attestationconfigapi

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2024 License: AGPL-3.0 Imports: 10 Imported by: 0

Documentation

Overview

AttestationConfig API

The AttestationConfig API provides values for the attestation key in the Constellation config.

This package defines API types that represents objects of the AttestationConfig API. The types provide helper methods for validation and commonly used operations on the information contained in the objects. Especially the paths used for the API are defined in these helper methods.

Regarding the decision to implement new types over using the existing types from internal/config: AttestationCfg objects for AttestationCfg API need to hold some version information (for sorting, recognizing latest). Thus, existing config types (AWSNitroTPM, AzureSEVSNP, ...) can not be extended to implement apiObject interface. Instead, we need a separate type that wraps _all_ attestation types. In the codebase this is done using the AttestationCfg interface. The new type AttestationCfgGet needs to be located inside internal/config in order to implement UnmarshalJSON.

Index

Constants

View Source
const AttestationURLPath = "constellation/v1/attestation"

AttestationURLPath is the URL path to the attestation versions.

Variables

This section is empty.

Functions

This section is empty.

Types

type Entry

type Entry struct {
	Version string          `json:"-"`
	Variant variant.Variant `json:"-"`
	SEVSNPVersion
	TDXVersion
}

Entry is the request to get the version information of the specific version in the config api.

TODO: Because variant is not part of the marshalled JSON, fetcher and client methods need to fill the variant property. In API v2 we should embed the variant in the object and remove some code from fetcher & client. That would remove the possibility of some fetcher/client code forgetting to set the variant.

func (Entry) JSONPath

func (i Entry) JSONPath() string

JSONPath returns the path to the JSON file for the request to the config api.

func (Entry) Validate

func (i Entry) Validate() error

Validate is a No-Op at the moment.

func (Entry) ValidateRequest

func (i Entry) ValidateRequest() error

ValidateRequest validates the request.

type Fetcher

type Fetcher interface {
	FetchLatestVersion(ctx context.Context, attestation variant.Variant) (Entry, error)
}

Fetcher fetches config API resources without authentication.

func NewFetcher

func NewFetcher() Fetcher

NewFetcher returns a new apifetcher.

func NewFetcherWithClient

func NewFetcherWithClient(client apifetcher.HTTPClient, cdnURL string) Fetcher

NewFetcherWithClient returns a new fetcher with custom http client.

func NewFetcherWithCustomCDNAndCosignKey

func NewFetcherWithCustomCDNAndCosignKey(cdnURL, cosignKey string) Fetcher

NewFetcherWithCustomCDNAndCosignKey returns a new fetcher with custom CDN URL.

type List

type List struct {
	Variant variant.Variant
	List    []string
}

List is the request to retrieve of all versions in the API for one attestation variant.

TODO: Because variant is not part of the marshalled JSON, fetcher and client methods need to fill the variant property. In API v2 we should embed the variant in the object and remove some code from fetcher & client. That would remove the possibility of some fetcher/client code forgetting to set the variant.

func (*List) AddVersion

func (i *List) AddVersion(new string)

AddVersion adds new to i's list and sorts the element in descending order.

func (List) JSONPath

func (i List) JSONPath() string

JSONPath returns the path to the JSON file for the request to the config api.

func (List) MarshalJSON

func (i List) MarshalJSON() ([]byte, error)

MarshalJSON marshals the i's list property to JSON.

func (*List) SortReverse

func (i *List) SortReverse()

SortReverse sorts the list of versions in reverse order.

func (*List) UnmarshalJSON

func (i *List) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals a list of strings into i's list property.

func (List) Validate

func (i List) Validate() error

Validate validates the response.

func (List) ValidateRequest

func (i List) ValidateRequest() error

ValidateRequest is a NoOp as there is no input.

type SEVSNPVersion

type SEVSNPVersion struct {
	// Bootloader is the latest version of the SEV-SNP bootloader.
	Bootloader uint8 `json:"bootloader"`
	// TEE is the latest version of the SEV-SNP TEE.
	TEE uint8 `json:"tee"`
	// SNP is the latest version of the SEV-SNP SNP.
	SNP uint8 `json:"snp"`
	// Microcode is the latest version of the SEV-SNP microcode.
	Microcode uint8 `json:"microcode"`
}

SEVSNPVersion tracks the latest version of each component for SEV-SNP.

type TDXVersion

type TDXVersion struct {
	// QESVN is the latest QE security version number.
	QESVN uint16 `json:"qeSVN"`
	// PCESVN is the latest PCE security version number.
	PCESVN uint16 `json:"pceSVN"`
	// TEETCBSVN are the latest component-wise security version numbers for the TEE.
	TEETCBSVN [16]byte `json:"teeTCBSVN"`
	// QEVendorID is the latest QE vendor ID.
	QEVendorID [16]byte `json:"qeVendorID"`
	// XFAM is the latest XFAM field.
	XFAM [8]byte `json:"xfam"`
}

TDXVersion tracks the latest version of each component for TDX.

Directories

Path Synopsis
cli
client
package client contains code to manage CVM versions in Constellation's CDN API.
package client contains code to manage CVM versions in Constellation's CDN API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL