mirror of
https://github.com/ultravioletrs/cocos.git
synced 2026-06-23 04:10:25 +00:00
main
56 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Sammy Kerata Oina
|
6169766666 |
NOISSUE - Fix agent startup issues (#605)
CI / lint (push) Has been cancelled
CI / test (agent) (push) Has been cancelled
CI / test (cli) (push) Has been cancelled
CI / test (cmd) (push) Has been cancelled
CI / test (internal) (push) Has been cancelled
CI / test (manager, true) (push) Has been cancelled
CI / test (pkg) (push) Has been cancelled
CI / upload-coverage (push) Has been cancelled
* Update attestationFromCert function to include ccPlatform parameter for enhanced attestation processing Signed-off-by: Sammy Oina <sammyoina@gmail.com> * chore: migrate dependencies from supermq to magistrala and update build configurations Signed-off-by: Sammy Oina <sammyoina@gmail.com> * chore: update project dependencies, repository source, and support TDX QuoteV5 attestation Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
207bfd99af |
COCOS-525-487 - Refactor attestation and atls (#562)
* Refactor attestation handling to remove quoteprovider dependency - Removed references to quoteprovider in various files, replacing them with vtpm where necessary. - Updated function signatures and implementations to use SEVNonce instead of quoteprovider.Nonce. - Introduced new vtpm package to handle SEV-related attestation logic, including fetching and verifying attestation reports. - Adjusted tests to reflect changes in the attestation logic and ensure compatibility with the new structure. - Deleted the now redundant quoteprovider/sev_test.go file. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix: Add veraison/go-cose dependency to go.mod Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Introduce TLS package for enhanced security configuration and refactor client code to utilize new TLS utilities Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
5377dd4d7f |
NOISSUE - Prepare cocos for v0.8.0 (#512)
* Refactor mock interfaces to use 'any' instead of 'interface{}' for improved type safety and readability across multiple files in the manager and pkg directories.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update Go version to 1.25.x in CI workflows and remove obsolete Go package files
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add mock implementations for various components in the attestation and SDK packages
- Created mock for MeasurementProvider in pkg/attestation/cmdconfig/mocks/mocks_test.go
- Created mock for Provider in pkg/attestation/mocks/mocks_test.go
- Created mock for Client in pkg/clients/grpc/mocks/mocks_test.go
- Created mock for SDK in pkg/sdk/mocks/mocks_test.go
These mocks are generated using mockery and are intended for unit testing purposes.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove autogenerated mock files and update mock usage in tests
- Deleted mocks for gRPC clients in pkg/clients/grpc/mocks/mocks_test.go and pkg/sdk/mocks/mocks_test.go.
- Updated test files in pkg/progressbar/progress_test.go to use the new mock structure without type parameters for gRPC client interfaces.
- Refactored mock generation in pkg/sdk/mocks/sdk.go to streamline the mock creation process and ensure consistency across mock methods.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update protobuf generated files for events and manager
- Bump protoc-gen-go version from v1.36.5 to v1.36.8 in events.pb.go and manager.pb.go.
- Refactor raw descriptor definitions in events.pb.go and manager.pb.go to use string concatenation for better readability and maintainability.
- Ensure compatibility with the latest protobuf specifications and improve code generation consistency.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update test commands to use GOTOOLCHAIN for consistent Go version handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix GOTOOLCHAIN usage in test command for consistency
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
|
||
|
Sammy Kerata Oina
|
4b27b98edb |
NOISSUE - Refactor attestation handling: rename AttestationResult to AzureAttestationToken (#504)
* Refactor attestation handling: rename AttestationResult to AzureAttestationToken - Updated the protobuf definition to change azureAttestationResponse to azureAttestationToken. - Refactored the Service interface and its implementation to replace AttestationResult with AzureAttestationToken. - Modified mock functions and tests to reflect the new naming and functionality. - Adjusted CLI commands to use the new AzureAttestationToken method. - Removed the AzureToken constant from the attestation package as it is no longer needed. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove redundant data checks and logging in SendData and sendData methods Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update agent/api/grpc/server_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update agent/api/grpc/endpoint_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Refactor attestation handling: rename AttestationToken to AzureAttestationToken in server and test files Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor attestation command output messages for clarity and consistency Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Rename AttestationToken to AzureAttestationToken in TestAttestationToken for consistency Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor TestChangeAttestationConfiguration to use vtpm.ConvertPolicyToJSON for JSON conversion Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix: reset temporary file pointer after zipping directory Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Sammy Kerata Oina
|
8eb1fac9ad |
NOISSUE - Refactor and update dependencies in the project (#491)
* Refactor and update dependencies in the project - Updated go.sum to replace `github.com/absmach/magistrala` with `github.com/absmach/supermq` across various modules. - Removed VSock configuration from environment variables and QEMU arguments. - Updated QEMU configuration and related tests to remove references to guest CID and VSock. - Added new HTTP transport layer for API endpoints in the manager. - Introduced Prometheus monitoring configuration with alert rules and Alertmanager setup. - Updated service and VM interfaces to remove unused methods and references. - Refactored tests to align with the new structure and dependencies. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add MaxVMs configuration and enforce limit on VM creation Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for HTTP transport handlers and endpoints Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add test case for exceeding maximum number of VMs in TestRun Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Improve error handling in TestHandlerWithCustomRouter to ensure response writing is checked Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update dependencies to latest versions - Upgrade cel.dev/expr from v0.23.0 to v0.24.0 - Upgrade github.com/absmach/supermq from v0.16.0 to v0.17.0 - Upgrade github.com/cenkalti/backoff from v4.3.0 to v5.0.2 - Upgrade github.com/cncf/xds/go to v0.0.0-20250501225837-2ac532fd4443 - Upgrade github.com/go-chi/chi/v5 from v5.2.1 to v5.2.2 - Upgrade github.com/go-jose/go-jose/v3 from v3.0.3 to v3.0.4 - Upgrade github.com/gofrs/uuid/v5 from v5.3.0 to v5.3.2 - Upgrade github.com/prometheus/client_golang from v1.22.0 to v1.23.0 - Upgrade github.com/prometheus/client_model from v0.6.1 to v0.6.2 - Upgrade github.com/prometheus/common from v0.62.0 to v0.65.0 - Upgrade github.com/prometheus/procfs from v0.15.1 to v0.16.1 - Upgrade go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from v0.60.0 to v0.62.0 - Upgrade go.opentelemetry.io/otel/exporters/otlp/otlptrace from v1.36.0 to v1.37.0 - Upgrade golang.org/x/crypto from v0.39.0 to v0.40.0 - Upgrade golang.org/x/sys from v0.33.0 to v0.34.0 - Upgrade golang.org/x/text from v0.26.0 to v0.27.0 - Upgrade golang.org/x/time from v0.11.0 to v0.12.0 - Upgrade google.golang.org/grpc from v1.73.0 to v1.74.2 Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
4e8057f481 |
COCOS-460 - Restore test coverage to 65% (#465)
CI / ci (push) Has been cancelled
* Implement IMAMeasurements method in agentSDK and add corresponding unit tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for NewIMAMeasurements command in CLI Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add error assertion for command execution in NewIMAMeasurements test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix nil pointer dereference in Close method and update NewCreateVMCmd logic for manager client initialization Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor file permission settings to use octal notation and improve cleanup handling in NewCreateVMCmd test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive unit tests for state machine functionality Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add mock implementation for Algorithm interface and corresponding test cases Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor file permission settings to use octal notation in TestStopComputationIntegration Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove redundant reset test cases from TestStateMachine_Reset Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix race condition in action call verification in TestStateMachine_HandleEvent Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance state machine with reset functionality and improve thread safety in event handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Improve error handling in state machine start function during tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove concurrent reset and send event test from state machine tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove error logging for Start function in transition tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add mock implementations for AgentService_IMAMeasurementsClient and Service Shutdown method; enhance progress tests for IMA measurements handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for FileStorage functionality including loading, saving, and concurrent access Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance tests by adding dataset and algorithm hashes in handleRunReqChunks; improve error handling in TestFileStorage_ErrorHandling cleanup Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance TestManagerClient_Process by adding new test cases for Agent state and Disconnect requests; update setupMocks to include grpcClient Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix graceful shutdown in gRPC server by adding nil checks for health and server instances Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance TestAttestation by adding mock expectations for VTpmAttestation and Attestation methods; update service call to include platform parameter Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance gRPC Server by adding synchronization for start/stop methods; prevent multiple starts and ensure graceful shutdown Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for gRPC server methods including VM creation, removal, and info retrieval Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add tests for SEVSNP and TDX host capabilities; remove unused vsock code Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add a newline for better readability in vm_test.go Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add integration tests for gRPC client in cvm_test.go Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove unused vsock dependencies and add comprehensive unit tests for GCP attestation functions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Skip GCP tests if credentials are not set Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add tests for error handling in attestation configuration and GCP commands Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Improve error handling in Azure VM test response writing Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Skip tests in GCP functions if credentials are not set Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive unit tests for Azure attestation provider and verifier Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for TPM functionality and improve error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for attestation functionality and improve error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add validation for teeNonce in TeeAttestation and implement comprehensive tests for provider methods Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor error messages in TDX attestation tests for clarity Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix error message in TeeAttestation test for valid nonce case Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add MeasurementProvider mock and update mockery configuration Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add logging for product in parseUints and rename test functions for clarity Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor TestSevsnpverify to reset configuration and improve error logging Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
 dorcaslitunya
|
94c169febb |
COCOS-394 Cloud Provider Attestation Service Integration (#421)
* Add token measurement command Add Azure cloud attestation fetching Add ability to fetch azure attestation token Remove gcp changes Remove gcp changes Add Azure attestation support Modify pipeline proto checks Update protoc version Fix failing CI fetch token as a file Convert jwt to json Small bug fix -- correct file name for attestation token Fix failing CI Modify protoc version Update protoc version Update protoc version Update protoc version Add changes to allow passing vtpm nonce Add PR review changes to refactor the code Refactor name change to AttestationResult Refactor name change to AttestationResult Return report as json Format files properly Fix attestaton changes Modify changes based on PR review Add more test coverage Correct bug in Server test Rename "FetchAttestationResult" to "AttestationResult" Send token as part of stream Fix CI NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428) * feat: Add DisconnectReq message and TTL support for VM creation - Introduced DisconnectReq message in cvms.proto to handle disconnection requests. - Enhanced CreateReq in manager.proto to include a TTL field for virtual machines. - Updated CLI to accept TTL as a command-line flag during VM creation. - Modified manager service to remove VMs after the specified TTL duration. - Adjusted gRPC client connection handling in agent main.go to support new client structure. - Added mock implementation for gRPC client to facilitate testing. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix: Mark server URL flag as required with error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> COCOS-407 - Add support for Linux IMA (#429) * Added a feature which enables users to fetch IMA measurements and verify them * Added a feature which enables users to fetch IMA measurements and verify them * fixed lint error * fixed according to comments * fixed according to comments * fixed according to comments * fixed according to comments * final bug fix Add token measurement command Add Azure cloud attestation fetching Add ability to fetch azure attestation token Remove gcp changes Remove gcp changes Add Azure attestation support Modify pipeline proto checks Update protoc version Fix failing CI fetch token as a file Convert jwt to json Small bug fix -- correct file name for attestation token Fix failing CI Modify protoc version Update protoc version Update protoc version Update protoc version Add changes to allow passing vtpm nonce Add PR review changes to refactor the code Refactor name change to AttestationResult Refactor name change to AttestationResult Return report as json Format files properly Fix attestaton changes Modify changes based on PR review Add more test coverage Correct bug in Server test Rename "FetchAttestationResult" to "AttestationResult" Send token as part of stream Fix CI Rebase changes to main Refactor after rebase * Add Azure attestation * COCOS-395 - Cloud Provider Firmware Integration (#415) * add CC platform identification capability * add token verification * add snp azure * add azure snp report verification * fix linter errors * fix agent tests * expand the CC provider * fix azure atls * rebase branch * add nonce check for azure token * rename package attestations * remove alias attestations --------- Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net> * Add token measurement command Add Azure cloud attestation fetching Add ability to fetch azure attestation token Remove gcp changes Remove gcp changes Add Azure attestation support Modify pipeline proto checks Update protoc version Fix failing CI fetch token as a file Convert jwt to json Small bug fix -- correct file name for attestation token Fix failing CI Modify protoc version Update protoc version Update protoc version Update protoc version Add changes to allow passing vtpm nonce Add PR review changes to refactor the code Refactor name change to AttestationResult Refactor name change to AttestationResult Return report as json Format files properly Fix attestaton changes Modify changes based on PR review Add more test coverage Correct bug in Server test Rename "FetchAttestationResult" to "AttestationResult" Send token as part of stream Fix CI NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428) * feat: Add DisconnectReq message and TTL support for VM creation - Introduced DisconnectReq message in cvms.proto to handle disconnection requests. - Enhanced CreateReq in manager.proto to include a TTL field for virtual machines. - Updated CLI to accept TTL as a command-line flag during VM creation. - Modified manager service to remove VMs after the specified TTL duration. - Adjusted gRPC client connection handling in agent main.go to support new client structure. - Added mock implementation for gRPC client to facilitate testing. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix: Mark server URL flag as required with error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> COCOS-407 - Add support for Linux IMA (#429) * Added a feature which enables users to fetch IMA measurements and verify them * Added a feature which enables users to fetch IMA measurements and verify them * fixed lint error * fixed according to comments * fixed according to comments * fixed according to comments * fixed according to comments * final bug fix Add token measurement command Add Azure cloud attestation fetching Add ability to fetch azure attestation token Remove gcp changes Remove gcp changes Add Azure attestation support Modify pipeline proto checks Update protoc version Fix failing CI fetch token as a file Convert jwt to json Small bug fix -- correct file name for attestation token Fix failing CI Modify protoc version Update protoc version Update protoc version Update protoc version Add changes to allow passing vtpm nonce Add PR review changes to refactor the code Refactor name change to AttestationResult Refactor name change to AttestationResult Return report as json Format files properly Fix attestaton changes Modify changes based on PR review Add more test coverage Correct bug in Server test Rename "FetchAttestationResult" to "AttestationResult" Send token as part of stream Fix CI Rebase changes to main Refactor after rebase * Rebase with main * Modify tests to accomodate changes * Use env vars appropriately * Use env vars appropriately * Use caps in err name --------- Co-authored-by: Danko Miladinovic <72250944+danko-miladinovic@users.noreply.github.com> Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net> |
||
 Jovan Djukic
|
5c60bc2a48 |
COCOS-407 - Add support for Linux IMA (#429)
* Added a feature which enables users to fetch IMA measurements and verify them * Added a feature which enables users to fetch IMA measurements and verify them * fixed lint error * fixed according to comments * fixed according to comments * fixed according to comments * fixed according to comments * final bug fix |
||
|
Sammy Kerata Oina
|
12a20c74f7 |
NOISSUE - Reset agent state machine when computation is stopped (#417)
* Bump mockery version to 2.53.3 in generated mock files Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update golangci-lint action to v7 and bump version to v1.64.7 Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update golangci-lint action to v7 and configure linters in .golangci.yaml Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
7e63921896 |
NOISSUE - Simplify local agent running in non sev-snp environment (#411)
* Add vtpm attestation support to agent service and server Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update mockery version to v2.53.2 and refactor VM factory to include logger Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Send event notification when computation is stopped in agentService Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove redundant assignment of Stderr in qemuVM Start method Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Rename SVM references to CVM in tracing, logging, metrics, and service layers Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
 Danko Miladinovic
|
67f939fc66 |
COCOS-326 - Add vTPM support to CoCoS (#376)
* manager, cli and agent vtpm support * rebase and changed atls for vtpm * deleted unused code * changed chekproto.yaml script so it find the manager proto file correctly * fixe manager proto version * fix agent tests * fix server agent test * fix attestation test * fix attestation test gofumpt * created dummy RWC for TPM * fix comment * add default PCR values * rebase main * fix rust ci and missing header * changed embedded attestation to VMPL 2 * fix unused impot * fix pkg test * address attestation type * fix agent attestation test * add prc15 check * fix comments * fix cli tests * add doc * add mock for LeveledQuoteProvider when SEV-SNP device is not found Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix manager reading attestation policy * refactor PCR value checks and update attestation policy values Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix tests for sev and grpc --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> Co-authored-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
bceb1727d1 |
NOISSUE - Use Mockery config (#323)
Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
46b94204df |
NOISSUE - Improve file streaming (#295)
* improve file streaming Signed-off-by: Sammy Oina <sammyoina@gmail.com> * error check Signed-off-by: Sammy Oina <sammyoina@gmail.com> * empty line Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * send buffer test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix test cases Signed-off-by: Sammy Oina <sammyoina@gmail.com> * stream data and attestation Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fumpt Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * mocks Signed-off-by: Sammy Oina <sammyoina@gmail.com> * value check Signed-off-by: Sammy Oina <sammyoina@gmail.com> * more value checks Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add test cases Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fumpt Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * all files Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix lint Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
20e7ea76e0 |
NOISSUE - Improve pkg tests (#286)
* add pkg tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix lint Signed-off-by: Sammy Oina <sammyoina@gmail.com> * expect errors Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix assertions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix test cases Signed-off-by: SammyOina <sammyoina@gmail.com> * coverage files Signed-off-by: SammyOina <sammyoina@gmail.com> * add more test cases Signed-off-by: SammyOina <sammyoina@gmail.com> * improve tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * update test descriptions Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
6043ad150b |
COCOS-256 - Progress bar on downloads (#290)
* add progress bar for downloads Signed-off-by: Sammy Oina <sammyoina@gmail.com> * better error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix test and refactor Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix failing test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add test coverage Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
18aa8ba785 |
NOISSUE - Add internal tests (#266)
* add internal tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix linter Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix race conditions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * remove all races Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
fb0fbaeb9a |
COCOS-253 - Improve CLI error handling (#277)
* decode errors Signed-off-by: Sammy Oina <sammyoina@gmail.com> * standardise error formatting Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix failing tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add errors tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * pass lint Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add test cases Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
 Smith Jilks
|
3d9fde39c2 |
NOISSUE - Enhance CLI (#250)
* Enhance CLI progressbar Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli error and success messages colors Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli emojis Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add logs for cli interrupt by user Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Remove extra whitespaces Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update upload data emoji Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli main.go Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli errors Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cli Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update go sum Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add progressbar tests Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Fix cli cmd error formating Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add cli datasets, algo and result tests Signed-off-by: Jilks Smith <smithjilks@gmail.com> --------- Signed-off-by: Jilks Smith <smithjilks@gmail.com> |
||
|
Danko Miladinovic
|
ee8370406c |
COCOS-165 - Add Docker support (#180)
* add docker support * add copyright clause * rebase docker support * address blank lines * update manual tests to include docker * fix algo test * fix docker command * add docker doc * fix AddDataset method * fixed lin_reg.py * rebsed docker implementation * fix NewAlgorithm error * change docker README.md based on rebase * fix docker README * fix docker.go gofumpt * add option for datasets and results mount * edit README for docker * make docker container run command a part of docker image * remove unused code * make /cocos the default directory * updated documentation * removed docker dir * rebased docker |
||
|
Sammy Kerata Oina
|
899bfb0ec5 |
COCOS-151 - Add compression/decompression option for CLI/Agent (#200)
* on the fly compression Signed-off-by: Sammy Oina <sammyoina@gmail.com> * rename file-hash to checksum Signed-off-by: Sammy Oina <sammyoina@gmail.com> * check error properly Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix lint Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix connection handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
31391a36a1 |
NOISSUE - Add optional Filename (#195)
* add optional filename Signed-off-by: Sammy Oina <sammyoina@gmail.com> * cover all bases Signed-off-by: Sammy Oina <sammyoina@gmail.com> * maintain filename Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
67d01e39be |
COCOS-155 - Add python algo support (#178)
* * feat(algorithm.go): add support for algorithm type context * feat(python.go): implement Python algorithm runtime * fix(cocos_defconfig): add IPTABLES package Signed-off-by: SammyOina <sammyoina@gmail.com> * update proto Signed-off-by: Sammy Oina <sammyoina@gmail.com> * small fixes Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add metadata Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug Signed-off-by: Sammy Oina <sammyoina@gmail.com> * chunk logger Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug logger Signed-off-by: Sammy Oina <sammyoina@gmail.com> * test lock Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add req file Signed-off-by: SammyOina <sammyoina@gmail.com> * stream result Signed-off-by: SammyOina <sammyoina@gmail.com> * test with venv Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix missing requirements file Signed-off-by: Sammy Oina <sammyoina@gmail.com> * result stream Signed-off-by: Sammy Oina <sammyoina@gmail.com> * modify test server Signed-off-by: Sammy Oina <sammyoina@gmail.com> * remove debugging and cleaning up Signed-off-by: Sammy Oina <sammyoina@gmail.com> * original repo Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add missing header Signed-off-by: Sammy Oina <sammyoina@gmail.com> * downgrade protoc Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> Signed-off-by: Sammy Oina <sammyoina@gmail.com> |
||
 Washington Kigani Kamadi
|
d76074ae41 |
COCOS-144 - Add Agent SDK Tests (#167)
* add tests and mocks Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix ci Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> update test Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix(agent/grpc): revert change Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix ci Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * refactor attestation and report tests Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> refactor tests Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> remove commented code Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> remove comment Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> remove comments * add test cases Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> export agent errors Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> remove comm Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * fix tests Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> --------- Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> |
||
|
Sammy Kerata Oina
|
2ceb1c3562 |
COCOS-152 - Refactor algorithm execution and add visibility through logging and events (#176)
* * feat(agent): add support for binary algorithm execution * * feat(agent/algorithm): add Algorithm interface and binary implementation * * feat(agent/algorithm/binary): implement Run method for binary algorithm execution * * feat(agent/algorithm/logging): implement Stdout and Stderr writers for algorithm logging * * feat(agent/algorithm/logging_test): add tests for Stdout and Stderr writers * * feat(agent/events): add Service interface for sending events * * feat(agent/events/mocks): add mock implementation for Service interface * * refactor(agent/service): update runComputation method to use binary algorithm implementation Signed-off-by: SammyOina <sammyoina@gmail.com> * * fix(logging.go): handle error when sending event in Write method of Stderr struct * test(logging_test.go): add copyright header * fix(backend_info.go): add missing type declaration in function signature * fix(agent.go): rename progressbar variable to pb for clarity and consistency Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Danko Miladinovic
|
654be60a80 |
COCOS-132 - Add progress bar for algo and data uploads (#162)
* add progress bar to CLI * fix error handling * fix comments errors * add header * add wraper for AlgoClient and DataClient * add compile time check for wrapper structs * refactor code |
||
|
Washington Kigani Kamadi
|
ff5bade57d |
COCOS-145 : Support Other Private/Public Key Pair Algorithms (#147)
* feat: generate multiple key types using cli Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> pass cert to agent Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix ci Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> standardize key types Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> marshal public key Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> use openssl format for keys Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * update auth Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> update makefile Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> update agent Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> enhance parsing logic Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * pass key type as flag Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix ci Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> return key on successful signature verification Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix cli Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> fix ed25519 signing Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> ci Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * refactor code Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * fix(cli/result.go): dry code Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> --------- Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> |
||
|
Sammy Kerata Oina
|
2ce112cc1b |
COCOS-103 - User authN and AuthZ using digital signatures (#128)
* Update Go to 1.22 and enhance security features - Upgraded the Go version in GitHub Actions workflows to 1.22.x for latest features and security patches. - Added RSA public key field `UserKey` in `Dataset` and `Algorithm` to reinforce data integrity and encryption. - Refactored `Result` method in `agentService` to use `containsID` for improved readability and potential performance benefits. - Updated `grpcserver.New` and `internal/server/grpc` invocations to pass `agent.Service` by value in line with recommended Go practices. - Introduced `grpc.StreamInterceptor` with no args in `Server.Start` which seems to be an initial step for future stream interceptor configuration. These changes prepare for stronger data security measures, maintain compatibility with the latest Go features, and improve code quality regarding service struct usage. Potential follow-up is needed to configure the stream interceptor and to ensure the new RSA key field is appropriately utilized in data handling. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth system and protocol buffers Enhanced the authentication system by adding context support and an improved user-role model. Implemented robust RSA public key verification for users and a restructured interceptor logic specific to stream types, streamlining the auth process. Updated protocol buffers and associated structures to accommodate user keys as byte slices, aligning with standard cryptographic practice. CLI commands for algorithms and datasets now require a private key file path argument for signing, strengthening security during interactions. This comprehensive overhaul addresses security and efficiency considerations in the RPC framework and aligns with best practices for key handling. By streamlining and securing the user authentication process, the agent service's reliability is greatly improved, directly impacting the robustness of the entire computation pipeline. - Refactored auth: added role-based user validation, context handling - Reworked interceptors: separated stream types, fortified signature checks - Updated protocol buffers: user public keys as byte slices for standard compatibility - Enhanced CLI: introduced private key argument, ensuring secure algorithm and dataset submission - Improved server and SDK contracts to align with auth changes Related issues: - Implements user roles and auth context [#103] - CLI security enhancement for private key management Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated PEM decoding for key parsing in CLI and tests Added `encoding/pem` to decode PEM blocks when parsing private and public keys across CLI commands and test computation scenarios, ensuring compatibility with key files. This enhances robustness in key handling by supporting PEM encoded keys. The update also includes registration of a new Keys command in the CLI. Refactored code is now compliant with common key formats, addressing potential parsing issues. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix auth signature encoding and improve CLI usage example The authentication system now decodes base64 strings before verifying signatures to align with the expected format. Additionally, the signature generation now encodes the output in base64, ensuring consistency across the auth process. The CLI help message for the `result` command is enhanced by providing a usage example, making it more user-friendly and informative. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor containsID to handle dynamic fields Updated the `containsID` function to accept a field name parameter, enabling dynamic field lookup within the reflection logic. This change facilitates the use of the function for various struct fields, improving code reusability and flexibility. CLI command 'data' now requires an additional argument for the private key file path, outlined in the usage example update, reinforcing command clarity and user guidance. Resolves issues with hardcoded field lookups and enhances CLI usability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Remove extraneous newline in key generation log output A redundant newline after the success message in the key generation command was removed to clean up log output formatting. This change ensures a more consistent and professional appearance of the CLI tool's messages. Signed-off-by: SammyOina <sammyoina@gmail.com> * Implemented auth service in gRPC startup Added authentication services to the gRPC server initialization to enforce security measures. The gRPC server's New function now includes an `authSvc` parameter, requiring instantiation of the auth service before starting the server. Failure to create the auth service results in a fatal error, halting the process to avoid running without protection. Tests have been updated to include `nil` values for the auth service parameter to maintain their functionality without authentication. Refactored `grpcserver.New` to accept the new auth service, and updated the main agent startup logic to create and inject the auth service. Added the auth middleware interceptors to the server options, which ensures that each gRPC call will undergo authentication. This change is a step towards secure communication, and affected components should now consider the authentication requirement. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor config read logic and update agent setup Improved the configuration reading in `cmd/agent/main.go` to handle larger payloads by reading data in chunks and checking for EOF, ensuring that all config data is captured even if it exceeds the initial buffer size. Enhanced the `test/manual/agent-config/main.go` to require additional command-line arguments, improving the setup process by explicitly requiring paths for data, algorithm, and public key as well as a boolean for attested TLS. Also updated the hashing method to SHA3 for the algorithm and data files, and included the hash and public keys as part of the agent, dataset, and result consumer configurations. These changes will make the agent setup more robust and provide better integrity checks for the involved files. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor run method to agentService Moved the run function into agentService for better encapsulation and maintainability. This refactoring includes capturing both stdout and stderr during algorithm execution, enabling more informative debugging through enhanced logging. Consequentially, the run method now references members through the service instance, aligning with object-oriented best practices and improving code coherence. Resolves issue with insufficient execution details when computations fail. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor computation data handling to use filepaths Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor error logging and ensure consistency Replaced usage of the standard log package with a custom logger for error reporting to standardize error logging throughout the application. Additionally, introduced graceful shutdown by returning from the main function rather than forcing exit when failing to create auth service, aligning the application's error handling strategy. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth initialization and key file handling Improved the readability and maintainability of the authentication service initialization by adding line breaks for logical separation. Also, standardized key filenames in the CLI key generation by introducing constants, enhancing code clarity and reducing the likelihood of file-naming errors. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth verification logic for improved security Removed an extraneous line in the `verifySignature` function that was not necessary for the signature verification process. This change simplifies the code and improves readability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor payload structures to simplify API Removed the 'provider', 'id', 'consumer' fields from protocol buffers, gRPC services, and related functions across various files to streamline the data model and align with the new authentication system based on cryptographic verification rather than string identifiers. This results in more efficient data handling and a reduction in unnecessary payload data, while enhancing security by making entity validation strictly cryptographic. The changes affect agent-SDK interactions, CLI tools, and related services, ensuring only the necessary data (algorithm/data bytes, user keys, and hashes) is transmitted and processed. Consequently, the core computation algorithm and dataset handlers now rely on indexes derived from context to associate data with respective manifest entries, thus maintaining the ability to link to specific computation manifests without relying on explicit IDs in the payload. Additionally, refactored authentication methods now enforce role-based security seamlessly through metadata. This approach enhances privacy by avoiding transmission of potentially sensitive strings over the network and by ensuring that only internal indices, not globally interpretable identifiers, are used to process computations. Aligned with the broader architectural goal of simplifying and securing the platform's core services, this change paves the way for upcoming revisions to the authentication scheme that will further consolidate role-based security and improve system integrity. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance CLI security with key paths Removed the section on running computations from the CLI README as it may no longer be necessary or the functionality has been moved elsewhere. Required private key file paths for algorithm, dataset upload, and result retrieval commands to enhance security. This change associates each action with a specific identity, ensuring secure and traceable operations. Additionally, updated the manual test commands to reflect this new requirement. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix ci Signed-off-by: SammyOina <sammyoina@gmail.com> * fix fmt Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
226704cf0d |
COCOS-122 - Enable streaming RPCs for Algo and Data services (#123)
* Enable streaming RPCs for Algo and Data services Modified the gRPC service definitions for Algo and Data methods to use stream processing, enabling the handling of larger datasets and algorithms without being limited by memory restrictions. This allows client and server to send chunks of data sequentially rather than requiring the entire payload to be loaded into memory at once. Updated server implementations to accumulate data from multiple chunks, allowing for more efficient processing and communication when dealing with large files. Client implementations have been adjusted to segment and send data in a streaming fashion. Removed previously existing synchronous client code as it became redundant with the new streaming approach, streamlining the client's communication patterns with the gRPC backend. This change allows for better resource management, especially in systems with constraints on memory, improving overall scalability and performance of the data and algorithm processing pipeline. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor algorithm ID check logic Simplify the algorithm validation logic in the agent service by replacing the previous containment check with direct ID comparison. This change streamlines the error handling for undeclared algorithms and hash mismatches, while also ensuring clear and direct provider validation. The modifications enhance the readability and maintainability of the code without altering functionality. Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated README to build single-file executable with PyInstaller Modified the PyInstaller command in the manual testing README to bundle the linear regression script into a single executable file. This simplifies distribution and execution of the script by eliminating the need for multiple dependency files. Ref: Optimization of deployment process Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
5c406743e0 |
NOISSUE - Add attesatation validation/verification options (#87)
* Standardize attestation report data size to 64 bytes Redefined the report data for attestation requests from a variable byte slice to a fixed 64-byte array across various critical components. This change enforces a standardized data length, simplifying validation logic and ensuring consistency when handling the attestation data for both the server and client end-points, logging functionalities, and the CLI tool. Updated attestation data handling in the SDK to accommodate the new fixed-length constraint. By strictly adhering to the 64-byte requirement, the modifications promote robust input checking and prevent potential issues related to dynamic data length processing. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor attestation validation logic Streamlined attestation validation in the CLI with a new configuration parsing approach. Introduced a retry mechanism with timeout and backoff for HTTPS getters that facilitate remote trust validation. Clarified expected data lengths in proto comments across attestation and manager services, ensuring consistency and correctness of the cryptographic data fields. This modification enhances maintainability by replacing a verbose struct with a configurable object model, thus simplifying parameter handling. Robustness is improved through failure-retrieval strategies during remote validation, and additional in-code documentation specifies cryptographic constraints for critical data elements. Signed-off-by: SammyOina <sammyoina@gmail.com> * Add new attestation validation flags Enhanced attestation validation in the CLI with additional flag support for FAMILY_ID, IMAGE_ID, REPORT_ID, REPORT_ID_MA, MEASUREMENT, CHIP_ID, and TCB-related fields. This update enables fine-grained control over attestation report criteria, ensuring stricter validation conforming to protocol requirements. Adjusted the default value for MinimumGuestSvn to align with the new policy specifications. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance attestation policy configuration Introduced several new configuration flags to the CLI's attestation policy, including options for minimum AMD-SP firmware builds, revocation list checking, and network restrictions. Expanded trust criteria parameters with the support for trusted author and identity key hashes. The default VMPL setting is now explicitly initialized. These changes improve security controls and offer more detailed attestation verification settings. Signed-off-by: SammyOina <sammyoina@gmail.com> * Simplify attestation validation process Refactored the attestation CLI command to improve usability by removing the need for explicitly provided report data as an argument. Default values for configuration parameters have been centralized into constants for maintainability. Additionally, integrated data parsing functions to streamline the validation checks with robust error handling for cases such as invalid hex strings and file I/O issues. This enhancement reduces user error and the complexity of entering attestation data by parsing relevant information from within the environment, all while maintaining the same security standards. The process of marking flags as required for CLI commands has been corrected to prevent runtime errors and improve command reliability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refined attestation validation logic Enhanced attestation command handling by removing the hardcoded report data length and replacing it with the standard SHA-512 hash size, ensuring dynamic compatibility with hash lengths. Introduced size constants to improve code readability and enforce explicit length checks on attestation input data, raising errors when requirements are unmet. This preventative measure aims to avert potential runtime errors stemming from unexpected data sizes. The change also simplifies the minimum guest SVN description for clarity. References to removed unnecessary whitespace maintain code cleanliness. These adjustments culminate in a more robust and maintainable attestation process, in accordance with the best practices for secure handling of cryptographic data and compliance with AMD's ABI format specifications. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhanced attestation documentation and command syntax Updated CLI documentation to include detailed descriptions of the attestation retrieval and validation process, along with a comprehensive list of new flags for the validation command, providing users with extensive control over the attestation verification process. Updated command syntax with flags for specifying report data, improving command clarity and consistency. These changes ensure better user guidance and offer a more robust attestation handling experience. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enforce report data size validation uniformly Refactored report data size validation to ensure it is performed consistently across the system. Removed the hard-coded length check from attestation request validation in favor of a centralized verification based on the sha512 digest size. Also, eliminated fallback mechanism to the SHA-512 hash of report data and made the length requirement explicit, leading to immediate failure if not met. This harmonizes the error handling logic, reinforces data integrity checks, and simplifies debugging by removing ambiguous length correction behavior. Adjusted related validation functions to use a common utility, enhancing maintainability. Fix spelling errors in log messages for attestation validation commands to improve clarity in output. Signed-off-by: SammyOina <sammyoina@gmail.com> * Initialize attestation config with defaults Enhanced the attestation command initialization by setting default values for the `Config` struct to prevent nil pointer exceptions and potentially streamline configuration handling. Moreover, corrected a flag declaration by removing shorthand.P support for 'permit_provisional_software', aligning it with other flags for consistency. This change should improve stability and user experience while configuring attestation policy. Signed-off-by: SammyOina <sammyoina@gmail.com> * nil check prior Signed-off-by: SammyOina <sammyoina@gmail.com> * fix typos Signed-off-by: SammyOina <sammyoina@gmail.com> * use file for attestation report Signed-off-by: SammyOina <sammyoina@gmail.com> * Refine attestation validation with default policy values Adjusted default values and constants related to the attestation configuration for enhanced clarity and consistency. Changed the default minimum guest SVN value to align with new policy requirements and introduced a default guest policy constant. Additionally, standardized byte array placeholders for attestation validation fields to prevent potential issues with uninitialized bytes and ensure robust input validation checks. These changes promote more intuitive and secure attestation validation procedures. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refine attestation defaults and flag requirements Updated the default guest policy to use hexadecimal notation for clarity and added a default minimum version for the firmware API version flag. Made 'chip_id', 'measurement', 'report_id', and 'report_id_ma' flags mandatory to ensure critical attestation data is provided by the user, enhancing validation robustness. Added a check for 'measurement' field length for consistency in input validation. Signed-off-by: SammyOina <sammyoina@gmail.com> * Optimize attestation file format Standardized attestation file format across the codebase by moving the 'attestationFilePath' constant from the function scope to a higher scope within the package. Switched the file extension from .txt to .bin to reflect binary data storage, improving consistency and potential performance benefits from binary file handling. Signed-off-by: SammyOina <sammyoina@gmail.com> * Optimize default values for attestation validation Removed unnecessary empty initializers and replaced hardcoded empty values with nil for optional fields in attestation validation flags. Introduced a constant defaultReportIdMa for the REPORT_ID_MA field to provide a meaningful default instead of an empty one. Streamlined the command setup by removing the requirement flags for fields that are now optional and unchecked if unset, reducing burdens on the user for providing unnecessary input. The change simplifies the command's usage and eliminates the need for users to specify values for certain fields that can be optional, improving the command's flexibility and user experience. Additionally, setting a specific default for REPORT_ID_MA ensures clarity in cases where this is not provided by the user. This update enhances the maintainability and usability of the attestation validation functionality. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor hardcoded attestation report size Introduced a constant `size64` to replace the previously hardcoded array size of `64` used across various Attestation methods. This change enhances code maintainability and readability by centralizing the size definition, making it easier to update in the future if necessary. Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated protocol buffer dependencies and cleaned CLI flags Protobuf compiler versions were updated to v4.25.2 across various RPC service definitions for agent and manager packages, ensuring compatibility with the latest features and fixes. In the CLI attestation code, unnecessary flags (`DisallowNetwork` and `PermitProvisionalSoftware`) were removed to streamline user options, reflecting a more secure and user-focused configuration interface. Added an input validation check in `attestation.go` for CA bundle presence when a product name is set, enhancing the reliability of attestation validation. Also rectified a bug in `grpc.go` by fixing an incorrect variable assignment for reading the key file content, thereby preventing potential TLS-related errors. Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated protoc version and adjusted proto file paths Bumped the protocol compiler version to 25.2 to align with our dependency updates and ensure compatibility. Additionally, revised the proto file paths under the continuous integration setup, moving from 'manager/' to 'pkg/manager/' to reflect the recent directory restructuring. The changes ensure that proto file checks and comparisons are conducted in the correct file locations, preventing potential build and sync issues in future developments. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance hash size consistency in gRPC attestation Aligned the hard-coded byte array size for `ReportData` with `sha512.Size` constant to ensure consistency and maintainability in gRPC attestation requests and responses. This change mitigates the risk of future errors if the SHA512 hash size standard is altered. Signed-off-by: SammyOina <sammyoina@gmail.com> * Optimize agent-config listener loop Removed the goroutine wrapping the listener loop in 'agent-config' manual test to streamline and simplify the connection handling logic. This change ensures the loop runs on the main goroutine, improving the readability and maintainability of the code. Refactoring assists in avoiding potential race conditions and makes the server's flow easier to understand for future debugging and development. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor report data size checks to use constant Centralize the report data size definition by replacing various size checks and array declarations with a constant `ReportDataSize`. This streamlines code maintenance and ensures consistency across all instances where report data size is validated or used. The changes remove direct references to the hash function output size, decoupling the report data size from the hash function's characteristics and allowing easier updates if the data size requirement changes. These modifications bolster the codebase's flexibility for potential adjustments in security protocols or data handling specifications. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor config JSON handling in attestation CLI Introduced an `exampleJSONConfig` constant containing a sample configuration to improve code readability and maintainability. Previously, the example JSON configuration for the attestation CLI was an inline string, making the code cluttered and less maintainable. With this change, the example configuration is now stored as a constant, resulting in cleaner command flag setup and enhanced clarity. This constant is used in the command flag description to guide users when providing their custom configuration. Additionally, refactored the command flags related to the configuration by aligning and sorting them for better code organization. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
