cocos

mirror of https://github.com/ultravioletrs/cocos.git synced 2026-06-23 04:10:25 +00:00

Author	SHA1	Message	Date
Sammy Kerata Oina	5377dd4d7f	NOISSUE - Prepare cocos for v0.8.0 (#512 ) * Refactor mock interfaces to use 'any' instead of 'interface{}' for improved type safety and readability across multiple files in the manager and pkg directories. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update Go version to 1.25.x in CI workflows and remove obsolete Go package files Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add mock implementations for various components in the attestation and SDK packages - Created mock for MeasurementProvider in pkg/attestation/cmdconfig/mocks/mocks_test.go - Created mock for Provider in pkg/attestation/mocks/mocks_test.go - Created mock for Client in pkg/clients/grpc/mocks/mocks_test.go - Created mock for SDK in pkg/sdk/mocks/mocks_test.go These mocks are generated using mockery and are intended for unit testing purposes. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove autogenerated mock files and update mock usage in tests - Deleted mocks for gRPC clients in pkg/clients/grpc/mocks/mocks_test.go and pkg/sdk/mocks/mocks_test.go. - Updated test files in pkg/progressbar/progress_test.go to use the new mock structure without type parameters for gRPC client interfaces. - Refactored mock generation in pkg/sdk/mocks/sdk.go to streamline the mock creation process and ensure consistency across mock methods. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update protobuf generated files for events and manager - Bump protoc-gen-go version from v1.36.5 to v1.36.8 in events.pb.go and manager.pb.go. - Refactor raw descriptor definitions in events.pb.go and manager.pb.go to use string concatenation for better readability and maintainability. - Ensure compatibility with the latest protobuf specifications and improve code generation consistency. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Update test commands to use GOTOOLCHAIN for consistent Go version handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix GOTOOLCHAIN usage in test command for consistency Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>	2025-09-01 14:28:11 +02:00
Sammy Kerata Oina	ccab296b62	NOISSUE - Downgrade Golang version for HAL (#494 ) CI / lint (push) Has been cancelled Details CI / test (agent) (push) Has been cancelled Details CI / test (cli) (push) Has been cancelled Details CI / test (cmd) (push) Has been cancelled Details CI / test (internal) (push) Has been cancelled Details CI / test (manager, true) (push) Has been cancelled Details CI / test (pkg) (push) Has been cancelled Details CI / upload-coverage (push) Has been cancelled Details * Update Go version to 1.24.x in CI workflows and fix supermq version in go.mod Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor CI workflow to separate linting and testing jobs, and streamline test execution for multiple modules Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Downgrade Go version from 1.23.10 to 1.23.8 in go.mod Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>	2025-08-07 13:51:23 +02:00
Sammy Kerata Oina	bf84f45306	Update Buildroot reference in HAL workflow and README to 2025.05-rc1; add nil check in Stop methods for binary, python, and wasm algorithms (#443 ) Signed-off-by: Sammy Oina <sammyoina@gmail.com>	2025-05-29 10:40:23 +02:00
Smith Jilks	da88fe1e45	COCOS-346 - Explore cloud init for Cloud setup (#357 ) CI / ci (push) Has been cancelled Details Rust CI Pipeline / rust-check (push) Has been cancelled Details * Add qemu cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update qemu cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add qemu cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update qemu cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update qemu cloud config * Update cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Update cloud init Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add cloud init README.md Signed-off-by: Jilks Smith <smithjilks@gmail.com> * Add cocos release workflow Signed-off-by: Jilks Smith <smithjilks@gmail.com> --------- Signed-off-by: Jilks Smith <smithjilks@gmail.com>	2025-01-31 15:48:26 +01:00
Sammy Kerata Oina	0864eb69c9	NOISSUE - Update buildroot config (#320 ) * update cfg Signed-off-by: Sammy Oina <sammyoina@gmail.com> * update workflow Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>	2024-11-29 13:58:28 +01:00
Sammy Kerata Oina	8b37b35750	COCOS-154 - Fix HAL release pipeline (#254 ) * increase release pipeline Signed-off-by: Sammy Oina <sammyoina@gmail.com> * update go and free some space Signed-off-by: Sammy Oina <sammyoina@gmail.com> * optimize Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix cache Signed-off-by: Sammy Oina <sammyoina@gmail.com> * free up space Signed-off-by: Sammy Oina <sammyoina@gmail.com> * modify Signed-off-by: Sammy Oina <sammyoina@gmail.com> * remove restrictions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fifty gigs Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fourty gigs Signed-off-by: Sammy Oina <sammyoina@gmail.com> * old mbs Signed-off-by: Sammy Oina <sammyoina@gmail.com> * remove outdated actions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * rename Signed-off-by: Sammy Oina <sammyoina@gmail.com> * weekly update Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com>	2024-09-25 16:27:28 +02:00
