Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

Bring in changes from release branch (#479)

Browse Source 
* Bump version to v2.2.0

* Update changelog

* Fix release detection in pipeline

* Fix PKI selection in pipeline

* Set enforced measurements for AWS

* Update default images

* Fix release docs

* Update mini-con defaults

* Fix measurements action

* Fix syft env variable naming

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2022-11-08 18:32:59 +01:00 committed by GitHub
parent 2b64f31104
commit 011f9c597d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 75 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/actions/generate_measurements/action.yml vendored
View File

@ -49,6 +49,9 @@ inputs:
azureResourceGroup: azureResourceGroup:
description: "The resource group to use" description: "The resource group to use"
required: false required: false
azureUserAssignedIdentity:
description: "The Azure user assigned identity to use for Constellation."
required: false
cosignPublicKey: cosignPublicKey:
description: "Cosign public key to sign measurements." description: "Cosign public key to sign measurements."
required: true required: true
@ -95,6 +98,7 @@ runs:
uses: ./.github/actions/constellation_create uses: ./.github/actions/constellation_create
with: with:
cloudProvider: ${{ inputs.cloudProvider }} cloudProvider: ${{ inputs.cloudProvider }}
gcpProject: ${{ inputs.gcpProject }}
gcpClusterServiceAccountKey: ${{ inputs.gcpClusterServiceAccountKey }} gcpClusterServiceAccountKey: ${{ inputs.gcpClusterServiceAccountKey }}
workerNodesCount: ${{ inputs.workerNodesCount }} workerNodesCount: ${{ inputs.workerNodesCount }}
controlNodesCount: ${{ inputs.controlNodesCount }} controlNodesCount: ${{ inputs.controlNodesCount }}
@ -102,7 +106,11 @@ runs:
osImage: ${{ inputs.osImage }} osImage: ${{ inputs.osImage }}
isDebugImage: ${{ inputs.isDebugImage }} isDebugImage: ${{ inputs.isDebugImage }}
kubernetesVersion: ${{ inputs.kubernetesVersion }} kubernetesVersion: ${{ inputs.kubernetesVersion }}
azureSubscription: ${{ inputs.azureSubscription }}
azureTenant: ${{ inputs.azureTenant }}
azureClientID: ${{ inputs.azureClientID }}
azureClientSecret: ${{ inputs.azureClientSecret }} azureClientSecret: ${{ inputs.azureClientSecret }}
azureUserAssignedIdentity: ${{ inputs.azureUserAssignedIdentity }}
azureResourceGroup: ${{ inputs.azureResourceGroup }} azureResourceGroup: ${{ inputs.azureResourceGroup }}
- name: Measure cluster - name: Measure cluster

11
.github/docs/release.md vendored
View File

@ -63,11 +63,10 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
10. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability. 10. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability.
```sh ```sh
sono='--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml' gh workflow run e2e-test-manual.yml --ref release/v$minor -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F test="sonobuoy full" -F osImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/$ver -F isDebugImage=false
gh workflow run e2e-test-manual.yml --ref release/v$minor -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F sonobuoyTestSuiteCmd="$sono" -F osImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/$ver -F isDebugImage=false gh workflow run e2e-test-manual-macos.yml --ref release/v$minor -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F test="sonobuoy full" -F osImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/$ver -F isDebugImage=false
gh workflow run e2e-test-manual-macos.yml --ref release/v$minor -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F sonobuoyTestSuiteCmd="$sono" -F osImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/$ver -F isDebugImage=false gh workflow run e2e-test-manual.yml --ref release/v$minor -F cloudProvider=gcp -F machineType=n2d-standard-4 -F test="sonobuoy full" -F osImage=projects/constellation-images/global/images/constellation-v$gcpVer -F isDebugImage=false
gh workflow run e2e-test-manual.yml --ref release/v$minor -F cloudProvider=gcp -F machineType=n2d-standard-4 -F sonobuoyTestSuiteCmd="$sono" -F osImage=projects/constellation-images/global/images/constellation-v$gcpVer -F isDebugImage=false gh workflow run e2e-test-manual-macos.yml --ref release/v$minor -F cloudProvider=gcp -F machineType=n2d-standard-4 -F test="sonobuoy full" -F osImage=projects/constellation-images/global/images/constellation-v$gcpVer -F isDebugImage=false
gh workflow run e2e-test-manual-macos.yml --ref release/v$minor -F cloudProvider=gcp -F machineType=n2d-standard-4 -F sonobuoyTestSuiteCmd="$sono" -F osImage=projects/constellation-images/global/images/constellation-v$gcpVer -F isDebugImage=false
``` ```
11. [Generate measurements](/.github/workflows/generate-measurements.yml) for the images on each CSP. 11. [Generate measurements](/.github/workflows/generate-measurements.yml) for the images on each CSP.
@ -78,6 +77,7 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
``` ```
12. Create a new tag on this release branch 12. Create a new tag on this release branch
```sh ```sh
git tag v$ver git tag v$ver
git tags --push git tags --push
@ -98,6 +98,7 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
3. Close the milestone for the release 3. Close the milestone for the release
4. Move open issues and PRs from closed milestone to next milestone 4. Move open issues and PRs from closed milestone to next milestone
8. If the release is a minor version release, create an empty commit on main and tag it as the start of the next pre-release phase. 8. If the release is a minor version release, create an empty commit on main and tag it as the start of the next pre-release phase.
```sh ```sh
nextMinorVer=$(echo $ver | awk -F. -v OFS=. '{$2 += 1 ; print}') nextMinorVer=$(echo $ver | awk -F. -v OFS=. '{$2 += 1 ; print}')
git checkout main git checkout main

6
.github/workflows/build-os-image.yml vendored
View File

@ -76,10 +76,10 @@ jobs:
shell: bash shell: bash
id: image-type id: image-type
run: | run: |
if [ "${{ startsWith(github.ref, 'refs/heads/release/') && (inputs.debug == 'false') }}" = true ] if [ "${{ startsWith(github.ref, 'refs/heads/release/') && (inputs.debug == false) }}" = true ]
then then
echo "imageType=release" >> $GITHUB_OUTPUT echo "imageType=release" >> $GITHUB_OUTPUT
elif [ "${{ ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/heads/release/')) && (inputs.debug == 'true') }}" = true ] elif [ "${{ ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/heads/release/')) && (inputs.debug == true) }}" = true ]
then then
echo "imageType=debug" >> $GITHUB_OUTPUT echo "imageType=debug" >> $GITHUB_OUTPUT
else else
@ -90,7 +90,7 @@ jobs:
id: pki-set id: pki-set
shell: bash shell: bash
run: | run: |
if [ "${{ steps.image-type.outputs.image-type }}" = "release" ] if [ "${{ steps.image-type.outputs.imageType }}" = "release" ]
then then
echo "pkiSet=pki_prod" >> $GITHUB_OUTPUT echo "pkiSet=pki_prod" >> $GITHUB_OUTPUT
else else

6
.github/workflows/release-cli.yml vendored
View File

@ -91,9 +91,9 @@ jobs:
grype constellation.spdx.sbom --fail-on high --only-fixed grype constellation.spdx.sbom --fail-on high --only-fixed
env: env:
COSIGN_EXPERIMENTAL: 1 COSIGN_EXPERIMENTAL: 1
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }} COSIGN_PUBLIC_KEY: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }} COSIGN_PRIVATE_KEY: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }} COSIGN_PASSWORD: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
- name: Create release with artifacts - name: Create release with artifacts
# GitHub endorsed release project. See: https://github.com/actions/create-release # GitHub endorsed release project. See: https://github.com/actions/create-release

30
CHANGELOG.md
View File

@ -21,19 +21,41 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased] ## [Unreleased]
### Added ### Added
- Sign generated SBOMs and store container image SBOMs in registry for easier usage.
### Changed ### Changed
<!-- For changes in existing functionality. --> <!-- For changes in existing functionality. -->
### Deprecated
<!-- For soon-to-be removed features. -->
### Removed
<!-- For now removed features. -->
## [2.2.0] - 2022-11-08
### Added
- Sign generated SBOMs and store container image SBOMs in registry for easier usage.
- Support for Constellation on AWS.
- Constellation Kubernetes services are now managed using Helm.
- Use tags to mark all applicable resources using a Constellation's UID on Azure.
- Use labels to mark all applicable resources using a Constellation's UID on GCP.
### Changed
- Verify measurements using [Rekor](https://github.com/sigstore/rekor) transparency log. - Verify measurements using [Rekor](https://github.com/sigstore/rekor) transparency log.
- The `constellation create` on Azure now uses Terraform to create and destroy cloud resources. - The `constellation create` on Azure now uses Terraform to create and destroy cloud resources.
- Constellation OS images are now based on Fedora directly and are built using [mkosi](https://github.com/systemd/mkosi). - Constellation OS images are now based on Fedora directly and are built using [mkosi](https://github.com/systemd/mkosi).
- `constellation terminate` will now prompt the user for confirmation before destroying any resources (can be skipped with `--yes`). - `constellation terminate` will now prompt the user for confirmation before destroying any resources (can be skipped with `--yes`).
- Use the `constellation-role` tag instead of `role` to indicate an instance's role on Azure.
- Use labels instead of metadata to apply the `constellation-uid` and `constellation-role` tags on GCP.
### Deprecated ### Deprecated
<!-- For soon-to-be removed features. -->
- `access-manager` is no longer deployed.
### Removed ### Removed
<!-- For now removed features. -->
- `endpoint` flag of `constellation init`. IP is now always taken from the `constellation-id.json` file. - `endpoint` flag of `constellation init`. IP is now always taken from the `constellation-id.json` file.
- `constellation-state.json` file won't be created anymore. Resources are now managed through Terraform. - `constellation-state.json` file won't be created anymore. Resources are now managed through Terraform.