997fb3bf48 |
COCOS-83 - Add hash verification for datasets and algorithms (#84)
* Add hash verification for datasets and algorithms Enhanced data integrity checking by incorporating hash fields in Dataset and Algorithm structures, and modified the corresponding service logic to validate these hashes during processing. The update includes SHA-3 for hash computation, replacing the former SHA-256 usage, and ensures the provided data matches the expected hash from the manifest to prevent processing malformed or corrupted data. - Introduce `Hash` field to both Dataset and Algorithm structs to store the expected hash value. - Implement SHA-3 hashing within service methods that process the data, ensuring consistency with newly added `Hash` fields. - Add error handling for hash mismatches, preventing further processing and alerting to potential data integrity issues. - Update Protocol Buffers serialization to accommodate the new hash fields for gRPC communication. - Modify manager service's Run method to pass the hash information when creating agent configurations. Go module dependencies were updated to include the new SHA-3 package and upgrade Go version to 1.21.6 for improved stability and compatibility. Signed-off-by: SammyOina <sammyoina@gmail.com> * Remove identifiers from protobuf and related code The protobuf definitions and related service handling code have been revised to drop specific identifier fields (`AlgorithmID` and `DatasetID`) to simplify API responses and internal function signatures. These removals streamline the overall data flow between components, reduce unnecessary data transmission, and lead to an aligned server-client expectation where identifiers are no longer a part of the response payload. Consequently, these changes simplify the logic within various functions and client commands, reinforcing encapsulation by ensuring that internal identifiers do not need to be managed or exposed unnecessarily. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
8975e28437 |
COCOS-77 - Stream agent logs and events over gRPC (#78)
* Refactor GRPC manager service and client The manager service and client have been restructured for stream communication, facilitating real-time agent events, logs, and run responses. The `Run` RPC is replaced by the `Process` stream RPC, enabling bidirectional streaming between clients and the manager service. This allows continuous interchange of different message types including `WhoAmIRequest`, `AgentLog`, `AgentEvent`, and `RunResponse`. Several message types have been adjusted and new fields introduced, like `AgentPort` in `RunResponse` and various agent-config attributes including CA files and instance IDs, to support TLS client authentication and distinguish between agent instances. We've also incorporated `google.protobuf.Timestamp` in `AgentEvent` for precise event logging. The client code reflects these modifications with updated method calls and stream handling logic for ongoing communication. Moreover, the updates necessitate corresponding changes throughout service, grpc, and sdk layers to interoperate with the new streaming approach. The transition to streaming paves the way for a more interactive, flexible communication system that can accommodate future expansion and real-time monitoring features. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> * Update GitHub Actions to Latest Versions Upgraded GitHub Actions 'checkout' to version 4 and 'setup-go' to version 5 across various workflow files to leverage the latest features and improvements for better performance and reliability. This also ensures compatibility with Go version 1.21.x which is specified in the workflows. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor event handling and logging Reworked event and log processing to use channels instead of direct HTTP calls. Removed obsolete events package and consolidated event structures, leading to cleaner and more maintainable code. Updated agent events to use channels, enhanced error handling in log forwarding, and simplified manager `New` function signature to accept an event channel directly. - Removed `events` and `agentevents` packages to reduce complexity. - Replaced direct event server communication with internal channel usage. - Introduced `AgentEvent` struct in events.go for standardized event objects. - Adapted `managerService` to dispatch events and logs through channels. - Streamlined manager construction by removing the now-unnecessary event service and host IP parameters. This change results in a more robust and easier to extend event and log management system within the agent-manager interaction. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix ci Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unused code Signed-off-by: SammyOina <sammyoina@gmail.com> * add comments Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
6f42135ec0 |
NOISSUE - Fetch attestation report (#66)
* Improve attestation and update deps Enhanced the attestation process to require additional report data and a variable privacy level, catering to varying security requirements. The `Run` method's context parameter was removed to simplify invocation following API alignment. Dependencies got updated, notably adding `github.com/google/go-sev-guest` for attestation, and some were indirectly bumped. These updates ensure the agent service leverages the latest available features and improvements for security and stability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Extend AttestationRequest with data fields Enhanced the AttestationRequest message structure by introducing 'report_data' and 'vpml' fields to encapsulate additional attestation context. Adjusted service and middleware layers to incorporate these new parameters, enabling richer attestation workflows. The GRPC endpoint, logging, and metrics layers have been updated to handle the additional data, catering to more secure and nuanced attestation use cases. Refactors Attestation command in CLI to accept report data argument and include an optional 'vpml' flag for specifying virtual machine privilege level. This change empowers users to request attestation with specific context directly from the CLI. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor attestation to remove vpml dependency Removed the `vpml` field from the AttestationRequest protobuf, and all associated handling code, streamlining the attestation process. Code adjustments were made in gRPC client, server, and service layers to ensure proper request construction and validation that focuses only on report data. This change simplifies the attestation API and its usage, reducing error risk and improving maintainability. It reflects a decision to decouple the protocol from specific vendor measurement levels, potentially due to a shift towards a more generalized attestation procedure. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance CLI usability and streamline SDK attestation - Added a usage example to the CLI attestation command for better user guidance. - Simplified the SDK attestation function by removing an unused parameter and directly populating the request structure with report data to align function parameters with actual usage requirements. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
55c19ca6b5 |
NOISSUE - Refactor SDK and CLI (#69)
* Refactor CLI commands to use CLI struct Introduced a CLI struct to encapsulate dependencies such as agentSDK and managerSDK previously passed to command constructors. This shift towards a more object-oriented approach simplifies command creation and enhances code readability. CLI-related commands are now methods on the CLI struct, accessing shared services directly, which streamlines the setup of CLI command hierarchies and reduces the need to pass dependencies around. Removed the OpenAPI specification file as it was likely deemed obsolete or no longer necessary to be included with the CLI binary, suggesting a possible shift in how the API is managed or documented. Lastly, the main application now sets up two distinct command groups for 'agent' and 'manager', with respective commands organized under them, making the CLI tool's structure more intuitive for users. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix ci Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
34c3bbdbd8 |
COCOS-55 - Pass agent logs to manager via vsock (#64)
