* Refactor and update dependencies in the project
- Updated go.sum to replace `github.com/absmach/magistrala` with `github.com/absmach/supermq` across various modules.
- Removed VSock configuration from environment variables and QEMU arguments.
- Updated QEMU configuration and related tests to remove references to guest CID and VSock.
- Added new HTTP transport layer for API endpoints in the manager.
- Introduced Prometheus monitoring configuration with alert rules and Alertmanager setup.
- Updated service and VM interfaces to remove unused methods and references.
- Refactored tests to align with the new structure and dependencies.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add MaxVMs configuration and enforce limit on VM creation
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add comprehensive tests for HTTP transport handlers and endpoints
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add test case for exceeding maximum number of VMs in TestRun
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Improve error handling in TestHandlerWithCustomRouter to ensure response writing is checked
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update dependencies to latest versions
- Upgrade cel.dev/expr from v0.23.0 to v0.24.0
- Upgrade github.com/absmach/supermq from v0.16.0 to v0.17.0
- Upgrade github.com/cenkalti/backoff from v4.3.0 to v5.0.2
- Upgrade github.com/cncf/xds/go to v0.0.0-20250501225837-2ac532fd4443
- Upgrade github.com/go-chi/chi/v5 from v5.2.1 to v5.2.2
- Upgrade github.com/go-jose/go-jose/v3 from v3.0.3 to v3.0.4
- Upgrade github.com/gofrs/uuid/v5 from v5.3.0 to v5.3.2
- Upgrade github.com/prometheus/client_golang from v1.22.0 to v1.23.0
- Upgrade github.com/prometheus/client_model from v0.6.1 to v0.6.2
- Upgrade github.com/prometheus/common from v0.62.0 to v0.65.0
- Upgrade github.com/prometheus/procfs from v0.15.1 to v0.16.1
- Upgrade go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from v0.60.0 to v0.62.0
- Upgrade go.opentelemetry.io/otel/exporters/otlp/otlptrace from v1.36.0 to v1.37.0
- Upgrade golang.org/x/crypto from v0.39.0 to v0.40.0
- Upgrade golang.org/x/sys from v0.33.0 to v0.34.0
- Upgrade golang.org/x/text from v0.26.0 to v0.27.0
- Upgrade golang.org/x/time from v0.11.0 to v0.12.0
- Upgrade google.golang.org/grpc from v1.73.0 to v1.74.2
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Implement IMAMeasurements method in agentSDK and add corresponding unit tests
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add unit tests for NewIMAMeasurements command in CLI
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add error assertion for command execution in NewIMAMeasurements test
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix nil pointer dereference in Close method and update NewCreateVMCmd logic for manager client initialization
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor file permission settings to use octal notation and improve cleanup handling in NewCreateVMCmd test
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add comprehensive unit tests for state machine functionality
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add mock implementation for Algorithm interface and corresponding test cases
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor file permission settings to use octal notation in TestStopComputationIntegration
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove redundant reset test cases from TestStateMachine_Reset
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix race condition in action call verification in TestStateMachine_HandleEvent
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance state machine with reset functionality and improve thread safety in event handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Improve error handling in state machine start function during tests
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove concurrent reset and send event test from state machine tests
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove error logging for Start function in transition tests
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add mock implementations for AgentService_IMAMeasurementsClient and Service Shutdown method; enhance progress tests for IMA measurements handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add comprehensive tests for FileStorage functionality including loading, saving, and concurrent access
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance tests by adding dataset and algorithm hashes in handleRunReqChunks; improve error handling in TestFileStorage_ErrorHandling cleanup
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance TestManagerClient_Process by adding new test cases for Agent state and Disconnect requests; update setupMocks to include grpcClient
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix graceful shutdown in gRPC server by adding nil checks for health and server instances
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance TestAttestation by adding mock expectations for VTpmAttestation and Attestation methods; update service call to include platform parameter
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance gRPC Server by adding synchronization for start/stop methods; prevent multiple starts and ensure graceful shutdown
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add unit tests for gRPC server methods including VM creation, removal, and info retrieval
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add tests for SEVSNP and TDX host capabilities; remove unused vsock code
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add a newline for better readability in vm_test.go
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add integration tests for gRPC client in cvm_test.go
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove unused vsock dependencies and add comprehensive unit tests for GCP attestation functions
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Skip GCP tests if credentials are not set
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add tests for error handling in attestation configuration and GCP commands
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Improve error handling in Azure VM test response writing
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Skip tests in GCP functions if credentials are not set
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add comprehensive unit tests for Azure attestation provider and verifier
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add unit tests for TPM functionality and improve error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add comprehensive tests for attestation functionality and improve error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add validation for teeNonce in TeeAttestation and implement comprehensive tests for provider methods
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor error messages in TDX attestation tests for clarity
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix error message in TeeAttestation test for valid nonce case
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add MeasurementProvider mock and update mockery configuration
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add logging for product in parseUints and rename test functions for clarity
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor TestSevsnpverify to reset configuration and improve error logging
