Skip to content

Commit

Permalink
Merge main into async-provision
Browse files Browse the repository at this point in the history
  • Loading branch information
markgoddard committed Dec 10, 2024
2 parents 4ef6022 + 483953a commit 67c65dc
Show file tree
Hide file tree
Showing 21 changed files with 153 additions and 80 deletions.
2 changes: 1 addition & 1 deletion cmd/cofidectl/cmd/federation/federation.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import (
trust_zone_proto "github.com/cofide/cofide-api-sdk/gen/go/proto/trust_zone/v1alpha1"
cmdcontext "github.com/cofide/cofidectl/pkg/cmd/context"

"github.com/cofide/cofidectl/internal/pkg/spire"
"github.com/cofide/cofidectl/pkg/spire"
kubeutil "github.com/cofide/cofidectl/pkg/kube"
"github.com/cofide/cofidectl/pkg/provider/helm"
"github.com/olekukonko/tablewriter"
Expand Down
10 changes: 5 additions & 5 deletions cmd/cofidectl/cmd/trustzone/helm/helm.go
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ func (c *HelmCommand) GetOverrideCommand() *cobra.Command {
}

// overrideValues overrides Helm values for a trust zone.
func (c *HelmCommand) overrideValues(ds plugin.DataSource, tzName string, values map[string]interface{}) error {
func (c *HelmCommand) overrideValues(ds plugin.DataSource, tzName string, values map[string]any) error {
trustZone, err := ds.GetTrustZone(tzName)
if err != nil {
return err
Expand All @@ -116,9 +116,9 @@ func (c *HelmCommand) overrideValues(ds plugin.DataSource, tzName string, values
}

// readValues reads values in YAML format from the specified reader.
func readValues(reader io.Reader) (map[string]interface{}, error) {
func readValues(reader io.Reader) (map[string]any, error) {
decoder := yaml.NewDecoder(reader)
var values map[string]interface{}
var values map[string]any
err := decoder.Decode(&values)
return values, err
}
Expand Down Expand Up @@ -177,7 +177,7 @@ func (c *HelmCommand) GetValuesCommand() *cobra.Command {
}

// getValues returns the Helm values for a trust zone.
func (c *HelmCommand) getValues(ds plugin.DataSource, tzName string) (map[string]interface{}, error) {
func (c *HelmCommand) getValues(ds plugin.DataSource, tzName string) (map[string]any, error) {
trustZone, err := ds.GetTrustZone(tzName)
if err != nil {
return nil, err
Expand All @@ -192,7 +192,7 @@ func (c *HelmCommand) getValues(ds plugin.DataSource, tzName string) (map[string
}

// writeValues writes values in YAML format to the specified writer.
func writeValues(values map[string]interface{}, writer io.Writer) error {
func writeValues(values map[string]any, writer io.Writer) error {
encoder := yaml.NewEncoder(writer)
defer encoder.Close()
return encoder.Encode(values)
Expand Down
18 changes: 10 additions & 8 deletions cmd/cofidectl/cmd/trustzone/trustzone.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@ import (
"slices"
"strconv"

cmdcontext "github.com/cofide/cofidectl/pkg/cmd/context"
"github.com/cofide/cofidectl/cmd/cofidectl/cmd/trustzone/helm"
cmdcontext "github.com/cofide/cofidectl/pkg/cmd/context"
"github.com/manifoldco/promptui"

trust_provider_proto "github.com/cofide/cofide-api-sdk/gen/go/proto/trust_provider/v1alpha1"
trust_zone_proto "github.com/cofide/cofide-api-sdk/gen/go/proto/trust_zone/v1alpha1"
"github.com/cofide/cofidectl/internal/pkg/spire"
"github.com/cofide/cofidectl/pkg/spire"
kubeutil "github.com/cofide/cofidectl/pkg/kube"
cofidectl_plugin "github.com/cofide/cofidectl/pkg/plugin"
helmprovider "github.com/cofide/cofidectl/pkg/provider/helm"
Expand Down Expand Up @@ -140,13 +140,15 @@ func (c *TrustZoneCommand) GetAddCommand() *cobra.Command {
return err
}

bundleEndpointProfile := trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_SPIFFE
newTrustZone := &trust_zone_proto.TrustZone{
Name: opts.name,
TrustDomain: opts.trustDomain,
KubernetesCluster: &opts.kubernetesCluster,
KubernetesContext: &opts.context,
TrustProvider: &trust_provider_proto.TrustProvider{Kind: &opts.profile},
JwtIssuer: &opts.jwtIssuer,
Name: opts.name,
TrustDomain: opts.trustDomain,
KubernetesCluster: &opts.kubernetesCluster,
KubernetesContext: &opts.context,
TrustProvider: &trust_provider_proto.TrustProvider{Kind: &opts.profile},
JwtIssuer: &opts.jwtIssuer,
BundleEndpointProfile: &bundleEndpointProfile,
}

_, err = ds.AddTrustZone(newTrustZone)
Expand Down
10 changes: 5 additions & 5 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ go 1.22.7
require (
buf.build/go/protoyaml v0.2.0
cuelang.org/go v0.10.1
github.com/cofide/cofide-api-sdk v0.3.1-0.20241206100419-25af9d3bc0c5
github.com/cofide/cofide-api-sdk v0.3.1-0.20241209124727-c60451a4ba77
github.com/fatih/color v1.18.0
github.com/gofrs/flock v0.12.1
github.com/google/go-cmp v0.6.0
Expand All @@ -15,7 +15,7 @@ require (
github.com/spiffe/go-spiffe/v2 v2.4.0
github.com/spiffe/spire-api-sdk v1.11.0
github.com/stretchr/testify v1.10.0
google.golang.org/grpc v1.68.0
google.golang.org/grpc v1.68.1
google.golang.org/protobuf v1.35.2
gopkg.in/yaml.v3 v3.0.1
helm.sh/helm/v3 v3.16.3
Expand Down Expand Up @@ -167,12 +167,12 @@ require (
k8s.io/apiextensions-apiserver v0.31.1 // indirect
k8s.io/apimachinery v0.31.3
k8s.io/apiserver v0.31.1 // indirect
k8s.io/cli-runtime v0.31.1 // indirect
k8s.io/cli-runtime v0.31.3 // indirect
k8s.io/client-go v0.31.3
k8s.io/component-base v0.31.1 // indirect
k8s.io/component-base v0.31.3 // indirect
k8s.io/klog/v2 v2.130.1 // indirect
k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect
k8s.io/kubectl v0.31.1
k8s.io/kubectl v0.31.3
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
oras.land/oras-go v1.2.6 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
Expand Down
20 changes: 10 additions & 10 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,8 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cockroachdb/apd/v3 v3.2.1 h1:U+8j7t0axsIgvQUqthuNm82HIrYXodOV2iWLWtEaIwg=
github.com/cockroachdb/apd/v3 v3.2.1/go.mod h1:klXJcjp+FffLTHlhIG69tezTDvdP065naDsHzKhYSqc=
github.com/cofide/cofide-api-sdk v0.3.1-0.20241206100419-25af9d3bc0c5 h1:o0xy1hnXWVEoHyqrLm+sU5lXyw/Rcm3A+1w884v8vqI=
github.com/cofide/cofide-api-sdk v0.3.1-0.20241206100419-25af9d3bc0c5/go.mod h1:yKMfhL3qCIVJcKvgZsPZC1o60/8co6/0NsCaJtrUoFY=
github.com/cofide/cofide-api-sdk v0.3.1-0.20241209124727-c60451a4ba77 h1:Uq2GS7GLwqjGWnnEEi/dfoc0+D9/yhmjEwNqLd7e8J0=
github.com/cofide/cofide-api-sdk v0.3.1-0.20241209124727-c60451a4ba77/go.mod h1:yKMfhL3qCIVJcKvgZsPZC1o60/8co6/0NsCaJtrUoFY=
github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw=
github.com/containerd/containerd v1.7.23 h1:H2CClyUkmpKAGlhQp95g2WXHfLYc7whAuvZGBNYOOwQ=
Expand Down Expand Up @@ -614,8 +614,8 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0=
google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA=
google.golang.org/grpc v1.68.1 h1:oI5oTa11+ng8r8XMMN7jAOmWfPZWbYpCFaMUTACxkM0=
google.golang.org/grpc v1.68.1/go.mod h1:+q1XYFJjShcqn0QZHvCyeR4CXPA+llXIeUIfIe00waw=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
Expand Down Expand Up @@ -663,18 +663,18 @@ k8s.io/apimachinery v0.31.3 h1:6l0WhcYgasZ/wk9ktLq5vLaoXJJr5ts6lkaQzgeYPq4=
k8s.io/apimachinery v0.31.3/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo=
k8s.io/apiserver v0.31.1 h1:Sars5ejQDCRBY5f7R3QFHdqN3s61nhkpaX8/k1iEw1c=
k8s.io/apiserver v0.31.1/go.mod h1:lzDhpeToamVZJmmFlaLwdYZwd7zB+WYRYIboqA1kGxM=
k8s.io/cli-runtime v0.31.1 h1:/ZmKhmZ6hNqDM+yf9s3Y4KEYakNXUn5sod2LWGGwCuk=
k8s.io/cli-runtime v0.31.1/go.mod h1:pKv1cDIaq7ehWGuXQ+A//1OIF+7DI+xudXtExMCbe9U=
k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI=
k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8=
k8s.io/client-go v0.31.3 h1:CAlZuM+PH2cm+86LOBemaJI/lQ5linJ6UFxKX/SoG+4=
k8s.io/client-go v0.31.3/go.mod h1:2CgjPUTpv3fE5dNygAr2NcM8nhHzXvxB8KL5gYc3kJs=
k8s.io/component-base v0.31.1 h1:UpOepcrX3rQ3ab5NB6g5iP0tvsgJWzxTyAo20sgYSy8=
k8s.io/component-base v0.31.1/go.mod h1:WGeaw7t/kTsqpVTaCoVEtillbqAhF2/JgvO0LDOMa0w=
k8s.io/component-base v0.31.3 h1:DMCXXVx546Rfvhj+3cOm2EUxhS+EyztH423j+8sOwhQ=
k8s.io/component-base v0.31.3/go.mod h1:xME6BHfUOafRgT0rGVBGl7TuSg8Z9/deT7qq6w7qjIU=
k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 h1:Q8Z7VlGhcJgBHJHYugJ/K/7iB8a2eSxCyxdVjJp+lLY=
k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
k8s.io/kubectl v0.31.1 h1:ih4JQJHxsEggFqDJEHSOdJ69ZxZftgeZvYo7M/cpp24=
k8s.io/kubectl v0.31.1/go.mod h1:aNuQoR43W6MLAtXQ/Bu4GDmoHlbhHKuyD49lmTC8eJM=
k8s.io/kubectl v0.31.3 h1:3r111pCjPsvnR98oLLxDMwAeM6OPGmPty6gSKaLTQes=
k8s.io/kubectl v0.31.3/go.mod h1:lhMECDCbJN8He12qcKqs2QfmVo9Pue30geovBVpH5fs=
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A=
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
oras.land/oras-go v1.2.6 h1:z8cmxQXBU8yZ4mkytWqXfo6tZcamPwjsuxYU81xJ8Lk=
Expand Down
12 changes: 8 additions & 4 deletions internal/pkg/attestationpolicy/attestationpolicy.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@ func NewAttestationPolicy(attestationPolicy *attestation_policy_proto.Attestatio
}
}

