Add BinaryURLResolver to ConfidentialModule for presigned URL support

nadahalli · nadahalli · commit a815ace53d6b · 2026-04-01T18:19:27.000+02:00
The enclave needs an authenticated URL to download WASM binaries from the CRE storage service. BinaryURLResolver resolves the raw on-chain URL into a presigned/ephemeral URL per execution. Nil-safe: falls back to the raw URL when no resolver is set. PR 5/5 (#21642) wires this to the storage service retriever.
diff --git a/core/services/workflows/syncer/v2/handler.go b/core/services/workflows/syncer/v2/handler.go
@@ -898,15 +898,16 @@ func (h *eventHandler) confidentialEngineFactory(
 	lggr := logger.Named(h.lggr, "WorkflowEngine.ConfidentialModule")
 	lggr = logger.With(lggr, "workflowID", spec.WorkflowID, "workflowName", spec.WorkflowName, "workflowOwner", spec.WorkflowOwner)
 
+	// nil resolver: raw binaryURL is passed to the enclave as-is.
+	// PR 5/5 (#21642) wires this to the storage service retriever
+	// so the enclave receives a presigned URL.
 	module := v2.NewConfidentialModule(
 		h.capRegistry,
 		spec.BinaryURL,
 		binaryHash,
-		spec.WorkflowID,
-		spec.WorkflowOwner,
-		workflowName.String(),
-		spec.WorkflowTag,
+		spec.WorkflowID, spec.WorkflowOwner, workflowName.String(), spec.WorkflowTag,
 		attrs.VaultDonSecrets,
+		nil,
 		lggr,
 	)
 
diff --git a/core/services/workflows/v2/confidential_module.go b/core/services/workflows/v2/confidential_module.go
@@ -57,19 +57,26 @@ func IsConfidential(data []byte) (bool, error) {
 	return attrs.Confidential, nil
 }
 
+// BinaryURLResolver resolves a raw binary URL into an ephemeral/presigned
+// URL that the enclave can fetch without authentication. In production this
+// calls the CRE storage service; nil means the raw URL is used as-is.
+// PR 5/5 (#21642) wires this to the storage service retriever.
+type BinaryURLResolver func(ctx context.Context, workflowID string) (string, error)
+
 // ConfidentialModule implements host.ModuleV2 for confidential workflows.
 // Instead of running WASM locally, it delegates execution to the
 // confidential-workflows capability via the CapabilitiesRegistry.
 type ConfidentialModule struct {
-	capRegistry     core.CapabilitiesRegistry
-	binaryURL       string
-	binaryHash      []byte
-	workflowID      string
-	workflowOwner   string
-	workflowName    string
-	workflowTag     string
-	vaultDonSecrets []SecretIdentifier
-	lggr            logger.Logger
+	capRegistry        core.CapabilitiesRegistry
+	binaryURL          string
+	binaryHash         []byte
+	workflowID         string
+	workflowOwner      string
+	workflowName       string
+	workflowTag        string
+	vaultDonSecrets    []SecretIdentifier
+	binaryURLResolver  BinaryURLResolver
+	lggr               logger.Logger
 }
 
 var _ host.ModuleV2 = (*ConfidentialModule)(nil)
@@ -78,23 +85,22 @@ func NewConfidentialModule(
 	capRegistry core.CapabilitiesRegistry,
 	binaryURL string,
 	binaryHash []byte,
-	workflowID string,
-	workflowOwner string,
-	workflowName string,
-	workflowTag string,
+	workflowID, workflowOwner, workflowName, workflowTag string,
 	vaultDonSecrets []SecretIdentifier,
+	binaryURLResolver BinaryURLResolver,
 	lggr logger.Logger,
 ) *ConfidentialModule {
 	return &ConfidentialModule{
-		capRegistry:     capRegistry,
-		binaryURL:       binaryURL,
-		binaryHash:      binaryHash,
-		workflowID:      workflowID,
-		workflowOwner:   workflowOwner,
-		workflowName:    workflowName,
-		workflowTag:     workflowTag,
-		vaultDonSecrets: vaultDonSecrets,
-		lggr:            lggr,
+		capRegistry:       capRegistry,
+		binaryURL:         binaryURL,
+		binaryHash:        binaryHash,
+		workflowID:        workflowID,
+		workflowOwner:     workflowOwner,
+		workflowName:      workflowName,
+		workflowTag:       workflowTag,
+		vaultDonSecrets:   vaultDonSecrets,
+		binaryURLResolver: binaryURLResolver,
+		lggr:              lggr,
 	}
 }
 
