Commit Graph

288 Commits

Author SHA1 Message Date
renovate[bot]
be94710f5b
deps: update Google SDK (#1500)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:16:52 +01:00
renovate[bot]
7d899d7aa5
deps: update module github.com/schollz/progressbar/v3 to v3.13.1 (#1497)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:11:50 +01:00
renovate[bot]
e95d79f97e
deps: update github.com/gophercloud/utils digest to e15d7ee (#1486)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 10:33:43 +01:00
Daniel Weiße
5a0234b3f2
attestation: add option for MAA fallback to verify azure's snp-sev id key digest (#1257)
* Convert enforceIDKeyDigest setting to enum

* Use MAA fallback in Azure SNP attestation

* Only create MAA provider if MAA fallback is enabled

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-21 12:46:49 +01:00
Malte Poll
c7fdeb4637 deps: go mod tidy 2023-03-21 10:51:09 +01:00
Moritz Sanft
f2ce9518a3
cli: support custom attestation policies for maa (#1375)
* create and update maa attestation policy

* use interface to allow unit testing

* fix test csp

* http request for policy patch

* go mod tidy

* remove hyphen

* go mod tidy

* wip: adapt to feedback

* linting fixes

* remove csp from tf call

* fix type assertion

* Add MAA URL to instance tags (#1409)

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* conditionally create maa provider

* only set instance tag when maa is created

* fix azure unit test

* bazel tidy

* remove AzureCVM const

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* encode policy at runtime

* remove policy arg

* fix unit test

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-20 13:33:04 +01:00
renovate[bot]
a6021be714
deps: update K8s dependencies (#1401)
* deps: update K8s dependencies
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-03-17 15:55:44 +01:00
renovate[bot]
cb2d2b0b89
deps: update module github.com/spf13/afero to v1.9.5 (#1396)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 18:40:17 +01:00
Paul Meyer
593253e090
ci: ignore replaced ghsa (#1392)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 11:13:05 +01:00
Daniel Weiße
83d10b0e70
hack: remove unused tools (#1387)
* Remove unused pcr-compare tool
* Remove unused pcr-reader tool
* Remove obsolete image-measurement tool

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-09 16:59:33 +01:00
Malte Poll
bdba9d8ba6
bazel: add build files for go (#1186)
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-09 15:23:42 +01:00
Otto Bittner
441eef294a
deps: fix dependabot security warnings (#1337) 2023-03-03 15:41:19 +01:00
Daniel Weiße
5eb73706f5
internal: refactor storage credentials (#1071)
* Move storage clients to separate packages

* Allow setting of client credentials for AWS S3

* Use managed identity client secret or default credentials for Azure Blob Storage

* Use credentials file to authorize GCS client

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-02 15:08:31 +01:00
renovate[bot]
21ccd861ae
deps: update K8s dependencies (#1314)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 14:52:19 +01:00
renovate[bot]
33958b2ad7
deps: update module github.com/leodido/go-urn to v1.2.2 (#1301)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:32:53 +01:00
renovate[bot]
af8c6e70ad
deps: update module github.com/sigstore/sigstore to v1.6.0 (#1306)
* deps: update module github.com/sigstore/sigstore to v1.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-02-28 15:47:08 +01:00
renovate[bot]
6b37f2049f
deps: update module github.com/zclconf/go-cty to v1.13.0 (#1307)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:18:51 +01:00
renovate[bot]
46672ff039
deps: update module github.com/shopspring/decimal to v1.3.1 (#1305)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:17:21 +01:00
renovate[bot]
c61e117b8c
deps: update module github.com/acomagu/bufpipe to v1.0.4 (#1302)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:42:23 +01:00
renovate[bot]
800acdeb3f
deps: update module github.com/rivo/uniseg to v0.4.4 (#1304)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:40:00 +01:00
renovate[bot]
9ee92ba7c8
deps: update module github.com/go-git/go-billy/v5 to v5.4.1 (#1303)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:25:47 +01:00
renovate[bot]
0664c83c73
deps: update module github.com/hashicorp/go-retryablehttp to v0.7.2 (#1295)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 12:00:31 +01:00
renovate[bot]
2c6cc2247e
deps: update module github.com/go-playground/validator/v10 to v10.11.2 (#1294)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 11:19:26 +01:00
renovate[bot]
f91575a739
deps: update module github.com/google/trillian to v1.5.1 (#1291)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:51:23 +01:00
renovate[bot]
6b9065b444
deps: update module github.com/google/certificate-transparency-go to v1.1.4 (#1290)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:14:09 +01:00
renovate[bot]
b5879941b3
deps: update module github.com/pborman/uuid to v1.2.1 (#1289)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:13:22 +01:00
renovate[bot]
c9f131467e
deps: update AWS SDK (#1240)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-24 17:27:49 +01:00
renovate[bot]
7c95036d97
deps: update module github.com/spf13/afero to v1.9.4 (#1269)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-02-24 15:54:01 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci (#1218)
* add cli k8s compatibility api to ci

* extend versionsapi package

* rework cli info upload via ci

* join errors natively

* fix semver

* upload from hack file

* fix ci checks

* add distributionid

* setup go before running hack file

* setup go after repo checkout

* use logger instead of panic, invalidate cache

* use provided ctx

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

---------

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-24 12:00:04 +01:00
renovate[bot]
7ba90e73a9
deps: update module google.golang.org/api to v0.110.0 (#1244)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-22 14:45:25 +01:00
renovate[bot]
c91db4e1c4
deps: update module google.golang.org/grpc to v1.53.0 (#1246)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-22 13:05:21 +01:00
renovate[bot]
4d9e85ee40
deps: update module github.com/fatih/color to v1.14.1 (#1243)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 15:33:55 +01:00
renovate[bot]
c65655a428
deps: update github.com/hashicorp/go-kms-wrapping (#1215)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-21 12:51:26 +01:00
renovate[bot]
d89dd0ce18
deps: update module github.com/containerd/containerd to v1.6.18 [SECURITY] (#1230)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 11:44:04 +01:00
renovate[bot]
3c61a49f6d
deps: update module golang.org/x/net to v0.7.0 [SECURITY] (#1231)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 10:53:28 +01:00
Paul Meyer
12c866bcb9 deps: replace multierr with native errors.Join
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
renovate[bot]
61e0057043
deps: update module helm.sh/helm/v3 to v3.11.1 [SECURITY] (#1156)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-17 10:42:48 +01:00
renovate[bot]
35a58316f4
deps: update K8s dependencies (#766)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-16 15:20:36 +01:00
renovate[bot]
0e35649724
deps: update Azure SDK (#1206)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-16 14:47:24 +01:00
Otto Bittner
50646b2a10 cli: refactor upgrade apply cmd to match name
* `upgrade apply` will try to make the locally configured and
actual version in the cluster match by appling necessary
upgrades.
* Skip image or kubernetes upgrades if one is already
in progress.
* Skip downgrades/equal-as-running versions
* Move NodeVersionResourceName constant from operators
to internal as its needed in the CLI.
2023-02-15 16:44:47 +01:00
renovate[bot]
d2bf2f1108
deps: update module go.uber.org/goleak to v1.2.1 (#1194)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:00:02 +01:00
renovate[bot]
b8112f3dc2
deps: update module golang.org/x/tools to v0.6.0 (#1180)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-14 14:33:53 +01:00
renovate[bot]
77bd537fb4
deps: update module golang.org/x/mod to v0.8.0 (#1167)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 18:33:18 +01:00
renovate[bot]
acf0e27b49
deps: update module golang.org/x/crypto to v0.6.0 (#1166)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 18:12:20 +01:00
Otto Bittner
c275464634 cli: change upgrade-plan to upgrade-check
Upgrade check is used to find updates for the current cluster.
Optionally the found upgrades can be persisted to the config
for consumption by the upgrade-execute cmd.
The old `upgrade execute` in this commit does not work with
the new `upgrade plan`.
The current versions are read from the cluster.
Supported versions are read from the cli and the versionsapi.
Adds a new config field MicroserviceVersion that will be used
by `upgrade execute` to update the service versions.
The field is optional until 2.7
A deprecation warning for the upgrade key is printed during
config validation.
Kubernetes versions now specify the patch version to make it
explicit for users if an upgrade changes the k8s version.
2023-02-08 12:30:01 +01:00
Daniel Weiße
3a7b829107
internal: use go-kms-wrapping for KMS backends (#1012)
* Replace external KMS backend logic for AWS, Azure, and GCP with go-kms-wrapping