func (ap *AttestationPolicy) GetHelmConfig(source cofidectl_plugin.DataSource, binding *ap_binding_proto.APBinding) (map[string]interface{}, error) {
var clusterSPIFFEID = make(map[string]interface{})
func (ap *AttestationPolicy) GetHelmConfig(source cofidectl_plugin.DataSource, binding *ap_binding_proto.APBinding) (map[string]any, error) {
var clusterSPIFFEID = make(map[string]any)
switch policy := ap.AttestationPolicyProto.Policy.(type) {
case *attestation_policy_proto.AttestationPolicy_Kubernetes:
kubernetes := policy.Kubernetes
Expand Down Expand Up @@ -70,8 +70,12 @@ func getAPLabelSelectorHelmConfig(selector *attestation_policy_proto.APLabelSele
return nil
}

var matchExpressions = []map[string]any{}
matchLabels := map[string]any{}
for k, v := range selector.MatchLabels {
matchLabels[k] = v
}

matchExpressions := []map[string]any{}
for _, me := range selector.MatchExpressions {
matchExpressions = append(matchExpressions, map[string]any{
"key": me.GetKey(),
Expand All @@ -81,7 +85,7 @@ func getAPLabelSelectorHelmConfig(selector *attestation_policy_proto.APLabelSele
}

return map[string]any{
"matchLabels": selector.MatchLabels,
"matchLabels": matchLabels,
"matchExpressions": matchExpressions,
}
}
3 changes: 3 additions & 0 deletions internal/pkg/config/schema.cue
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
attestation_policies: [...#APBinding]
jwt_issuer?: string
extra_helm_values?: #HelmValues
bundle_endpoint_profile?: #BundleEndpointProfile
}

