constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 00:06:21 +00:00

Author	SHA1	Message	Date
edgelessci	cbf744a095	image: update measurements and image version (#2795 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2024-01-05 09:27:11 +01:00
edgelessci	3d8e548dcd	image: update measurements and image version (#2789 ) Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2024-01-03 13:08:45 +01:00
Adrian Stobbe	436e7c6d3b	terraform-provider: validate image and microservice version (#2766 )	2023-12-22 10:24:13 +01:00
Adrian Stobbe	9667dfff58	terraform: align infrastructure module attributes (#2703 ) * all vars have snail_case * make iam schema consistent * infrastructure schema * terraform: update AWS infrastructure module * fix ci * terraform: update AWS infrastructure module * terraform: update AWS IAM module * terraform: update Azure Infrastructure module inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update Azure IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update OpenStack Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update QEMU Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-module: fix input name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: tidy * cli: ignore whitespace in Terraform variable tests * terraform-module: fix AWS output names * terraform-module: fix output references Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: rename `api_server_cert_sans` * Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * fix self-managed * terraform: revert AWS modules output file renaming * terraform: remove duplicate varable declaration * terraform: rename Azure location field * ci: adjust output name in self-managed e2e test * e2e: continuously print output in upgrade test * e2e: write to output variables * cli: migrate IAM variable names * cli: make `location` field optional --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>	2023-12-15 10:36:58 +01:00
edgelessci	6f6f28b8cc	image: update measurements and image version (#2722 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-12-15 08:18:25 +01:00
edgelessci	2c50abcc91	image: update measurements and image version (#2720 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2023-12-14 19:35:40 +01:00
edgelessci	8d8853ef31	image: update measurements and image version (#2711 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-12-13 09:23:38 +01:00
Moritz Sanft	6ff321364d	terraform: fix Azure marketplace image defaults (#2692 ) * config: default to false instead of null for Azure marketplace image Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: make Azure marketplace image default to null Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-12-11 08:15:47 +01:00
Moritz Sanft	c15e4efef6	terraform: Azure Marketplace image support (#2651 ) * terraform: add Azure marketplace variable Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * config: add Azure marketplace variable Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * cli: use Terraform variables from config Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: pass down marketplace variable * image: pad Azure images to 1GiB * terraform: add version attribute to marketplace image * semver: allow versions to be exported without prefix * cli: boolean var to use marketplace images * config: remove dive key * dev-docs: add instructions on how to use marketplace images * terraform: fix unit test * terraform: only fetch image for non-marketplace images * mpimage: refactor image selection Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] increase minor version for image build Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: ignore changes to source_image_reference on upgrade * operator: add support for parsing Azure marketplace images Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * upgrade: fix imagefetcher call * docs: add info about azure marketplace * image: ensure more than 1GiB in size * image: test to pad to 2GiB * version: change back to v2.14.0-pre * image: GPT-conformant image size padding * [remove] increase version * mpimage: inline prefix func Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * ci: add marketplace image e2e test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] register workflow * ci: fix workflow name * ci: only allow azure test * cli: add marketplace image input to interface * cli: fix argument passing * version: roll back to v2.14.0 * ci: add force-flag support * Update docs/docs/overview/license.md * Update dev-docs/workflows/marketplace-images.md Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-12-08 14:40:31 +01:00
edgelessci	b92635a0f0	image: update measurements and image version (#2687 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-12-08 11:22:48 +01:00
edgelessci	ac056ae010	image: update measurements and image version (#2681 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-12-07 09:10:28 +01:00
edgelessci	c1bc7840bf	image: update measurements and image version (#2671 ) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>	2023-12-01 16:14:27 +01:00
3u13r	63cdd03d09	Make Kubernetes serviceCIDR configurable in config (#2660 ) * config: pass serviceCIDR to kubeadm init * terraform: add serviceCIDR	2023-12-01 14:39:05 +01:00
edgelessci	8532d1ff02	image: update measurements and image version (#2668 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-12-01 09:36:26 +01:00
katexochen	e06848c68a	image: update measurements and image version	2023-11-29 08:45:52 +01:00
Thomas Tendyck	960118dc00	config: remove AWS SNP warning	2023-11-28 14:26:40 +01:00
derpsteb	bff65d563b	image: update measurements and image version	2023-11-27 10:57:21 +01:00
Otto Bittner	257eb5370f	config: only fetch TCB values from api if wanted If no TCB value is set to `latest`, the fetcher is now no longer called.	2023-11-24 15:49:48 +01:00
Otto Bittner	4813fcfdb6	config: fetch latest AWS TCB values	2023-11-24 15:49:48 +01:00
Otto Bittner	350397923f	api: refactor attestationconfigapi client/fetcher There is now one SEVSNPVersions type that has a variant property. That property is used to build the correct JSON path. The surrounding methods handling the version objects are also updated to receive a variant argument and work for multiple variants. This simplifies adding AWS support.	2023-11-24 15:49:48 +01:00