* Simplify event handling and config Streamlined event service interface by consolidating `SendEvent` and introducing `SendRaw`. Removed `notification_server_url` and `instance_id` parameters from several event publication calls to leverage centralized event construction. This change not only cleans up redundancy in event-related code but also simplifies the configuration data flow across the system, making it easier to manage and less error-prone. Uniform event generation now improves consistency and maintainability. Refactored configuration management in the agent and manager services. Removed notifications URL from the agent configuration, relying on a simplification that assumes a single source of events. Updated Manager Port to VsockConfigPort for clarity and consistency across vsock communication. These modifications should facilitate easier integration and extension of event and configuration systems in the future. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor error handling in agent event forwarding Introduced context and error channel handling to the agent event forwarding process. The logger now warns on errors during forward operations asynchronously, allowing for non-blocking error reporting. Additionally, reliance on the global logger was removed in favor of passing error information via channels, improving modularity and error flow control. Resolves issue with silent forwarding failures by providing a means to alert system operators without halting the service. This enhancement makes the error reporting more robust and reactive while maintaining service continuity. Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unused field Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance agent logging via vsock connection Redirected agent logging to use a vsock connection instead of standard output, improving the process isolation and enabling centralized log management. The change involved dialing to the specified vsock log port and initializing the logger with the vsock connection rather than stdout. Additionally, the manager service now maintains a map of agent vsock cids to computation IDs, providing better tracking of computation resources. A routine to retrieve logs from agents was also initiated during the service setup to facilitate log collection. Consequential to these changes is the removal of a redundant os package import in the agent's main.go, further cleaning up the dependencies. Signed-off-by: SammyOina <sammyoina@gmail.com> * fail gracefully Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated backoff strategy and VM configurations - Added `github.com/cenkalti/backoff` to direct dependencies for robust retry logic in agent configuration sending. - Modified the vsock logs port to align with the updated port range standards. - Enclosed kernel console arguments in quotes to ensure proper parsing in QEMU configurations. - Implemented exponential backoff when sending agent configurations to handle transient failures. Refactors: - Streamlined creation of `AgentConfig` within the computation setup to avoid unnecessary initializations when `c.AgentConfig` is not nil. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor command execution and improve argument construction Consolidated the error handling in the command execution function for better readability. In the QEMU configuration, the argument assembly process is enhanced for clarity and correctness; the VNC parameter is now separate, and string quoting is handled properly for kernel parameters. These changes result in more maintainable code and prevent potential formatting issues during QEMU argument parsing. Resolves issues with argument construction in QEMU config module. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refine default config handling and unpacking Improved the agent configuration by dynamically setting default values for the log level and port if they are not specified in the incoming configuration. Also streamlined configuration unpacking in the endpoint and service layers, reducing redundancy and ensuring all required fields are correctly copied over to the Manager's configuration structure. This change ensures better fault tolerance and more maintainable code by handling edge cases where configuration values might be missing. Signed-off-by: SammyOina <sammyoina@gmail.com> * rename dir Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> * Ensure runRes.Empty() reflects non-empty state Changed the always-true return value of the `runRes.Empty()` method to `false` to accurately indicate the presence of a response body. This adjustment ensures downstream handling of API responses aligns with actual content state. Signed-off-by: SammyOina <sammyoina@gmail.com> * Replace mglog with slog across codebase Updated various components to replace the `mglog` logger implementation with the `slog` logger. This change affects logging initialization and calls throughout the codebase including the agent, manager, and internal server components. Transitioning to `slog` is part of a broader shift to standardize the logging mechanism to improve maintainability and consistency. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
b55b6c9734 |
NOISSUE - Refactor computation parameter naming and remove tracing (#42)
Standardized the variable name for computation parameter across various service and middleware implementations to improve code consistency. This enhances readability and maintainability. Additionally, tracing functionality has been removed completely, signifying a potential shift in the telemetry strategy or removal of an unused feature. The run command associated with cli package has also been deleted, suggesting a change in the CLI tool's capabilities or its command handling strategy. The service interface's Run method definition and its implementations now align with the updated parameter naming, ensuring coherence throughout the codebase. Removed files: - The entire `tracing` package has been deleted. - Removed the `cli/run.go` file, indicating the removal of the 'run' command from the CLI. Please note that these changes may affect any existing workflows or systems that rely on the removed tracing capabilities or the CLI run command, and appropriate adjustments will need to be made to accommodate these updates. Refer to internal documentation or release notes for migration paths or additional context. Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
4d9f7b1a45 |
COCOS-25 - Remove networking between manager and agent (#43)
* Enable passing computation details to QEMU args Refactored the QEMU argument construction to accept computation details as JSON. The changes include updating function signatures to pass an `agent.Computation` object and serialize it into the QEMU boot parameters. These modifications allow for custom computations to be specified per VM, facilitating more dynamic and configurable virtual machine creation. This update also integrates timing and data transformation necessary for the agent computation setup. Resolves computation configurability for virtual machines. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enable extraction of computation value from cmdline Introduced a feature to parse the computation parameter directly from the machine's command line, thus enabling dynamic configuration of agent computations without the need for a preset environment. This change enhances the agent's ability to adapt to different computation requirements on startup. A fallback warning informs of cases where the computation parameter was not found, ensuring traceability of operational state during service initialization. Signed-off-by: SammyOina <sammyoina@gmail.com> * Remove RunRequest and RunResponse from Agent gRPC Refactor the Agent service by deleting the RunRequest and RunResponse messages along with the corresponding method implementations in the gRPC interface. This simplifies the gRPC protocol by removing an obsolete RPC method, streamlining communication between services. The deletion also impacts the manager service, which no longer uses the removed RPC method. Consequently, the service definitions across related files like endpoints, servers, and clients have been adjusted. This adjustment enforces a more direct approach for starting computations, reflecting a shift toward manager-initiated computation execution. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
ee7159a406 |
COCOS-35 - Refactor RunRequest to use structured Computation (#38)
* Refactor RunRequest to use structured Computation The protobuf and associated service implementations for the RunRequest message were refactored to replace the raw Computation byte slice with a structured ComputationReq object. This allows clearer and more type-safe manipulation of computation requests. The grpc, http, and agent service layers were updated to build and parse ComputationReq accordingly. The ComputationReq structure includes details like IDs, names, time stamps, and metadata, forming a well-defined contract for computation tasks. This change aligns with efforts to standardize request formats and improve clarity in inter-service communication. It impacts all systems interfacing with the RunRequest service and thus requires coordinated updates to the entire stack. Signed-off-by: SammyOina <sammyoina@gmail.com> * Initialize metadata maps and handle nil values Improved the robustness of metadata handling in gRPC endpoints and SDK by initializing metadata maps and explicitly checking for nil values before converting them. This ensures that both the agent's gRPC endpoint and the SDK properly handle cases where metadata fields may be uninitialized or contain nil values, preventing potential null pointer exceptions. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor computation request handling Refactored the endpoint to construct Computation object from gRPC request, incorporating structpb for metadata handling and timestamppb for StartTime and EndTime fields. The management service and API requests are also updated to align with these changes, improving type safety and ensuring data is correctly marshalled when making service calls. Resolves data marshalling issues for computation requests. Signed-off-by: SammyOina <sammyoina@gmail.com> * use singular Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unuse fields Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unused fields Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
18508796c1 |
add linters (#23)
- switchTrue
- importShadow
- httpNoBody
- paramTypeCombine
- emptyStringTest
- builtinShadow
- exposedSyncMutex
- importas
Signed-off-by: SammyOina <sammyoina@gmail.com>
|
||
|
Sammy Kerata Oina
|
298878c96d |
NOISSUE - Rename module to cocos (#22)
* add stringer Signed-off-by: SammyOina <sammyoina@gmail.com> * rename module to cocos Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix fmt.Stringer implementation in computations.go The fmt.Stringer implementation for Datasets and Algorithms in computations.go was fixed to correctly use pointers. This commit addresses the issue where the String() method for Datasets and Algorithms in computations.go was not correctly implemented. The fix ensures that the String() method now correctly marshals the data to JSON and returns the string representation. The changes made in this commit will improve the functionality and accuracy of the String() method for Datasets and Algorithms. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
4ea9ff6531 |
NOISSUE - Add message broker on agent and manager (#17)
