Daniel Weiße
09d19fec22
cli: fix constellation verify
depending on an initialized constellation-state.yaml
file ( #3184 )
...
* Ignore missing state file if flags are provided
* Update verify docs to include requirement for config file
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:09:01 +02:00
renovate[bot]
e71819eb62
deps: update Go dependencies ( #3185 )
...
* deps: update Go dependencies
* deps: tidy all modules
* Replace deprecated `grpc.DialContext` with `grpc.NewClient`
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:05:57 +02:00
edgelessci
bd80ab89cb
image: update measurements and image version ( #3189 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-21 08:28:27 +02:00
renovate[bot]
c01f735042
deps: update bazel (core) ( #3186 )
...
* deps: update bazel (core)
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:49:33 +02:00
renovate[bot]
afd6b35f18
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240611 ( #3180 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-20 13:28:21 +02:00
renovate[bot]
364bc1c9c4
deps: update dependency aspect_bazel_lib to v2.7.7 ( #3137 )
...
* deps: update dependency aspect_bazel_lib to v2.7.7
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:27:48 +02:00
Daniel Weiße
c1e4da3ea1
debugd: reset unit failed status before restarting ( #3183 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 11:22:37 +02:00
Daniel Weiße
a36e1a79f0
helm: upgrade cert-manager from v1.12.6 to v1.15.0 ( #3177 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 10:49:00 +02:00
Daniel Weiße
0368047939
helm: update Azure CSI, GCP CSI, and CSI snapshotter charts ( #3175 )
...
* Update GCP CSI chart to v1.4.0
* Update Azure CSI chart to v1.4.0
* Update CSI snapshotter from v6.2.2 to v8.0.1
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 08:41:46 +02:00
Markus Rudy
6e2af89c01
ci: fix cdbg_deploy error reporting ( #3182 )
2024-06-20 08:25:30 +02:00
Markus Rudy
c911eb4e3a
versions: default to k8s v1.29, support k8s v1.30, EOL v1.27 ( #3173 )
...
* versions: remove k8s 1.27 and patch-upgrade the others
* versions: add support for k8s 1.30.2
* versions: upgrade cloud provider images
2024-06-19 17:34:34 +02:00
Markus Rudy
132d540ac0
ci: fix GCP CCM findvers.sh script ( #3178 )
2024-06-19 16:26:02 +02:00
renovate[bot]
9cd1184244
deps: update GitHub action dependencies ( #3176 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-19 15:19:41 +02:00
Markus Rudy
9a295b2c3a
ci: better fence around tidy-check-generate summary ( #3174 )
2024-06-19 12:19:41 +02:00
edgelessci
1975a10721
image: update measurements and image version ( #3172 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-19 08:26:57 +02:00
Daniel Weiße
9d99d05826
cli: fix unmarshalling of sev-snp attestation documents in constellation verify
( #3171 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-17 13:38:59 +02:00
edgelessci
e0f52b4acd
image: update locked rpms ( #3170 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-16 11:05:20 +02:00
Markus Rudy
429711bf5d
ci: don't assign 3u13r ( #3169 )
2024-06-14 13:32:10 +02:00
Markus Rudy
566137e7ab
ci: make cdbg deploy errors easier to spot ( #3168 )
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-14 13:31:42 +02:00
edgelessci
63dc0c79af
image: update measurements and image version ( #3167 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-14 08:14:39 +02:00
Daniel Weiße
daaa7755a7
cli: enable JSON output for constellation verify
on Azure TDX ( #3164 )
...
* Remove formatter factory
* Enable `constellation verify` with JSON output for Azure TDX
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 13:18:27 +02:00
renovate[bot]
b3fcdc9a22
deps: update module github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.6.0 [SECURITY] ( #3163 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-12 08:04:52 +02:00
edgelessci
305bc692e9
image: update measurements and image version ( #3162 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-12 08:03:25 +02:00
Daniel Weiße
8b76dd68ca
attetstation: enable Azure TDX CRL checking ( #3160 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:02:47 +02:00
Daniel Weiße
c682558940
debugd: return systemd logs if restarting a unit fails ( #3159 )
...
* Wait until logcollection containers are ready
* Add systemd unit journal entries to error message
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:01:54 +02:00
Markus Rudy
08770a69c4
deps: upgrade to tink-go v2.1.0 ( #3054 )
...
