From 91b82478b921799301baab6afb5c9601496f620d Mon Sep 17 00:00:00 2001 From: ChengyuZhu6 Date: Fri, 17 May 2024 20:06:54 +0800 Subject: [PATCH] cdh:golang: Add README for cdh go client Add README for cdh go client. Signed-off-by: ChengyuZhu6 --- confidential-data-hub/golang/README.md | 61 ++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 confidential-data-hub/golang/README.md diff --git a/confidential-data-hub/golang/README.md b/confidential-data-hub/golang/README.md new file mode 100644 index 000000000..042c7f10f --- /dev/null +++ b/confidential-data-hub/golang/README.md @@ -0,0 +1,61 @@ +# Confidential Data Hub Golang Client + +## Overview +This offers a streamlined client interface for engaging with Confidential Data Hub (`CDH`) through both gRPC and TTRPC protocols. Used for integration into Go-based projects, it’s ideal for applications like the Node Resource Interface (`NRI`) or image verifiers plugins in containerd. Furthermore, it can be compiled into a client binary for direct interaction with `CDH`. + +## Getting Started + +### Usage as library + +Import the package into your Go project: + +```go +//common interface +import common "github.com/confidential-containers/guest-components/confidential-data-hub/golang/pkg/core" + +//grpc package +import cdhgrpcapi "github.com/confidential-containers/guest-components/confidential-data-hub/golang/pkg/grpc" +//ttrpc package +import cdhttrpcapi "github.com/confidential-containers/guest-components/confidential-data-hub/golang/pkg/ttrpc" +``` + +Create a new client instance: + +```go +//cdh grpc client +c, err := cdhgrpcapi.CreateCDHGrpcClient("127.0.0.1:8043") + +//cdh ttrpc client +c, err := cdhttrpcapi.CreateCDHTtrpcClient("/run/confidential-containers/cdh.sock") +``` + +Interact with `CDH` using the client, for example : +```go +unsealedValue, err := common.UnsealEnv(ctx, c, sealedSecret) +``` + +### Usage as binary + +Build and Install the binary, such as: +```bash +$ make RPC=grpc +Building Go binaries... +GOARCH=amd64 go build -o bin/cdh-go-client ./cmd/grpc-client +$ sudo make install +Installing binaries... +install -D -m0755 bin/cdh-go-client /usr/local/bin +``` + +Interact with CDH using the binary, such as get sealed secret: +```bash +$ cdh-go-client -v sealed.fakeheader.ewogICJ2ZXJzaW9uIjogIjAuMS4wIiwKICAidHlwZSI6ICJ2YXVsdCIsCiAgIm5hbWUiOiAia2JzOi8vL2RlZmF1bHQvdHlwZS90YWciLAogICJwcm92aWRlciI6ICJrYnMiLAogICJwcm92aWRlcl9zZXR0aW5ncyI6IHt9LAogICJhbm5vdGF0aW9ucyI6IHt9Cn0K.fakesignature +unsealed value from env = that's the unsealed secret +``` +or get sealed secret from file: +```bash +$ cat < sealedsecretfile +sealed.fakeheader.ewogICJ2ZXJzaW9uIjogIjAuMS4wIiwKICAidHlwZSI6ICJ2YXVsdCIsCiAgIm5hbWUiOiAia2JzOi8vL2RlZmF1bHQvdHlwZS90YWciLAogICJwcm92aWRlciI6ICJrYnMiLAogICJwcm92aWRlcl9zZXR0aW5ncyI6IHt9LAogICJhbm5vdGF0aW9ucyI6IHt9Cn0K.fakesignature +EOF +$ cdh-go-client -f sealedsecretfile +unsealed value from file = that's the unsealed secret +``` \ No newline at end of file