[Cloud Client Library] Use V1 SDK in client #305
Conversation
|
/gcbrun |
|
/gcbrun |
|
/gcbrun |
Yes, I think experiment gating will give us more confidence in V1 sdk when rolling out changes. Waiting for @jkl73 's thoughts on this. |
| RawSignature: encoding.EncodeToString(quote.GetRawSig()), | ||
| HashAlgo: int64(quote.GetPcrs().GetHash()), | ||
| quotes[i] = &confidentialcomputingpb.TpmAttestation_Quote{ | ||
| RawQuote: quote.GetQuote(), |
There was a problem hiding this comment.
Hmmm, here (and other places) it used to be using the base64 encoding, did we change the encoding on the service side?
There was a problem hiding this comment.
Yes, following https://google.aip.dev/140#string-vs-bytes since the bytes are already base 64 encoded
If we want it behind an experiment, we should probably make this change additive instead of also deleting the old client. Perhaps introduce a new client in restv1.go and remove the old one in a separate PR once we have completed experiment rollout. |
Yes, there will be additional changes to this PR to ensure this client SDK change is behind an experiment. But for now this PR is blocked because it is dependent on Josh's client experiment changes. |
0ff551d to
3114baf
Compare
New Features: [launcher] Verify FS and mount before launch google#311 Integration of go-tpm-tools with go-tdx-guest google#347 Intra-version Breaking Changes: Add launcherfile package for path and file consts google#356 breaks google#333 Bug Fixes: [launcher] Update the token refresh logic google#325 [launcher] Fix logging blocking issue google#338 Other Changes: [launcher] Add a new metadata flag of signedImageRepos google#320 Update go-sev-guest to v0.7.0 google#329 [launcher] Add SSH test for image. google#314 Add supported architectures to ci.yml google#330 Fix the go version number error google#326 [launcher] Signature discovery: fetch a signed image manifest at for parsing google#324 [launcher] Export attestation token filepath and filename google#333 [launcher] Increase the max file descriptor google#339 [launcher] Add a signature interface and a library to parse signature from image manifest google#328 Rename TdxVerify function to TdxQuote in server package. google#353 [launcher] Use V1 SDK in launcher verifier client google#305 Update and tidy dependencies google#344
New Features: [launcher] Verify FS and mount before launch #311 Integration of go-tpm-tools with go-tdx-guest #347 Intra-version Breaking Changes: Add launcherfile package for path and file consts #356 breaks #333 Bug Fixes: [launcher] Update the token refresh logic #325 [launcher] Fix logging blocking issue #338 Other Changes: [launcher] Add a new metadata flag of signedImageRepos #320 Update go-sev-guest to v0.7.0 #329 [launcher] Add SSH test for image. #314 Add supported architectures to ci.yml #330 Fix the go version number error #326 [launcher] Signature discovery: fetch a signed image manifest at for parsing #324 [launcher] Export attestation token filepath and filename #333 [launcher] Increase the max file descriptor #339 [launcher] Add a signature interface and a library to parse signature from image manifest #328 Rename TdxVerify function to TdxQuote in server package. #353 [launcher] Use V1 SDK in launcher verifier client #305 Update and tidy dependencies #344
Update the old version of client with the V1 cloud client library.
Use
go get cloud.google.com/go/confidentialcomputing/apiv1to install the package.