Otto Bittner	84d8bd8110	verify: query vlek ASK from KDS if not set The user can choose to supply an intermediate certificate through the config, like they can for the root key. If none is supplied, the KDS is queried for a valid ASK.	2023-11-24 15:49:48 +01:00
Otto Bittner	07eed0e319	attestation: use SNP-based attestation for AWS SNP	2023-11-24 15:49:48 +01:00
katexochen	949186e5d7	image: update measurements and image version	2023-11-24 12:06:03 +01:00
Adrian Stobbe	9af514d08e	fix panic in status cmd (#2625 )	2023-11-22 08:31:37 +01:00
edgelessci	e51513985a	image: update measurements and image version (#2612 ) Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>	2023-11-17 12:49:54 +01:00
3u13r	183ce7a45a	image: update measurements and image version	2023-11-16 13:50:40 +01:00
katexochen	648eebab24	image: update measurements and image version	2023-11-15 11:10:40 +01:00
edgelessci	246b9ce069	image: update measurements and image version (#2594 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2023-11-13 21:10:15 +01:00
edgelessci	e918a7af90	image: update measurements and image version (#2571 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-11-13 06:54:09 +01:00
katexochen	45df17d527	image: update measurements and image version	2023-11-08 11:40:07 +01:00
Adrian Stobbe	eaec73cca4	cli: fix invalid upper case name on AWS (#2546 )	2023-11-03 10:09:43 +01:00
katexochen	d67f1a035f	image: update measurements and image version	2023-11-03 09:04:06 +01:00
katexochen	33ff6eb5ae	image: update measurements and image version	2023-11-02 13:28:49 +01:00
katexochen	238a3c222b	image: update measurements and image version	2023-10-30 11:23:12 +01:00
katexochen	5eb6cc6d08	image: update measurements and image version	2023-10-25 10:54:56 +02:00
Daniel Weiße	671cf36f0a	cli: common backend for `init` and `upgrade apply` commands (#2449 ) * Use common 'apply' backend for init and upgrades * Move unit tests to new apply backend * Only perform Terraform migrations if state exists in cwd (#2457) * Rework skipPhases logic --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-10-24 15:39:18 +02:00
edgelessci	5cd70ac58a	image: update measurements and image version (#2482 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-10-20 08:10:51 +02:00
edgelessci	43ee0791c6	image: update measurements and image version (#2477 ) Co-authored-by: 3u13r <3u13r@users.noreply.github.com>	2023-10-19 14:50:52 +02:00
3u13r	0c89f57ac5	Support internal load balancers (#2388 ) * arch: support internal lb on Azure * arch: support internal lb on GCP * helm: remove lb svc from verify deployment * arch: support internal lb on AWS * terraform: add jump hosts for internal lb * cli: expose internalLoadBalancer in config * ci: add e2e-manual-internal * add in-cluster endpoint to terraform output	2023-10-17 15:46:15 +02:00
edgelessci	e231a24916	image: update measurements and image version (#2428 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-10-11 10:33:54 +02:00
katexochen	957f8ad203	image: update measurements and image version	2023-10-06 08:09:28 +02:00
edgelessci	7e899d09c4	image: update measurements and image version (#2405 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2023-10-04 14:24:57 +02:00
Moritz Sanft	a5021c52d3	joinservice: cache certificates for Azure SEV-SNP attestation (#2336 ) * add ASK caching in joinservice Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use cached ASK in Azure SEV-SNP attestation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update test charts Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix linter Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix typ Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * make caching mechanism less provider-specific Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update buildfiles Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add `omitempty` flag Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * frontload certificate getter Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * rename frontloaded function Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * pass cached certificates to constructor Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix race condition Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix marshalling of empty certs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix validator usage Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [wip] add certcache tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add certcache tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix validator test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unused fields in validator Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix certificate precedence Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use separate context Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * linter fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * linter fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * Remove unnecessary comment Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * use background context Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * Use error format directive Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * `azure` -> `Azure` Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * improve error messages Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add x509 -> PEM util function Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use crypto util functions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix certificate replacement logic Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only require ASK from certcache Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix comment typo Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-09-29 14:29:50 +02:00
edgelessci	f543922944	image: update measurements and image version (#2383 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-09-27 08:28:32 +02:00
Adrian Stobbe	118f789c2f	cli: fix Azure SEV-SNP latest version logic (#2343 )	2023-09-25 11:53:02 +02:00
edgelessci	df77696620	image: update measurements and image version (#2351 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-09-25 10:18:55 +02:00