Sammy Kerata Oina	46d24f928a	NOISSUE - Add events for disconnection of agent (#233 ) * add events Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix lint Signed-off-by: Sammy Oina <sammyoina@gmail.com> * typo Signed-off-by: Sammy Oina <sammyoina@gmail.com> * group logs Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix error Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix initialization of goroutine Signed-off-by: Sammy Oina <sammyoina@gmail.com> * add comment Signed-off-by: SammyOina <sammyoina@gmail.com> * update comment Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> * remove naked return Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com>	2024-09-11 14:26:46 +02:00
Sammy Kerata Oina	2ce112cc1b	COCOS-103 - User authN and AuthZ using digital signatures (#128 ) * Update Go to 1.22 and enhance security features - Upgraded the Go version in GitHub Actions workflows to 1.22.x for latest features and security patches. - Added RSA public key field `UserKey` in `Dataset` and `Algorithm` to reinforce data integrity and encryption. - Refactored `Result` method in `agentService` to use `containsID` for improved readability and potential performance benefits. - Updated `grpcserver.New` and `internal/server/grpc` invocations to pass `agent.Service` by value in line with recommended Go practices. - Introduced `grpc.StreamInterceptor` with no args in `Server.Start` which seems to be an initial step for future stream interceptor configuration. These changes prepare for stronger data security measures, maintain compatibility with the latest Go features, and improve code quality regarding service struct usage. Potential follow-up is needed to configure the stream interceptor and to ensure the new RSA key field is appropriately utilized in data handling. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth system and protocol buffers Enhanced the authentication system by adding context support and an improved user-role model. Implemented robust RSA public key verification for users and a restructured interceptor logic specific to stream types, streamlining the auth process. Updated protocol buffers and associated structures to accommodate user keys as byte slices, aligning with standard cryptographic practice. CLI commands for algorithms and datasets now require a private key file path argument for signing, strengthening security during interactions. This comprehensive overhaul addresses security and efficiency considerations in the RPC framework and aligns with best practices for key handling. By streamlining and securing the user authentication process, the agent service's reliability is greatly improved, directly impacting the robustness of the entire computation pipeline. - Refactored auth: added role-based user validation, context handling - Reworked interceptors: separated stream types, fortified signature checks - Updated protocol buffers: user public keys as byte slices for standard compatibility - Enhanced CLI: introduced private key argument, ensuring secure algorithm and dataset submission - Improved server and SDK contracts to align with auth changes Related issues: - Implements user roles and auth context [#103] - CLI security enhancement for private key management Signed-off-by: SammyOina <sammyoina@gmail.com> * Updated PEM decoding for key parsing in CLI and tests Added `encoding/pem` to decode PEM blocks when parsing private and public keys across CLI commands and test computation scenarios, ensuring compatibility with key files. This enhances robustness in key handling by supporting PEM encoded keys. The update also includes registration of a new Keys command in the CLI. Refactored code is now compliant with common key formats, addressing potential parsing issues. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix auth signature encoding and improve CLI usage example The authentication system now decodes base64 strings before verifying signatures to align with the expected format. Additionally, the signature generation now encodes the output in base64, ensuring consistency across the auth process. The CLI help message for the `result` command is enhanced by providing a usage example, making it more user-friendly and informative. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor containsID to handle dynamic fields Updated the `containsID` function to accept a field name parameter, enabling dynamic field lookup within the reflection logic. This change facilitates the use of the function for various struct fields, improving code reusability and flexibility. CLI command 'data' now requires an additional argument for the private key file path, outlined in the usage example update, reinforcing command clarity and user guidance. Resolves issues with hardcoded field lookups and enhances CLI usability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Remove extraneous newline in key generation log output A redundant newline after the success message in the key generation command was removed to clean up log output formatting. This change ensures a more consistent and professional appearance of the CLI tool's messages. Signed-off-by: SammyOina <sammyoina@gmail.com> * Implemented auth service in gRPC startup Added authentication services to the gRPC server initialization to enforce security measures. The gRPC server's New function now includes an `authSvc` parameter, requiring instantiation of the auth service before starting the server. Failure to create the auth service results in a fatal error, halting the process to avoid running without protection. Tests have been updated to include `nil` values for the auth service parameter to maintain their functionality without authentication. Refactored `grpcserver.New` to accept the new auth service, and updated the main agent startup logic to create and inject the auth service. Added the auth middleware interceptors to the server options, which ensures that each gRPC call will undergo authentication. This change is a step towards secure communication, and affected components should now consider the authentication requirement. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor config read logic and update agent setup Improved the configuration reading in `cmd/agent/main.go` to handle larger payloads by reading data in chunks and checking for EOF, ensuring that all config data is captured even if it exceeds the initial buffer size. Enhanced the `test/manual/agent-config/main.go` to require additional command-line arguments, improving the setup process by explicitly requiring paths for data, algorithm, and public key as well as a boolean for attested TLS. Also updated the hashing method to SHA3 for the algorithm and data files, and included the hash and public keys as part of the agent, dataset, and result consumer configurations. These changes will make the agent setup more robust and provide better integrity checks for the involved files. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor run method to agentService Moved the run function into agentService for better encapsulation and maintainability. This refactoring includes capturing both stdout and stderr during algorithm execution, enabling more informative debugging through enhanced logging. Consequentially, the run method now references members through the service instance, aligning with object-oriented best practices and improving code coherence. Resolves issue with insufficient execution details when computations fail. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor computation data handling to use filepaths Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor error logging and ensure consistency Replaced usage of the standard log package with a custom logger for error reporting to standardize error logging throughout the application. Additionally, introduced graceful shutdown by returning from the main function rather than forcing exit when failing to create auth service, aligning the application's error handling strategy. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth initialization and key file handling Improved the readability and maintainability of the authentication service initialization by adding line breaks for logical separation. Also, standardized key filenames in the CLI key generation by introducing constants, enhancing code clarity and reducing the likelihood of file-naming errors. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor auth verification logic for improved security Removed an extraneous line in the `verifySignature` function that was not necessary for the signature verification process. This change simplifies the code and improves readability. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor payload structures to simplify API Removed the 'provider', 'id', 'consumer' fields from protocol buffers, gRPC services, and related functions across various files to streamline the data model and align with the new authentication system based on cryptographic verification rather than string identifiers. This results in more efficient data handling and a reduction in unnecessary payload data, while enhancing security by making entity validation strictly cryptographic. The changes affect agent-SDK interactions, CLI tools, and related services, ensuring only the necessary data (algorithm/data bytes, user keys, and hashes) is transmitted and processed. Consequently, the core computation algorithm and dataset handlers now rely on indexes derived from context to associate data with respective manifest entries, thus maintaining the ability to link to specific computation manifests without relying on explicit IDs in the payload. Additionally, refactored authentication methods now enforce role-based security seamlessly through metadata. This approach enhances privacy by avoiding transmission of potentially sensitive strings over the network and by ensuring that only internal indices, not globally interpretable identifiers, are used to process computations. Aligned with the broader architectural goal of simplifying and securing the platform's core services, this change paves the way for upcoming revisions to the authentication scheme that will further consolidate role-based security and improve system integrity. Signed-off-by: SammyOina <sammyoina@gmail.com> * Enhance CLI security with key paths Removed the section on running computations from the CLI README as it may no longer be necessary or the functionality has been moved elsewhere. Required private key file paths for algorithm, dataset upload, and result retrieval commands to enhance security. This change associates each action with a specific identity, ensuring secure and traceable operations. Additionally, updated the manual test commands to reflect this new requirement. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix ci Signed-off-by: SammyOina <sammyoina@gmail.com> * fix fmt Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com>	2024-05-28 14:10:13 +02:00