@@ -125,11 +131,20 @@ func (m *ConfidentialModule) Execute(
 		}
 	}
 
+	binaryURL := m.binaryURL
+	if m.binaryURLResolver != nil {
+		resolved, resolveErr := m.binaryURLResolver(ctx, m.workflowID)
+		if resolveErr != nil {
+			return nil, fmt.Errorf("failed to resolve binary URL: %w", resolveErr)
+		}
+		binaryURL = resolved
+	}
+
 	capInput := &confworkflowtypes.ConfidentialWorkflowRequest{
 		VaultDonSecrets: protoSecrets,
 		Execution: &confworkflowtypes.WorkflowExecution{
 			WorkflowId:     m.workflowID,
-			BinaryUrl:      m.binaryURL,
+			BinaryUrl:      binaryURL,
 			BinaryHash:     m.binaryHash,
 			ExecuteRequest: execReqBytes,
 			Owner:          m.workflowOwner,
diff --git a/core/services/workflows/v2/confidential_module_test.go b/core/services/workflows/v2/confidential_module_test.go
@@ -172,6 +172,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 				{Key: "API_KEY"},
 				{Key: "SIGNING_KEY", Namespace: "custom-ns"},
 			},
+			nil,
 			lggr,
 		)
 
@@ -205,6 +206,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 			[]byte("hash"),
 			"wf-1", "owner", "name", "tag",
 			[]SecretIdentifier{{Key: "SECRET_A"}}, // no namespace
+			nil,
 			lggr,
 		)
 
@@ -225,7 +227,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 			Return(nil, errors.New("capability not found")).Once()
 
 		mod := NewConfidentialModule(
-			capReg, "", nil, "wf", "owner", "name", "tag", nil, lggr,
+			capReg, "", nil, "wf", "owner", "name", "tag", nil, nil, lggr,
 		)
 
 		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{})
@@ -243,7 +245,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 			Return(capabilities.CapabilityResponse{}, errors.New("enclave unavailable")).Once()
 
 		mod := NewConfidentialModule(
-			capReg, "", nil, "wf", "owner", "name", "tag", nil, lggr,
+			capReg, "", nil, "wf", "owner", "name", "tag", nil, nil, lggr,
 		)
 
 		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{})
@@ -261,7 +263,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 			Return(capabilities.CapabilityResponse{Payload: nil}, nil).Once()
 
 		mod := NewConfidentialModule(
-			capReg, "", nil, "wf", "owner", "name", "tag", nil, lggr,
+			capReg, "", nil, "wf", "owner", "name", "tag", nil, nil, lggr,
 		)
 
 		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{})
@@ -296,6 +298,7 @@ func TestConfidentialModule_Execute(t *testing.T) {
 				{Key: "K1", Namespace: "ns1"},
 				{Key: "K2"},
 			},
+			nil,
 			lggr,
 		)
 
@@ -333,6 +336,100 @@ func TestConfidentialModule_Execute(t *testing.T) {
 	})
 }
 
