add tee_technology flag and test for tee_technology flag #307
Conversation
cmd/attest.go
Outdated
| } | ||
| default: | ||
| // Change the return statement when more devices are added | ||
| return fmt.Errorf("tee_technology should be sev-snp") |
There was a problem hiding this comment.
should be one of ["", "sev-snp"]
There was a problem hiding this comment.
I have added a constant for the device name and changed the return statement to "tee_technology should be empty or sev-snp"
| attestOpts.TEENonce = teeNonce | ||
| } | ||
| } else { | ||
| if len(teeNonce) != 0 { |
There was a problem hiding this comment.
else if to about rightward shift
There was a problem hiding this comment.
Instead of else and a if , I'll change it to else if
cmd/attest.go
Outdated
| } | ||
|
|
||
| func addTeeTechnology(cmd *cobra.Command) { | ||
| cmd.PersistentFlags().StringVar(&teeTechnology, "tee_technology", "", "indicates the type of TEE hardware <sev-snp>") |
There was a problem hiding this comment.
make text the same as the above error message about valid values.
There was a problem hiding this comment.
By default it is set to nil, if used then the possible value for now is "sev-snp" only.
There was a problem hiding this comment.
You can still write "--tee_technology=" as an argument to use the flag and set it to empty, so how about, "indicates the type of TEE hardware, if set"
There was a problem hiding this comment.
If user left the flag empty then it will say ,
Error: flag needs an argument: --tee_technology
There was a problem hiding this comment.
Should I change the description to "indicates the type of TEE hardware, if set to sev-snp"
cmd/attest.go
Outdated
| } | ||
|
|
||
| func addTeeTechnology(cmd *cobra.Command) { | ||
| cmd.PersistentFlags().StringVar(&teeTechnology, "tee_technology", "", "indicates the type of TEE hardware. Should be empty or sev-snp") |
There was a problem hiding this comment.
Based on the current naming convention for this CLI, it should be "tee-technology"
There was a problem hiding this comment.
I have changed the flag name to --tee-technology to make it consistent throughout the file.
cmd/attest.go
Outdated
| attestOpts.TEENonce = teeNonce | ||
| } | ||
| } else if len(teeNonce) != 0 { | ||
| return fmt.Errorf("use of --teenonce requires specifying TEE hardware type with --tee_technology") |
There was a problem hiding this comment.
Could we change "--teenonce" to be "--tee-nonce" for the naming convention? (I understand this flag is created in this PR)
There was a problem hiding this comment.
I have changed it to --tee-nonce
cmd/attest.go
Outdated
| if len(teeTechnology) != 0 { | ||
| // Add logic to open other hardware devices when required. | ||
| switch teeTechnology { |
There was a problem hiding this comment.
I feel like it is a bit confusing with a switch block inside an if block.
Can you just use the switch block and add the logic under else if len(teeNonce) != 0 { as part of the case ""?
There was a problem hiding this comment.
As we discussed , I have used a switch case instead of if else and it is working fine with all possible cases.
New Features: Add attest and verify command to gotpm google#293 Add tee_technology flag and test for tee_technology flag google#307 * intra-release breaking change Other Changes: Add OS Policy assignment tests for both debug and hardened. google#301 Add a wrapper for ExternalTPM google#302 Update to go-sev-guest v0.6.0 google#304 Update base image family to use cos-dev google#306 Update go-sev-guest to v0.6.1 google#308
New Features: Add attest and verify command to gotpm #293 Add tee_technology flag and test for tee_technology flag #307 * intra-release breaking change Other Changes: Add OS Policy assignment tests for both debug and hardened. #301 Add a wrapper for ExternalTPM #302 Update to go-sev-guest v0.6.0 #304 Update base image family to use cos-dev #306 Update go-sev-guest to v0.6.1 #308
Added --tee_technology flag in attest CLI that specifies the type of hardware the user wants to use for attestation.