@ -43,8 +65,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Internal ### Internal
- Support for AWS metadata operations
## [2.1.0] - 2022-10-07 ## [2.1.0] - 2022-10-07
### Added ### Added

2
CMakeLists.txt
View File

@ -1,5 +1,5 @@
cmake_minimum_required(VERSION 3.11) cmake_minimum_required(VERSION 3.11)
project(constellation LANGUAGES C VERSION 2.1.0) project(constellation LANGUAGES C VERSION 2.2.0)
set(CLI_BUILD_TAGS "" CACHE STRING "Tags passed to go build of Constellation CLI.") set(CLI_BUILD_TAGS "" CACHE STRING "Tags passed to go build of Constellation CLI.")
enable_testing() enable_testing()

2
cli/internal/cmd/minidown.go
View File

@ -28,7 +28,7 @@ func newMiniDownCmd() *cobra.Command {
Args: cobra.ExactArgs(0), Args: cobra.ExactArgs(0),
RunE: runDown, RunE: runDown,
} }
cmd.Flags().BoolP("yes", "y", false, "terminate the cluster without further confirmation")
return cmd return cmd
} }

2
cli/internal/cmd/miniup.go
View File

@ -189,7 +189,7 @@ func prepareConfig(cmd *cobra.Command, fileHandler file.Handler) (*config.Config
} }
// download image to current directory if it doesn't exist // download image to current directory if it doesn't exist
const imagePath = "./constellation.qcow2" const imagePath = "./constellation.raw"
if _, err := os.Stat(imagePath); err == nil { if _, err := os.Stat(imagePath); err == nil {
cmd.Printf("Using existing image at %s\n\n", imagePath) cmd.Printf("Using existing image at %s\n\n", imagePath)
} else if errors.Is(err, os.ErrNotExist) { } else if errors.Is(err, os.ErrNotExist) {

12
cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml
View File

@ -2,35 +2,35 @@ apiVersion: v2
name: constellation-services name: constellation-services
description: A chart to deploy all microservices that are part of a valid constellation cluster description: A chart to deploy all microservices that are part of a valid constellation cluster
type: application type: application
version: 2.2.0-pre version: 2.2.0
dependencies: dependencies:
- name: kms - name: kms
version: 2.2.0-pre version: 2.2.0
tags: tags:
- Azure - Azure
- GCP - GCP
- AWS - AWS
- QEMU - QEMU
- name: join-service - name: join-service
version: 2.2.0-pre version: 2.2.0
tags: tags:
- Azure - Azure
- GCP - GCP
- AWS - AWS
- QEMU - QEMU
- name: ccm - name: ccm
version: 2.2.0-pre version: 2.2.0
tags: tags:
- Azure - Azure
- GCP - GCP
- AWS - AWS
- name: cnm - name: cnm
version: 2.2.0-pre version: 2.2.0
tags: tags:
- Azure - Azure
- name: autoscaler - name: autoscaler
version: 2.2.0-pre version: 2.2.0
tags: tags:
- Azure - Azure
- GCP - GCP

2
cli/internal/helm/charts/edgeless/constellation-services/charts/autoscaler/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v2
name: autoscaler name: autoscaler
description: A Helm chart to deploy the cluster autoscaler. description: A Helm chart to deploy the cluster autoscaler.
type: application type: application
version: 2.2.0-pre version: 2.2.0

2
cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v2
name: ccm name: ccm
description: A Helm chart to deploy the cloud controller manager. description: A Helm chart to deploy the cloud controller manager.
type: application type: application
version: 2.2.0-pre version: 2.2.0

2
cli/internal/helm/charts/edgeless/constellation-services/charts/cnm/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v2
name: cnm name: cnm
description: A chart to deploy cloud node manager for constellation description: A chart to deploy cloud node manager for constellation
type: application type: application
version: 2.2.0-pre version: 2.2.0

2
cli/internal/helm/charts/edgeless/constellation-services/charts/join-service/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v2
name: join-service name: join-service
description: A chart to deploy the Constellation join-service description: A chart to deploy the Constellation join-service
type: application type: application
