common

func AttestationWorker ¶

func AttestationWorker(
	interval time.Duration,
	logger *logging.Logger,
	hp *sandbox.HostInitializerParams,
	updateCapabilityFunc func(context.Context, *sandbox.HostInitializerParams) (*node.CapabilityTEE, error),
)

AttestationWorker is the periodic re-attestation worker loop.

It should be started in its own goroutine.

func EndorseCapabilityTEE ¶

func EndorseCapabilityTEE(
	ctx context.Context,
	identity *identity.Identity,
	capabilityTEE *node.CapabilityTEE,
	conn protocol.Connection,
	logger *logging.Logger,
)

EndorseCapabilityTEE endorses the given CapabilityTEE and submits the signed endorsement to the runtime over the given connection.

func InitMetrics ¶

func InitMetrics()

InitMetrics registers the metrics collectors if metrics are enabled.

func UpdateAttestationMetrics ¶

func UpdateAttestationMetrics(runtimeID common.Namespace, kind component.TEEKind, err error)

UpdateAttestationMetrics updates the attestation metrics if metrics are enabled.

func UpdateRuntimeQuote ¶

func UpdateRuntimeQuote(ctx context.Context, conn protocol.Connection, quote *pcs.QuoteBundle) ([]byte, error)

UpdateRuntimeQuote sends the given quote bundle to the runtime so it can be configured for remote attestation purposes. The runtime responds with a signed attestation.