Merge pull request #3828 from liangzhou121/agent-aa-1

CCv0: Update AA's launch command
2025-08-31 16:36:38 +00:00 · 2022-03-08 14:09:12 -06:00
parent 8327fcd5c2 5451c8da4a
commit 6fdafd47ef
1 changed files with 7 additions and 4 deletions
--- a/src/agent/src/image_rpc.rs
+++ b/src/agent/src/image_rpc.rs
@@ -41,7 +41,8 @@ const SKOPEO_PATH: &str = "/usr/bin/skopeo";
 const UMOCI_PATH: &str = "/usr/local/bin/umoci";
 const IMAGE_OCI: &str = "image_oci";
 const AA_PATH: &str = "/usr/local/bin/attestation-agent";
-const AA_PORT: &str = "127.0.0.1:50000";
+const AA_KEYPROVIDER_PORT: &str = "127.0.0.1:50000";
+const AA_GETRESOURCE_PORT: &str = "127.0.0.1:50001";
 const OCICRYPT_CONFIG_PATH: &str = "/tmp/ocicrypt_config.json";
 const OCI_ANNOTATION_REF_NAME: &str = "org.opencontainers.image.ref.name";
 const OCI_IMAGE_MANIFEST_NAME: &str = "application/vnd.oci.image.manifest.v1+json";
@@ -383,7 +384,7 @@ impl ImageService {
        let ocicrypt_config = serde_json::json!({
            "key-providers": {
                "attestation-agent":{
-                    "grpc":AA_PORT
+                    "grpc":AA_KEYPROVIDER_PORT
                }
            }
        });
@@ -395,8 +396,10 @@ impl ImageService {

        // The Attestation Agent will run for the duration of the guest.
        Command::new(AA_PATH)
-            .arg("--grpc_sock")
-            .arg(AA_PORT)
+            .arg("--keyprovider_sock")
+            .arg(AA_KEYPROVIDER_PORT)
+            .arg("--getresource_sock")
+            .arg(AA_GETRESOURCE_PORT)
            .spawn()
            .unwrap();
    }