* Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428)
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
COCOS-407 - Add support for Linux IMA (#429)
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
Rebase changes to main
Refactor after rebase
* Add Azure attestation
* COCOS-395 - Cloud Provider Firmware Integration (#415)
* add CC platform identification capability
* add token verification
* add snp azure
* add azure snp report verification
* fix linter errors
* fix agent tests
* expand the CC provider
* fix azure atls
* rebase branch
* add nonce check for azure token
* rename package attestations
* remove alias attestations
---------
Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net>
* Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428)
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
COCOS-407 - Add support for Linux IMA (#429)
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
Rebase changes to main
Refactor after rebase
* Rebase with main
* Modify tests to accomodate changes
* Use env vars appropriately
* Use env vars appropriately
* Use caps in err name
---------
Co-authored-by: Danko Miladinovic <72250944+danko-miladinovic@users.noreply.github.com>
Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net>
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Fixed rebase errors
* Fixed proto issues
* fixed proto issues
* Fixed format error
* Fixed based on comments
* NOISSUE - Simplify local agent running in non sev-snp environment (#411)
* Add vtpm attestation support to agent service and server
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update mockery version to v2.53.2 and refactor VM factory to include logger
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Send event notification when computation is stopped in agentService
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove redundant assignment of Stderr in qemuVM Start method
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Rename SVM references to CVM in tracing, logging, metrics, and service layers
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Bump github.com/docker/docker (#416)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.0.1+incompatible to 28.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v28.0.1...v28.0.4)
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#412)
Bumps google.golang.org/protobuf from 1.36.5 to 1.36.6.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* COCOS-393 - Disable SSH service and update user shell in cloud config (#396)
* Disable SSH service and update user shell in cloud config
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove SSH server and clean up dependencies in cloud config
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add firewall configuration and ensure iptables rules persist after reboot
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add algo_user configuration and setup script for container execution
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed based on comments
* Fixed rebase errors
* Fixed format error
* Fixed based on comments
* Fixed rebase errors
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump mockery version to 2.53.3 in generated mock files
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update golangci-lint action to v7 and bump version to v1.64.7
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update golangci-lint action to v7 and configure linters in .golangci.yaml
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add vtpm attestation support to agent service and server
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update mockery version to v2.53.2 and refactor VM factory to include logger
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Send event notification when computation is stopped in agentService
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove redundant assignment of Stderr in qemuVM Start method
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Rename SVM references to CVM in tracing, logging, metrics, and service layers
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* resolved issue 390
* updated readme.md for issue 390
* resolved issue 390
* updated readme.md for issue 390
* implemented suggested changes
* refactored code so it passes the linter test
* change the Run fn so it prints the meassurement t a buffer
* refactored code so it passes the linter test
* fixed the test Run_-_Failure_Execution
* changed recipe so it builds igvmmeasure binary when building manager
Add copyright information to package
Add testing to igvm measurements
Remove trailing white space
Improve testing
Resolve PR comments
Add measure to cli
Add README for feature
Fix PR comments
Added new line to shell script
Add measurement interface
Fix ci
Refactor code for IgvmMeasurement to become a CLI dependency
Refactor code for IgvmMeasurement to become a CLI dependency
Refactor based on ci failures
Fix error handling
Add header
Fix ci
* manager, cli and agent vtpm support
* rebase and changed atls for vtpm
* deleted unused code
* changed chekproto.yaml script so it find the manager proto file correctly
* fixe manager proto version
* fix agent tests
* fix server agent test
* fix attestation test
* fix attestation test gofumpt
* created dummy RWC for TPM
* fix comment
* add default PCR values
* rebase main
* fix rust ci and missing header
* changed embedded attestation to VMPL 2
* fix unused impot
* fix pkg test
* address attestation type
* fix agent attestation test
* add prc15 check
* fix comments
* fix cli tests
* add doc
* add mock for LeveledQuoteProvider when SEV-SNP device is not found
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix manager reading attestation policy
* refactor PCR value checks and update attestation policy values
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix tests for sev and grpc
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Co-authored-by: Sammy Oina <sammyoina@gmail.com>
* Update Dependabot configuration and Go dependencies; modify test command to include embed tag
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor CVMSClient computation handling and improve test message queue capacity
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor TestManagerClient_Process to remove buffer from messageQueue and ensure proper handling of messages
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor AgentServer interface and update related implementations; adjust dependency versions in go.mod
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Implement State method for agent.Service and enhance metrics and logging middleware to track state changes
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update file permission modes to use octal notation in CVMS client and agent main
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor CVMS client and agent main to improve function signatures and variable naming for clarity
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove unnecessary fmt import and logging statement in CVMSClient Process method
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add file-based storage implementation for message persistence in CVMSClient
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update README and main.go for CVMS service: correct references and improve clarity
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update README to clarify gRPC host and port descriptions for CVMS server
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Rename sendMessageWithRetry to sendStreamMessage for clarity and consistency in CVMSClient
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update README to add detailed descriptions for algorithm and dataset paths
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Sammy Kerata Oina
dorcaslitunya
Danko Miladinovic
Jovan Djukic
Dusan Borovcanin
dependabot[bot]
Washington Kigani Kamadi
Smith Jilks
Drasko DRASKOVIC