Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-03 12:36:09 -04:00
Code Issues Projects Releases Packages Wiki Activity

deps: update Go dependencies (#3411)

Browse source 
* deps: update Go dependencies

* bazel: force Gazelle generation for xDS

xDS has an upstream set of build files that makes Gazelle consider their project a whole new Bazel project, which makes Gazelle not generate any build files, even though the upstream ones aren't valid.

See https://github.com/cncf/xds/issues/104.

* go: update cel.dev/expr for Bazel fixes

cel.dev/expr had some upstream Bazel fixes in v0.16.2 without which Gazelle doesn't work.

* chore: generate

* e2e: remove references to kubeProxyVersion

kubeProxyVersion is deprecated as of KEP-4004. It was never being set to an accurate value before, and we only used it in the e2e test, so removing the additional check should not hurt here.

See https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/4004-deprecate-kube-proxy-version

* constellation-node-operator: use typed rate-limiter

The untyped rate-limiter was deprecated in favor of a generic one that can just be instantiated to `any` to achieve the previous behaviour.

* Advertise ALPN settings in NextProtos required by gRPC

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* atls: add nextProtos

nextProtos (for ALPN) is now required by gRPC, so add it.

* go: add cri-client replace

* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
This commit is contained in:
renovate[bot] 2024-10-16 17:35:51 +02:00 committed by GitHub
parent 36f8beb3df
commit 24af06b02f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 646 additions and 1275 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/atls/atls.go
View file

@ -70,6 +70,7 @@ func CreateAttestationClientTLSConfig(issuer Issuer, validators []Validator) (*t
InsecureSkipVerify: true, // disable default verification because we use our own verify func
ServerName: base64.StdEncoding.EncodeToString(clientNonce), // abuse ServerName as a channel to transmit the nonce
MinVersion: tls.VersionTLS12,
NextProtos: []string{"http/1.1", "h2"}, // grpc-go requires us to advertise HTTP/2 (h2) over ALPN
}, nil
}
@ -114,6 +115,7 @@ func getATLSConfigForClientFunc(issuer Issuer, validators []Validator) (func(*tl
VerifyPeerCertificate: serverConn.verify,
GetCertificate: serverConn.getCertificate,
MinVersion: tls.VersionTLS12,
NextProtos: []string{"http/1.1", "h2"}, // grpc-go requires us to advertise HTTP/2 (h2) over ALPN
}
// enable mutual aTLS if any validators are set