From 8eb1fac9adaf8bd7c7a8f4d4ce7e784e1b28f3cd Mon Sep 17 00:00:00 2001 From: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com> Date: Tue, 5 Aug 2025 12:22:02 +0300 Subject: [PATCH] NOISSUE - Refactor and update dependencies in the project (#491) * Refactor and update dependencies in the project - Updated go.sum to replace `github.com/absmach/magistrala` with `github.com/absmach/supermq` across various modules. - Removed VSock configuration from environment variables and QEMU arguments. - Updated QEMU configuration and related tests to remove references to guest CID and VSock. - Added new HTTP transport layer for API endpoints in the manager. - Introduced Prometheus monitoring configuration with alert rules and Alertmanager setup. - Updated service and VM interfaces to remove unused methods and references. - Refactored tests to align with the new structure and dependencies. Signed-off-by: Sammy Oina * Add MaxVMs configuration and enforce limit on VM creation Signed-off-by: Sammy Oina * Add comprehensive tests for HTTP transport handlers and endpoints Signed-off-by: Sammy Oina * Add test case for exceeding maximum number of VMs in TestRun Signed-off-by: Sammy Oina * Improve error handling in TestHandlerWithCustomRouter to ensure response writing is checked Signed-off-by: Sammy Oina * Update dependencies to latest versions - Upgrade cel.dev/expr from v0.23.0 to v0.24.0 - Upgrade github.com/absmach/supermq from v0.16.0 to v0.17.0 - Upgrade github.com/cenkalti/backoff from v4.3.0 to v5.0.2 - Upgrade github.com/cncf/xds/go to v0.0.0-20250501225837-2ac532fd4443 - Upgrade github.com/go-chi/chi/v5 from v5.2.1 to v5.2.2 - Upgrade github.com/go-jose/go-jose/v3 from v3.0.3 to v3.0.4 - Upgrade github.com/gofrs/uuid/v5 from v5.3.0 to v5.3.2 - Upgrade github.com/prometheus/client_golang from v1.22.0 to v1.23.0 - Upgrade github.com/prometheus/client_model from v0.6.1 to v0.6.2 - Upgrade github.com/prometheus/common from v0.62.0 to v0.65.0 - Upgrade github.com/prometheus/procfs from v0.15.1 to v0.16.1 - Upgrade go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from v0.60.0 to v0.62.0 - Upgrade go.opentelemetry.io/otel/exporters/otlp/otlptrace from v1.36.0 to v1.37.0 - Upgrade golang.org/x/crypto from v0.39.0 to v0.40.0 - Upgrade golang.org/x/sys from v0.33.0 to v0.34.0 - Upgrade golang.org/x/text from v0.26.0 to v0.27.0 - Upgrade golang.org/x/time from v0.11.0 to v0.12.0 - Upgrade google.golang.org/grpc from v1.73.0 to v1.74.2 Signed-off-by: Sammy Oina --------- Signed-off-by: Sammy Oina --- .golangci.yaml | 6 - Makefile | 6 +- agent/algorithm/logging/logging_test.go | 2 +- agent/auth/auth.go | 2 +- agent/auth/auth_test.go | 2 +- agent/cvms/api/grpc/client.go | 2 +- agent/cvms/api/grpc/client_test.go | 2 +- agent/cvms/api/grpc/server_test.go | 2 +- agent/service.go | 2 +- agent/service_test.go | 4 +- cli/attestation.go | 2 +- cli/attestation_policy.go | 2 +- cli/attestation_tdx.go | 2 +- cli/attestation_test.go | 2 +- cli/datasets.go | 2 +- cli/errors.go | 2 +- cli/errors_test.go | 2 +- cmd/agent/main.go | 4 +- cmd/manager/main.go | 34 +- cocos-manager.env | 15 +- go.mod | 57 ++-- go.sum | 118 +++---- hal/cloud/.env | 4 - hal/cloud/qemu.sh | 3 +- internal/logger/protohandler_test.go | 2 +- manager/README.md | 21 +- manager/api/http/transport.go | 20 ++ manager/api/http/transport_test.go | 379 +++++++++++++++++++++++ manager/monitoring/alert_rules.yml | 57 ++++ manager/monitoring/alertmanager.yml | 56 ++++ manager/monitoring/docker-compose.yml | 58 ++++ manager/monitoring/prometheus.yml | 20 ++ manager/qemu/config.go | 11 - manager/qemu/config_test.go | 10 - manager/qemu/vm.go | 4 - manager/qemu/vm_test.go | 16 - manager/service.go | 39 +-- manager/service_test.go | 21 +- manager/vm/mocks/vm.go | 45 --- manager/vm/vm.go | 1 - pkg/atls/atls_test.go | 2 +- pkg/attestation/azure/snp.go | 2 +- pkg/attestation/quoteprovider/sev.go | 2 +- pkg/attestation/tdx/tdx.go | 2 +- pkg/attestation/vtpm/vtpm.go | 2 +- pkg/attestation/vtpm/vtpm_test.go | 2 +- pkg/clients/grpc/agent/agent.go | 2 +- pkg/clients/grpc/agent/agent_test.go | 2 +- pkg/clients/grpc/atls.go | 2 +- pkg/clients/grpc/connect_test.go | 2 +- pkg/clients/grpc/cvm/cvm_test.go | 2 +- pkg/clients/grpc/grpc.go | 2 +- pkg/clients/grpc/manager/manager_test.go | 2 +- pkg/progressbar/progress_test.go | 2 +- pkg/sdk/agent.go | 2 +- pkg/sdk/agent_test.go | 2 +- test/cvms/main.go | 2 +- 57 files changed, 803 insertions(+), 270 deletions(-) create mode 100644 manager/api/http/transport.go create mode 100644 manager/api/http/transport_test.go create mode 100644 manager/monitoring/alert_rules.yml create mode 100644 manager/monitoring/alertmanager.yml create mode 100644 manager/monitoring/docker-compose.yml create mode 100644 manager/monitoring/prometheus.yml diff --git a/.golangci.yaml b/.golangci.yaml index b596355d..26e32eaf 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -55,12 +55,6 @@ linters: template: |- Copyright (c) Ultraviolet SPDX-License-Identifier: Apache-2.0 - importas: - alias: - - pkg: github.com/absmach/magistrala/logger - alias: mglog - no-unaliased: true - no-extra-aliases: false staticcheck: checks: - -ST1000 diff --git a/Makefile b/Makefile index 32fd6f35..fe325c62 100644 --- a/Makefile +++ b/Makefile @@ -17,9 +17,9 @@ IGVM_BUILD_SCRIPT := ./scripts/igvmmeasure/igvm.sh define compile_service CGO_ENABLED=$(CGO_ENABLED) GOOS=$(GOOS) GOARCH=$(GOARCH) GOARM=$(GOARM) \ go build -ldflags "-s -w \ - -X 'github.com/absmach/magistrala.BuildTime=$(TIME)' \ - -X 'github.com/absmach/magistrala.Version=$(VERSION)' \ - -X 'github.com/absmach/magistrala.Commit=$(COMMIT)'" \ + -X 'github.com/absmach/supermq.BuildTime=$(TIME)' \ + -X 'github.com/absmach/supermq.Version=$(VERSION)' \ + -X 'github.com/absmach/supermq.Commit=$(COMMIT)'" \ $(if $(filter 1,$(EMBED_ENABLED)),-tags "embed",) \ -o ${BUILD_DIR}/cocos-$(1) cmd/$(1)/main.go endef diff --git a/agent/algorithm/logging/logging_test.go b/agent/algorithm/logging/logging_test.go index c877bd06..e9531767 100644 --- a/agent/algorithm/logging/logging_test.go +++ b/agent/algorithm/logging/logging_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - mglog "github.com/absmach/magistrala/logger" + mglog "github.com/absmach/supermq/logger" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/ultravioletrs/cocos/agent/events/mocks" diff --git a/agent/auth/auth.go b/agent/auth/auth.go index 02cd338b..bfcb4ea3 100644 --- a/agent/auth/auth.go +++ b/agent/auth/auth.go @@ -13,7 +13,7 @@ import ( "crypto/x509" "encoding/base64" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/agent" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" diff --git a/agent/auth/auth_test.go b/agent/auth/auth_test.go index dae13c37..0948db5b 100644 --- a/agent/auth/auth_test.go +++ b/agent/auth/auth_test.go @@ -15,7 +15,7 @@ import ( "encoding/base64" "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/ultravioletrs/cocos/agent" diff --git a/agent/cvms/api/grpc/client.go b/agent/cvms/api/grpc/client.go index 60924f83..a48c9b68 100644 --- a/agent/cvms/api/grpc/client.go +++ b/agent/cvms/api/grpc/client.go @@ -9,7 +9,7 @@ import ( "sync" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/agent" "github.com/ultravioletrs/cocos/agent/cvms" "github.com/ultravioletrs/cocos/agent/cvms/api/grpc/storage" diff --git a/agent/cvms/api/grpc/client_test.go b/agent/cvms/api/grpc/client_test.go index c4ab84b3..7d832f3f 100644 --- a/agent/cvms/api/grpc/client_test.go +++ b/agent/cvms/api/grpc/client_test.go @@ -7,7 +7,7 @@ import ( "testing" "time" - mglog "github.com/absmach/magistrala/logger" + mglog "github.com/absmach/supermq/logger" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/ultravioletrs/cocos/agent/cvms" diff --git a/agent/cvms/api/grpc/server_test.go b/agent/cvms/api/grpc/server_test.go index dba10ead..85bb7988 100644 --- a/agent/cvms/api/grpc/server_test.go +++ b/agent/cvms/api/grpc/server_test.go @@ -7,7 +7,7 @@ import ( "testing" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/ultravioletrs/cocos/agent/cvms" diff --git a/agent/service.go b/agent/service.go index 4418d0d6..67285bea 100644 --- a/agent/service.go +++ b/agent/service.go @@ -14,7 +14,7 @@ import ( sync "sync" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/agent/algorithm" "github.com/ultravioletrs/cocos/agent/algorithm/binary" "github.com/ultravioletrs/cocos/agent/algorithm/docker" diff --git a/agent/service_test.go b/agent/service_test.go index 2f4cdb11..7bd2e5a4 100644 --- a/agent/service_test.go +++ b/agent/service_test.go @@ -12,8 +12,8 @@ import ( "testing" "time" - mglog "github.com/absmach/magistrala/logger" - "github.com/absmach/magistrala/pkg/errors" + mglog "github.com/absmach/supermq/logger" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" diff --git a/cli/attestation.go b/cli/attestation.go index c544be3e..d2fdbf3c 100644 --- a/cli/attestation.go +++ b/cli/attestation.go @@ -11,7 +11,7 @@ import ( "strings" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/fatih/color" "github.com/google/go-sev-guest/abi" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/cli/attestation_policy.go b/cli/attestation_policy.go index 1e953a71..6eadc97f 100644 --- a/cli/attestation_policy.go +++ b/cli/attestation_policy.go @@ -11,7 +11,7 @@ import ( "os" "strconv" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-tpm-tools/proto/attest" "github.com/spf13/cobra" diff --git a/cli/attestation_tdx.go b/cli/attestation_tdx.go index 0b0d4d90..66318633 100644 --- a/cli/attestation_tdx.go +++ b/cli/attestation_tdx.go @@ -9,7 +9,7 @@ import ( "os" "strings" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" ccpb "github.com/google/go-tdx-guest/proto/checkconfig" "github.com/spf13/cobra" "github.com/ultravioletrs/cocos/pkg/attestation" diff --git a/cli/attestation_test.go b/cli/attestation_test.go index ca6938c3..452ac4e3 100644 --- a/cli/attestation_test.go +++ b/cli/attestation_test.go @@ -12,7 +12,7 @@ import ( "path/filepath" "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/abi" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/cli/datasets.go b/cli/datasets.go index edd6b51e..15aeb9f9 100644 --- a/cli/datasets.go +++ b/cli/datasets.go @@ -9,7 +9,7 @@ import ( "os" "path" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/fatih/color" "github.com/spf13/cobra" "github.com/ultravioletrs/cocos/agent" diff --git a/cli/errors.go b/cli/errors.go index 614e112a..e33df10b 100644 --- a/cli/errors.go +++ b/cli/errors.go @@ -3,7 +3,7 @@ package cli import ( - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/fatih/color" "github.com/spf13/cobra" "github.com/ultravioletrs/cocos/agent/auth" diff --git a/cli/errors_test.go b/cli/errors_test.go index fd3375c3..0841a130 100644 --- a/cli/errors_test.go +++ b/cli/errors_test.go @@ -7,7 +7,7 @@ import ( "errors" "testing" - mgerrors "github.com/absmach/magistrala/pkg/errors" + mgerrors "github.com/absmach/supermq/pkg/errors" "github.com/fatih/color" "github.com/spf13/cobra" "github.com/ultravioletrs/cocos/agent/auth" diff --git a/cmd/agent/main.go b/cmd/agent/main.go index 51d9d6df..8fe42e6e 100644 --- a/cmd/agent/main.go +++ b/cmd/agent/main.go @@ -16,8 +16,8 @@ import ( "syscall" "time" - mglog "github.com/absmach/magistrala/logger" - "github.com/absmach/magistrala/pkg/prometheus" + mglog "github.com/absmach/supermq/logger" + "github.com/absmach/supermq/pkg/prometheus" "github.com/caarlos0/env/v11" "github.com/ultravioletrs/cocos/agent" "github.com/ultravioletrs/cocos/agent/api" diff --git a/cmd/manager/main.go b/cmd/manager/main.go index 36b3f658..bdc0602b 100644 --- a/cmd/manager/main.go +++ b/cmd/manager/main.go @@ -12,16 +12,20 @@ import ( "os" "strings" - mglog "github.com/absmach/magistrala/logger" - "github.com/absmach/magistrala/pkg/jaeger" - "github.com/absmach/magistrala/pkg/prometheus" - "github.com/absmach/magistrala/pkg/uuid" + mglog "github.com/absmach/supermq/logger" + "github.com/absmach/supermq/pkg/jaeger" + "github.com/absmach/supermq/pkg/prometheus" + smqserver "github.com/absmach/supermq/pkg/server" + httpserver "github.com/absmach/supermq/pkg/server/http" + "github.com/absmach/supermq/pkg/uuid" "github.com/caarlos0/env/v11" + "github.com/go-chi/chi/v5" "github.com/ultravioletrs/cocos/internal/server" grpcserver "github.com/ultravioletrs/cocos/internal/server/grpc" "github.com/ultravioletrs/cocos/manager" "github.com/ultravioletrs/cocos/manager/api" managergrpc "github.com/ultravioletrs/cocos/manager/api/grpc" + "github.com/ultravioletrs/cocos/manager/api/http" "github.com/ultravioletrs/cocos/manager/qemu" "github.com/ultravioletrs/cocos/manager/tracing" "go.opentelemetry.io/otel/trace" @@ -33,8 +37,10 @@ import ( const ( svcName = "manager" envPrefixGRPC = "MANAGER_GRPC_" + envPrefixHTTP = "MANAGER_HTTP_" envPrefixQemu = "MANAGER_QEMU_" clientBufferSize = 100 + defSvcHTTPPort = "7003" ) type config struct { @@ -46,6 +52,7 @@ type config struct { IgvmMeasureBinary string `env:"MANAGER_IGVMMEASURE_BINARY" envDefault:"../../build/igvmmeasure"` PcrValues string `env:"MANAGER_PCR_VALUES" envDefault:""` EosVersion string `env:"MANAGER_EOS_VERSION" envDefault:""` + MaxVMs int `env:"MANAGER_MAX_VMS" envDefault:"10"` } func main() { @@ -114,7 +121,12 @@ func main() { return } - svc, err := newService(logger, tracer, *qemuCfg, cfg.AttestationPolicyBinary, cfg.IgvmMeasureBinary, cfg.PcrValues, cfg.EosVersion) + httpServerConfig := smqserver.Config{Port: defSvcHTTPPort} + if err := env.ParseWithOptions(&httpServerConfig, env.Options{Prefix: envPrefixHTTP}); err != nil { + logger.Error(fmt.Sprintf("failed to load %s gRPC server configuration : %s", svcName, err)) + } + + svc, err := newService(logger, tracer, *qemuCfg, cfg.AttestationPolicyBinary, cfg.IgvmMeasureBinary, cfg.PcrValues, cfg.EosVersion, cfg.MaxVMs) if err != nil { logger.Error(err.Error()) exitCode = 1 @@ -136,12 +148,18 @@ func main() { gs := grpcserver.New(ctx, cancel, svcName, managerGRPCConfig, registerManagerServiceServer, logger, nil, "", "") + hs := httpserver.NewServer(ctx, cancel, svcName, httpServerConfig, http.MakeHandler(chi.NewMux(), svcName, cfg.InstanceID), logger) + g.Go(func() error { return gs.Start() }) g.Go(func() error { - return server.StopHandler(ctx, cancel, logger, svcName, gs) + return hs.Start() + }) + + g.Go(func() error { + return server.StopHandler(ctx, cancel, logger, svcName, gs, hs) }) if err := g.Wait(); err != nil { @@ -149,8 +167,8 @@ func main() { } } -func newService(logger *slog.Logger, tracer trace.Tracer, qemuCfg qemu.Config, attestationPolicyPath string, igvmMeasurementBinaryPath string, pcrValuesFilePath string, eosVersion string) (manager.Service, error) { - svc, err := manager.New(qemuCfg, attestationPolicyPath, igvmMeasurementBinaryPath, pcrValuesFilePath, logger, qemu.NewVM, eosVersion) +func newService(logger *slog.Logger, tracer trace.Tracer, qemuCfg qemu.Config, attestationPolicyPath string, igvmMeasurementBinaryPath string, pcrValuesFilePath string, eosVersion string, maxVMs int) (manager.Service, error) { + svc, err := manager.New(qemuCfg, attestationPolicyPath, igvmMeasurementBinaryPath, pcrValuesFilePath, logger, qemu.NewVM, eosVersion, maxVMs) if err != nil { return nil, err } diff --git a/cocos-manager.env b/cocos-manager.env index d7efae00..3433d0dc 100644 --- a/cocos-manager.env +++ b/cocos-manager.env @@ -9,13 +9,21 @@ MANAGER_INSTANCE_ID= MANAGER_ATTESTATION_POLICY_BINARY=../../build MANAGER_IGVMMEASURE_BINARY=../../build MANAGER_PCR_VALUES=/etc/cocos/pcr_values.json -MANAGER_GRPC_CLIENT_CERT= -MANAGER_GRPC_CLIENT_KEY= +MANAGER_GRPC_SERVER_CERT= +MANAGER_GRPC_SERVER_KEY= MANAGER_GRPC_SERVER_CA_CERTS= +MANAGER_GRPC_CLIENT_CA_CERTS= MANAGER_GRPC_PORT=6101 MANAGER_GRPC_HOST=0.0.0.0 +MANAGER_HTTP_SERVER_CERT= +MANAGER_HTTP_SERVER_KEY= +MANAGER_HTTP_SERVER_CA_CERTS= +MANAGER_HTTP_CLIENT_CA_CERTS= +MANAGER_HTTP_PORT=6102 +MANAGER_HTTP_HOST=0.0.0.0 MANAGER_GRPC_TIMEOUT=60s MANAGER_EOS_VERSION="" +MANAGER_MAX_VMS=10 # QEMU Configuration MANAGER_QEMU_MEMORY_SIZE=25G @@ -47,9 +55,6 @@ MANAGER_QEMU_HOST_DATA= MANAGER_QEMU_TDX_ID=tdx0 MANAGER_QEMU_QUOTE_GENERATION_PORT=4050 MANAGER_QEMU_OVMF_FILE=/usr/share/ovmf/OVMF.fd -MANAGER_QEMU_VSOCK_ID=vhost-vsock-pci0 -MANAGER_QEMU_VSOCK_GUEST_CID=3 -MANAGER_QEMU_VSOCK_VNC=0 MANAGER_QEMU_BIN_PATH=qemu-system-x86_64 MANAGER_QEMU_USE_SUDO=true MANAGER_QEMU_ENABLE_SEV_SNP=false diff --git a/go.mod b/go.mod index 493ce212..e5dac2d4 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,8 @@ module github.com/ultravioletrs/cocos -go 1.23.2 - -toolchain go1.24.1 +go 1.24.5 require ( - github.com/absmach/magistrala v0.15.1 github.com/caarlos0/env/v11 v11.3.1 github.com/fatih/color v1.18.0 github.com/go-kit/kit v0.13.0 @@ -18,21 +15,23 @@ require ( github.com/virtee/sev-snp-measure-go v0.0.0-20240530153610-e6e8dc9b6877 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 go.opentelemetry.io/otel/trace v1.37.0 - golang.org/x/crypto v0.39.0 - golang.org/x/sync v0.15.0 - google.golang.org/grpc v1.73.0 + golang.org/x/crypto v0.40.0 + golang.org/x/sync v0.16.0 + google.golang.org/grpc v1.74.2 google.golang.org/protobuf