Sammy Kerata Oina	8975e28437	COCOS-77 - Stream agent logs and events over gRPC (#78 ) * Refactor GRPC manager service and client The manager service and client have been restructured for stream communication, facilitating real-time agent events, logs, and run responses. The `Run` RPC is replaced by the `Process` stream RPC, enabling bidirectional streaming between clients and the manager service. This allows continuous interchange of different message types including `WhoAmIRequest`, `AgentLog`, `AgentEvent`, and `RunResponse`. Several message types have been adjusted and new fields introduced, like `AgentPort` in `RunResponse` and various agent-config attributes including CA files and instance IDs, to support TLS client authentication and distinguish between agent instances. We've also incorporated `google.protobuf.Timestamp` in `AgentEvent` for precise event logging. The client code reflects these modifications with updated method calls and stream handling logic for ongoing communication. Moreover, the updates necessitate corresponding changes throughout service, grpc, and sdk layers to interoperate with the new streaming approach. The transition to streaming paves the way for a more interactive, flexible communication system that can accommodate future expansion and real-time monitoring features. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix lint Signed-off-by: SammyOina <sammyoina@gmail.com> * Update GitHub Actions to Latest Versions Upgraded GitHub Actions 'checkout' to version 4 and 'setup-go' to version 5 across various workflow files to leverage the latest features and improvements for better performance and reliability. This also ensures compatibility with Go version 1.21.x which is specified in the workflows. Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor event handling and logging Reworked event and log processing to use channels instead of direct HTTP calls. Removed obsolete events package and consolidated event structures, leading to cleaner and more maintainable code. Updated agent events to use channels, enhanced error handling in log forwarding, and simplified manager `New` function signature to accept an event channel directly. - Removed `events` and `agentevents` packages to reduce complexity. - Replaced direct event server communication with internal channel usage. - Introduced `AgentEvent` struct in events.go for standardized event objects. - Adapted `managerService` to dispatch events and logs through channels. - Streamlined manager construction by removing the now-unnecessary event service and host IP parameters. This change results in a more robust and easier to extend event and log management system within the agent-manager interaction. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix ci Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unused code Signed-off-by: SammyOina <sammyoina@gmail.com> * add comments Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com>	2024-02-07 12:08:39 +01:00
Sammy Kerata Oina	e5c8243f5f	COCOS-62 - Add EOS images to release (#72 ) * Add build and release GitHub workflow for tagged commits Introduced a new GitHub Actions workflow to automate building and releasing for tagged commits. The workflow checks out the required repositories, builds the project using Buildroot configurations, and creates a release with the resultant kernel and rootfs artifacts. This streamlines the release process, ensuring consistent and reproducible builds. Signed-off-by: SammyOina <sammyoina@gmail.com> * Update GitHub Actions to Latest Versions Upgraded GitHub Actions in the workflow to latest or more recent versions to leverage improvements and maintain compatibility. This includes using version 4 for checkout steps and switching to 'latest' for release creation and asset upload actions, ensuring the use of up-to-date features and potential bug fixes. Ref: Internal upgrade protocol for CI/CD consistency. Signed-off-by: SammyOina <sammyoina@gmail.com> * fix workflow Signed-off-by: SammyOina <sammyoina@gmail.com> * Optimized checkout step in CI workflow Ensured the checked-out repository's reference matches the current workflow's triggering reference. This alignment can result in more predictable builds, especially when the workflow is triggered by pushes to branches other than the default or by tagged commits. Signed-off-by: SammyOina <sammyoina@gmail.com> * test repo Signed-off-by: SammyOina <sammyoina@gmail.com> * test modified module Signed-off-by: SammyOina <sammyoina@gmail.com> * Update and upgrade Ubuntu in GitHub actions workflow Ensure the GitHub actions runner has the latest Ubuntu updates before checking out the repository. This change significantly reduces the chances of encountering bugs or security vulnerabilities stemming from outdated packages, creating a more reliable and secure CI/CD environment. Signed-off-by: SammyOina <sammyoina@gmail.com> * restore repo Signed-off-by: SammyOina <sammyoina@gmail.com> * install golang Signed-off-by: SammyOina <sammyoina@gmail.com> * create tags only for release Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com>	2024-01-31 00:08:01 +01:00

10 Commits