Documentation ¶
Overview ¶
Package bundle implements support for unified runtime bundles.
Index ¶
- func DetachedExplodedPath(dataDir string) string
- func ExplodedPath(dataDir string) string
- type Bundle
- func (bnd *Bundle) Add(fn string, b []byte) error
- func (bnd *Bundle) Close() error
- func (bnd *Bundle) EnclaveIdentity(id component.ID) (*sgx.EnclaveIdentity, error)
- func (bnd *Bundle) ExplodedPath(dataDir, fn string) string
- func (bnd *Bundle) MrEnclave(id component.ID) (*sgx.MrEnclave, error)
- func (bnd *Bundle) MrSigner(id component.ID) (*sgx.MrSigner, error)
- func (bnd *Bundle) ResetManifest()
- func (bnd *Bundle) Validate() error
- func (bnd *Bundle) Write(fn string) error
- func (bnd *Bundle) WriteExploded(dataDir string) error
- type Component
- type Manifest
- type SGXMetadata
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DetachedExplodedPath ¶ added in v0.2401.0
DetachedExplodedPath returns the path under the data directory that contains all of the detached exploded bundles.
func ExplodedPath ¶
ExplodedPath returns the path under the data directory that contains all of the exploded bundles.
Types ¶
type Bundle ¶
type Bundle struct { Manifest *Manifest Data map[string][]byte // contains filtered or unexported fields }
Bundle is a runtime bundle instance.
func (*Bundle) EnclaveIdentity ¶ added in v0.2400.0
EnclaveIdentity returns the SGX enclave identity of the given component.
func (*Bundle) ExplodedPath ¶
ExplodedPath returns the path that the corresponding asset will be written to via WriteExploded.
func (*Bundle) MrSigner ¶ added in v0.2400.0
MrSigner returns the MRSIGNER that signed the SGX executable.
func (*Bundle) ResetManifest ¶ added in v0.2201.9
func (bnd *Bundle) ResetManifest()
ResetManifest removes the serialized manifest from the bundle so that it can be regenerated on the next call to Write.
This needs to be used after doing modifications to bundles.
func (*Bundle) WriteExploded ¶
WriteExploded writes the extracted runtime bundle to the appropriate location under the specified data directory.
type Component ¶ added in v0.2400.0
type Component struct { // Kind is the component kind. Kind component.Kind `json:"kind"` // Name is the name of the component that can be used to filter components when multiple are // provided by a runtime. Name string `json:"name,omitempty"` // Executable is the name of the runtime ELF executable file. Executable string `json:"executable"` // SGX is the SGX specific manifest metadata if any. SGX *SGXMetadata `json:"sgx,omitempty"` // Disabled specifies whether the component is disabled by default and needs to be explicitly // enabled via node configuration to be used. Disabled bool `json:"disabled,omitempty"` }
Component is a runtime component.
func (*Component) IsNetworkAllowed ¶ added in v0.2400.0
IsNetworkAllowed returns true if network access should be allowed for the component.
type Manifest ¶
type Manifest struct { // Name is the optional human readable runtime name. Name string `json:"name,omitempty"` // ID is the runtime ID. ID common.Namespace `json:"id"` // Version is the runtime version. Version version.Version `json:"version,omitempty"` // Executable is the name of the runtime ELF executable file. // NOTE: This may go away in the future, use `Components` instead. Executable string `json:"executable,omitempty"` // SGX is the SGX specific manifest metadata if any. // NOTE: This may go away in the future, use `Components` instead. SGX *SGXMetadata `json:"sgx,omitempty"` // Components are the additional runtime components. Components []*Component `json:"components,omitempty"` // Digests is the cryptographic digests of the bundle contents, // excluding the manifest. Digests map[string]hash.Hash `json:"digests"` }
Manifest is a deserialized runtime bundle manifest.
func (*Manifest) GetAvailableComponents ¶ added in v0.2400.0
GetAvailableComponents collects all of the available components into a map.
func (*Manifest) GetComponentByID ¶ added in v0.2400.0
GetComponentByID returns the first component with the given kind.
func (*Manifest) Hash ¶ added in v0.2401.0
Hash returns a cryptographic hash of the CBOR-serialized manifest.
func (*Manifest) IsDetached ¶ added in v0.2401.0
IsDetached returns true iff the manifest does not include a RONL component. Such bundles require that the RONL component is provided out-of-band (e.g. in a separate bundle).
type SGXMetadata ¶
type SGXMetadata struct { // Executable is the name of the SGX enclave executable file. Executable string `json:"executable"` // Signature is the name of the SGX enclave signature file. Signature string `json:"signature"` }
SGXMetadata is the SGX specific manifest metadata.
func (*SGXMetadata) Validate ¶ added in v0.2400.0
func (s *SGXMetadata) Validate() error
Validate validates the SGX metadata structure for well-formedness.