v1.36.6 ) require ( cloud.google.com/go/storage v1.55.0 + github.com/absmach/supermq v0.17.0 github.com/caarlos0/env/v10 v10.0.0 + github.com/go-chi/chi/v5 v5.2.2 github.com/golang-jwt/jwt/v5 v5.2.2 github.com/google/gce-tcb-verifier v0.3.1 ) require ( - cel.dev/expr v0.23.0 // indirect + cel.dev/expr v0.24.0 // indirect cloud.google.com/go v0.121.1 // indirect cloud.google.com/go/auth v0.16.1 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect @@ -43,8 +42,8 @@ require ( github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0 // indirect github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/cenkalti/backoff/v4 v4.3.0 // indirect - github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f // indirect + github.com/cenkalti/backoff/v5 v5.0.2 // indirect + github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect github.com/containerd/errdefs v1.0.0 // indirect github.com/containerd/errdefs/pkg v0.3.0 // indirect github.com/containerd/log v0.1.0 // indirect @@ -54,9 +53,9 @@ require ( github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/go-jose/go-jose/v3 v3.0.3 // indirect + github.com/go-jose/go-jose/v3 v3.0.4 // indirect github.com/go-jose/go-jose/v4 v4.0.5 // indirect - github.com/gofrs/uuid/v5 v5.3.0 // indirect + github.com/gofrs/uuid/v5 v5.3.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/google/certificate-transparency-go v1.1.8 // indirect github.com/google/go-attestation v0.5.1 // indirect @@ -66,7 +65,7 @@ require ( github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect github.com/googleapis/gax-go/v2 v2.14.2 // indirect github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f // indirect - github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/sys/atomicwriter v0.1.0 // indirect @@ -75,20 +74,20 @@ require ( github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect github.com/pelletier/go-toml v1.9.5 // indirect - github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect + github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587 // indirect github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect github.com/zeebo/errs v1.4.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/contrib/detectors/gcp v1.36.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 // indirect go.opentelemetry.io/otel v1.37.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.36.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0 // indirect go.opentelemetry.io/otel/sdk v1.37.0 // indirect go.opentelemetry.io/otel/sdk/metric v1.37.0 // indirect - golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect + golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476 // indirect golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/time v0.11.0 // indirect + golang.org/x/time v0.12.0 // indirect google.golang.org/api v0.235.0 // indirect google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect @@ -112,23 +111,23 @@ require ( github.com/google/go-tpm-tools v0.4.4 github.com/google/logger v1.1.1 github.com/google/uuid v1.6.0 - github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/client_golang v1.22.0 // indirect - github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.62.0 // indirect - github.com/prometheus/procfs v0.15.1 // indirect + github.com/prometheus/client_golang v1.23.0 + github.com/prometheus/client_model v0.6.2 // indirect + github.com/prometheus/common v0.65.0 // indirect + github.com/prometheus/procfs v0.16.1 // indirect github.com/stretchr/objx v0.5.2 // indirect go.opentelemetry.io/otel/metric v1.37.0 // indirect - go.opentelemetry.io/proto/otlp v1.6.0 // indirect + go.opentelemetry.io/proto/otlp v1.7.0 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/net v0.41.0 // indirect - golang.org/x/sys v0.33.0 // indirect - golang.org/x/term v0.32.0 - golang.org/x/text v0.26.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20250512202823-5a2f75b736a9 // indirect + golang.org/x/sys v0.34.0 // indirect + golang.org/x/term v0.33.0 + golang.org/x/text v0.27.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 774c7583..1792853b 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -cel.dev/expr v0.23.0 h1:wUb94w6OYQS4uXraxo9U+wUAs9jT47Xvl4iPgAwM2ss= -cel.dev/expr v0.23.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= +cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY= +cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= cloud.google.com/go v0.121.1 h1:S3kTQSydxmu1JfLRLpKtxRPA7rSrYPRPEUmL/PavVUw= cloud.google.com/go v0.121.1/go.mod h1:nRFlrHq39MNVWu+zESP2PosMWA0ryJw8KUBZ2iZpxbw= cloud.google.com/go/auth v0.16.1 h1:XrXauHMd30LhQYVRHLGvJiYeczweKQXZxsTbV9TiguU= @@ -36,20 +36,20 @@ github.com/VividCortex/gohistogram v1.0.0 h1:6+hBz+qvs0JOrrNhhmR7lFxo5sINxBCGXrd github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/absmach/certs v0.0.0-20250707105817-4c41124bba54 h1:5pTDktMVvtJrQMY0d2vwBRFOgH0LVEoArwcaqrbuGQ4= github.com/absmach/certs v0.0.0-20250707105817-4c41124bba54/go.mod h1:MGDO7iEXbtJCRKOwL34+HR8MQI2mo7l3wcz93e2Km68= -github.com/absmach/magistrala v0.15.1 h1:3Bk2hlyWcV591LxPYwlvRcyCXTfuZ1g/EkNmU+o3NNQ= -github.com/absmach/magistrala v0.15.1/go.mod h1:9pto6xuBt/IuCtZRdEha0iDQKNQ5tyNOjLXJgUiikYk= +github.com/absmach/supermq v0.17.0 h1:l8XkoPJ2GIs3od4FBUu52DJRuzUIcVfScj7UkXr4/3w= +github.com/absmach/supermq v0.17.0/go.mod h1:BTpQiHHevhP5ahA34vhyeLK8YIJsx+7gYUFpqgMGSAI= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/caarlos0/env/v10 v10.0.0 h1:yIHUBZGsyqCnpTkbjk8asUlx6RFhhEs+h7TOBdgdzXA= github.com/caarlos0/env/v10 v10.0.0/go.mod h1:ZfulV76NvVPw3tm591U4SwL3Xx9ldzBP9aGxzeN7G18= github.com/caarlos0/env/v11 v11.3.1 h1:cArPWC15hWmEt+gWk7YBi7lEXTXCvpaSdCiZE2X5mCA= github.com/caarlos0/env/v11 v11.3.1/go.mod h1:qupehSf/Y0TUTsxKywqRt/vJjN5nz6vauiYEUUr8P4U= -github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= -github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v5 v5.0.2 h1:rIfFVxEf1QsI7E1ZHfp/B4DF/6QBAUhmgkxc0H7Zss8= +github.com/cenkalti/backoff/v5 v5.0.2/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f h1:C5bqEmzEPLsHm9Mv73lSE9e9bKV23aB1vxOsmZrkl3k= -github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 h1:aQ3y1lwWyqYPiWZThqv1aFbZMiM9vblcSArJRf2Irls= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M= github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE= @@ -84,10 +84,10 @@ github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/go-chi/chi/v5 v5.2.1 h1:KOIHODQj58PmL80G2Eak4WdvUzjSJSm0vG72crDCqb8= -github.com/go-chi/chi/v5 v5.2.1/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops= -github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= -github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-chi/chi/v5 v5.2.2 h1:CMwsvRVTbXVytCk1Wd72Zy1LAsAh9GxMmSNWLHCG618= +github.com/go-chi/chi/v5 v5.2.2/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops= +github.com/go-jose/go-jose/v3 v3.0.4 h1:Wp5HA7bLQcKnf6YYao/4kpRpVMp/yf6+pJKV8WFSaNY= +github.com/go-jose/go-jose/v3 v3.0.4/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE= github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA= github.com/go-kit/kit v0.13.0 h1:OoneCcHKHQ03LfBpoQCUfCluwd2Vt3ohz+kvbJneZAU= @@ -103,8 +103,8 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA= github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/gofrs/uuid/v5 v5.3.0 h1:m0mUMr+oVYUdxpMLgSYCZiXe7PuVPnI94+OMeVBNedk= -github.com/gofrs/uuid/v5 v5.3.0/go.mod h1:CDOjlDMVAtN56jqyRUZh58JT31Tiw7/oQyEXZV+9bD8= +github.com/gofrs/uuid/v5 v5.3.2 h1:2jfO8j3XgSwlz/wHqemAEugfnTlikAYHhnqQ8Xh4fE0= +github.com/gofrs/uuid/v5 v5.3.2/go.mod h1:CDOjlDMVAtN56jqyRUZh58JT31Tiw7/oQyEXZV+9bD8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= @@ -147,8 +147,8 @@ github.com/googleapis/gax-go/v2 v2.14.2 h1:eBLnkZ9635krYIPD+ag1USrOAI0Nr0QYF3+/3 github.com/googleapis/gax-go/v2 v2.14.2/go.mod h1:ON64QhlJkhVtSqp4v1uaK92VyZ2gmvDQsweuyLV+8+w= github.com/gopherjs/gopherjs v1.17.2 h1:fQnZVsXk8uxXIStYb0N4bGk7jeyTalG/wsZjQ25dO0g= github.com/gopherjs/gopherjs v1.17.2/go.mod h1:pRRIvn/QzFLrKfvEz3qUuEhtE/zLCWfreZ6J5gM2i+k= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 h1:5ZPtiqj0JL5oKWmcsq4VMaAW5ukBEgSGXEN89zeH1Jo= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3/go.mod h1:ndYquD05frm2vACXE1nsccT4oJzjhw2arTS2cpUD1PI= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1 h1:X5VWvz21y3gzm9Nw/kaUeku/1+uBhcekkmy4IkffJww= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1/go.mod h1:Zanoh4+gvIgluNqcfMVTJueD4wSS5hT7zTt4Mrutd90= github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f