Skip to content

Commit

Permalink
uplosi: use separate galleries for Azure TDX and TDX
Browse files Browse the repository at this point in the history
  • Loading branch information
@malt3
malt3 committed Jan 16, 2024
1 parent 52dec77 commit 9d6321f
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 8 deletions.
6 changes: 3 additions & 3 deletions internal/attestation/measurements/overrides.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,12 +98,12 @@ type valueOverride struct {
func ApplyOverrides(in M, csp cloudprovider.Provider, attestationVariant string) (M, error) {
out := in.Copy()
var matchingOverrides []measurementOverride
if cspOverride, ok := measurementOverridesForCSP[csp.String()]; ok {
matchingOverrides = append(matchingOverrides, cspOverride)
}
if attestationVariantOverride, ok := measurementOverridesForAttestationVariant[attestationVariant]; ok {
matchingOverrides = append(matchingOverrides, attestationVariantOverride)
}
if cspOverride, ok := measurementOverridesForCSP[csp.String()]; ok {
matchingOverrides = append(matchingOverrides, cspOverride)
}
for _, override := range matchingOverrides {
for _, i := range override.ValueOverrides {
m, ok := out[i.Index]
Expand Down
21 changes: 16 additions & 5 deletions internal/osimage/uplosi/uplosiupload.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,21 +209,32 @@ func awsParseAMIARN(arn string) (region string, amiID string, retErr error) {

func extendAzureConfig(azureConfig map[string]any, version versionsapi.Version, attestationVariant string, timestamp time.Time) {
azureConfig["attestationVariant"] = attestationVariant
azureConfig["sharedImageGallery"] = azureGalleryName(version)
azureConfig["sharedImageGallery"] = azureGalleryName(version, attestationVariant)
azureConfig["imageDefinitionName"] = azureImageOffer(version)
azureConfig["offer"] = azureImageOffer(version)
formattedTime := timestamp.Format(timestampFormat)
azureConfig["diskName"] = fmt.Sprintf("constellation-%s-%s-%s", version.Stream(), formattedTime, attestationVariant)
}

func azureGalleryName(version versionsapi.Version) string {
func azureGalleryName(version versionsapi.Version, attestationVariant string) string {
var prefix string
switch version.Stream() {
case "stable":
return "Constellation_CVM"
prefix = "Constellation"
case "debug":
return "Constellation_Debug_CVM"
prefix = "Constellation_Debug"
default:
prefix = "Constellation_Testing"
}
return "Constellation_Testing_CVM"

var suffix string
switch attestationVariant {
case "azure-tdx":
suffix = "_TDX"
case "azure-sev-snp":
suffix = "_CVM"
}
return prefix + suffix
}

func azureImageOffer(version versionsapi.Version) string {
Expand Down

0 comments on commit 9d6321f

Please sign in to comment.