Malte Poll
cdcbed6ff9
Re-add build-cli workflow
2022-08-19 18:29:10 +02:00
Malte Poll
f16e4bd5f9
e2e test manual: upload measurements
2022-08-19 18:22:55 +02:00
Malte Poll
f7cc72215e
manual e2e test: allow parallel runs
2022-08-19 18:22:55 +02:00
Malte Poll
e841d9201b
Use Azure CVMs in e2e tests
2022-08-19 18:22:55 +02:00
Malte Poll
2d87db3914
Update pseudo-version script to determine future release version based on branch name
2022-08-19 18:22:55 +02:00
Malte Poll
92e4e4d95a
manual operator pipeline ( #383 )
2022-08-19 15:19:08 +02:00
Fabian Kammel
4176f038df
Generate CLI reference also for sub-commands ( #374 )
...
* include all subcommands
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-17 16:58:36 +02:00
Malte Poll
abb4fb4f0f
Build GCP guest agent from github actions in constellation repo
2022-08-16 08:47:58 +02:00
3u13r
9478303f80
deploy cilium via helmchart ( #321 )
2022-08-12 10:20:19 +02:00
Otto Bittner
2f925b5955
Add clone3-workaround to bootstrapper build container
...
The previously encountered error about misconfigured seccomp
filters is mitigated with the workaround added in this commit.
See the repo in the comment for detailed information on
the bug itself.
2022-08-10 17:17:23 +02:00
Otto Bittner
919a2165ae
Run e2e test container on edgserver with privileged
...
The seccomp filter applied by docker presumably
stops curl from working correctly as the glibc changed the
way it creates processes (switch from clone to clone3).
The backwards compatibility layer of glibc does not work
correctly with docker's seccomp filter, making it necessary to
give the container privileged access.
2022-08-10 09:58:43 +02:00
Otto Bittner
c42e79ecfe
AB#2281: Run e2e tests on latest debug image ( #354 )
...
* e2e tests now execute on the latest debug image available by default
* e2e-manual workflow now takes an optional image reference to run on
* isDebugImage is a flag that has to be set in case
you are running a debug image
2022-08-09 15:29:39 +02:00
Malte Poll
aee3f2afa2
Run tests for different projects in parallel
2022-08-09 10:29:04 +02:00
Malte Poll
1df2a20a36
CI: build and upload node operator
2022-08-09 10:29:04 +02:00
Otto Bittner
1b9600c307
AB#2266: Test all supported version with e2e-tests
...
* e2e-test workflows execute two hours earlier.
* Run quick-mode e2e tests for the two older versions we support.
This triggers every night, together with the existing e2e tests.
Idea here is that we know that a cluster can be setup and initialized.
* Run full e2e tests for the two older versions each sunday.
* Do not abort manual e2e runs. This allows for parallel runs.
* Run unprivileged container
2022-08-09 10:02:15 +02:00
dependabot[bot]
2e71e6c740
Bump docker/build-push-action from 3.1.0 to 3.1.1 ( #348 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1cb9d22b93...c84f382811
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 15:39:00 +02:00
Otto Bittner
6ef0f5d06b
Remove "debug" from gcp image name.
...
Debug already is part of the family name.
2022-08-05 15:50:26 +02:00
Malte Poll
3b0b3f0335
Use local CoreOS assembler image instead of ghcr
2022-08-05 12:37:22 +02:00
dependabot[bot]
9741c0e6b1
Bump docker/build-push-action from 2.10.0 to 3.1.0 ( #338 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.10.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](ac9327eae2...1cb9d22b93
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:53:01 +02:00
dependabot[bot]
68cea57880
Bump docker/metadata-action from 3.8.0 to 4.0.1 ( #337 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](b2391d37b4...69f6fc9d46
)
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:52:51 +02:00
Daniel Weiße
5c00dafe9b
Fix CoreOS pipeline ( #336 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-04 09:24:21 +02:00
Daniel Weiße
5da92d9d8b
AB#2249 Rework image build pipeline ( #326 )
...
* Rework image build pipeline
* Dont cancel workflow runs on main
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-03 16:01:36 +02:00
Malte Poll
d3435b06a2
AB#2283 Build CCM GCP from github actions in constellation repo ( #334 )
...
* Build CCM GCP from github actions in constellation repo
* Deploy correct version of GCP CCM
2022-08-03 11:46:11 +02:00
Otto Bittner
5a2809aca2
Disable automatic image builds ( #310 )
...
We only need new images for bootstrapper changes
for each release. Between releases we can use debug images.
For releases we have to build images manually anyway.
Therefore, let's not build these images unnecessarily.