h1:7LYC+Yfkj3CTRcShK0KOL/w6iTiKyqqBA9a41Wnggw8= github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f/go.mod h1:pFlLw2CfqZiIBOx6BuCeRLCrfxBJipTY0nIOF/VbGcI= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -157,13 +157,16 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= +github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= @@ -186,19 +189,19 @@ github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3v github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo= -github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= +github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587 h1:xzZOeCMQLA/W198ZkdVdt4EKFKJtS26B773zNU377ZY= +github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= -github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= -github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= -github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= -github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= -github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= -github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/prometheus/client_golang v1.23.0 h1:ust4zpdl9r4trLY/gSjlm07PuiBq2ynaXXlptpfy8Uc= +github.com/prometheus/client_golang v1.23.0/go.mod h1:i/o0R9ByOnHX0McrTMTyhYvKE4haaf2mW08I+jGAjEE= +github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= +github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= +github.com/prometheus/common v0.65.0 h1:QDwzd+G1twt//Kwj/Ww6E9FQq1iVMmODnILtW1t2VzE= +github.com/prometheus/common v0.65.0/go.mod h1:0gZns+BLRQ3V6NdaerOhMbwwRbNh9hkGINtQAsP5GS8= +github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= +github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -206,8 +209,8 @@ github.com/sammyoina/sev-snp-measure-go v0.0.0-20241202151803-ef189f0ff825 h1:Sq github.com/sammyoina/sev-snp-measure-go v0.0.0-20241202151803-ef189f0ff825/go.mod h1:dEkBe8JnxU5itNjZDEQINFd7f7l4DtjfqRuzPQcit4w= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/smarty/assertions v1.15.0 h1:cR//PqUBUiQRakZWqBiFFQ9wb8emQGDb0HeGdqGByCY= -github.com/smarty/assertions v1.15.0/go.mod h1:yABtdzeQs6l1brC900WlRNwj6ZR55d7B+E8C6HtKdec= +github.com/smarty/assertions v1.16.0 h1:EvHNkdRA4QHMrn75NZSoUQ/mAUXAYWfatfB01yTCzfY= +github.com/smarty/assertions v1.16.0/go.mod h1:duaaFdCS0K9dnoM50iyek/eYINOZ64gbh1Xlf6LG7AI= github.com/smartystreets/goconvey v1.8.1 h1:qGjIddxOk4grTu9JPOU31tVfq3cNdBlNa5sSznIX1xY= github.com/smartystreets/goconvey v1.8.1/go.mod h1:+/u4qLyY6x1jReYOp7GOM2FSt8aP9CzCZL03bI28W60= github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= @@ -233,14 +236,14 @@ go.opentelemetry.io/contrib/detectors/gcp v1.36.0 h1:F7q2tNlCaHY9nMKHR6XH9/qkp8F go.opentelemetry.io/contrib/detectors/gcp v1.36.0/go.mod h1:IbBN8uAIIx734PTonTPxAxnjc2pQTxWNkwfstZ+6H2k= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 h1:rbRJ8BBoVMsQShESYZ0FkvcITu8X8QNwJogcLUmDNNw= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0/go.mod h1:ru6KHrNtNHxM4nD/vd6QrLVWgKhxPYgblq4VAtNawTQ= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 h1:Hf9xI/XLML9ElpiHVDNwvqI0hIFlzV8dgIr35kV1kRU= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0/go.mod h1:NfchwuyNoMcZ5MLHwPrODwUF1HWCXWrL31s8gSAdIKY= go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ= go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.36.0 h1:dNzwXjZKpMpE2JhmO+9HsPl42NIXFIFSUSSs0fiqra0= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.36.0/go.mod h1:90PoxvaEB5n6AOdZvi+yWJQoE95U8Dhhw2bSyRqnTD0= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 h1:xJ2qHD0C1BeYVTLLR9sX12+Qb95kfeD/byKj6Ky1pXg= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0/go.mod h1:u5BF1xyjstDowA1R5QAO9JHzqK+ublenEW/dyqTjBVk= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 h1:Ahq7pZmv87yiyn3jeFz/LekZmPLLdKejuO3NcK9MssM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0/go.mod h1:MJTqhM0im3mRLw1i8uGHnCvUEeS7VwRyxlLC78PA18M= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0 h1:bDMKF3RUSxshZ5OjOTi8rsHGaPKsAt76FaqgvIUySLc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0/go.mod h1:dDT67G/IkA46Mr2l9Uj7HsQVwsjASyV9SjGofsiUZDA= go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.36.0 h1:rixTyDGXFxRy1xzhKrotaHy3/KXdPhlWARrCgK+eqUY= go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.36.0/go.mod h1:dowW6UsM9MKbJq5JTz2AMVp3/5iW5I/TStsk8S+CfHw= go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE= @@ -251,8 +254,8 @@ go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFh go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps= go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4= go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0= -go.opentelemetry.io/proto/otlp v1.6.0 h1:jQjP+AQyTf+Fe7OKj/MfkDrmK4MNVtw2NpXsf9fefDI= -go.opentelemetry.io/proto/otlp v1.6.0/go.mod h1:cicgGehlFuNdgZkcALOCh3VE6K/u2tAjzlRhDwmVpZc= +go.opentelemetry.io/proto/otlp v1.7.0 h1:jX1VolD6nHuFzOYso2E73H85i92Mv8JQYk0K9vz09os= +go.opentelemetry.io/proto/otlp v1.7.0/go.mod h1:fSKjH6YJ7HDlwzltzyMj036AJ3ejJLCgCSHGj4efDDo= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -262,10 +265,10 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= -golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= -golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk= -golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY= +golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= +golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= +golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476 h1:bsqhLWFR6G6xiQcb+JoGqdKdRU6WzPWmK8E0jxTjzo4= +golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -287,8 +290,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8= -golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= +golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -297,30 +300,29 @@ golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= +golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= -golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= +golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg= +golang.org/x/term v0.33.0/go.mod h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M= -golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= +golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= +golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= +golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -335,12 +337,12 @@ google.golang.org/api v0.235.0 h1:C3MkpQSRxS1Jy6AkzTGKKrpSCOd2WOGrezZ+icKSkKo= google.golang.org/api v0.235.0/go.mod h1:QpeJkemzkFKe5VCE/PMv7GsUfn9ZF+u+q1Q7w6ckxTg= google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRxSBsYDiSBN0cuJvM7QYW+MrpIRY78= google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk= -google.golang.org/genproto/googleapis/api v0.0.0-20250512202823-5a2f75b736a9 h1:WvBuA5rjZx9SNIzgcU53OohgZy6lKSus++uY4xLaWKc= -google.golang.org/genproto/googleapis/api v0.0.0-20250512202823-5a2f75b736a9/go.mod h1:W3S/3np0/dPWsWLi1h/UymYctGXaGBM2StwzD0y140U= +google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 h1:oWVWY3NzT7KJppx2UKhKmzPq4SRe0LdCijVRwvGeikY= +google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822/go.mod h1:h3c4v36UTKzUiuaOKQ6gr3S+0hovBtUrXzTG/i3+XEc= google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE= google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= -google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok= -google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc= +google.golang.org/grpc v1.74.2 h1:WoosgB65DlWVC9FqI82dGsZhWFNBSLjQ84bjROOpMu4= +google.golang.org/grpc v1.74.2/go.mod h1:CtQ+BGjaAIXHs/5YS3i473GqwBBa1zGQNevxdeBEXrM= google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/hal/cloud/.env b/hal/cloud/.env index cb1b3124..ccf2c7cf 100644 --- a/hal/cloud/.env +++ b/hal/cloud/.env @@ -41,10 +41,6 @@ SEV_SNP_CBIT_POS=51 SEV_SNP_REDUCED_PHYS_BITS=1 SEV_SNP_HOST_DATA= -#### VSock Config -VSOCK_ID=vhost-vsock-pci0 -VSOCK_GUEST_CID=3 - BIN_PATH=qemu-system-x86_64 USE_SUDO=false ENABLE_SEV_SNP=false diff --git a/hal/cloud/qemu.sh b/hal/cloud/qemu.sh index 2d25f0c9..b79df2c5 100755 --- a/hal/cloud/qemu.sh +++ b/hal/cloud/qemu.sh @@ -72,8 +72,7 @@ construct_qemu_args() { # Network configuration args+=("-netdev" "user,id=$NET_DEV_ID,hostfwd=tcp::$NET_DEV_HOST_FWD_AGENT-:$NET_DEV_GUEST_FWD_AGENT") args+=("-device" "virtio-net-pci,disable-legacy=$VIRTIO_NET_PCI_DISABLE_LEGACY,iommu_platform=$VIRTIO_NET_PCI_IOMMU_PLATFORM,netdev=$NET_DEV_ID,addr=$VIRTIO_NET_PCI_ADDR,romfile=$VIRTIO_NET_PCI_ROMFILE") - args+=("-device" "vhost-vsock-pci,id=$VSOCK_ID,guest-cid=$VSOCK_GUEST_CID") - + # SEV_SNP (if enabled) if [ "$ENABLE_SEV_SNP" == "true" ]; then kernel_hash="" diff --git a/internal/logger/protohandler_test.go b/internal/logger/protohandler_test.go index 9febc27d..22643606 100644 --- a/internal/logger/protohandler_test.go +++ b/internal/logger/protohandler_test.go @@ -9,7 +9,7 @@ import ( "testing" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/ultravioletrs/cocos/agent/cvms" ) diff --git a/manager/README.md b/manager/README.md index f66d1d17..998429ed 100644 --- a/manager/README.md +++ b/manager/README.md @@ -14,11 +14,18 @@ The service is configured using the environment variables from the following tab | MANAGER_ATTESTATION_POLICY_BINARY | The file path for the attestation policy binarie. | ../../build/attestation_policy | | MANAGER_IGVMMEASURE_BINARY | The file path for the igvmmeasure binarie. | ../../build/igvmmeasure | | MANAGER_PCR_VALUES | The file path for the file with the expected PCR values. | | -| MANAGER_GRPC_CLIENT_CERT | The file path for the client certificate. | | -| MANAGER_GRPC_CLIENT_KEY | The file path for the client private key. | | -| MANAGER_GRPC_SERVER_CA_CERTS | The file path for the server CA certificate(s). | | -| MANAGER_GRPC_URL | The URL for the gRPC endpoint. | localhost:7001 | -| MANAGER_GRPC_TIMEOUT | The timeout for gRPC requests. | 60s | +| MANAGER_HTTP_HOST | Manager service HTTP host | "" | +| MANAGER_HTTP_PORT | Manager service HTTP port | 7003 | +| MANAGER_HTTP_SERVER_CERT | Manager to HTTP server certificate in pem format | "" | +| MANAGER_HTTP_SERVER_KEY | Path to HTTP server key in pem format | "" | +| MANAGER_HTTP_SERVER_CA_CERTS | Path to HTTP server CA certificate | "" | +| MANAGER_HTTP_CLIENT_CA_CERTS | Path to HTTP client CA certificate | "" | +| MANAGER_GRPC_HOST | Manager service gRPC host | "" | +| MANAGER_GRPC_PORT | Manager service gRPC port | 7001 | +| MANAGER_GRPC_SERVER_CERT | Path to gRPC server certificate in pem format | "" | +| MANAGER_GRPC_SERVER_KEY | Path to gRPC server key in pem format | "" | +| MANAGER_GRPC_SERVER_CA_CERTS | Path to gRPC server CA certificate | "" | +| MANAGER_GRPC_CLIENT_CA_CERTS | Path to gRPC client CA certificate | "" | | MANAGER_EOS_VERSION | The EOS version used for booting CVMs. | | | MANAGER_INSTANCE_ID | Manager service instance ID | | | MANAGER_QEMU_MEMORY_SIZE | The total memory size for the virtual machine. Can be specified in a human-readable format like "2048M" or "4G". | 2048M | @@ -53,9 +60,6 @@ The service is configured using the environment variables from the following tab | MANAGER_QEMU_OVMF_FILE | The file path for the OVMF file (combined OVMF_CODE and OVMF_VARS file). | /usr/share/ovmf/OVMF.fd | | MANAGER_QEMU_IGVM_ID | The ID of the IGVM file. | igvm0 | | MANAGER_QEMU_IGVM_FILE | The file path to the IGVM file. | /root/coconut-qemu.igvm | -| MANAGER_QEMU_VSOCK_ID | The ID for the virtual socket device. | vhost-vsock-pci0 | -| MANAGER_QEMU_VSOCK_GUEST_CID | The guest-side CID (Context ID) for the virtual socket device. | 3 | -| MANAGER_QEMU_VSOCK_VNC | Whether to enable the virtual socket device for VNC. | 0 | | MANAGER_QEMU_BIN_PATH | The file path for the QEMU binary. | qemu-system-x86_64 | | MANAGER_QEMU_USE_SUDO | Whether to use sudo to run QEMU. | false | | MANAGER_QEMU_ENABLE_SEV_SNP | Whether to enable Secure Nested Paging (SEV-SNP). | true | @@ -69,6 +73,7 @@ The service is configured using the environment variables from the following tab | MANAGER_QEMU_NO_GRAPHIC | Whether to disable the graphical display. | true | | MANAGER_QEMU_MONITOR | The type of monitor to use. | pty | | MANAGER_QEMU_HOST_FWD_RANGE | The range of host ports to forward. | 6100-6200 | +| MANAGER_MAX_VMS | The maximum number of vms running concurrently on manager. | 10 | ## Setup diff --git a/manager/api/http/transport.go b/manager/api/http/transport.go new file mode 100644 index 00000000..058e8dd1 --- /dev/null +++ b/manager/api/http/transport.go @@ -0,0 +1,20 @@ +// Copyright (c) Ultraviolet +// SPDX-License-Identifier: Apache-2.0 + +package http + +import ( + "net/http" + + "github.com/absmach/supermq" + "github.com/go-chi/chi/v5" + "github.com/prometheus/client_golang/prometheus/promhttp" +) + +// MakeHandler returns a HTTP handler for API endpoints. +func MakeHandler(r *chi.Mux, svcName, instanceID string) http.Handler { + r.Get("/health", supermq.Health(svcName, instanceID)) + r.Handle("/metrics", promhttp.Handler()) + + return r +} diff --git a/manager/api/http/transport_test.go b/manager/api/http/transport_test.go new file mode 100644 index 00000000..432ca35c --- /dev/null +++ b/manager/api/http/transport_test.go @@ -0,0 +1,379 @@ +// Copyright (c) Ultraviolet +// SPDX-License-Identifier: Apache-2.0 + +package http + +import ( + "net/http" + "net/http/httptest" + "testing" + + "github.com/go-chi/chi/v5" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestMakeHandler(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + ) + + tests := []struct { + name string + serviceName string + instanceID string + expectedRoutes int + }{ + { + name: "valid handler creation", + serviceName: testServiceName, + instanceID: testInstanceID, + expectedRoutes: 2, // /health and /metrics + }, + { + name: "empty service name", + serviceName: "", + instanceID: testInstanceID, + expectedRoutes: 2, + }, + { + name: "empty instance ID", + serviceName: testServiceName, + instanceID: "", + expectedRoutes: 2, + }, + { + name: "both empty", + serviceName: "", + instanceID: "", + expectedRoutes: 2, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + r := chi.NewRouter() + handler := MakeHandler(r, tt.serviceName, tt.instanceID) + + require.NotNil(t, handler) + assert.Implements(t, (*http.Handler)(nil), handler) + + // Verify that the handler is actually the chi router + assert.Equal(t, r, handler) + }) + } +} + +func TestHealthEndpoint(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + ) + + tests := []struct { + name string + serviceName string + instanceID string + method string + path string + expectedStatus int + }{ + { + name: "GET health endpoint success", + serviceName: testServiceName, + instanceID: testInstanceID, + method: http.MethodGet, + path: "/health", + expectedStatus: http.StatusOK, + }, + { + name: "POST health endpoint not allowed", + serviceName: testServiceName, + instanceID: testInstanceID, + method: http.MethodPost, + path: "/health", + expectedStatus: http.StatusMethodNotAllowed, + }, + { + name: "PUT health endpoint not allowed", + serviceName: testServiceName, + instanceID: testInstanceID, + method: http.MethodPut, + path: "/health", + expectedStatus: http.StatusMethodNotAllowed, + }, + { + name: "DELETE health endpoint not allowed", + serviceName: testServiceName, + instanceID: testInstanceID, + method: http.MethodDelete, + path: "/health", + expectedStatus: http.StatusMethodNotAllowed, + }, + { + name: "health with empty service name", + serviceName: "", + instanceID: testInstanceID, + method: http.MethodGet, + path: "/health", + expectedStatus: http.StatusOK, + }, + { + name: "health with empty instance ID", + serviceName: testServiceName, + instanceID: "", + method: http.MethodGet, + path: "/health", + expectedStatus: http.StatusOK, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + r := chi.NewRouter() + handler := MakeHandler(r, tt.serviceName, tt.instanceID) + + req, err := http.NewRequest(tt.method, tt.path, nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, tt.expectedStatus, rr.Code) + + if tt.expectedStatus == http.StatusOK { + // Verify content type for successful health checks + contentType := rr.Header().Get("Content-Type") + assert.Contains(t, contentType, "application/health+json") + + // Verify response body contains service info + body := rr.Body.String() + if tt.serviceName != "" { + assert.Contains(t, body, tt.serviceName) + } + if tt.instanceID != "" { + assert.Contains(t, body, tt.instanceID) + } + } + }) + } +} + +func TestMetricsEndpoint(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + ) + + tests := []struct { + name string + method string + path string + expectedStatus int + }{ + { + name: "GET metrics endpoint success", + method: http.MethodGet, + path: "/metrics", + expectedStatus: http.StatusOK, + }, + { + name: "POST metrics endpoint not allowed", + method: http.MethodPost, + path: "/metrics", + expectedStatus: http.StatusOK, + }, + { + name: "PUT metrics endpoint not allowed", + method: http.MethodPut, + path: "/metrics", + expectedStatus: http.StatusOK, + }, + { + name: "DELETE