Commit Graph

1063 Commits

Author SHA1 Message Date
Otto Bittner
07f02a442c
Refactor Helm deployments (#341)
* Wrap KMS deployment in one main chart that
deploys all other services. Other services will follow.
* Use .tgz via helm-package as serialization format
* Change Release type to carry chart as byte slice
* Remove KMSConfig
* Use json-schema to validate values
* Extend release.md to mention updating helm charts
2022-10-21 12:01:28 +02:00
renovate[bot]
10a207c7ec Update github actions dependencies 2022-10-21 11:33:41 +02:00
Malte Poll
f3d78a573f Disable Azure VM agent and report VM as ready 2022-10-21 11:04:25 +02:00
Malte Poll
ed9acef9d4 Upgrade terraform azure provider to 3.28.0 2022-10-21 11:04:25 +02:00
Malte Poll
6a1405f7c9 Disable SSH key deployment with debugd / cdbg 2022-10-21 11:04:25 +02:00
Malte Poll
b57b25fdaa Image upload AWS 2022-10-21 11:04:25 +02:00
Malte Poll
0c297f7b10 Update CHANGELOG 2022-10-21 11:04:25 +02:00
Malte Poll
743f5fa627 Remove all traces of CoreOS from the codebase 2022-10-21 11:04:25 +02:00
Malte Poll
35e2267cf9 Move mkosi folder to old image folder location 2022-10-21 11:04:25 +02:00
Malte Poll
24f3371cf6 Remove CoreOS image folder 2022-10-21 11:04:25 +02:00
Malte Poll
26fdfa4bee Prefill PCR[11], PCR[12], PCR[13], PCR[15] 2022-10-21 11:04:25 +02:00
Malte Poll
3b6ee703f5 Move PCR indices for owner ID and cluster ID 2022-10-21 11:04:25 +02:00
Malte Poll
a901759725 docs: Updates for transition CoreOS -> mkosi / Fedora 2022-10-21 11:04:25 +02:00
Malte Poll
835f7702a4 Precalculate expected PCR[9] 2022-10-21 11:04:25 +02:00
Malte Poll
6859c6b00e Precalculate expected PCR[8] 2022-10-21 11:04:25 +02:00
Malte Poll
1e9608c796 Precalculate expected PCR[4] 2022-10-21 11:04:25 +02:00
Malte Poll
93801e1786 debugd: Allow autologin on serial console 2022-10-21 11:04:25 +02:00
Malte Poll
21617dc7db Add license identifiers to scripts 2022-10-21 11:04:25 +02:00
Malte Poll
9b57f2a91c Cilium: avoid requirements for jq on Constellation OS 2022-10-21 11:04:25 +02:00
Malte Poll
981796574c Disable access manager 2022-10-21 11:04:25 +02:00
Malte Poll
f4e69ec6ec mkosi pipeline: Collect hashes 2022-10-21 11:04:25 +02:00
Nils Hanke
714b368a62 Add gcloud setup back to GCP login action for magic authentication 2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc Create mkosi image build pipeline 2022-10-21 11:04:25 +02:00
Daniel Weiße
e5aaf0a42f Add hint about problematic iptables rules to minic11n requirements
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 09:35:39 +02:00
daniel-weisse
6cf5003321 CLI reference was updated by edgelesssys/constellation@085f7b1a 2022-10-21 08:29:24 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing (#331)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-20 15:59:17 +02:00
Daniel Weiße
085f7b1a2a Prompt user for confirmation before overwriting config
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-20 15:35:31 +02:00
Paul Meyer
2685b5be1f Let tfsec fail soft in CI
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-20 10:44:43 +02:00
renovate[bot]
8cf6189cf0
Update module github.com/fsnotify/fsnotify to v1.6.0 (#325)
* Update module github.com/fsnotify/fsnotify to v1.6.0

* [bot] Tidy all modules

* Use event.Has function

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-20 10:16:20 +02:00
Christoph Meyer
cd557e33fc AB#2493 Recreate benchmark graphs in edgeless colors 2022-10-19 18:53:43 +02:00
renovate[bot]
b0a6f0ea39 [bot] Tidy all modules 2022-10-19 13:37:16 +02:00
renovate[bot]
1d417029bf Update module github.com/google/tink/go to v1.7.0 2022-10-19 13:37:16 +02:00
Paul Meyer
a0e0091bfc
Let renovate ignore constellation module (#327)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:46:38 +02:00
renovate[bot]
38ff8b70c7
Update module github.com/spf13/cobra to v1.6.0 (#326)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:07:00 +02:00
Paul Meyer
a6b0edfcaa Tidy modules on renovate branches
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
Paul Meyer
7c13302936 Checkout branch instead of head commit
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
renovate[bot]
37a9dbfad2
Update k8s dependencies (#308)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:37:40 +02:00
renovate[bot]
6d5cb6b581
Update sigstore/cosign-installer action to v2.8.1 (#323)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 10:29:37 +02:00
renovate[bot]
f05bccb670
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.5.1 (#269)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:57:09 +02:00
renovate[bot]
3e209b9456
Update module github.com/coreos/go-systemd/v22 to v22.4.0 (#321)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:51:58 +02:00
katexochen
3375b46b77 Update release.md 2022-10-18 17:36:48 +02:00
Paul Meyer
0e79af6f14 Run tests on push to release branch
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 17:02:16 +02:00
Paul Meyer
1daa7a6b43 Group updates of Google cloud dependencies
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 16:48:42 +02:00
renovate[bot]
e8ec4ad91b
Update etcd to v3.5.5 (#295)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 16:20:31 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies (#311)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:54:53 +02:00
Otto Bittner
c6ccee1250 AB#2490: deploy KMS via Helm
* Bundle helm-install related code in speparate package
* Move cilium installation to new helm package
2022-10-18 13:33:37 +02:00
Otto Bittner
62168bbf98 AB#2490: Add KMS helm chart
* Also run helm-lint in CI now
2022-10-18 13:33:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies (#294)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:00:41 +02:00
renovate[bot]
9a1d795597
Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault (#267)
* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys to v0.8.1

* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets to v0.10.1

* Adjust Azure KMS opts struct

* Update kms readme formatting

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-18 12:08:59 +02:00
renovate[bot]
9af0640aad
Update Terraform azurerm to v3.27.0 (#301)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 11:54:29 +02:00