#TrustProvider: {
Expand Down Expand Up @@ -58,6 +59,8 @@
[string]: _
}

#BundleEndpointProfile: string & =~"BUNDLE_ENDPOINT_PROFILE_.*"

#PluginConfig: {
[string]: _
}
Expand Down
2 changes: 2 additions & 0 deletions internal/pkg/config/testdata/config/full.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ trust_zones:
create: true
spire-server:
logLevel: INFO
bundle_endpoint_profile: BUNDLE_ENDPOINT_PROFILE_HTTPS_SPIFFE
- name: tz2
trust_domain: td2
kubernetes_cluster: local2
Expand All @@ -39,6 +40,7 @@ trust_zones:
federates_with:
- tz1
jwt_issuer: https://tz2.example.com
bundle_endpoint_profile: BUNDLE_ENDPOINT_PROFILE_HTTPS_WEB
attestation_policies:
- name: ap1
kubernetes:
Expand Down
38 changes: 27 additions & 11 deletions internal/pkg/federation/federation.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,11 @@ import (
trust_zone_proto "github.com/cofide/cofide-api-sdk/gen/go/proto/trust_zone/v1alpha1"
)

const (
bundleEndpointProfileHTTPSWeb = "https_web"
bundleEndpointProfileHTTPSSPIFFE = "https_spiffe"
)

type Federation struct {
destTrustZone *trust_zone_proto.TrustZone
}
Expand All @@ -19,16 +24,27 @@ func NewFederation(trustZone *trust_zone_proto.TrustZone) *Federation {
}
}

func (fed *Federation) GetHelmConfig() map[string]interface{} {
clusterFederatedTrustDomain := map[string]interface{}{
"bundleEndpointURL": fed.destTrustZone.GetBundleEndpointUrl(),
"bundleEndpointProfile": map[string]interface{}{
"type": "https_spiffe",
"endpointSPIFFEID": fmt.Sprintf("spiffe://%s/spire/server", fed.destTrustZone.TrustDomain),
},
"trustDomain": fed.destTrustZone.TrustDomain,
"trustDomainBundle": fed.destTrustZone.GetBundle(),
func (fed *Federation) GetHelmConfig() (map[string]any, error) {
switch fed.destTrustZone.GetBundleEndpointProfile() {
case trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_SPIFFE:
return map[string]any{
"bundleEndpointURL": fed.destTrustZone.GetBundleEndpointUrl(),
"bundleEndpointProfile": map[string]any{
"type": bundleEndpointProfileHTTPSSPIFFE,
"endpointSPIFFEID": fmt.Sprintf("spiffe://%s/spire/server", fed.destTrustZone.TrustDomain),
},
"trustDomain": fed.destTrustZone.TrustDomain,
"trustDomainBundle": fed.destTrustZone.GetBundle(),
}, nil
case trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_WEB:
return map[string]any{
"bundleEndpointURL": fed.destTrustZone.GetBundleEndpointUrl(),
"bundleEndpointProfile": map[string]any{
"type": bundleEndpointProfileHTTPSWeb,
},
"trustDomain": fed.destTrustZone.TrustDomain,
}, nil
default:
return nil, fmt.Errorf("unexpected bundle endpoint profile %d", fed.destTrustZone.GetBundleEndpointProfile())
}