version: 2.2.0-pre version: 2.2.0

2
cli/internal/helm/charts/edgeless/constellation-services/charts/kms/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v2
name: kms name: kms
description: A Helm chart to deploy the Constellation Key Management Service description: A Helm chart to deploy the Constellation Key Management Service
type: application type: application
version: 2.2.0-pre version: 2.2.0

6
internal/config/config.go
View File

@ -268,7 +268,7 @@ func Default() *Config {
IAMProfileControlPlane: "", IAMProfileControlPlane: "",
IAMProfileWorkerNodes: "", IAMProfileWorkerNodes: "",
Measurements: copyPCRMap(awsPCRs), Measurements: copyPCRMap(awsPCRs),
EnforcedMeasurements: []uint32{}, // TODO: add default values EnforcedMeasurements: []uint32{4, 8, 9, 11, 12, 13, 15},
}, },
Azure: &AzureConfig{ Azure: &AzureConfig{
SubscriptionID: "", SubscriptionID: "",
@ -298,7 +298,7 @@ func Default() *Config {
EnforcedMeasurements: []uint32{0, 4, 8, 9, 11, 12, 13, 15}, EnforcedMeasurements: []uint32{0, 4, 8, 9, 11, 12, 13, 15},
}, },
QEMU: &QEMUConfig{ QEMU: &QEMUConfig{
ImageFormat: "qcow2", ImageFormat: "raw",
VCPUs: 2, VCPUs: 2,
Memory: 2048, Memory: 2048,
MetadataAPIImage: versions.QEMUMetadataImage, MetadataAPIImage: versions.QEMUMetadataImage,
@ -306,7 +306,7 @@ func Default() *Config {
LibvirtContainerImage: versions.LibvirtImage, LibvirtContainerImage: versions.LibvirtImage,
Measurements: copyPCRMap(qemuPCRs), Measurements: copyPCRMap(qemuPCRs),
EnforcedMeasurements: []uint32{4, 8, 9, 11, 12, 13, 15}, EnforcedMeasurements: []uint32{4, 8, 9, 11, 12, 13, 15},
NVRAM: "testing", NVRAM: "production",
}, },
}, },
KubernetesVersion: string(versions.Default), KubernetesVersion: string(versions.Default),

4
internal/config/images_enterprise.go
View File

@ -9,6 +9,6 @@ SPDX-License-Identifier: AGPL-3.0-only
package config package config
const ( const (
DefaultImageAzure = "/communityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/images/constellation/versions/2.1.0" DefaultImageAzure = "/communityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/images/constellation/versions/2.2.0"
DefaultImageGCP = "projects/constellation-images/global/images/constellation-v2-1-0" DefaultImageGCP = "projects/constellation-images/global/images/constellation-v2-2-0"
) )

16
internal/versions/versions.go
View File

@ -46,22 +46,22 @@ const (
// These images are built in a way that they support all versions currently listed in VersionConfigs. // These images are built in a way that they support all versions currently listed in VersionConfigs.
KonnectivityAgentImage = "us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.33@sha256:48f2a4ec3e10553a81b8dd1c6fa5fe4bcc9617f78e71c1ca89c6921335e2d7da" // renovate:container KonnectivityAgentImage = "us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.33@sha256:48f2a4ec3e10553a81b8dd1c6fa5fe4bcc9617f78e71c1ca89c6921335e2d7da" // renovate:container
KonnectivityServerImage = "registry.k8s.io/kas-network-proxy/proxy-server:v0.0.33@sha256:2c111f004bec24888d8cfa2a812a38fb8341350abac67dcd0ac64e709dfe389c" // renovate:container KonnectivityServerImage = "registry.k8s.io/kas-network-proxy/proxy-server:v0.0.33@sha256:2c111f004bec24888d8cfa2a812a38fb8341350abac67dcd0ac64e709dfe389c" // renovate:container
JoinImage = "ghcr.io/edgelesssys/constellation/join-service:v2.2.0-pre.0.20221102120022-1f9a788c213d@sha256:41bd333cae47e55d711dee93cd5da0fe3dc66885ab9949d0e76ffe07d2f7dd34" // renovate:container JoinImage = "ghcr.io/edgelesssys/constellation/join-service:v2.2.0@sha256:8d2c4483e4bee8b2ed1eb32ad35298f51ad167e0aa074c9bc45c2a75ec0d1a22" // renovate:container
AccessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v2.2.0-pre.0.20221025135123-2d121d9243cf@sha256:08588f0c23353b53750b79122536260870d57b8dff1a1ff1020799e1e0b9f565" // renovate:container AccessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v2.2.0@sha256:e6aa2ef3a65e7d4be25569ad9cbf6cee1dafa2c00734fa85aeb4e56a5943f88e" // renovate:container