* Move kms client setup config into its own package for easier parsing

* Update kms integration flag naming

* Error if nil storage is passed to external KMS

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-08 12:03:54 +01:00
renovate[bot]
b3495685fb
deps: update AWS SDK (#1100)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-01 14:02:58 +01:00
renovate[bot]
7b012e72b9
deps: update Azure SDK (#1004)
* deps: update Azure SDK
* deps: tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-20 15:42:06 +01:00
renovate[bot]
645e2445d1
Update module golang.org/x/tools to v0.5.0 (#1024)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 11:44:59 +01:00
renovate[bot]
f5623fee5a
Update module github.com/sigstore/sigstore to v1.5.1 (#1006)
* Update module github.com/sigstore/sigstore to v1.5.1
* deps: tidy all modules
2023-01-18 10:19:31 +01:00
renovate[bot]
6311b45708
Update module github.com/siderolabs/talos/pkg/machinery to v1.3.2 (#953)
* Update module github.com/siderolabs/talos/pkg/machinery to v1.3.2
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-13 11:27:52 +01:00
renovate[bot]
efd99975a4
Update Google SDK (#928) 2023-01-11 14:28:45 +01:00
Otto Bittner
c19e894d43 Revert "Update Google SDK (#907)"
This reverts commit e54b2ec95f.
2023-01-10 11:41:43 +01:00
renovate[bot]
e54b2ec95f
Update Google SDK (#907)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 18:30:19 +01:00
Paul Meyer
dc73411301 hack: remove build-manifest
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 13:15:09 +01:00
renovate[bot]
1d34c140da
Update module github.com/go-playground/locales to v0.14.1 (#904)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 18:49:45 +01:00
renovate[bot]
99bf359251
Update module github.com/go-git/go-git/v5 to v5.5.2 (#903)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 18:49:11 +01:00
Paul Meyer
f4df4067bd
deps: upgrade Azure sdk (#887)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 16:26:30 +01:00
renovate[bot]
992e318c1c
Update AWS SDK (#893)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 15:45:38 +01:00
renovate[bot]
15873d4959
Update module google.golang.org/api to v0.106.0 (#896)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 15:39:44 +01:00
renovate[bot]
b8a6ab7c70
Update module github.com/schollz/progressbar/v3 to v3.13.0 (#882)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 17:48:15 +01:00
renovate[bot]
4803edd4a0
Update module github.com/google/go-tpm-tools to v0.3.10 (#836)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-05 14:42:09 +01:00
renovate[bot]
b09f1ba62a
Update module golang.org/x/crypto to v0.5.0 (#869)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 10:54:07 +01:00
Paul Meyer
3561a16819 ci: replace add-version through versionsapi cli
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 11:39:19 +01:00
renovate[bot]
806f6b70dd
Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1 (#844)
* Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1
* Rename talos-systems/talos to siderolabs/talos