return clusterFederatedTrustDomain
}
21 changes: 12 additions & 9 deletions internal/pkg/test/fixtures/fixtures.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ var trustZoneFixtures map[string]*trust_zone_proto.TrustZone = map[string]*trust
},
JwtIssuer: StringPtr("https://tz1.example.com"),
ExtraHelmValues: func() *structpb.Struct {
ev := map[string]interface{}{
"global": map[string]interface{}{
"spire": map[string]interface{}{
"namespaces": map[string]interface{}{
ev := map[string]any{
"global": map[string]any{
"spire": map[string]any{
"namespaces": map[string]any{
"create": true,
},
},
},
"spire-server": map[string]interface{}{
"spire-server": map[string]any{
"logLevel": "INFO",
},
}
Expand All @@ -59,6 +59,7 @@ var trustZoneFixtures map[string]*trust_zone_proto.TrustZone = map[string]*trust
}
return value
}(),
BundleEndpointProfile: trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_SPIFFE.Enum(),
},
"tz2": {
Name: "tz2",
Expand All @@ -82,7 +83,8 @@ var trustZoneFixtures map[string]*trust_zone_proto.TrustZone = map[string]*trust
FederatesWith: []string{"tz1"},
},
},
JwtIssuer: StringPtr("https://tz2.example.com"),
JwtIssuer: StringPtr("https://tz2.example.com"),
BundleEndpointProfile: trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_WEB.Enum(),
},
// tz3 has no federations or bound attestation policies.
"tz3": {
Expand All @@ -93,9 +95,10 @@ var trustZoneFixtures map[string]*trust_zone_proto.TrustZone = map[string]*trust
TrustProvider: &trust_provider_proto.TrustProvider{
Kind: StringPtr("kubernetes"),
},
BundleEndpointUrl: StringPtr("127.0.0.3"),
Federations: []*federation_proto.Federation{},
AttestationPolicies: []*ap_binding_proto.APBinding{},
BundleEndpointUrl: StringPtr("127.0.0.3"),
Federations: []*federation_proto.Federation{},
AttestationPolicies: []*ap_binding_proto.APBinding{},
BundleEndpointProfile: trust_zone_proto.BundleEndpointProfile_BUNDLE_ENDPOINT_PROFILE_HTTPS_SPIFFE.Enum(),
},
}

Expand Down
20 changes: 10 additions & 10 deletions internal/pkg/trustprovider/trustprovider.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func (tp *TrustProvider) GetValues() error {
tp.AgentConfig = TrustProviderAgentConfig{
WorkloadAttestor: KubernetesTrustProvider,
WorkloadAttestorEnabled: true,
WorkloadAttestorConfig: map[string]interface{}{
WorkloadAttestorConfig: map[string]any{
"enabled": true,
"skipKubeletVerification": true,
"disableContainerSelectors": false,
Expand All @@ -51,7 +51,7 @@ func (tp *TrustProvider) GetValues() error {
tp.ServerConfig = TrustProviderServerConfig{
NodeAttestor: kubernetesPsat,
NodeAttestorEnabled: true,
NodeAttestorConfig: map[string]interface{}{
NodeAttestorConfig: map[string]any{
"enabled": true,
"serviceAccountAllowList": []string{"spire:spire-agent"},
"audience": []string{"spire-server"},
Expand All @@ -66,15 +66,15 @@ func (tp *TrustProvider) GetValues() error {
}

type TrustProviderAgentConfig struct {
WorkloadAttestor string `yaml:"workloadAttestor"`
WorkloadAttestorEnabled bool `yaml:"workloadAttestorEnabled"`
WorkloadAttestorConfig map[string]interface{} `yaml:"workloadAttestorConfig"`
NodeAttestor string `yaml:"nodeAttestor"`
NodeAttestorEnabled bool `yaml:"nodeAttestorEnabled"`
WorkloadAttestor string `yaml:"workloadAttestor"`
WorkloadAttestorEnabled bool `yaml:"workloadAttestorEnabled"`
WorkloadAttestorConfig map[string]any `yaml:"workloadAttestorConfig"`
NodeAttestor string `yaml:"nodeAttestor"`
NodeAttestorEnabled bool `yaml:"nodeAttestorEnabled"`
}

type TrustProviderServerConfig struct {
NodeAttestor string `yaml:"nodeAttestor"`
NodeAttestorEnabled bool `yaml:"nodeAttestorEnabled"`
NodeAttestorConfig map[string]interface{} `yaml:"nodeAttestorConfig"`
NodeAttestor string `yaml:"nodeAttestor"`
NodeAttestorEnabled bool `yaml:"nodeAttestorEnabled"`
NodeAttestorConfig map[string]any `yaml:"nodeAttestorConfig"`
}
2 changes: 1 addition & 1 deletion internal/pkg/workload/workload.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"fmt"
"time"

"github.com/cofide/cofidectl/internal/pkg/spire"
"github.com/cofide/cofidectl/pkg/spire"
kubeutil "github.com/cofide/cofidectl/pkg/kube"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
Expand Down
Loading

0 comments on commit 67c65dc

Please sign in to comment.