Commit Graph

305 Commits

Author SHA1 Message Date
Adrian Stobbe
4c8041d2cf
bazel: used sed from nixpkgs (#2706)
This is required since sed on macos has different flags and may behave differently.

Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-12-12 14:46:11 +01:00
renovate[bot]
6db0318b2f
deps: update module github.com/docker/docker to v24.0.7+incompatible [SECURITY] (#2541)
* deps: update module github.com/docker/docker to v24.0.7+incompatible [SECURITY]

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-12 13:34:28 +01:00
Markus Rudy
dac4bb04f2 ci: disable curses support
Comparison of output for a failed build. Old setup produces >3k lines of
unhelpful messages:

https://github.com/edgelesssys/constellation/actions/runs/7165242775/job/19506817413

Without curses support, we get <400 lines with relevant details:

https://github.com/edgelesssys/constellation/actions/runs/7166031624/job/19509201790
2023-12-11 14:27:31 +01:00
Markus Rudy
a1dbd13f95 versions: consolidate various types of Components
There used to be three definitions of a Component type, and conversion
routines between the three. Since the use case is always the same, and
the Component semantics are defined by versions.go and the installer, it
seems appropriate to define the Component type there and import it in
the necessary places.
2023-12-11 14:26:54 +01:00
edgelessci
90d92e5b51 deps: tidy all modules 2023-12-08 13:59:51 +01:00
Malte Poll
93d505ef7f
deps: bump Go to 1.21.5 (#2689) 2023-12-08 12:11:31 +01:00
Malte Poll
c0d8508931
ci: fix repository name of shellcheck for linux arm64 (#2670) 2023-12-06 13:34:22 +01:00
Daniel Weiße
b7425db72a
constellation-lib: add Helm wrapper (#2680)
* Add Helm wrapper to constellation-lib
* Move helm package to constellation-lib

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-06 10:01:39 +01:00
Daniel Weiße
f5718b6655
docs: add Kubernetes version support list (#2661)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-05 15:13:25 +01:00
Malte Poll
5e2cad34c9
image: update Linux to 6.1.64 (#2677)
Changelogs:

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.64
2023-12-05 09:35:48 +01:00
Malte Poll
432c4294c5 bazel: remove unused go_ld_test
This was an attempt to make unit tests work where we linked against libraries and ld from Fedora.
This is no longer needed.
2023-12-01 09:35:33 +01:00
Malte Poll
4ca88cd779 bazel: remove bazeldnf and pinned rpms 2023-12-01 09:35:33 +01:00
Malte Poll
ee3ff9ac01 bazel: use patched RPATH in bootstrapper and disk-mapper binaries 2023-12-01 09:35:33 +01:00
Malte Poll
cd6e03049a libvirt: build containerized libvirt as nix container image 2023-12-01 09:35:33 +01:00
Malte Poll
e174c4dfe1 bazel: add patchelf rule
This rule allows overwriting a binaries' rpath.
This is required to use binaries built by Bazel that link against cc_library
targets from nix (like `/nix/store/<hash>/lib/*.so`).
2023-12-01 09:35:33 +01:00
Malte Poll
cbe08597c3 bazel: define common platforms for multi-platform builds
Default platform for targeting Constellation OS images with nix and cgo:
//bazel/platforms:constellation_os

Other target platforms with nix and cgo:
//bazel/platforms:aarch64-darwin_nix
//bazel/platforms:aarch64-linux_nix
//bazel/platforms:x86_64-darwin_nix
//bazel/platforms:x86_64-linux_nix

Pure go platforms (no cgo, statically linked)
//bazel/platforms:go-pure_aarch64-darwin
//bazel/platforms:go-pure_aarch64-linux
//bazel/platforms:go-pure_x86_64-darwin
//bazel/platforms:go-pure_x86_64-linux
2023-12-01 09:35:33 +01:00
Adrian Stobbe
a2de1d23ec
terraform-provider: add attestation data source (#2640)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2023-11-28 17:30:11 +01:00
Adrian Stobbe
98673b0983
ci: only generate lock files where provider is used (#2636) 2023-11-27 12:16:45 +01:00
Moritz Sanft
34bf3ad296
terraform-provider: add image datasource (#2642)
* terraform-provider: init

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: add basic docgen

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: fix build steps

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: extend build process and docgen

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* dev-docs: document provider usage

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: upload aspect lib mirror

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: don't try to create lockfiles

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: fix shellcheck issues

* bazel: separate paths to check

* terraform-provider: clean up old files

* terraform-provider: update provider resource

* terraform-provider: add image data source

* dev-docs: remove unnecessary init

* bazel: adhere to Terraform naming expectations

* terraform-provider: fix expected data type

* terraform-provider: generate docs

* terraform-provider: improve errors

* terraform-provider: add acceptance tests for data source

* terraform-provider: fix dependencies

* bazel: quote var reference

* terraform-provider: make region optional

* terraform-provider: bind imagefetcher to data source

* bazel: tidy

* terraform-provider: remove unused parameter

* terraform-provider: remove unused parameter

* terraform-provider: extend acceptance tests

* terraform-provider: allow tests to be ran without Bazel

* dev-docs: document testing

* terraform-provider: set binary path accordingly

* dev-docs: document docgen process for the provider

* bazel: run acceptance test in writable environment

* bazel: try to write to `$TMPDIR`

* terraform-provider: style nits

* terraform-provider: leave TODO

* bazel: tidy

* terraform-provider: regenerate docs

* terraform-provider: fix comment

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-27 09:00:08 +01:00
Moritz Sanft
9a62657b80
terraform-provider: init provider scaffolding (#2632)
* terraform-provider: init

