Dissociate registrar API version from agent API version

keylime / rust-keylime

Rust implementation of the keylime agent

https://keylime.dev

Apache License 2.0

96 stars 50 forks source link

Dissociate registrar API version from agent API version #790

Open ansasaki opened 4 months ago

ansasaki commented 4 months ago

Currently, the keylime agent uses its own API_VERSION to construct the accessed registrar API:

https://github.com/keylime/rust-keylime/blob/c91fba3382867737d194dfedf85cae7ee133c9e3/keylime-agent/src/registrar_agent.rs#L99-L101

This makes the agent API version tied with the registrar API version.

Evaluate if it makes sense to dissociate the versions, making it possible to advance the API versions independently.

tuminoid commented 2 weeks ago

+1.

We tried using the v0.2.6 agent (v2.2) versus a v2.1 registrar, and it doesn't find any endpoints. I did not found any config value that would help us here, and the API_VERSION is set as const. This is a problem as we're trying to deliver the agent images but do not control which registrar version target environment has, and delivering and supporting many agent images is less than optimal.