the category of the current build.

Variables ¶

This section is empty.

Functions ¶

func BinaryVersion ¶ added in v2.10.0

func BinaryVersion() semver.Semver

BinaryVersion returns the version of this Binary.

func Commit ¶ added in v2.7.0

func Commit() string

Commit returns the commit hash of a binary.

func State ¶ added in v2.7.0

func State() string

State returns the git state of the working directory.

func Timestamp ¶ added in v2.7.0

func Timestamp() string

Timestamp returns the commit timestamp of a binary.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL