Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

treewide: intercom -> meshapi; coordapi -> userapi #175

Merged
merged 2 commits into from
Feb 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions cli/set.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,11 @@ import (

"github.com/edgelesssys/nunki/internal/atls"
"github.com/edgelesssys/nunki/internal/attestation/snp"
"github.com/edgelesssys/nunki/internal/coordapi"
"github.com/edgelesssys/nunki/internal/fsstore"
"github.com/edgelesssys/nunki/internal/grpc/dialer"
"github.com/edgelesssys/nunki/internal/manifest"
"github.com/edgelesssys/nunki/internal/spinner"
"github.com/edgelesssys/nunki/internal/userapi"
"github.com/spf13/cobra"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
Expand Down Expand Up @@ -112,8 +112,8 @@ func runSet(cmd *cobra.Command, args []string) error {
}
defer conn.Close()

client := coordapi.NewCoordAPIClient(conn)
req := &coordapi.SetManifestRequest{
client := userapi.NewUserAPIClient(conn)
req := &userapi.SetManifestRequest{
Manifest: manifestBytes,
Policies: policyMapToBytesList(policies),
}
Expand Down Expand Up @@ -227,8 +227,8 @@ func loadWorkloadOwnerKey(path string, manifst manifest.Manifest, log *slog.Logg
}

func setLoop(
ctx context.Context, client coordapi.CoordAPIClient, out io.Writer, req *coordapi.SetManifestRequest,
) (resp *coordapi.SetManifestResponse, retErr error) {
ctx context.Context, client userapi.UserAPIClient, out io.Writer, req *userapi.SetManifestRequest,
) (resp *userapi.SetManifestResponse, retErr error) {
spinner := spinner.New(" Waiting for coordinator ", 500*time.Millisecond, out)
spinner.Start()
defer func() {
Expand Down
6 changes: 3 additions & 3 deletions cli/verify.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ import (

"github.com/edgelesssys/nunki/internal/atls"
"github.com/edgelesssys/nunki/internal/attestation/snp"
"github.com/edgelesssys/nunki/internal/coordapi"
"github.com/edgelesssys/nunki/internal/fsstore"
"github.com/edgelesssys/nunki/internal/grpc/dialer"
"github.com/edgelesssys/nunki/internal/manifest"
"github.com/edgelesssys/nunki/internal/userapi"
"github.com/google/go-sev-guest/abi"
"github.com/google/go-sev-guest/kds"
"github.com/google/go-sev-guest/validate"
Expand Down Expand Up @@ -78,8 +78,8 @@ func runVerify(cmd *cobra.Command, _ []string) error {
defer conn.Close()

log.Debug("Getting manifest")
client := coordapi.NewCoordAPIClient(conn)
resp, err := client.GetManifests(cmd.Context(), &coordapi.GetManifestsRequest{})
client := userapi.NewUserAPIClient(conn)
resp, err := client.GetManifests(cmd.Context(), &userapi.GetManifestsRequest{})
if err != nil {
return fmt.Errorf("failed to get manifest: %w", err)
}
Expand Down
18 changes: 9 additions & 9 deletions coordinator/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ import (
"os"

"github.com/edgelesssys/nunki/internal/ca"
"github.com/edgelesssys/nunki/internal/coordapi"
"github.com/edgelesssys/nunki/internal/intercom"
"github.com/edgelesssys/nunki/internal/logger"
"github.com/edgelesssys/nunki/internal/meshapi"
"github.com/edgelesssys/nunki/internal/userapi"
"golang.org/x/sync/errgroup"
)

Expand Down Expand Up @@ -38,23 +38,23 @@ func run() (retErr error) {
}

meshAuth := newMeshAuthority(caInstance, logger)
coordS := newCoordAPIServer(meshAuth, caInstance, logger)
intercomS := newIntercomServer(meshAuth, caInstance, logger)
userAPI := newUserAPIServer(meshAuth, caInstance, logger)
meshAPI := newMeshAPIServer(meshAuth, caInstance, logger)

eg := errgroup.Group{}

eg.Go(func() error {
logger.Info("Coordinator API listening")
if err := coordS.Serve(net.JoinHostPort("0.0.0.0", coordapi.Port)); err != nil {
logger.Info("Coordinator user API listening")
if err := userAPI.Serve(net.JoinHostPort("0.0.0.0", userapi.Port)); err != nil {
return fmt.Errorf("serving Coordinator API: %w", err)
}
return nil
})

eg.Go(func() error {
logger.Info("Coordinator intercom listening")
if err := intercomS.Serve(net.JoinHostPort("0.0.0.0", intercom.Port)); err != nil {
return fmt.Errorf("serving intercom API: %w", err)
logger.Info("Coordinator mesh API listening")
if err := meshAPI.Serve(net.JoinHostPort("0.0.0.0", meshapi.Port)); err != nil {
return fmt.Errorf("serving mesh API: %w", err)
}
return nil
})
Expand Down
22 changes: 11 additions & 11 deletions coordinator/intercom.go → coordinator/meshapi.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,31 +10,31 @@ import (
"github.com/edgelesssys/nunki/internal/atls"
"github.com/edgelesssys/nunki/internal/attestation/snp"
"github.com/edgelesssys/nunki/internal/grpc/atlscredentials"
"github.com/edgelesssys/nunki/internal/intercom"
"github.com/edgelesssys/nunki/internal/logger"
"github.com/edgelesssys/nunki/internal/memstore"
"github.com/edgelesssys/nunki/internal/meshapi"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/keepalive"
"google.golang.org/grpc/status"
"k8s.io/utils/clock"
)

type intercomServer struct {
type meshAPIServer struct {
grpc *grpc.Server
certGet certGetter
caChainGetter certChainGetter
ticker clock.Ticker
logger *slog.Logger

intercom.UnimplementedIntercomServer
meshapi.UnimplementedMeshAPIServer
}

type certGetter interface {
GetCert(peerPublicKeyHashStr string) ([]byte, error)
}

func newIntercomServer(meshAuth *meshAuthority, caGetter certChainGetter, log *slog.Logger) *intercomServer {
func newMeshAPIServer(meshAuth *meshAuthority, caGetter certChainGetter, log *slog.Logger) *meshAPIServer {
ticker := clock.RealClock{}.NewTicker(24 * time.Hour)
kdsGetter := snp.NewCachedHTTPSGetter(memstore.New[string, []byte](), ticker, logger.NewNamed(log, "kds-getter"))
validator := snp.NewValidatorWithCallbacks(meshAuth, kdsGetter, logger.NewNamed(log, "snp-validator"), meshAuth)
Expand All @@ -43,18 +43,18 @@ func newIntercomServer(meshAuth *meshAuthority, caGetter certChainGetter, log *s
grpc.Creds(credentials),
grpc.KeepaliveParams(keepalive.ServerParameters{Time: 15 * time.Second}),
)
s := &intercomServer{
s := &meshAPIServer{
grpc: grpcServer,
certGet: meshAuth,
caChainGetter: caGetter,
ticker: ticker,
logger: log.WithGroup("intercom"),
logger: log.WithGroup("meshapi"),
}
intercom.RegisterIntercomServer(s.grpc, s)
meshapi.RegisterMeshAPIServer(s.grpc, s)
return s
}

func (i *intercomServer) Serve(endpoint string) error {
func (i *meshAPIServer) Serve(endpoint string) error {
lis, err := net.Listen("tcp", endpoint)
if err != nil {
return fmt.Errorf("failed to listen: %w", err)
Expand All @@ -64,8 +64,8 @@ func (i *intercomServer) Serve(endpoint string) error {
return i.grpc.Serve(lis)
}

func (i *intercomServer) NewMeshCert(_ context.Context, req *intercom.NewMeshCertRequest,
) (*intercom.NewMeshCertResponse, error) {
func (i *meshAPIServer) NewMeshCert(_ context.Context, req *meshapi.NewMeshCertRequest,
) (*meshapi.NewMeshCertResponse, error) {
i.logger.Info("NewMeshCert called")

cert, err := i.certGet.GetCert(req.PeerPublicKeyHash)
Expand All @@ -77,7 +77,7 @@ func (i *intercomServer) NewMeshCert(_ context.Context, req *intercom.NewMeshCer
meshCACert := i.caChainGetter.GetMeshCACert()
intermCert := i.caChainGetter.GetIntermCert()

return &intercom.NewMeshCertResponse{
return &meshapi.NewMeshCertResponse{
MeshCACert: meshCACert,
CertChain: append(cert, intermCert...),
RootCACert: i.caChainGetter.GetRootCACert(),
Expand Down
30 changes: 15 additions & 15 deletions coordinator/coordapi.go → coordinator/userapi.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,11 @@ import (

"github.com/edgelesssys/nunki/internal/appendable"
"github.com/edgelesssys/nunki/internal/attestation/snp"
"github.com/edgelesssys/nunki/internal/coordapi"
"github.com/edgelesssys/nunki/internal/grpc/atlscredentials"
"github.com/edgelesssys/nunki/internal/logger"
"github.com/edgelesssys/nunki/internal/manifest"
"github.com/edgelesssys/nunki/internal/memstore"
"github.com/edgelesssys/nunki/internal/userapi"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
Expand All @@ -28,45 +28,45 @@ import (
"google.golang.org/grpc/status"
)

type coordAPIServer struct {
type userAPIServer struct {
grpc *grpc.Server
policyTextStore store[manifest.HexString, manifest.Policy]
manifSetGetter manifestSetGetter
caChainGetter certChainGetter
logger *slog.Logger
mux sync.RWMutex

coordapi.UnimplementedCoordAPIServer
userapi.UnimplementedUserAPIServer
}

func newCoordAPIServer(mSGetter manifestSetGetter, caGetter certChainGetter, log *slog.Logger) *coordAPIServer {
func newUserAPIServer(mSGetter manifestSetGetter, caGetter certChainGetter, log *slog.Logger) *userAPIServer {
issuer := snp.NewIssuer(logger.NewNamed(log, "snp-issuer"))
credentials := atlscredentials.New(issuer, nil)
grpcServer := grpc.NewServer(
grpc.Creds(credentials),
grpc.KeepaliveParams(keepalive.ServerParameters{Time: 15 * time.Second}),
)
s := &coordAPIServer{
s := &userAPIServer{
grpc: grpcServer,
policyTextStore: memstore.New[manifest.HexString, manifest.Policy](),
manifSetGetter: mSGetter,
caChainGetter: caGetter,
logger: log.WithGroup("coordapi"),
logger: log.WithGroup("userapi"),
}
coordapi.RegisterCoordAPIServer(s.grpc, s)
userapi.RegisterUserAPIServer(s.grpc, s)
return s
}

func (s *coordAPIServer) Serve(endpoint string) error {
func (s *userAPIServer) Serve(endpoint string) error {
lis, err := net.Listen("tcp", endpoint)
if err != nil {
return fmt.Errorf("failed to listen: %w", err)
}
return s.grpc.Serve(lis)
}

func (s *coordAPIServer) SetManifest(ctx context.Context, req *coordapi.SetManifestRequest,
) (*coordapi.SetManifestResponse, error) {
func (s *userAPIServer) SetManifest(ctx context.Context, req *userapi.SetManifestRequest,
) (*userapi.SetManifestResponse, error) {
s.logger.Info("SetManifest called")
s.mux.Lock()
defer s.mux.Unlock()
Expand Down Expand Up @@ -100,7 +100,7 @@ func (s *coordAPIServer) SetManifest(ctx context.Context, req *coordapi.SetManif
return nil, status.Errorf(codes.Internal, "setting manifest: %v", err)
}

resp := &coordapi.SetManifestResponse{
resp := &userapi.SetManifestResponse{
CACert: s.caChainGetter.GetRootCACert(),
IntermCert: s.caChainGetter.GetIntermCert(),
}
Expand All @@ -109,8 +109,8 @@ func (s *coordAPIServer) SetManifest(ctx context.Context, req *coordapi.SetManif
return resp, nil
}

func (s *coordAPIServer) GetManifests(_ context.Context, _ *coordapi.GetManifestsRequest,
) (*coordapi.GetManifestsResponse, error) {
func (s *userAPIServer) GetManifests(_ context.Context, _ *userapi.GetManifestsRequest,
) (*userapi.GetManifestsResponse, error) {
s.logger.Info("GetManifest called")
s.mux.RLock()
defer s.mux.RUnlock()
Expand All @@ -130,7 +130,7 @@ func (s *coordAPIServer) GetManifests(_ context.Context, _ *coordapi.GetManifest
return nil, status.Error(codes.Internal, "no policies found in store")
}

resp := &coordapi.GetManifestsResponse{
resp := &userapi.GetManifestsResponse{
Manifests: manifestBytes,
Policies: policySliceToBytesSlice(policies),
CACert: s.caChainGetter.GetRootCACert(),
Expand All @@ -141,7 +141,7 @@ func (s *coordAPIServer) GetManifests(_ context.Context, _ *coordapi.GetManifest
return resp, nil
}

func (s *coordAPIServer) validatePeer(ctx context.Context) error {
func (s *userAPIServer) validatePeer(ctx context.Context) error {
latest, err := s.manifSetGetter.LatestManifest()
if err != nil && errors.Is(err, appendable.ErrIsEmpty) {
// in the initial state, no peer validation is required
Expand Down
Loading
Loading