* deps: leave notes on why forks are used
* deps: use upstream version of tink-go
2024-06-11 20:15:42 +02:00
renovate[bot]
f8e0ca4bb6
deps: update libvirtd_base Docker digest to 99dbf3c ( #3157 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-11 17:44:55 +02:00
Markus Rudy
fddad83eb4
helm: upgrade Cilium to v1.15.5-edg.1 ( #3149 )
2024-06-11 11:53:00 +02:00
Moritz Sanft
3efd50a518
ci: bump origin versions of upgrade tests ( #3158 )
2024-06-10 14:04:00 +02:00
renovate[bot]
85c4f9be2a
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240528 ( #3143 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-09 11:05:02 +02:00
edgelessci
0a3f77e926
image: update locked rpms ( #3156 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-09 11:03:17 +02:00
Daniel Weiße
32588339f3
cdbg: better error reporting on deploy
failure ( #3155 )
...
* Don't report `UPLOAD_FILES_START_FAILED` as unknown error
* Return error to `cdbg` if present
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-07 15:46:37 +02:00
Moritz Sanft
095a66fb83
cli: return a more helpful error message on MAA patch failure ( #3153 )
...
* cli: return a more helpful error message on maa patch failure
* Update internal/maa/patch.go
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-07 15:18:34 +02:00
Moritz Sanft
7d4e7eff65
docs: adjust MAA updating ( #3152 )
...
* docs: adjust MAA updating
* versioned-docs: backport fix
2024-06-07 13:56:10 +02:00
miampf
94cf85c65a
fix: let artifact_upload
fail if a bash command errors ( #3154 )
2024-06-07 13:37:06 +02:00
edgelessci
2c03a16a68
image: update measurements and image version ( #3151 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-07 07:59:55 +02:00
Daniel Weiße
9c2aef88ba
debugd: remove --debug
flag from bootstrapper service created by debugd ( #3150 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-06 10:25:51 +02:00
Markus Rudy
9a01551f75
ci: don't filter output of govulncheck ( #3148 )
2024-06-05 16:45:27 +02:00
Markus Rudy
2fbbf02516
bazel: use go_bin_for_host for all scripts ( #3147 )
2024-06-05 14:35:10 +02:00
Markus Rudy
68035cd90b
rfc: node access ( #3051 )
2024-06-05 14:07:15 +02:00
Daniel Weiße
d64aba7636
ci: author scheduled PRs using edgelessci account ( #3145 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 10:41:19 +02:00
Daniel Weiße
39b01f8dac
deps: bump Go version to v1.22.4 ( #3146 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 10:27:39 +02:00
Moritz Sanft
1989bce0a5
bootstrapper: disable gRPC logging ( #3134 )
...
* bootstrapper: disable gRPC logging
* bootstrapper: remove debug flag
* upgrade-agent: remove gRPC logging
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-05 09:24:08 +02:00
Moritz Sanft
1b7b80673c
image: update measurements and image version ( #3144 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-06-05 09:22:32 +02:00
Daniel Weiße
1514351571
ci: update conditions on when to auto assign reviewer ( #3141 )
...
* Use the correct value for `github.event.pull_request.requested_reviewers`
* Run the workflow on more events than just labeling a PR
* Skip workflow if there are already reviewers assigned
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 08:42:47 +02:00
Markus Rudy
5a100d1fc9
helm: use Cilium chart from fork ( #3130 )
2024-06-05 07:56:11 +02:00
renovate[bot]
66a5d6a5d3
deps: update dependency rules_proto to v6.0.0.bcr.1 ( #3138 )
...
* deps: update dependency rules_proto to v6.0.0.bcr.1
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-04 16:54:50 +02:00
Moritz Sanft
5f0ed2b865
flake: pin bazel to 7.1.2 ( #3142 )
...
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-04 16:50:52 +02:00
renovate[bot]
72555e9ba1
deps: update GitHub action dependencies ( #3140 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-04 14:50:20 +02:00
Daniel Weiße
66aa8a8d52
ci: adjust performance benchmark to run on different attestation variants ( #3129 )
...
* Create perf bench artifacts based on attestation variant, not CSP
* Enable perf bench on gcp-sev-snp, azure-tdx and AWS
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-04 13:23:07 +02:00