COCOS-584 - Support multiple kbs

[SammyOina]

What type of PR is this?

What does this do?

Per-resource KBS configuration: algorithm and dataset KBS URLs now specified individually instead of globally

Which issue(s) does this PR fix/relate to?

• Resolves Support multiple KBS per resource #584

Have you included tests for your changes?

Did you document any new/modified feature?

Notes

sequenceDiagram
    participant Client
    participant AgentService
    participant RemoteSource
    participant KBS
    participant Algorithm
    
    Client->>AgentService: InitComputation (with per-resource KBS)
    
    rect rgba(100, 150, 200, 0.5)
    note over AgentService: Download Algorithm
    AgentService->>RemoteSource: Fetch Algorithm
    alt Algorithm.KBS enabled
        RemoteSource->>KBS: Fetch decryption key (per-algo KBS URL)
        KBS-->>RemoteSource: Decryption provider
    end
    RemoteSource-->>AgentService: Encrypted algorithm
    AgentService->>AgentService: Decrypt & extract (type-aware)
    end
    
    rect rgba(150, 100, 200, 0.5)
    note over AgentService: Download Datasets
    loop Each Dataset
        AgentService->>RemoteSource: Fetch Dataset
        alt Dataset.KBS enabled
            RemoteSource->>KBS: Fetch decryption key (per-dataset KBS URL)
            KBS-->>RemoteSource: Decryption provider
        end
        RemoteSource-->>AgentService: Encrypted dataset
        AgentService->>AgentService: Decrypt & decompress
    end
    end
    
    rect rgba(200, 150, 100, 0.5)
    note over Algorithm,AgentService: Run with Concurrency Safety
    AgentService->>Algorithm: Run (mutex-protected)
    Algorithm->>Algorithm: Lock mutex
    Algorithm->>Algorithm: Start process
    Algorithm->>Algorithm: Unlock mutex
    Algorithm-->>AgentService: Running
    AgentService->>Algorithm: Stop (when needed)
    Algorithm->>Algorithm: Lock mutex
    Algorithm->>Algorithm: Kill process
    Algorithm->>Algorithm: Unlock mutex
    end
    
    AgentService->>AgentService: Cleanup (remove temp files)
    AgentService-->>Client: Results

Loading

[codecov]

Codecov Report

❌ Patch coverage is 68.06283% with 61 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.31%. Comparing base (b44780d) to head (710b99f).

Files with missing lines	Patch %	Lines
agent/service.go	70.27%	19 Missing and 3 partials ⚠️
cli/keys.go	18.18%	9 Missing ⚠️
cli/attestation.go	36.36%	7 Missing ⚠️
cli/attestation_policy.go	25.00%	6 Missing ⚠️
agent/cvms/api/grpc/client.go	66.66%	3 Missing and 1 partial ⚠️
cli/manager.go	91.42%	3 Missing ⚠️
cli/datasets.go	71.42%	2 Missing ⚠️
cli/ima_measurements.go	66.66%	2 Missing ⚠️
cli/result.go	66.66%	2 Missing ⚠️
pkg/oci/skopeo.go	50.00%	1 Missing and 1 partial ⚠️
... and 2 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #587      +/-   ##
==========================================
- Coverage   68.36%   68.31%   -0.06%     
==========================================
  Files         116      116              
  Lines        7344     7389      +45     
==========================================
+ Hits         5021     5048      +27     
- Misses       1746     1764      +18     
  Partials      577      577              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.