+func TestConfidentialModule_BinaryURLResolver(t *testing.T) {
+	ctx := context.Background()
+	lggr := logger.Nop()
+
+	execReq := &sdkpb.ExecuteRequest{Config: []byte("cfg")}
+
+	expectedResult := &sdkpb.ExecutionResult{
+		Result: &sdkpb.ExecutionResult_Value{
+			Value: valuespb.NewStringValue("ok"),
+		},
+	}
+	resultBytes, err := proto.Marshal(expectedResult)
+	require.NoError(t, err)
+	confResp := &confworkflowtypes.ConfidentialWorkflowResponse{ExecutionResult: resultBytes}
+	respPayload, err := anypb.New(confResp)
+	require.NoError(t, err)
+
+	t.Run("resolver replaces binary URL", func(t *testing.T) {
+		capReg := regmocks.NewCapabilitiesRegistry(t)
+		execCap := capmocks.NewExecutableCapability(t)
+
+		capReg.EXPECT().GetExecutable(matches.AnyContext, confidentialWorkflowsCapabilityID).
+			Return(execCap, nil).Once()
+
+		var capturedReq capabilities.CapabilityRequest
+		execCap.EXPECT().Execute(matches.AnyContext, mock.Anything).
+			Run(func(_ context.Context, req capabilities.CapabilityRequest) {
+				capturedReq = req
+			}).
+			Return(capabilities.CapabilityResponse{Payload: respPayload}, nil).Once()
+
+		resolver := func(_ context.Context, wfID string) (string, error) {
+			return "https://presigned.example.com/" + wfID + "?token=abc", nil
+		}
+
+		mod := NewConfidentialModule(
+			capReg, "https://storage.example.com/raw", []byte("hash"),
+			"wf-1", "owner", "name", "tag", nil, resolver, lggr,
+		)
+
+		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{executionID: "exec-1"})
+		require.NoError(t, err)
+
+		var confReq confworkflowtypes.ConfidentialWorkflowRequest
+		require.NoError(t, capturedReq.Payload.UnmarshalTo(&confReq))
+		assert.Equal(t, "https://presigned.example.com/wf-1?token=abc", confReq.Execution.BinaryUrl)
+	})
+
+	t.Run("nil resolver uses raw URL", func(t *testing.T) {
+		capReg := regmocks.NewCapabilitiesRegistry(t)
+		execCap := capmocks.NewExecutableCapability(t)
+
+		capReg.EXPECT().GetExecutable(matches.AnyContext, confidentialWorkflowsCapabilityID).
+			Return(execCap, nil).Once()
+
+		var capturedReq capabilities.CapabilityRequest
+		execCap.EXPECT().Execute(matches.AnyContext, mock.Anything).
+			Run(func(_ context.Context, req capabilities.CapabilityRequest) {
+				capturedReq = req
+			}).
+			Return(capabilities.CapabilityResponse{Payload: respPayload}, nil).Once()
+
+		mod := NewConfidentialModule(
+			capReg, "https://storage.example.com/raw", []byte("hash"),
+			"wf-1", "owner", "name", "tag", nil, nil, lggr,
+		)
+
+		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{executionID: "exec-1"})
+		require.NoError(t, err)
+
+		var confReq confworkflowtypes.ConfidentialWorkflowRequest
+		require.NoError(t, capturedReq.Payload.UnmarshalTo(&confReq))
+		assert.Equal(t, "https://storage.example.com/raw", confReq.Execution.BinaryUrl)
+	})
+
+	t.Run("resolver error propagates", func(t *testing.T) {
+		capReg := regmocks.NewCapabilitiesRegistry(t)
+
+		resolver := func(_ context.Context, _ string) (string, error) {
+			return "", errors.New("storage service unavailable")
+		}
+
+		mod := NewConfidentialModule(
+			capReg, "https://storage.example.com/raw", []byte("hash"),
+			"wf-1", "owner", "name", "tag", nil, resolver, lggr,
+		)
+
+		_, err := mod.Execute(ctx, execReq, &stubExecutionHelper{executionID: "exec-1"})
+		require.Error(t, err)
+		assert.Contains(t, err.Error(), "failed to resolve binary URL")
+		assert.Contains(t, err.Error(), "storage service unavailable")
+	})
+}
+
 func TestConfidentialModule_InterfaceMethods(t *testing.T) {
 	mod := &ConfidentialModule{}
 