* Fix bug in agent state machine The bug in the agent state machine caused an error when attempting an invalid transition. This commit fixes the bug by properly locking and unlocking the state machine before and after transitioning to the next state. Additionally, the logger now correctly logs the current and next state during a valid transition. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix race condition in state machine The commit fixes a race condition in the state machine implementation in the `Start` method. The race condition occurs when multiple goroutines try to access and modify the state concurrently. To fix this, a mutex lock and unlock are added around the critical sections of code to ensure exclusive access to the state variable. This prevents race conditions and ensures the state transitions are executed correctly. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix race condition in StateMachine.Start() The StateMachine.Start() method was experiencing a race condition when multiple events were being processed concurrently. This was caused by not properly locking and unlocking the state machine before and after updating the state. This commit fixes the issue by adding proper locking and unlocking around the state update operation. Additionally, the logging statement has been updated to include the previous and next states for better debugging. Signed-off-by: SammyOina <sammyoina@gmail.com> * add magistrala dep Signed-off-by: SammyOina <sammyoina@gmail.com> * remove mainflux Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix agentService New function to include messaging.Publisher parameter The agentService New function has been updated to include a messaging.Publisher parameter. This change allows the agent service to publish messages to a messaging system. The messaging.Publisher parameter has been added to the agentService struct and the New function signature has been updated accordingly. This change ensures that the agent service can communicate with other components using the messaging system. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor service.go state functions The commit refactors the state functions in the service.go file. The functions for each state have been modified to use the svc.publishEvent method to publish events with appropriate messages. - Refactor state functions in service.go - Use svc.publishEvent to publish events with messages for each state Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix computation run event publishing and add pubsub functionality The computation run event publishing in the agent service was fixed to correctly call the publishEvent function. Additionally, the pubsub functionality was added to the manager package. - Fixed computation run event publishing in agent service - Added pubsub functionality to manager package Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix license header in pubsub.go file The commit fixes the license header in the pubsub.go file. The copyright and SPDX-License-Identifier have been added to comply with the Apache-2.0 license. Signed-off-by: SammyOina <sammyoina@gmail.com> * Add Docker environment variables for Nats, RabbitMQ, Message Broker, and Jaeger. The commit message should be: "Add Docker environment variables for Nats, RabbitMQ, Message Broker, and Jaeger" Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix Makefile to properly set DOCKER_PROJECT and COCOS_MESSAGE_BROKER_TYPE The Makefile has been updated to fix an issue with setting the DOCKER_PROJECT and COCOS_MESSAGE_BROKER_TYPE variables. The USER_REPO variable is now used to generate the DOCKER_PROJECT name following the Docker Compose guidelines. Additionally, the COCOS_MESSAGE_BROKER_TYPE variable is now properly set to "nats" if it is empty. This ensures that the correct values are used when compiling and installing the service. Summary: Fix Makefile to properly set DOCKER_PROJECT and COCOS_MESSAGE_BROKER_TYPE Details: - Update USER_REPO variable to generate DOCKER_PROJECT name - Set COCOS_MESSAGE_BROKER_TYPE to "nats" if empty Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix Makefile Docker profile assignment and build flags The Makefile was updated to fix the assignment of the Docker profile and build flags. The Docker profile is now assigned based on the value of COCOS_MESSAGE_BROKER_TYPE, and if it is not provided, the default value is set to "nats". The build flags were also updated to include the COCOS_MESSAGE_BROKER_TYPE value as a tag for the Go build process. This commit addresses the issue with the Docker profile assignment and ensures that the correct build flags are used during the build process. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix makefile Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix notification topic in agent service and update NATS ports in Docker environment variables The agent service's notification topic was incorrectly set to "channels.manager" instead of "agent". This commit fixes the issue by updating the notification topic. Additionally, the NATS ports in the Docker environment variables were incorrect. The COCOS_NATS_PORT and COCOS_NATS_HTTP_PORT have been updated to the correct values. These changes ensure that the agent service uses the correct notification topic and the NATS ports are properly configured. Signed-off-by: SammyOina <sammyoina@gmail.com> * add pubsub Signed-off-by: SammyOina <sammyoina@gmail.com> * update protoc Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Sammy Kerata Oina
|
4958f9468f |
NOISSUE - Implement State-machine (#16)
* add state machine Signed-off-by: SammyOina <sammyoina@gmail.com> * This commit addresses the following changes: - In agent/service.go: - Added a goroutine to start the StateMachine - Sent the start event to the StateMachine - In agent/state.go: - Added a copyright notice and license identifier These changes ensure that the StateMachine starts correctly and that the agent/state.go file includes the necessary copyright and license information. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix race condition in agent service initialization The commit fixes a race condition in the agent service initialization. Previously, the `New` function in `agent/service.go` would start the state machine goroutine before initializing the `sm` field. This could lead to a race condition where the state machine would access uninitialized fields. To fix this, the `New` function now takes a `context.Context` argument and passes it to the `Start` method of the state machine. Additionally, a `sync.Mutex` has been added to the `StateMachine` struct to ensure thread safety. This commit addresses the race condition and ensures proper initialization of the agent service. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix sending events when algorithms and datasets are received This commit fixes a bug where events were not being sent when algorithms and datasets were received in the agent service. The bug was causing the events to not be triggered, leading to incorrect behavior. This commit adds the necessary code to send the events when algorithms and datasets are received, ensuring that the events are properly triggered. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix bug: computation results not ready The computation results were not being marked as ready, resulting in an error when trying to access them. This commit fixes the issue by adding a check for the computation results before returning them. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix bug in agent service and state The commit fixes a bug in the agent service and state files. Previously, the condition to check the state in the agent service was incorrect. It was checking the state directly instead of using the GetState() method. This has been fixed by using the GetState() method to check the state. Additionally, a new GetState() method has been added to the StateMachine struct in the state file. This method retrieves the current state by acquiring a lock and returning the state value. The changes have been tested and verified to resolve the bug and improve the accuracy of state checking in the agent service. Signed-off-by: SammyOina <sammyoina@gmail.com> * check for time outs Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix bug in agent state machine The bug in the agent state machine caused an error when attempting an invalid transition. This commit fixes the bug by properly locking and unlocking the state machine before and after transitioning to the next state. Additionally, the logger now correctly logs the current and next state during a valid transition. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix race condition in state machine The commit fixes a race condition in the state machine implementation in the `Start` method. The race condition occurs when multiple goroutines try to access and modify the state concurrently. To fix this, a mutex lock and unlock are added around the critical sections of code to ensure exclusive access to the state variable. This prevents race conditions and ensures the state transitions are executed correctly. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix race condition in StateMachine.Start() The StateMachine.Start() method was experiencing a race condition when multiple events were being processed concurrently. This was caused by not properly locking and unlocking the state machine before and after updating the state. This commit fixes the issue by adding proper locking and unlocking around the state update operation. Additionally, the logging statement has been updated to include the previous and next states for better debugging. Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> |
||
|
Washington Kigani Kamadi
|
4eea9c1a4c |
Add attestation endpoint (#5)
* vendor Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Return agent changes Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * remove vendor Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Add context to sdk functions Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Fix comment Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Add context to functions Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Remove context variable Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> --------- Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> |
||
|
Sammy Kerata Oina
|
f1f8f95653 |
NOISSUE - Fix dependencies (#13)
* vendor Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Return agent changes Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Add missing import Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * remove vendor Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Fix formatting Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Formatting errors Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> * Update agent/api/grpc/client.go Signed off: WashingtonKK washingtonkigan@gmail.com Co-authored-by: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com> * add linters and fix Signed-off-by: SammyOina <sammyoina@gmail.com> * update ci Signed-off-by: SammyOina <sammyoina@gmail.com> * remove deprecated dependencies and use local agent and manager Signed-off-by: SammyOina <sammyoina@gmail.com> * update mainflux Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix Jaeger URL in agent and manager main.go files The Jaeger URL in the agent and manager main.go files was incorrect. This commit fixes the Jaeger URL by updating it to "http://localhost::4318/v1/traces". Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: WashingtonKK <washingtonkigan@gmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com> Co-authored-by: WashingtonKK <washingtonkigan@gmail.com> |
||
 Darko Draskovic
|
16cb51563c |
Unexport AgentSDK by renaming to agentSDK
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com> |
||
|
Darko Draskovic
|
b78b15efb6 |
Fix algorithms cobra command to send file and not string
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com> |
||
|
Darko Draskovic
|
10f9ec8517 |
Rename results.go to result.go
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com> |
||
|
Darko Draskovic
|
54e03f3373 |
Refactor /result to perform actual computation
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com> |
||
|
Darko Draskovic
|
4d09a9f4c3 |
Add basic business logic of training a model on a dataset and returning a model
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com> |
||
 fbugarski
|
31b1f397d6 |
Move cfg to main
Signed-off-by: fbugarski <filipbugarski@gmail.com> |
||
|
fbugarski
|
30d6f97976 |
Remove unused
Signed-off-by: fbugarski <filipbugarski@gmail.com> |