Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

attestation: create issuer based on kernel cmd line #1355

Merged
merged 4 commits into from
Mar 9, 2023
Merged

attestation: create issuer based on kernel cmd line #1355

merged 4 commits into from
Mar 9, 2023

Conversation

daniel-weisse
Copy link
Member

Proposed change(s)

  • Instead of relying on just the Cloud Provider to identify what Attestation Issuer we need to set up, we now use information from the Kernel command line to do so
  • Add choose.Issuer() and choose.Validator() utility functions to create Issuer or Validator from a given oid

Additional info

  • Set up of Issuer for the VerifyService will be handled in a different PR
  • Dynamic creation of Validators using choose.Validator() will be handled in a different PR

Checklist

  • Update docs
  • Add labels (e.g., for changelog category)
  • Link to Milestone

@daniel-weisse daniel-weisse requested a review from malt3 March 7, 2023 12:38
@netlify
Copy link

netlify bot commented Mar 7, 2023
edited

Deploy Preview for constellation-docs canceled.

Name Link
🔨 Latest commit f0503ea
🔍 Latest deploy log https://app.netlify.com/sites/constellation-docs/deploys/64099a3bd21e2b00080ab91d

malt3
malt3 reviewed Mar 8, 2023
View reviewed changes
Copy link
Contributor

@malt3 malt3 left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change so far looks good.
Do we also want to implement a chooser to select the validator for the joinservice? We would need to pass this as either an env var or a command line flag and then refactor internal/watcher/validator.go a bit.
What do you think? A TODO would be good enough for now.

internal/attestation/choose/choose.go Outdated Show resolved Hide resolved
internal/attestation/choose/choose.go Outdated Show resolved Hide resolved
@daniel-weisse
Copy link
Member Author

Do we also want to implement a chooser to select the validator for the joinservice?

See my PR description. Related Ticket: AB#2975

@daniel-weisse daniel-weisse requested a review from malt3 March 8, 2023 14:33
@daniel-weisse daniel-weisse force-pushed the feat/attestation/variant-selection branch from ad2d52a to a0cc77a Compare March 8, 2023 15:33
@daniel-weisse
Create attestation issuer based on Kernel CMD line
9b29d3f 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
@daniel-weisse
Add test
503445d 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
@daniel-weisse
logger interface
15e864c 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
@daniel-weisse
Remove TODO
f0503ea 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
@daniel-weisse daniel-weisse force-pushed the feat/attestation/variant-selection branch from a0cc77a to f0503ea Compare March 9, 2023 08:35
@daniel-weisse daniel-weisse merged commit 5bad5f7 into main Mar 9, 2023
@daniel-weisse daniel-weisse deleted the feat/attestation/variant-selection branch March 9, 2023 08:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@malt3 malt3 malt3 approved these changes

@3u13r 3u13r Awaiting requested review from 3u13r 3u13r is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@daniel-weisse @malt3