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: add basic docgen

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: fix build steps

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: extend build process and docgen

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* dev-docs: document provider usage

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: upload aspect lib mirror

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: add docstring to fix linter

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: don't try to create lockfiles

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: fix shellcheck issues

* bazel: separate paths to check

* bazel: explain what updating lockfiles means

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: fix linter checks

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-24 15:58:21 +01:00
Moritz Sanft
968cdc1a38
cli: move cli/internal libraries (#2623)
* cli: move internal packages

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* cli: fix buildfiles

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: fix exclude dir

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* cli: move back libraries that will not be used by TF provider

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-22 14:52:56 +01:00
Malte Poll
d3ce6ffcc1
deps: update module github.com/hashicorp/* (#2626) 2023-11-22 09:35:00 +01:00
Malte Poll
73eba88c70
Revert "deps: update rules_oci to 1.4.2 (#2616)" (#2618)
This reverts commit 52f7afe6e5.
2023-11-20 16:18:15 +01:00
Malte Poll
52f7afe6e5
deps: update rules_oci to 1.4.2 (#2616) 2023-11-20 14:19:05 +01:00
edgelessci
02b4ba8413 deps: update dependency bazel_skylib to v1.5.0 2023-11-14 14:04:16 +01:00
edgelessci
b7ed4347d5 deps: update dependency hermetic_cc_toolchain to v2.1.3 2023-11-14 14:04:16 +01:00
renovate[bot]
f1edce0413 deps: update bazel (core) 2023-11-14 14:04:16 +01:00
renovate[bot]
1ad995e637
deps: update bufbuild/buf to v1.28.0 (#2589)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-14 09:08:12 +01:00
renovate[bot]
afed1b2330
deps: update golangci/golangci-lint to v1.55.2 (#2593)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-14 09:07:05 +01:00
Malte Poll
f79d5e8b08
deps: update linux kernel to 6.1.62 (#2582) 2023-11-13 14:54:53 +01:00
renovate[bot]
5af6ee058c
deps: update module k8s.io/kubernetes to v1.27.5 [SECURITY] (#2548)
* deps: update module k8s.io/kubernetes to v1.27.5 [SECURITY]

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-11-13 10:43:12 +01:00
Malte Poll
e11b1a0576 ci: use rbe for unit tests 2023-11-10 18:15:59 +01:00
Malte Poll
4e07965e87 bazel: disable local repository and disk cache 2023-11-10 18:15:59 +01:00
Malte Poll
84cd22b6ee bazel: add buildbarn toolchain (Ubuntu 22.04) 2023-11-10 18:15:59 +01:00
Malte Poll
955c16a57d deps: upgrade rules_nixpkgs 2023-11-10 18:15:59 +01:00
Adrian Stobbe
b765231175
deps: bump Go to 1.21.4 (#2569)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-11-09 20:17:14 +01:00
renovate[bot]
7eb28e4f6e
deps: update module github.com/google/go-tpm-tools to v0.4.2 (#2374)
* deps: update module github.com/google/go-tpm-tools to v0.4.2

* deps: tidy all modules

* remove go-tpm-tools replace

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-08 09:09:00 +01:00
renovate[bot]
8e00fb9fe1
deps: update golangci/golangci-lint to v1.55.1 (#2517)
* deps: update golangci/golangci-lint to v1.55.1
* deps: tidy all modules
* golangci-lint: exclude ginko/gomega imports
   from dot-imports rule

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-02 11:16:17 +01:00
renovate[bot]
026ed5b642
deps: update module github.com/google/uuid to v1.4.0 (#2530)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 16:20:37 +02:00
renovate[bot]
c50840dcd8
deps: update module github.com/onsi/ginkgo/v2 to v2.13.0 (#2516)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 13:32:47 +02:00
renovate[bot]
bac7e8b4f9
deps: update module helm.sh/helm/v3 to v3.13.1 (#2521)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 13:31:54 +02:00
renovate[bot]
cd93eb6886
deps: update module google.golang.org/api to v0.148.0 (#2519)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 09:59:26 +02:00
renovate[bot]
fff35bdb2a
deps: update module google.golang.org/grpc to v1.59.0 (#2520)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 16:59:11 +02:00
renovate[bot]
0030280d1b
deps: update module github.com/fsnotify/fsnotify to v1.7.0 (#2518)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 15:33:23 +02:00
renovate[bot]
f9989728f7
deps: update module google.golang.org/grpc to v1.56.3 [SECURITY] (#2514)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:20:40 +02:00
renovate[bot]
936f55f4b0
deps: update module go.uber.org/goleak to v1.3.0 (#2509)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-25 17:39:41 +02:00
renovate[bot]
15d249092c
deps: update github.com/gophercloud/utils digest to 80377ec (#2495)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-24 15:35:59 +02:00
renovate[bot]
ecbf6dcd14
deps: update bufbuild/buf to v1.27.1 (#2497)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-24 15:34:34 +02:00
Adrian Stobbe
5819a11d25
api: for Azure attestationconfigapi use TCB values from SNP report instead of MAA token (#2429) 2023-10-17 17:36:50 +02:00
Moritz Sanft
a8605d7294
cli: use custom byte-slice marshalling for state file (#2460)
* custom byte slice marshalling

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* byte slice compatibility

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* other byte slice compat test

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add missing dep

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* export byte type alias

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* regenerate exported type

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* test marshal and unmarshal together

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-10-17 10:35:54 +02:00