github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-26 07:22:20 +00:00
Code Issues Projects Releases Wiki Activity

protocols: add support for sealed_secret service

Browse Source 
To unseal a secret, the Kata agent will contact the CDH
using ttRPC. Add the proto that describes the sealed
secret service and messages that will be used.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
Signed-off-by: Biao Lu <biao.lu@intel.com>
This commit is contained in:
Biao Lu 2023-08-01 22:24:52 +08:00 committed by Tobin Feldman-Fitzthum
parent 49696bbdf2
commit 6c1a2f01f8
3 changed files with 50 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/libs/protocols/build.rs
View File

@ -198,13 +198,34 @@ fn real_main() -> Result<(), std::io::Error> {
// generate async // generate async
#[cfg(feature = "async")] #[cfg(feature = "async")]
{ {
codegen("src", &["protos/agent.proto", "protos/health.proto"], true)?;
codegen(
"src",
&[
"protos/agent.proto",
"protos/health.proto",
"protos/sealed_secret.proto",
],
true,
)?;
fs::rename("src/agent_ttrpc.rs", "src/agent_ttrpc_async.rs")?; fs::rename("src/agent_ttrpc.rs", "src/agent_ttrpc_async.rs")?;
fs::rename("src/health_ttrpc.rs", "src/health_ttrpc_async.rs")?; fs::rename("src/health_ttrpc.rs", "src/health_ttrpc_async.rs")?;
fs::rename(
"src/sealed_secret_ttrpc.rs",
"src/sealed_secret_ttrpc_async.rs",
)?;
} }
codegen("src", &["protos/agent.proto", "protos/health.proto"], false)?; codegen(
"src",
&[
"protos/agent.proto",
"protos/health.proto",
"protos/sealed_secret.proto",
],
false,
)?;
// There is a message named 'Box' in oci.proto // There is a message named 'Box' in oci.proto
// so there is a struct named 'Box', we should replace Box<Self> to ::std::boxed::Box<Self> // so there is a struct named 'Box', we should replace Box<Self> to ::std::boxed::Box<Self>

21
src/libs/protocols/protos/sealed_secret.proto Normal file
View File

@ -0,0 +1,21 @@
//
// Copyright (c) 2024 IBM
//
// SPDX-License-Identifier: Apache-2.0
//
syntax = "proto3";
package api;
message UnsealSecretInput {
bytes secret = 1;
}
message UnsealSecretOutput {
bytes plaintext = 1;
}
service SealedSecretService {
rpc UnsealSecret(UnsealSecretInput) returns (UnsealSecretOutput) {};
}

6
src/libs/protocols/src/lib.rs
View File

@ -27,3 +27,9 @@ pub use serde_config::{
deserialize_enum_or_unknown, deserialize_message_field, serialize_enum_or_unknown, deserialize_enum_or_unknown, deserialize_message_field, serialize_enum_or_unknown,
serialize_message_field, serialize_message_field,
}; };
pub mod sealed_secret;
pub mod sealed_secret_ttrpc;
#[cfg(feature = "async")]
pub mod sealed_secret_ttrpc_async;