KmsImage = "ghcr.io/edgelesssys/constellation/kmsserver:v2.2.0-pre.0.20221026125949-06ce47d16cbd@sha256:544ef14afee3ddca26effb9bacc858a8ee009bca409c7c3c042abc8a1345226b" // renovate:container KmsImage = "ghcr.io/edgelesssys/constellation/kmsserver:v2.2.0@sha256:df72c9a8e75a848023a4b86faf3399efb8693b980e324eaa41823bc6d0a15006" // renovate:container
VerificationImage = "ghcr.io/edgelesssys/constellation/verification-service:v2.2.0-pre.0.20221104104941-44b1a92d6bdf@sha256:9c550900be4eed8e192dc582910dda492267c2a69a43f6423992212e1adf7a1e" // renovate:container VerificationImage = "ghcr.io/edgelesssys/constellation/verification-service:v2.2.0@sha256:c928077e535507af7148c083bb1bde4d187eab8aee0e82be06f9b794aa2442e7" // renovate:container
// Check for new versions at https://github.com/GoogleCloudPlatform/guest-agent/releases and update in /.github/workflows/build-gcp-guest-agent.yml. // Check for new versions at https://github.com/GoogleCloudPlatform/guest-agent/releases and update in /.github/workflows/build-gcp-guest-agent.yml.
GcpGuestImage = "ghcr.io/edgelesssys/gcp-guest-agent:20220927.00@sha256:3dea1ae3f162d2353e6584b325f0e325a39cda5f380f41e5a0ee43c6641d3905" // renovate:container GcpGuestImage = "ghcr.io/edgelesssys/gcp-guest-agent:20220927.00@sha256:3dea1ae3f162d2353e6584b325f0e325a39cda5f380f41e5a0ee43c6641d3905" // renovate:container
NodeOperatorCatalogImage = "ghcr.io/edgelesssys/constellation/node-operator-catalog:v2.2.0-pre.0.20221024145821-b35b74b77278@sha256:f1ee4e2642fd758083344df10a98195213dda299fbbc720bf57873e392e001f1" // renovate:container NodeOperatorCatalogImage = "ghcr.io/edgelesssys/constellation/node-operator-catalog:v2.2.0@sha256:543ebc67183b580cfeda9e14ff3a0c5056813847ad3605719b54d72b22427a69" // renovate:container
// TODO: switch node maintenance operator catalog back to upstream quay.io/medik8s/node-maintenance-operator-catalog // TODO: switch node maintenance operator catalog back to upstream quay.io/medik8s/node-maintenance-operator-catalog
// once https://github.com/medik8s/node-maintenance-operator/issues/49 is resolved. // once https://github.com/medik8s/node-maintenance-operator/issues/49 is resolved.
NodeMaintenanceOperatorCatalogImage = "ghcr.io/edgelesssys/constellation/node-maintenance-operator-catalog:v0.13.1-alpha1@sha256:d382c3aaf9bc470cde6f6c05c2c6ff5c9dcfd90540d5b11f9cf69c4e1dd1ca9d" // renovate:container NodeMaintenanceOperatorCatalogImage = "ghcr.io/edgelesssys/constellation/node-maintenance-operator-catalog:v0.13.1-alpha1@sha256:d382c3aaf9bc470cde6f6c05c2c6ff5c9dcfd90540d5b11f9cf69c4e1dd1ca9d" // renovate:container
QEMUMetadataImage = "ghcr.io/edgelesssys/constellation/qemu-metadata-api:v2.1.0@sha256:abfc36fcd02a145412074cdbb54597878594aa1cfb0ffd66e36d3b3e95ee9e7f" // renovate:container QEMUMetadataImage = "ghcr.io/edgelesssys/constellation/qemu-metadata-api:v2.2.0@sha256:3c173639bbd258f56c7f4e97fa5dc7b7c63d7d45f96f7d7af5c43ed9eb2258ac" // renovate:container
LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0-pre.0.20221021080602-f3d78a573fb2@sha256:f42fa5f009415f2c6631b83e8831790d324c27d5f3ae883c59ea7bfeba50facd" // renovate:container LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0@sha256:81ddc30cd679a95379e94e2f154861d9112bcabfffa96330c09a4917693f7cce" // renovate:container
// ConstellationQEMUImageURL is the artifact URL for QEMU qcow2 images. // ConstellationQEMUImageURL is the artifact URL for QEMU qcow2 images.
ConstellationQEMUImageURL = "https://d1gl9j3ejrmbpr.cloudfront.net/mini-constellation-v2.1.0.qcow2" ConstellationQEMUImageURL = "https://cdn.confidential.cloud/constellation/images/mini-constellation/v2.2.0/constellation.raw"
// currently supported versions. // currently supported versions.
//nolint:revive //nolint:revive