COCOS-395 - Cloud Provider Firmware Integration (#415)

* add CC platform identification capability

* add token verification

* add snp azure

* add azure snp report verification

* fix linter errors

* fix agent tests

* expand the CC provider

* fix azure atls

* rebase branch

* add nonce check for azure token

* rename package attestations

* remove alias attestations

---------

Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net>

test/cvms/README.md

@@ -15,10 +15,20 @@ The service is configured using the environment variables from the following tab
 
 ## Running
 ```shell
-go run main.go <algo_path> <public_key_path> <attested_tls_bool> <dataset(s)_path> 
-```
+Usage of tests/cvms/main.go:
+  -algo-path string
+        Path to the algorithm
+  -attested-tls-bool string
+        Should aTLS be used, must be 'true' or 'false'
+  -ca-url string
+        URL for certificate authority, optional flag that can only be used if aTLS is enabled
+  -cvm-id string
+        UUID for a CVM, optional flag that can only be used if aTLS is enabled
+  -data-paths string
+        Paths to data sources, list of string separated with commas
+  -public-key-path string
+        Path to the public key file
 
-- `algo_path`: Path to the algorithm file (python file,docker image file, wasm, compiled binary) \
-- `public_key_path`: Path to the public key file (PEM format) \
-- `attested_tls_bool`: Boolean flag to enable/disable attested TLS (true/false) \
-- `dataset(s)_path`: Path to one or more dataset files.
+# Example
+go run ./tests/cvms/main.go -algo-path <alog_path> -attested-tls-bool false -data-paths <data_paths> -public-key-path <public_key_path>
+```

test/cvms/main.go

@@ -106,8 +106,8 @@ func main() {
 	flagSet.StringVar(&pubKeyFile, "public-key-path", "", "Path to the public key file")
 	flagSet.StringVar(&attestedTLSString, "attested-tls-bool", "", "Should aTLS be used, must be 'true' or 'false'")
 	flagSet.StringVar(&dataPathString, "data-paths", "", "Paths to data sources, list of string separated with commas")
-	flagSet.StringVar(&caUrl, "ca-url", "", "URL for certificate authority, must be specified if aTLS is used")
-	flagSet.StringVar(&cvmId, "cvm-id", "", "UUID for a CVM, must be specified if aTLS is used")
+	flagSet.StringVar(&caUrl, "ca-url", "", "URL for certificate authority, optional flag that can only be used if aTLS is enabled")
+	flagSet.StringVar(&cvmId, "cvm-id", "", "UUID for a CVM, optional flag that can only be used if aTLS is enabled")
 
 	flagSetParseError := flagSet.Parse(os.Args[1:])
 	if flagSetParseError != nil {
@@ -145,13 +145,13 @@ func main() {
 		dataPaths = strings.Split(dataPathString, ",")
 	}
 
-	if err == nil && attestedTLS && caUrl == "" {
-		parsingErrorString.WriteString("CA URL is required if attested TLS is used\n")
+	if err == nil && caUrl != "" && !attestedTLS {
+		parsingErrorString.WriteString("CA URL is only available with attested TLS\n")
 		parsingError = true
 	}
 
-	if err == nil && attestedTLS && cvmId == "" {
-		parsingErrorString.WriteString("CVM UUID is required if attested TLS is used\n")
+	if err == nil && cvmId != "" && !attestedTLS {
+		parsingErrorString.WriteString("CVM UUID is only available with attested TLS\n")
 		parsingError = true
 	}
 
@@ -191,7 +191,7 @@ func main() {
 		return
 	}
 
-	gs := grpcserver.New(ctx, cancel, svcName, grpcServerConfig, registerAgentServiceServer, logger, nil, nil, caUrl, cvmId)
+	gs := grpcserver.New(ctx, cancel, svcName, grpcServerConfig, registerAgentServiceServer, logger, nil, caUrl, cvmId)
 
 	g.Go(func() error {
 		return gs.Start()