metrics endpoint not allowed", + method: http.MethodDelete, + path: "/metrics", + expectedStatus: http.StatusOK, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + r := chi.NewRouter() + handler := MakeHandler(r, testServiceName, testInstanceID) + + req, err := http.NewRequest(tt.method, tt.path, nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, tt.expectedStatus, rr.Code) + + if tt.expectedStatus == http.StatusOK { + // Verify content type for Prometheus metrics + contentType := rr.Header().Get("Content-Type") + assert.Contains(t, contentType, "text/plain") + + // Verify response contains Prometheus metrics format + body := rr.Body.String() + assert.Contains(t, body, "# HELP") + assert.Contains(t, body, "# TYPE") + } + }) + } +} + +func TestNotFoundEndpoint(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + ) + + tests := []struct { + name string + path string + expectedStatus int + }{ + { + name: "root path not found", + path: "/", + expectedStatus: http.StatusNotFound, + }, + { + name: "random path not found", + path: "/random-path", + expectedStatus: http.StatusNotFound, + }, + { + name: "health typo not found", + path: "/helth", + expectedStatus: http.StatusNotFound, + }, + { + name: "metrics typo not found", + path: "/metric", + expectedStatus: http.StatusNotFound, + }, + { + name: "health with trailing slash", + path: "/health/", + expectedStatus: http.StatusNotFound, + }, + { + name: "metrics with trailing slash", + path: "/metrics/", + expectedStatus: http.StatusNotFound, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + r := chi.NewRouter() + handler := MakeHandler(r, testServiceName, testInstanceID) + + req, err := http.NewRequest(http.MethodGet, tt.path, nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, tt.expectedStatus, rr.Code) + }) + } +} + +func TestConcurrentRequests(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + numRequests = 100 + ) + + r := chi.NewRouter() + handler := MakeHandler(r, testServiceName, testInstanceID) + + // Test concurrent health requests + t.Run("concurrent health requests", func(t *testing.T) { + results := make(chan int, numRequests) + + for i := 0; i < numRequests; i++ { + go func() { + req, err := http.NewRequest(http.MethodGet, "/health", nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + results <- rr.Code + }() + } + + // Collect all results + for i := 0; i < numRequests; i++ { + status := <-results + assert.Equal(t, http.StatusOK, status) + } + }) + + // Test concurrent metrics requests + t.Run("concurrent metrics requests", func(t *testing.T) { + results := make(chan int, numRequests) + + for i := 0; i < numRequests; i++ { + go func() { + req, err := http.NewRequest(http.MethodGet, "/metrics", nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + results <- rr.Code + }() + } + + // Collect all results + for i := 0; i < numRequests; i++ { + status := <-results + assert.Equal(t, http.StatusOK, status) + } + }) +} + +func TestHandlerWithCustomRouter(t *testing.T) { + const ( + testServiceName = "test-service" + testInstanceID = "test-instance-123" + ) + + // Test with a router that already has some routes + r := chi.NewRouter() + r.Get("/existing", func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + if _, err := w.Write([]byte("existing")); err != nil { + http.Error(w, "Failed to write response", http.StatusInternalServerError) + } + }) + + handler := MakeHandler(r, testServiceName, testInstanceID) + + // Test that existing route still works + req, err := http.NewRequest(http.MethodGet, "/existing", nil) + require.NoError(t, err) + + rr := httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, http.StatusOK, rr.Code) + assert.Equal(t, "existing", rr.Body.String()) + + // Test that new routes work + req, err = http.NewRequest(http.MethodGet, "/health", nil) + require.NoError(t, err) + + rr = httptest.NewRecorder() + handler.ServeHTTP(rr, req) + + assert.Equal(t, http.StatusOK, rr.Code) +} diff --git a/manager/monitoring/alert_rules.yml b/manager/monitoring/alert_rules.yml new file mode 100644 index 00000000..6cadf999 --- /dev/null +++ b/manager/monitoring/alert_rules.yml @@ -0,0 +1,57 @@ +groups: + - name: cocos-manager-alerts + rules: + # Service Down Alert - Primary method using up metric + - alert: CocosManagerDown + expr: up{job="cocos-manager"} == 0 + for: 1m + labels: + severity: critical + service: cocos-manager + annotations: + summary: "Cocos Manager service is down" + description: "Cocos Manager service has been down for more than 1 minute. Instance: {{ $labels.instance }}" + + # Alternative: No metrics received (for cases where up metric might not be reliable) + - alert: CocosManagerNoMetrics + expr: absent(up{job="cocos-manager"}) + for: 2m + labels: + severity: critical + service: cocos-manager + annotations: + summary: "No metrics received from Cocos Manager" + description: "No metrics have been received from Cocos Manager for more than 2 minutes" + + # Health endpoint specific alert (if you expose health as a metric) + - alert: CocosManagerUnhealthy + expr: health_check{job="cocos-manager"} == 0 + for: 30s + labels: + severity: warning + service: cocos-manager + annotations: + summary: "Cocos Manager health check failing" + description: "Cocos Manager health check has been failing for more than 30 seconds. Instance: {{ $labels.instance }}" + + # High latency alert + - alert: CocosManagerHighLatency + expr: histogram_quantile(0.95, rate(cocos_manager_latency_bucket[5m])) > 2 + for: 5m + labels: + severity: warning + service: cocos-manager + annotations: + summary: "Cocos Manager high latency" + description: "Cocos Manager 95th percentile latency is above 2 seconds for more than 5 minutes. Current value: {{ $value }}s" + + # High error rate alert + - alert: CocosManagerHighErrorRate + expr: rate(cocos_manager_errors_total[5m]) > 0.1 + for: 2m + labels: + severity: warning + service: cocos-manager + annotations: + summary: "Cocos Manager high error rate" + description: "Cocos Manager error rate is above 10% for more than 2 minutes. Current rate: {{ $value }}" diff --git a/manager/monitoring/alertmanager.yml b/manager/monitoring/alertmanager.yml new file mode 100644 index 00000000..b1eb1ded --- /dev/null +++ b/manager/monitoring/alertmanager.yml @@ -0,0 +1,56 @@ +global: + smtp_smarthost: 'localhost:587' + smtp_from: 'alerts@yourcompany.com' + +route: + group_by: ['alertname', 'service'] + group_wait: 10s + group_interval: 10s + repeat_interval: 1h + receiver: 'web.hook' + routes: + - match: + severity: critical + receiver: 'critical-alerts' + - match: + severity: warning + receiver: 'warning-alerts' + +receivers: + - name: 'web.hook' + webhook_configs: + - url: 'http://127.0.0.1:5001/' + + - name: 'critical-alerts' + email_configs: + - to: 'oncall@yourcompany.com' + subject: 'CRITICAL: {{ .GroupLabels.service }} Alert' + body: | + {{ range .Alerts }} + Alert: {{ .Annotations.summary }} + Description: {{ .Annotations.description }} + Labels: {{ range .Labels.SortedPairs }}{{ .Name }}: {{ .Value }} {{ end }} + {{ end }} + slack_configs: + - api_url: 'YOUR_SLACK_WEBHOOK_URL' + channel: '#alerts' + title: 'CRITICAL Alert: {{ .GroupLabels.service }}' + text: '{{ range .Alerts }}{{ .Annotations.summary }}: {{ .Annotations.description }}{{ end }}' + + - name: 'warning-alerts' + email_configs: + - to: 'team@yourcompany.com' + subject: 'WARNING: {{ .GroupLabels.service }} Alert' + body: | + {{ range .Alerts }} + Alert: {{ .Annotations.summary }} + Description: {{ .Annotations.description }} + Labels: {{ range .Labels.SortedPairs }}{{ .Name }}: {{ .Value }} {{ end }} + {{ end }} + +inhibit_rules: + - source_match: + severity: 'critical' + target_match: + severity: 'warning' + equal: ['alertname', 'service'] diff --git a/manager/monitoring/docker-compose.yml b/manager/monitoring/docker-compose.yml new file mode 100644 index 00000000..e2b64b04 --- /dev/null +++ b/manager/monitoring/docker-compose.yml @@ -0,0 +1,58 @@ +version: '3.8' + +services: + prometheus: + image: prom/prometheus:latest + container_name: prometheus + ports: + - "9090:9090" + volumes: + - ./prometheus.yml:/etc/prometheus/prometheus.yml + - ./alert_rules.yml:/etc/prometheus/alert_rules.yml + - prometheus_data:/prometheus + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--web.console.libraries=/etc/prometheus/console_libraries' + - '--web.console.templates=/etc/prometheus/consoles' + - '--storage.tsdb.retention.time=200h' + - '--web.enable-lifecycle' + - '--web.enable-admin-api' + networks: + - monitoring + + alertmanager: + image: prom/alertmanager:latest + container_name: alertmanager + ports: + - "9093:9093" + volumes: + - ./alertmanager.yml:/etc/alertmanager/alertmanager.yml + - alertmanager_data:/alertmanager + command: + - '--config.file=/etc/alertmanager/alertmanager.yml' + - '--storage.path=/alertmanager' + - '--web.external-url=http://localhost:9093' + networks: + - monitoring + + grafana: + image: grafana/grafana:latest + container_name: grafana + ports: + - "3000:3000" + environment: + - GF_SECURITY_ADMIN_PASSWORD=admin + volumes: + - grafana_data:/var/lib/grafana + networks: + - monitoring + +volumes: + prometheus_data: + alertmanager_data: + grafana_data: + +networks: + monitoring: + driver: bridge diff --git a/manager/monitoring/prometheus.yml b/manager/monitoring/prometheus.yml new file mode 100644 index 00000000..66bbd47e --- /dev/null +++ b/manager/monitoring/prometheus.yml @@ -0,0 +1,20 @@ +global: + scrape_interval: 15s + evaluation_interval: 15s + +rule_files: + - "alert_rules.yml" + +alerting: + alertmanagers: + - static_configs: + - targets: + - alertmanager:9093 + +scrape_configs: + - job_name: 'cocos-manager' + static_configs: + - targets: ['192.168.100.4:7003'] # Adjust to your manager http port + metrics_path: /metrics + scrape_interval: 10s + scrape_timeout: 5s diff --git a/manager/qemu/config.go b/manager/qemu/config.go index 4fca4731..5608f77f 100644 --- a/manager/qemu/config.go +++ b/manager/qemu/config.go @@ -10,7 +10,6 @@ import ( ) const ( - BaseGuestCID = 3 KernelCommandLine = "quiet console=null" TDXObject = "{\"qom-type\":\"tdx-guest\",\"id\":\"%s\",\"quote-generation-socket\":{\"type\": \"vsock\", \"cid\":\"2\",\"port\":\"%d\"}}" ) @@ -74,11 +73,6 @@ type IGVMConfig struct { File string `env:"IGVM_FILE" envDefault:"/root/coconut-qemu.igvm"` } -type VSockConfig struct { - ID string `env:"VSOCK_ID" envDefault:"vhost-vsock-pci0"` - GuestCID int `env:"VSOCK_GUEST_CID" envDefault:"3"` -} - type Config struct { EnableSEVSNP bool EnableTDX bool @@ -103,9 +97,6 @@ type Config struct { NetDevConfig VirtioNetPciConfig - // Vsock - VSockConfig - // disk DiskImgConfig @@ -186,8 +177,6 @@ func (config Config) ConstructQemuArgs() []string { config.VirtioNetPciConfig.Addr, config.VirtioNetPciConfig.ROMFile)) - args = append(args, "-device", fmt.Sprintf("vhost-vsock-pci,id=%s,guest-cid=%d", config.VSockConfig.ID, config.VSockConfig.GuestCID)) - // SEV-SNP if config.EnableSEVSNP { sevSnpType := "sev-snp-guest" diff --git a/manager/qemu/config_test.go b/manager/qemu/config_test.go index dd88019c..3a554965 100644 --- a/manager/qemu/config_test.go +++ b/manager/qemu/config_test.go @@ -51,10 +51,6 @@ func TestConstructQemuArgs(t *testing.T) { IOMMUPlatform: true, Addr: "0x2", }, - VSockConfig: VSockConfig{ - ID: "vhost-vsock-pci0", - GuestCID: 3, - }, DiskImgConfig: DiskImgConfig{ KernelFile: "img/bzImage", RootFsFile: "img/rootfs.cpio.gz", @@ -72,7 +68,6 @@ func TestConstructQemuArgs(t *testing.T) { "-drive", "if=pflash,format=raw,unit=1,file=/usr/share/OVMF/OVMF_VARS.fd", "-netdev", "user,id=vmnic,hostfwd=tcp::7020-:7002", "-device", "virtio-net-pci,disable-legacy=on,iommu_platform=true,netdev=vmnic,addr=0x2,romfile=", - "-device", "vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=3", "-kernel", "img/bzImage", "-append", "\"quiet console=null\"", "-initrd", "img/rootfs.cpio.gz", @@ -119,10 +114,6 @@ func TestConstructQemuArgs(t *testing.T) { IOMMUPlatform: true, Addr: "0x2", }, - VSockConfig: VSockConfig{ - ID: "vhost-vsock-pci0", - GuestCID: 3, - }, DiskImgConfig: DiskImgConfig{ KernelFile: "img/bzImage", RootFsFile: "img/rootfs.cpio.gz", @@ -147,7 +138,6 @@ func TestConstructQemuArgs(t *testing.T) { "-m", "2048M,slots=5,maxmem=30G", "-netdev", "user,id=vmnic,hostfwd=tcp::7020-:7002", "-device", "virtio-net-pci,disable-legacy=on,iommu_platform=true,netdev=vmnic,addr=0x2,romfile=", - "-device", "vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=3", "-machine", "confidential-guest-support=sev0,memory-backend=ram1,igvm-cfg=igvm0", "-object", "memory-backend-memfd,id=ram1,size=2048M,share=true,prealloc=false", "-object", "sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1", diff --git a/manager/qemu/vm.go b/manager/qemu/vm.go index 2b80d830..9c756144 100644 --- a/manager/qemu/vm.go +++ b/manager/qemu/vm.go @@ -192,10 +192,6 @@ func processExists(pid int) bool { return false } -func (v *qemuVM) GetCID() int { - return v.vmi.Config.GuestCID -} - func (v *qemuVM) GetConfig() interface{} { return v.vmi } diff --git a/manager/qemu/vm_test.go b/manager/qemu/vm_test.go index bd9e29ee..698b513d 100644 --- a/manager/qemu/vm_test.go +++ b/manager/qemu/vm_test.go @@ -132,22 +132,6 @@ func TestGetProcess(t *testing.T) { assert.Equal(t, expectedPid, pid) } -func TestGetCID(t *testing.T) { - expectedCID := 42 - vm := &qemuVM{ - vmi: VMInfo{ - Config: Config{ - VSockConfig: VSockConfig{ - GuestCID: expectedCID, - }, - }, - }, - } - - cid := vm.GetCID() - assert.Equal(t, expectedCID, cid) -} - func TestGetConfig(t *testing.T) { expectedConfig := VMInfo{ Config: Config{ diff --git a/manager/service.go b/manager/service.go index f75fe96c..79eda1dc 100644 --- a/manager/service.go +++ b/manager/service.go @@ -15,7 +15,7 @@ import ( "syscall" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/proto/check" "github.com/google/uuid" "github.com/ultravioletrs/cocos/manager/qemu" @@ -68,6 +68,9 @@ var ( // ErrUnmarshalFailed indicates that the file for the attestation policy could not be unmarshaled. ErrUnmarshalFailed = errors.New("error while unmarshaling the attestation policy") + + // ErrMaxVMsExceeded indicates that the maximum number of VMs has been reached. + ErrMaxVMsExceeded = errors.New("maximum number of VMs exceeded") ) // Service specifies an API that must be fulfilled by the domain service @@ -100,12 +103,13 @@ type managerService struct { persistence qemu.Persistence eosVersion string ttlManager *TTLManager + maxVMs int } var _ Service = (*managerService)(nil) // New instantiates the manager service implementation. -func New(cfg qemu.Config, attestationPolicyBinPath string, igvmMeasurementBinaryPath string, pcrValuesFilePath string, logger *slog.Logger, vmFactory vm.Provider, eosVersion string) (Service, error) { +func New(cfg qemu.Config, attestationPolicyBinPath string, igvmMeasurementBinaryPath string, pcrValuesFilePath string, logger *slog.Logger, vmFactory vm.Provider, eosVersion string, maxVMs int) (Service, error) { start, end, err := decodeRange(cfg.HostFwdRange) if err != nil { return nil, err @@ -129,6 +133,7 @@ func New(cfg qemu.Config, attestationPolicyBinPath string, igvmMeasurementBinary persistence: persistence, eosVersion: eosVersion, ttlManager: NewTTLManager(), + maxVMs: maxVMs, } if err := ms.restoreVMs(); err != nil { @@ -140,7 +145,13 @@ func New(cfg qemu.Config, attestationPolicyBinPath string, igvmMeasurementBinary func (ms *managerService) CreateVM(ctx context.Context, req *CreateReq) (string, string, error) { id := uuid.New().String() + ms.mu.Lock() + if ms.maxVMs > 0 && len(ms.vms) >= ms.maxVMs { + ms.mu.Unlock() + return "", id, ErrMaxVMsExceeded + } + cfg := qemu.VMInfo{ Config: ms.qemuCfg, LaunchTCB: 0, @@ -190,22 +201,6 @@ func (ms *managerService) CreateVM(ctx context.Context, req *CreateReq) (string, } cfg.Config.HostFwdAgent = agentPort - var cid int = qemu.BaseGuestCID - for { - available := true - for _, vm := range ms.vms { - if vm.GetCID() == cid { - available = false - break - } - } - if available { - break - } - cid++ - } - cfg.Config.VSockConfig.GuestCID = cid - if cfg.Config.EnableSEVSNP { todo := sha3.Sum256([]byte("TODO")) // Define host-data value of QEMU for SEV-SNP, with a base64 encoding of the computation hash. @@ -216,7 +211,15 @@ func (ms *managerService) CreateVM(ctx context.Context, req *CreateReq) (string, if err = cvm.Start(); err != nil { return "", id, err } + ms.mu.Lock() + if ms.maxVMs > 0 && len(ms.vms) >= ms.maxVMs { + ms.mu.Unlock() + if stopErr := cvm.Stop(); stopErr != nil { + ms.logger.Error("Failed to stop VM after exceeding max limit", "vmID", id, "error", stopErr) + } + return "", id, ErrMaxVMsExceeded + } ms.vms[id] = cvm ms.mu.Unlock() diff --git a/manager/service_test.go b/manager/service_test.go index efa3c062..1b8683b1 100644 --- a/manager/service_test.go +++ b/manager/service_test.go @@ -12,8 +12,8 @@ import ( "path" "testing" - mglog "github.com/absmach/magistrala/logger" - "github.com/absmach/magistrala/pkg/errors" + mglog "github.com/absmach/supermq/logger" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" @@ -30,7 +30,7 @@ func TestNew(t *testing.T) { logger := slog.Default() vmf := new(mocks.Provider) - service, err := New(cfg, "", "", "", logger, vmf.Execute, "") + service, err := New(cfg, "", "", "", logger, vmf.Execute, "", 10) require.NoError(t, err) assert.NotNil(t, service) @@ -77,6 +77,13 @@ func TestRun(t *testing.T) { expectedError: nil, ttl: "10s", }, + { + name: "with exceeded max vms", + binaryBehavior: "success", + vmStartError: nil, + expectedError: errors.New("maximum number of VMs exceeded"), + ttl: "", + }, } for _, tt := range tests { @@ -95,9 +102,6 @@ func TestRun(t *testing.T) { qemuCfg := qemu.Config{ EnableSEVSNP: true, - VSockConfig: qemu.VSockConfig{ - GuestCID: 3, - }, } logger := slog.Default() @@ -115,6 +119,11 @@ func TestRun(t *testing.T) { ttlManager: NewTTLManager(), } + if tt.name == "with exceeded max vms" { + ms.maxVMs = 1 + ms.vms["existing-vm"] = vmMock // Simulate an existing VM + } + ctx := context.Background() port, _, err := ms.CreateVM(ctx, &CreateReq{Ttl: tt.ttl}) diff --git a/manager/vm/mocks/vm.go b/manager/vm/mocks/vm.go index b3b6b0d5..79c99380 100644 --- a/manager/vm/mocks/vm.go +++ b/manager/vm/mocks/vm.go @@ -23,51 +23,6 @@ func (_m *VM) EXPECT() *VM_Expecter { return &VM_Expecter{mock: &_m.Mock} } -// GetCID provides a mock function with no fields -func (_m *VM) GetCID() int { - ret := _m.Called() - - if len(ret) == 0 { - panic("no return value specified for GetCID") - } - - var r0 int - if rf, ok := ret.Get(0).(func() int); ok { - r0 = rf() - } else { - r0 = ret.Get(0).(int) - } - - return r0 -} - -// VM_GetCID_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetCID' -type VM_GetCID_Call struct { - *mock.Call -} - -// GetCID is a helper method to define mock.On call -func (_e *VM_Expecter) GetCID() *VM_GetCID_Call { - return &VM_GetCID_Call{Call: _e.mock.On("GetCID")} -} - -func (_c *VM_GetCID_Call) Run(run func()) *VM_GetCID_Call { - _c.Call.Run(func(args mock.Arguments) { - run() - }) - return _c -} - -func (_c *VM_GetCID_Call) Return(_a0 int) *VM_GetCID_Call { - _c.Call.Return(_a0) - return _c -} - -func (_c *VM_GetCID_Call) RunAndReturn(run func() int) *VM_GetCID_Call { - _c.Call.Return(run) - return _c -} - // GetConfig provides a mock function with no fields func (_m *VM) GetConfig() interface{} { ret := _m.Called() diff --git a/manager/vm/vm.go b/manager/vm/vm.go index d9b7dec8..41ac7028 100644 --- a/manager/vm/vm.go +++ b/manager/vm/vm.go @@ -15,7 +15,6 @@ type VM interface { Stop() error SetProcess(pid int) error GetProcess() int - GetCID() int Transition(newState pkgmanager.ManagerState) error State() string GetConfig() interface{} diff --git a/pkg/atls/atls_test.go b/pkg/atls/atls_test.go index 894c4c3a..dc66987a 100644 --- a/pkg/atls/atls_test.go +++ b/pkg/atls/atls_test.go @@ -19,7 +19,7 @@ import ( "testing" certssdk "github.com/absmach/certs/sdk" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/abi" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/pkg/attestation/azure/snp.go b/pkg/attestation/azure/snp.go index 54dfd2ed..ef336c0b 100644 --- a/pkg/attestation/azure/snp.go +++ b/pkg/attestation/azure/snp.go @@ -10,7 +10,7 @@ import ( "io" "net/http" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/edgelesssys/go-azguestattestation/maa" "github.com/golang-jwt/jwt/v5" "github.com/google/go-sev-guest/abi" diff --git a/pkg/attestation/quoteprovider/sev.go b/pkg/attestation/quoteprovider/sev.go index 8a78d191..d6a9a72c 100644 --- a/pkg/attestation/quoteprovider/sev.go +++ b/pkg/attestation/quoteprovider/sev.go @@ -13,7 +13,7 @@ import ( "path" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/client" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/pkg/attestation/tdx/tdx.go b/pkg/attestation/tdx/tdx.go index 086f9fae..25370946 100644 --- a/pkg/attestation/tdx/tdx.go +++ b/pkg/attestation/tdx/tdx.go @@ -11,7 +11,7 @@ import ( "os" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-tdx-guest/abi" "github.com/google/go-tdx-guest/client" "github.com/google/go-tdx-guest/proto/checkconfig" diff --git a/pkg/attestation/vtpm/vtpm.go b/pkg/attestation/vtpm/vtpm.go index 1dadc867..1337ad69 100644 --- a/pkg/attestation/vtpm/vtpm.go +++ b/pkg/attestation/vtpm/vtpm.go @@ -13,7 +13,7 @@ import ( "os" "strconv" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/abi" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/pkg/attestation/vtpm/vtpm_test.go b/pkg/attestation/vtpm/vtpm_test.go index 5d9aeb23..5404a673 100644 --- a/pkg/attestation/vtpm/vtpm_test.go +++ b/pkg/attestation/vtpm/vtpm_test.go @@ -13,7 +13,7 @@ import ( "path/filepath" "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/abi" "github.com/google/go-sev-guest/proto/check" "github.com/google/go-sev-guest/proto/sevsnp" diff --git a/pkg/clients/grpc/agent/agent.go b/pkg/clients/grpc/agent/agent.go index 9695ae92..49a84d7b 100644 --- a/pkg/clients/grpc/agent/agent.go +++ b/pkg/clients/grpc/agent/agent.go @@ -5,7 +5,7 @@ package agent import ( "context" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/agent" "github.com/ultravioletrs/cocos/pkg/clients/grpc" grpchealth "google.golang.org/grpc/health/grpc_health_v1" diff --git a/pkg/clients/grpc/agent/agent_test.go b/pkg/clients/grpc/agent/agent_test.go index 2b33281f..3cb548d9 100644 --- a/pkg/clients/grpc/agent/agent_test.go +++ b/pkg/clients/grpc/agent/agent_test.go @@ -9,7 +9,7 @@ import ( "testing" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/ultravioletrs/cocos/agent" diff --git a/pkg/clients/grpc/atls.go b/pkg/clients/grpc/atls.go index 1140de3b..cd75aab8 100644 --- a/pkg/clients/grpc/atls.go +++ b/pkg/clients/grpc/atls.go @@ -13,7 +13,7 @@ import ( "os" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/pkg/atls" "github.com/ultravioletrs/cocos/pkg/attestation" "google.golang.org/grpc/credentials" diff --git a/pkg/clients/grpc/connect_test.go b/pkg/clients/grpc/connect_test.go index 466f2991..14149064 100644 --- a/pkg/clients/grpc/connect_test.go +++ b/pkg/clients/grpc/connect_test.go @@ -15,7 +15,7 @@ import ( "testing" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/google/go-sev-guest/proto/check" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/pkg/clients/grpc/cvm/cvm_test.go b/pkg/clients/grpc/cvm/cvm_test.go index fa5fd22b..929b8f28 100644 --- a/pkg/clients/grpc/cvm/cvm_test.go +++ b/pkg/clients/grpc/cvm/cvm_test.go @@ -8,7 +8,7 @@ import ( "testing" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/ultravioletrs/cocos/agent" diff --git a/pkg/clients/grpc/grpc.go b/pkg/clients/grpc/grpc.go index d8784ce8..ddc2701b 100644 --- a/pkg/clients/grpc/grpc.go +++ b/pkg/clients/grpc/grpc.go @@ -10,7 +10,7 @@ import ( "os" "time" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" "google.golang.org/grpc" "google.golang.org/grpc/credentials" diff --git a/pkg/clients/grpc/manager/manager_test.go b/pkg/clients/grpc/manager/manager_test.go index 49ae5627..9d0da912 100644 --- a/pkg/clients/grpc/manager/manager_test.go +++ b/pkg/clients/grpc/manager/manager_test.go @@ -5,7 +5,7 @@ package manager import ( "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/ultravioletrs/cocos/pkg/clients/grpc" ) diff --git a/pkg/progressbar/progress_test.go b/pkg/progressbar/progress_test.go index 2ba6ca61..62f2428a 100644 --- a/pkg/progressbar/progress_test.go +++ b/pkg/progressbar/progress_test.go @@ -10,7 +10,7 @@ import ( "strings" "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/ultravioletrs/cocos/agent" diff --git a/pkg/sdk/agent.go b/pkg/sdk/agent.go index 20a7ec97..98fa3877 100644 --- a/pkg/sdk/agent.go +++ b/pkg/sdk/agent.go @@ -14,7 +14,7 @@ import ( "os" "strconv" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/ultravioletrs/cocos/agent" "github.com/ultravioletrs/cocos/agent/api/grpc" "github.com/ultravioletrs/cocos/agent/auth" diff --git a/pkg/sdk/agent_test.go b/pkg/sdk/agent_test.go index 3efad5e6..061f20fe 100644 --- a/pkg/sdk/agent_test.go +++ b/pkg/sdk/agent_test.go @@ -14,7 +14,7 @@ import ( "os" "testing" - "github.com/absmach/magistrala/pkg/errors" + "github.com/absmach/supermq/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" diff --git a/test/cvms/main.go b/test/cvms/main.go index bcf19700..658c076e 100644 --- a/test/cvms/main.go +++ b/test/cvms/main.go @@ -13,7 +13,7 @@ import ( "strconv" "strings" - mglog "github.com/absmach/magistrala/logger" + mglog "github.com/absmach/supermq/logger" "github.com/caarlos0/env/v11" "github.com/ultravioletrs/cocos/agent/cvms" cvmsgrpc "github.com/ultravioletrs/cocos/agent/cvms/api/grpc"