2022-07-28 09:56:49 +02:00
Thomas Tendyck
244426305d
fix integration test workflow
2022-07-26 15:59:04 +02:00
Thomas Tendyck
aa0a07592b
check licenses ( #297 )
...
* AB#2222 check licenses of dependencies
* AB#2222 check-licenses: use setup-go
2022-07-26 11:49:13 +02:00
dependabot[bot]
f57a7e3ed0
Bump docker/setup-buildx-action from 1.7.0 to 2 ( #285 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.7.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f211e3e9de...dc7b9719a9
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-25 12:14:17 +02:00
dependabot[bot]
b57e9cf92a
Bump docker/login-action from 1.14.1 to 2 ( #284 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](dd4fa0671b...49ed152c8e
)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-21 09:45:54 +02:00
Fabian Kammel
085f548333
GitHub action pin-by-hash & dependabot ( #283 )
...
* remove Sunday and Monday morning runs, little value
* run test lint on main, as we do for all linters
* fixup outdated instructions
* use version hash instead of tags
* use dependabot for github actions
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-20 10:48:01 +02:00
Fabian Kammel
e315a3b5d8
AB#2070 automatic cli ref update ( #272 )
...
* automatically update cli reference branch in docs repository
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-15 10:23:52 +02:00
Malte Poll
cce2611e2a
Simplify node lock and various small changes
...
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-07-14 17:25:18 +02:00
Malte Poll
260d2571c1
Only upload kubeadm certs if key is rotated
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d
Bootstrapper
2022-07-14 17:25:18 +02:00
katexochen
1af18e990d
Rename all activation
2022-07-14 17:25:18 +02:00
katexochen
916e5d6b55
Rename coordinator to bootstrapper and rename roles
2022-07-14 17:25:18 +02:00
Fabian Kammel
00dfff6840
AB#2158 publish measurements ( #268 )
...
* cleaned up actions and new measure action to generate, sign and upload measurements
* improve constellation ip fetching to support multiple control nodes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-13 14:04:46 +02:00
Fabian Kammel
be989851d7
Use supported image and start pipeline one hour earlier for less waiting in gcp e2e ( #264 )
2022-07-11 12:52:10 +02:00
Fabian Kammel
8a299b54a3
Temporarily ignore failing e2e tests ( #260 )
...
* ignore failing e2e tests on gcp
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-07-08 18:18:48 +02:00
Malte Poll
c4646191e2
Allow downgrade of azure cli package
2022-07-07 16:16:48 +02:00
Malte Poll
7411d04bcf
Pin azure cli to version 2.37.0
2022-07-07 16:16:48 +02:00
Malte Poll
adcd00c8e2
Install azure CLI from apt repo (bug was fixed)
2022-07-07 16:16:48 +02:00
Daniel Weiße
67c45f3d5b
CoreOS build pipeline fix ( #256 )
...
* Remove invalid build step
* Only upload Coordinator on main branch
Signed-off-by: daniel-weisse <dw@edgeless.systems>
2022-07-07 11:28:12 +02:00
Malte Poll
4f536c083d
remove duplicate coordinator name ( #255 )
...
* remove duplicate coordinator name
* Adjust if condition
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-07-06 16:41:48 +02:00
Fabian Kammel
8383077a9b
Sign CLI & create release on v* tag ( #241 )
...
* Sign CLI & create release on v* tag
* Extended description to mention new feature in this action
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-07-04 12:16:11 +02:00
Otto Bittner
6949678ead
Invoke tests through ctest ( #230 )
...
Currently we define how tests should be executed in two places:
CMakeLists.txt and the CI related files.
With this commit the CI will invoke tests by calling ctest,
thus making it necessary to add and define testcases in cmake first.
As all tests starting with "integration-" or "unit-" are run,
new tests don't have to added to the CI, unless you want to define
a new category of test.
Also remove the etcd store test workflow as it's part of
test-integration now.
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-06-30 13:26:21 +02:00
Otto Bittner
5d293e355d
Build-as-a-Test & Abortable Workflows ( #231 )
...
* build cli on every PR
* build coordinator on every PR,
while only triggering image builds on main.
* abort previous runs of workflows if new commits are pushed
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-06-30 11:27:23 +02:00
Daniel Weiße
040e498b42
AB#2114 Add QEMU metadata API ( #237 )
...
* Add QEMU metadata API
* API server is started automatically when using terraform to deploy a QEMU cluster
* Enable QEMU metadata usage for disk-mapper, debugd and the Coordinator
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-30 11:14:26 +02:00
Daniel Weiße
b0aafd0c2a
Fix Docker builds ( #239 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-29 16:40:43 +02:00
Daniel Weiße
f9a581f329
Add aTLS endpoint to KMS ( #236 )
...
* Move file watcher and validator to internal
* Add aTLS endpoint to KMS for Kubernetes external requests
* Update Go version in Dockerfiles
* Move most KMS packages to internal
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-29 16:13:01 +02:00
Daniel Weiße
042f668d20
AB#2190 Verification service ( #232 )
...
* Add verification service
* Update verify command to use new Constellation verification service
* Deploy verification service on cluster init
* Update pcr-reader to use verification service
* Add verification service build workflow
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-28 17:03:28 +02:00
Fabian Kammel
e97eb1fa52
fix: buildvcs unable to fetch vcs information ( #228 )
2022-06-23 17:52:25 +02:00
Daniel Weiße
84ca9e3070
Fix container image workflows
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 14:00:21 +02:00
Daniel Weiße
1c34792005
Fix variable name
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 11:03:47 +02:00
Daniel Weiße
3d041cab2b
Activation Service and KMS server image build pipeline ( #210 )
...
* AB#2171 Add kms server container image build pipeline
* AB#2172 Add activation service container image build pipeline
* Add manual workflow for building micro-service images
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 10:50:46 +02:00
Fabian Kammel
f7ba87135d
Fix/e2e fail on failure ( #208 )
2022-06-14 12:38:32 +02:00
Nils Hanke
82757ef2c0
Don't include labels in Docker image
2022-06-13 16:35:05 +02:00
Nils Hanke
f0b8412ef8
constellation-access-manager: Persistent SSH as ConfigMap ( #184 )
2022-06-13 16:23:19 +02:00
3u13r
430ab6ab1f
fix build coordinator workflow ( #190 )
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-06-01 17:17:37 +02:00
katexochen
2c8ccf881a
Update unit test workflow
2022-06-01 12:15:02 +02:00
Daniel Weiße
10333def05
Fedora build instructions && and more reproducible builds ( #166 )
...
* Add Fedora build requirements
* Move cmake builds into docker
* Add Docker to requirements
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-05-23 10:35:14 +02:00
Moritz Eckert
e4a9be832c
Add cis benchmark to conformance test ( #165 )
...
* Add cis benchmark to conformance docs
* Update e2e workflow to include cis benchmarks
2022-05-19 14:57:21 +02:00
Paul Meyer
8e0f9491af
Create hack folder with independent modules ( #131 )
2022-05-17 11:14:23 +02:00
Malte Poll
748eb0f96b
Create GCP images in "constellation-images" project
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-10 13:58:10 +02:00
Fabian Kammel
a879043f03
E2E Test CronJob ( #117 )
...
refactor e2e test into reusable action, so we can have manual & cron jobs. added cron for azure & gcp. failed jobs are reported to MS Teams.
2022-05-09 09:45:59 +02:00
Fabian Kammel
f8f5d20f5b
E2E tests on Azure ( #109 )
2022-05-04 13:52:27 +02:00
Fabian Kammel
b841403f15
e2e test github action implementation. ( #100 )
...
e2e test implementation with GitHub actions on GCP
2022-05-03 11:15:53 +02:00
Malte Poll
772c37d1a4
remove pinned (stale) coordinator binary from CoreOS Makefile
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-29 13:59:59 +02:00
Malte Poll
a2e19db70f
Set workflow input correctly when building coreOS image manually
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-25 10:31:10 +02:00
Benedict Schlüter
84a4ff08ff
coordinator-integrationtest: save all peer logs to tmp dir ( #63 )
...
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-04-21 15:32:03 +02:00
Leonard Cohnen
4f6af8d304
remove aws image
2022-04-19 17:10:30 +02:00
Leonard Cohnen
7e990fb91a
disable AWS CI
2022-04-12 14:21:29 +02:00
Daniel Weiße
dfee5910b3
Add disk-mapper to build pipeline
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-04-11 15:41:51 +02:00
Daniel Weiße
5548cde22e
Add integration test workflows
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-11 15:41:51 +02:00
Leonard Cohnen
0dfeb04fb3
use manual workflow input
2022-03-24 17:23:45 +01:00
Daniel Weiße
752571bbf8
Upgrade go-cryptsetup to latest version
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-23 11:48:15 +01:00
Leonard Cohnen
656ad704d2
remove unused CI secrets
2022-03-23 11:40:54 +01:00
Leonard Cohnen
559133f40d
fix call-aws-enclave
2022-03-23 11:40:54 +01:00
Leonard Cohnen
ee331e91ba
fix aws build pipeline
2022-03-23 09:58:30 +01:00
Leonard Cohnen
2d8fcd9bf4
monorepo
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00