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-02 13:33:56 +01:00
renovate[bot]
0e529c91e4
Update module github.com/mattn/go-isatty to v0.0.17 (#841)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-30 14:00:19 +01:00
renovate[bot]
3daa0af9d3
Update module github.com/docker/docker to v20.10.22+incompatible (#834)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 18:41:37 +01:00
renovate[bot]
dc5f9bf9ae
Update module cloud.google.com/go/compute/metadata to v0.2.3 (#832)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 18:10:38 +01:00
renovate[bot]
1595f83ac6
Update AWS SDK (#789)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 14:55:08 +01:00
renovate[bot]
030d2e9bb2
Update module google.golang.org/api to v0.105.0 (#756)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-23 13:46:04 +01:00
renovate[bot]
365da19ddf
Update module helm.sh/helm/v3 to v3.10.3 [SECURITY] (#802)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-15 09:11:10 +01:00
renovate[bot]
122a7339d1
Update module go.uber.org/multierr to v1.9.0 (#801)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-15 08:03:15 +01:00
renovate[bot]
fc010e063e
Update module github.com/go-git/go-git/v5 to v5.5.1 (#781)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-12 18:42:58 +01:00
renovate[bot]
b267fc8f1a
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.6.1 (#772)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-12 10:27:29 +01:00
renovate[bot]
34f2d00766
Update module libvirt.org/go/libvirt to v1.8010.0 (#774)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 16:01:26 +01:00
renovate[bot]
0655c05d79
Update module github.com/sigstore/sigstore to v1.5.0 (#773)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 15:49:50 +01:00
renovate[bot]
1daae77189
Update AWS SDK (#769)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 15:28:27 +01:00
Paul Meyer
4c2ffe7905
Update Google SDK (#760)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 10:59:18 +01:00
Paul Meyer
9b1551e76a dependencies: migrate go-genproto to google-cloud-go
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
Paul Meyer
eff3dd8aea dependencies: upgrade containerd module
Fixes CVE-2022-23471.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
renovate[bot]
953381848b
Update module golang.org/x/crypto to v0.4.0 (#751)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 17:36:27 +01:00
renovate[bot]
e17db4b428
Update module github.com/schollz/progressbar/v3 to v3.12.2 (#739)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-07 09:33:57 +01:00
renovate[bot]
63f74f0d65
Update module github.com/go-git/go-git/v5 to v5.5.0 (#735)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:51:06 +01:00
renovate[bot]
64c6c6b005
Update module github.com/aws/smithy-go to v1.13.5 (#728)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 16:27:15 +01:00
renovate[bot]
8bf92bb6e5
Update module golang.org/x/sys to v0.3.0 (#721)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:56:08 +01:00
renovate[bot]
6e84958b84
Update AWS SDK (#679)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 11:10:56 +01:00
renovate[bot]
3e343ed185
Update module go.uber.org/zap to v1.24.0 (#703)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:53:27 +01:00
renovate[bot]
b20e9b3cd4
Update google.golang.org/genproto digest to e3fa12d (#704)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:35:32 +01:00
Malte Poll
3aa51df74d Add release trigger to make image versions available via CDN 2022-11-30 12:35:12 +01:00
renovate[bot]
5b23a071ac
Update module github.com/sigstore/sigstore to v1.4.6 (#667)
* Update module github.com/sigstore/sigstore to v1.4.6
* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:32:59 +01:00
renovate[bot]
a32f9ae752
Update k8s.io/utils digest to 99ec85e (#664)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:01:29 +01:00
renovate[bot]
6ba9c32f55
Update AWS SDK (#530)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 13:45:06 +01:00
Nils Hanke
89b25f8ebb
Add new generate measurements matrix CI/CD action (now with AWS support) (#641) 2022-11-25 12:08:24 +01:00
Daniel Weiße
67d0424f0e
AB#2639 Add functions to fetch k8s and helm version of Constellation (#637)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 16:39:33 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs (#553)
* Merge enforced and expected measurements

* Update measurement generation to new format

* Write expected measurements hex encoded by default

* Allow hex or base64 encoded expected measurements

* Allow hex or base64 encoded clusterID

* Allow security upgrades to warnOnly flag

* Upload signed measurements in JSON format

* Fetch measurements either from JSON or YAML

* Use yaml.v3 instead of yaml.v2

* Error on invalid enforced selection

* Add placeholder measurements to config

* Update e2e test to new measurement format

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 10:57:58 +01:00
renovate[bot]
22f9e2ed4b
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7 (#619)
* Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-22 14:18:13 +01:00
renovate[bot]
928fdcff76
Update google.golang.org/genproto digest to 1645502 (#585)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 13:32:23 +01:00
renovate[bot]
fad198aa2e
Update module google.golang.org/api to v0.103.0 (#595)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 14:45:48 +01:00
renovate[bot]
d7ace99a66
Update module google.golang.org/grpc to v1.51.0 (#598)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 12:15:02 +01:00
renovate[bot]
b4653152ee
Update libvirt.org/go to v1.8009.0 (#593)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 15:56:39 +01:00
renovate[bot]
6b7e470983
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.6 (#582)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 09:20:54 +01:00
renovate[bot]
5dc78b677b
Update google.golang.org/genproto digest to 41c2ba7 (#503)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 18:49:17 +01:00
renovate[bot]
25c3fcd104
Update module github.com/schollz/progressbar/v3 to v3.12.1 (#581)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 17:12:04 +01:00
renovate[bot]
fe36de8826
Update module golang.org/x/crypto to v0.3.0 (#569)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 10:18:43 +01:00
renovate[bot]
ee47177029
Update module helm.sh/helm/v3 to v3.10.2 (#555)
* Update module helm.sh/helm/v3 to v3.10.2

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-15 15:47:53 +01:00
renovate[bot]
9ef8a0846f
Update module github.com/spf13/afero to v1.9.3 (#554)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-15 12:18:33 +01:00
renovate[bot]
c71eeffd1e
Update module github.com/sigstore/rekor to v1.0.1 (#543)
* Update module github.com/sigstore/rekor to v1.0.1
* quotes around string with spaces
* [bot] Tidy all modules
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: datosh <datosh@users.noreply.github.com>
2022-11-15 12:18:01 +01:00
Leonard Cohnen
c51694a51a kubernetes: add hashes to components 2022-11-15 11:07:46 +01:00
renovate[bot]
83cbc68cb6
Update module github.com/googleapis/gax-go/v2 to v2.7.0 (#517)
* Update module github.com/googleapis/gax-go/v2 to v2.7.0

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-14 10:48:28 +01:00
Malte Poll
e8f02c0262 go mod tidy 2022-11-14 10:04:04 +01:00
renovate[bot]
e887dc7fcd
Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0 (#515)
* Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:56:45 +01:00
renovate[bot]
0720f95179
Update module cloud.google.com/go/storage to v1.28.0 (#498)
* Update module cloud.google.com/go/storage to v1.28.0

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:43:36 +01:00
renovate[bot]
52140ff7e5
Update module golang.org/x/crypto to v0.2.0 (#507)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 08:01:51 +01:00
renovate[bot]
9af6923756
Update module golang.org/x/mod to v0.7.0 (#508)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 18:44:07 +01:00
renovate[bot]
1c463bf10b
Update Azure SDK (#493)
* Update Azure SDK
* [bot] Tidy all modules
* fix breaking changes around New function in Azure SDK
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 12:09:22 +01:00
renovate[bot]
cf9693af24
Update Google cloud SDK (#457)
* Update Google cloud SDK
* [bot] Tidy all modules
* migrate from google.golang.org/genproto/googleapis/cloud/kms/v1 to cloud.google.com/go/kms/apiv1/kmspb
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 11:48:56 +01:00
renovate[bot]
ce0b3a8867
Update module golang.org/x/sys to v0.2.0 (#491)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 11:09:07 +01:00
renovate[bot]
18439fc69b
Update module github.com/docker/docker to v20.10.21+incompatible (#322)
* Update module github.com/docker/docker to v20.10.21+incompatible

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:07:15 +01:00
renovate[bot]
cb7b53a9c9
Update AWS SDK (#490)
* Update AWS SDK
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:03:06 +01:00
renovate[bot]
5f170709d6
Update k8s.io/utils digest to 8e77b1f (#489)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 10:46:47 +01:00
renovate[bot]
34435e4396
Update k8s.io/utils digest to 1a15be2 (#483)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 18:39:51 +01:00
renovate[bot]
934d173650
Update AWS SDK (#412)
* Update AWS SDK