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Refactor gRPC server handlers to use a map for improved organization and add validation for nonce lengths in attestation requests
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Enhance nonce validation and improve error handling in gRPC server methods
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix TDXEnabled function to check for 'Y' instead of '1' in kernel parameter
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix TDXEnabled test to check for 'Y' instead of '1' in CPU flags
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix SEVSNPEnabled function to check for 'Y' instead of '1' in kernel parameter
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Fix TestSEVSNPEnabled to check for 'Y' instead of '1' in KVM parameter
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* added maTLS feature to agent and cli
* added maTLS feature to agent and cli
* added tests and fixed one bug
* fixed according to comment
* fixed test
* fixed
* Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428)
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
COCOS-407 - Add support for Linux IMA (#429)
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
Rebase changes to main
Refactor after rebase
* Add Azure attestation
* COCOS-395 - Cloud Provider Firmware Integration (#415)
* add CC platform identification capability
* add token verification
* add snp azure
* add azure snp report verification
* fix linter errors
* fix agent tests
* expand the CC provider
* fix azure atls
* rebase branch
* add nonce check for azure token
* rename package attestations
* remove alias attestations
---------
Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net>
* Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
NOISSUE - Add DisconnectReq message and TTL support for VM creation (#428)
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
COCOS-407 - Add support for Linux IMA (#429)
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
Add token measurement command
Add Azure cloud attestation fetching
Add ability to fetch azure attestation token
Remove gcp changes
Remove gcp changes
Add Azure attestation support
Modify pipeline proto checks
Update protoc version
Fix failing CI
fetch token as a file
Convert jwt to json
Small bug fix -- correct file name for attestation token
Fix failing CI
Modify protoc version
Update protoc version
Update protoc version
Update protoc version
Add changes to allow passing vtpm nonce
Add PR review changes to refactor the code
Refactor name change to AttestationResult
Refactor name change to AttestationResult
Return report as json
Format files properly
Fix attestaton changes
Modify changes based on PR review
Add more test coverage
Correct bug in Server test
Rename "FetchAttestationResult" to "AttestationResult"
Send token as part of stream
Fix CI
Rebase changes to main
Refactor after rebase
* Rebase with main
* Modify tests to accomodate changes
* Use env vars appropriately
* Use env vars appropriately
* Use caps in err name
---------
Co-authored-by: Danko Miladinovic <72250944+danko-miladinovic@users.noreply.github.com>
Co-authored-by: Ubuntu <azureuser@UVCTestCVM.bu0p0zdolasezg1jifpyqhaxuc.dx.internal.cloudapp.net>
* Added a feature which enables users to fetch IMA measurements and verify them
* Added a feature which enables users to fetch IMA measurements and verify them
* fixed lint error
* fixed according to comments
* fixed according to comments
* fixed according to comments
* fixed according to comments
* final bug fix
* feat: Add DisconnectReq message and TTL support for VM creation
- Introduced DisconnectReq message in cvms.proto to handle disconnection requests.
- Enhanced CreateReq in manager.proto to include a TTL field for virtual machines.
- Updated CLI to accept TTL as a command-line flag during VM creation.
- Modified manager service to remove VMs after the specified TTL duration.
- Adjusted gRPC client connection handling in agent main.go to support new client structure.
- Added mock implementation for gRPC client to facilitate testing.
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* fix: Mark server URL flag as required with error handling
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Updated agent docs
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Fixed rebase errors
* Fixed proto issues
* fixed proto issues
* Fixed format error
* Fixed based on comments
* NOISSUE - Simplify local agent running in non sev-snp environment (#411)
* Add vtpm attestation support to agent service and server
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update mockery version to v2.53.2 and refactor VM factory to include logger
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Send event notification when computation is stopped in agentService
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove redundant assignment of Stderr in qemuVM Start method
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Rename SVM references to CVM in tracing, logging, metrics, and service layers
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Bump github.com/docker/docker (#416)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.0.1+incompatible to 28.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v28.0.1...v28.0.4)
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#412)
Bumps google.golang.org/protobuf from 1.36.5 to 1.36.6.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* COCOS-393 - Disable SSH service and update user shell in cloud config (#396)
* Disable SSH service and update user shell in cloud config
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove SSH server and clean up dependencies in cloud config
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add firewall configuration and ensure iptables rules persist after reboot
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add algo_user configuration and setup script for container execution
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed based on comments
* Fixed based on comments
* added certificate verification
* Initial commit, will be tested before creating a PR
* Fixed all issues
* Initial commit, will be tested before creating a PR
* Initial commit, will be tested before creating a PR
* Fixed based on comments
* Fixed rebase errors
* Fixed format error
* Fixed based on comments
* Fixed rebase errors
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump mockery version to 2.53.3 in generated mock files
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update golangci-lint action to v7 and bump version to v1.64.7
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update golangci-lint action to v7 and configure linters in .golangci.yaml
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Add vtpm attestation support to agent service and server
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Update mockery version to v2.53.2 and refactor VM factory to include logger
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Send event notification when computation is stopped in agentService
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Remove redundant assignment of Stderr in qemuVM Start method
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
* Rename SVM references to CVM in tracing, logging, metrics, and service layers
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
---------
Signed-off-by: Sammy Oina <sammyoina@gmail.com>
dependabot[bot]
Jovan Djukic
Sammy Kerata Oina
Drasko DRASKOVIC
dorcaslitunya
Danko Miladinovic
Dusan Borovcanin