From 9c74b0d0e74931a44a2e95c08f10eb7a46a907f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Wei=C3=9Fe?= <david.weisse@gmx.net>
Date: Fri, 21 Jun 2024 10:11:39 +0200
Subject: [PATCH] cli: derive runtime class name from launch digest

---
 cli/cmd/common.go                     | 7 +++++++
 cli/cmd/generate.go                   | 5 +++--
 cli/cmd/runtime.go                    | 5 +----
 cli/main.go                           | 3 +--
 packages/by-name/contrast/package.nix | 5 ++---
 5 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/cli/cmd/common.go b/cli/cmd/common.go
index 34ad97988c..d0dc915575 100644
--- a/cli/cmd/common.go
+++ b/cli/cmd/common.go
@@ -6,6 +6,7 @@ package cmd
 import (
 	"context"
 	_ "embed"
+	"fmt"
 	"os"
 	"path/filepath"
 	"time"
@@ -41,8 +42,14 @@ var (
 	//
 	// It is intentionally left empty for dev builds.
 	DefaultCoordinatorPolicyHash = ""
+	// This value is injected at build time.
+	launchDigest = "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 )
 
+func runtimeHandler() string {
+	return fmt.Sprintf("contrast-cc-%s", launchDigest[:32])
+}
+
 func cachedir(subdir string) (string, error) {
 	dir := os.Getenv(cacheDirEnv)
 	if dir == "" {
diff --git a/cli/cmd/generate.go b/cli/cmd/generate.go
index e2b0659a72..88699ad5f2 100644
--- a/cli/cmd/generate.go
+++ b/cli/cmd/generate.go
@@ -335,13 +335,14 @@ func injectServiceMesh(resources []any) error {
 }
 
 func runtimeClassNamePatcher() func(*applycorev1.PodSpecApplyConfiguration) *applycorev1.PodSpecApplyConfiguration {
+	handler := runtimeHandler()
 	return func(spec *applycorev1.PodSpecApplyConfiguration) *applycorev1.PodSpecApplyConfiguration {
-		if spec.RuntimeClassName == nil || *spec.RuntimeClassName == runtimeHandler {
+		if spec.RuntimeClassName == nil || *spec.RuntimeClassName == handler {
 			return spec
 		}
 
 		if strings.HasPrefix(*spec.RuntimeClassName, "contrast-cc") || *spec.RuntimeClassName == "kata-cc-isolation" {
-			spec.RuntimeClassName = &runtimeHandler
+			spec.RuntimeClassName = &handler
 		}
 		return spec
 	}
diff --git a/cli/cmd/runtime.go b/cli/cmd/runtime.go
index 98b1b765ca..06125fc4ee 100644
--- a/cli/cmd/runtime.go
+++ b/cli/cmd/runtime.go
@@ -7,9 +7,6 @@ import (
 	"github.com/spf13/cobra"
 )
 
-// This value is injected at build time.
-var runtimeHandler = "contrast-cc"
-
 // NewRuntimeCmd creates the contrast runtime subcommand.
 func NewRuntimeCmd() *cobra.Command {
 	cmd := &cobra.Command{
@@ -28,5 +25,5 @@ have the runtimeClassName set to the value returned by this command.
 }
 
 func runRuntime(cmd *cobra.Command, _ []string) {
-	cmd.Println(runtimeHandler)
+	cmd.Println(runtimeHandler())
 }
diff --git a/cli/main.go b/cli/main.go
index d61bff62bf..adda975d7c 100644
--- a/cli/main.go
+++ b/cli/main.go
@@ -30,7 +30,6 @@ func execute() error {
 
 var (
 	version          = "0.0.0-dev"
-	runtimeHandler   = "contrast-cc"
 	launchDigest     = "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 	genpolicyVersion = "0.0.0-dev"
 )
@@ -40,7 +39,7 @@ func newRootCmd() *cobra.Command {
 	var versionsBuilder strings.Builder
 	versionsWriter := tabwriter.NewWriter(&versionsBuilder, 0, 0, 4, ' ', 0)
 	fmt.Fprintf(versionsWriter, "%s\n\n", version)
-	fmt.Fprintf(versionsWriter, "\truntime handler:\t%s\n", runtimeHandler)
+	fmt.Fprintf(versionsWriter, "\truntime handler:\tcontrast-cc-%s\n", launchDigest[:32])
 	fmt.Fprintf(versionsWriter, "\tlaunch digest:\t%s\n", launchDigest)
 	fmt.Fprintf(versionsWriter, "\tgenpolicy version:\t%s\n", genpolicyVersion)
 	fmt.Fprintf(versionsWriter, "\timage versions:\n")
diff --git a/packages/by-name/contrast/package.nix b/packages/by-name/contrast/package.nix
index 354569dea8..0c2c6caa5c 100644
--- a/packages/by-name/contrast/package.nix
+++ b/packages/by-name/contrast/package.nix
@@ -20,7 +20,7 @@ let
     ldflags = [
       "-s"
       "-X github.com/edgelesssys/contrast/internal/manifest.trustedMeasurement=${launchDigest}"
-      "-X github.com/edgelesssys/contrast/cli/cmd.runtimeHandler=${runtimeHandler}"
+      "-X github.com/edgelesssys/contrast/cli/cmd.launchDigest=${launchDigest}"
       "-X github.com/edgelesssys/contrast/internal/kuberesource.runtimeHandler=${runtimeHandler}"
     ];
 
@@ -78,11 +78,10 @@ buildGoModule rec {
     "-s"
     "-w"
     "-X main.version=v${version}"
-    "-X main.runtimeHandler=${runtimeHandler}"
     "-X main.launchDigest=${launchDigest}"
     "-X main.genpolicyVersion=${genpolicy.version}"
     "-X github.com/edgelesssys/contrast/internal/manifest.trustedMeasurement=${launchDigest}"
-    "-X github.com/edgelesssys/contrast/cli/cmd.runtimeHandler=${runtimeHandler}"
+    "-X github.com/edgelesssys/contrast/cli/cmd.launchDigest=${launchDigest}"
     "-X github.com/edgelesssys/contrast/internal/kuberesource.runtimeHandler=${runtimeHandler}"
   ];