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 13:17:27 +01:00
renovate[bot]
8e44eb7ea5
Update module github.com/sigstore/rekor to v1 (#453)
* Update module github.com/sigstore/rekor to v1
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 12:45:45 +01:00
Leonard Cohnen
0430336fdf metadata: implement GetLoadBalancerEndpoint for AWS 2022-11-02 23:29:04 +01:00
renovate[bot]
4b257616e4
Update k8s.io/utils digest to 61b03e2 (#427)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 16:04:19 +01:00
Daniel Weiße
55cfff034a
Remove PublicIP from QEMU metadata (#396)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-02 12:56:16 +01:00
renovate[bot]
67a99434e9
Update module github.com/sigstore/sigstore to v1.4.5 (#383)
* Update module github.com/sigstore/sigstore to v1.4.5
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-01 12:14:55 +01:00
Paul Meyer
256f0e64b3 Upgrade Go version to 1.19
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 16:06:53 +02:00
renovate[bot]
4ef94834ed
Update module github.com/googleapis/gax-go/v2 to v2.6.0 (#330)
* Update module github.com/googleapis/gax-go/v2 to v2.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-28 09:33:29 +02:00
leongross
d457620941
AB#2458 AWS NitroTPM attestation (#339)
* add aws tpm attestation
* fix typos
* Fix return value issue

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-10-27 11:04:23 +02:00
renovate[bot]
8d82d8c0fa
Update module github.com/stretchr/testify to v1.8.1 (#385)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:39:45 +02:00
renovate[bot]
8c01a6647f
Update module github.com/spf13/cobra to v1.6.1 (#384)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:25:21 +02:00
renovate[bot]
9210ae5d04
Update google.golang.org/genproto digest to 527a21c (#320)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:47:16 +02:00
renovate[bot]
c452f17ca2
Update module golang.org/x/mod to v0.6.0 (#335)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-24 18:44:03 +02:00
Daniel Weiße
c82d5ccba9
Hide cursor and fix dots (#217)
* Hide cursor and fix dots spinner

* Allow restarting of spinner

* Don't spin on non TTY output

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 14:26:42 +02:00
renovate[bot]
56981a709e
Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13 (#346)
* Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13

* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-21 14:08:36 +02:00
renovate[bot]
02f1f5109a Update module google.golang.org/grpc to v1.50.1 2022-10-21 13:28:03 +02:00
Otto Bittner
07f02a442c
Refactor Helm deployments (#341)
* Wrap KMS deployment in one main chart that
deploys all other services. Other services will follow.
* Use .tgz via helm-package as serialization format
* Change Release type to carry chart as byte slice
* Remove KMSConfig
* Use json-schema to validate values
* Extend release.md to mention updating helm charts
2022-10-21 12:01:28 +02:00
renovate[bot]
8cf6189cf0
Update module github.com/fsnotify/fsnotify to v1.6.0 (#325)
* Update module github.com/fsnotify/fsnotify to v1.6.0

* [bot] Tidy all modules

* Use event.Has function

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-20 10:16:20 +02:00
renovate[bot]
b0a6f0ea39 [bot] Tidy all modules 2022-10-19 13:37:16 +02:00
renovate[bot]
38ff8b70c7
Update module github.com/spf13/cobra to v1.6.0 (#326)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:07:00 +02:00
renovate[bot]
37a9dbfad2
Update k8s dependencies (#308)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:37:40 +02:00
renovate[bot]
f05bccb670
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.5.1 (#269)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:57:09 +02:00
renovate[bot]
9a1d795597
Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault (#267)
* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys to v0.8.1

* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets to v0.10.1

* Adjust Azure KMS opts struct

* Update kms readme formatting

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-18 12:08:59 +02:00
renovate[bot]
ecdf5d5165
Update module golang.org/x/text to v0.3.8 (#297)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 18:12:19 +02:00
renovate[bot]
71d4aac3f2
Update module github.com/docker/docker to v20.10.19+incompatible (#271)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 15:40:59 +02:00
renovate[bot]
a998745e91
Update google.golang.org/genproto digest to 99cd37c (#253)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 15:36:21 +02:00
renovate[bot]
51a0c746ca
Update golang.org/x/sys digest to 95e765b (#257)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 11:12:04 +02:00
Malte Poll
397e61700d
Use upstream go-attestation (#286)
The reason for replacing the module was waiting for https://github.com/google/go-attestation/pull/284 to be merged.
2022-10-17 09:44:05 +02:00
Daniel Weiße
19b67dc622 Update module github.com/aws/aws-sdk-go-v2/feature/s3/manager to v1.11.34
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-14 11:09:44 +02:00