katexochen	f3f4944239	image: update measurements and image version	2023-09-20 10:52:13 +02:00
Adrian Stobbe	22c2a73ae2	cli: store kubernetes version as strong type in config (#2287 ) Co-authored-by: Otto Bittner <cobittner@posteo.net> Co-authored-by: 3u13r <lc@edgeless.systems>	2023-09-19 13:50:00 +02:00
katexochen	83cfc86df1	image: update measurements and image version	2023-09-15 08:37:08 +02:00
katexochen	9c54ff06e0	image: update measurements and image version	2023-09-14 10:16:45 +02:00
edgelessci	4813296062	image: update measurements and image version (#2320 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-09-09 15:19:24 +02:00
3u13r	a25c90e9bb	remove deprecated `constellation create` flags (#2325 ) * chore: clean-up TODOs * cli: make OpenStack error explicit * cli: remove deprecated flags * config: require DeployCSIDriver field	2023-09-08 21:15:02 +02:00
edgelessci	4b48b5fdef	image: update measurements and image version (#2309 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-09-06 08:40:59 +02:00
edgelessci	463833433c	image: update measurements and image version (#2295 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-09-01 08:19:37 +02:00
edgelessci	eed2be0aa3	image: update measurements and image version (#2294 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-30 14:03:35 +02:00
edgelessci	0f4bd8296b	image: update measurements and image version (#2284 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-25 08:45:50 +02:00
edgelessci	3d5d291891	image: update measurements and image version (#2274 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-23 09:38:12 +02:00
3u13r	8325f99b09	deps: support Kubernetes 1.28 (#2242 )	2023-08-18 11:13:24 +02:00
edgelessci	04ece90172	image: update measurements and image version (#2247 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2023-08-17 08:17:28 +02:00
edgelessci	f270e91724	image: update measurements and image version (#2238 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-16 09:41:01 +02:00
edgelessci	aa787a3ea6	image: update measurements and image version (#2206 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-11 11:19:57 +02:00
Daniel Weiße	c9cae643e2	internal: fix unmarshalling attestation version numbers from JSON (#2187 ) * Fix unmarshalling attestation version numbers from JSON * Add unit test for UnmarshalJSON --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-09 15:11:14 +02:00
Adrian Stobbe	d8db9d0add	strict input validation on attestation version numbers (#2180 )	2023-08-09 11:41:04 +02:00
edgelessci	81a13319b7	image: update measurements and image version (#2183 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-09 10:14:39 +02:00
3u13r	4564017b13	config: fix aws instance type validation (#2171 )	2023-08-04 18:16:49 +02:00
Malte Poll	15bb9588d7	cli: update config migration to migrate v3 -> v4 (#2166 )	2023-08-04 15:57:36 +02:00
Malte Poll	7bfcb0bd5d	cli: remove old config migration from v2 to v3	2023-08-04 12:36:45 +02:00
Malte Poll	c0177c565f	config: update tests	2023-08-04 12:36:45 +02:00
Malte Poll	b61deb6a03	config: update validation to work with nodeGroups	2023-08-04 12:36:45 +02:00
Malte Poll	2246c31b7b	config: define lists of valid disk types	2023-08-04 12:36:45 +02:00
Malte Poll	15bb3b31fd	config: add nodeGroups	2023-08-04 12:36:45 +02:00
edgelessci	75c49b6515	image: update measurements and image version (#2163 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-04 09:58:31 +02:00
edgelessci	d71422667e	image: update measurements and image version (#2157 ) Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>	2023-08-04 08:35:19 +02:00
Daniel Weiße	86c5fb5fab	config: reorder values (#2154 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-02 16:01:10 +02:00
edgelessci	da1376cd90	image: update measurements and image version (#2151 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-08-02 10:13:56 +02:00
Otto Bittner	dac690656e	api: add functions to transparently handle signatures upon API interaction (#2142 )	2023-08-01 16:48:13 +02:00
Otto Bittner	1d5a8283e0	cli: use Semver type to represent microservice versions (#2125 ) Previously we used strings to pass microservice versions. This invited bugs due to missing input validation.	2023-07-25 14:20:25 +02:00
Malte Poll	8da6a23aa5	bootstrapper: add fallback endpoint and custom endpoint to SAN field (#2108 ) terraform: collect apiserver cert SANs and support custom endpoint constants: add new constants for cluster configuration and custom endpoint cloud: support apiserver cert sans and prepare for endpoint migration on AWS config: add customEndpoint field bootstrapper: use per-CSP apiserver cert SANs cli: route customEndpoint to terraform and add migration for apiserver cert SANs bootstrapper: change interface of GetLoadBalancerEndpoint to return host and port separately	2023-07-21 16:43:51 +02:00
edgelessci	3324a4eba2	image: update measurements and image version (#2124 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-07-21 16:20:41 +02:00
edgelessci	2660c1aa87	image: update measurements and image version (#2116 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-07-19 08:35:56 +02:00
Otto Bittner	ff4b5db74c	config: make deployCSIDriver backwards compatible (#2088 ) We added the field in 2.9 but can only require it in 2.10.	2023-07-12 15:08:37 +02:00
Adrian Stobbe	7e83991154	feat: `status` shows attestation config (#2056 ) * init * update doc * fix tests * unmarshal typed attestation config for consistent yaml formatting * fix comments * marshal numerical attestation values in join-config * GetAttestationConfig marshals numerical value	2023-07-07 17:02:01 +02:00
edgelessci	b71d5cdc17	image: update measurements and image version (#2054 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-07-07 08:13:54 +02:00
Thomas Tendyck	274fed0990	cli: fix/improve some user-facing strings	2023-07-06 09:05:17 +02:00
edgelessci	37288deacf	image: update measurements and image version (#2019 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-07-05 08:32:25 +02:00
Adrian Stobbe	e72ec60d13	config: iam create aws check zone contains availability zone (#1913 ) * init * make zone flag mandatory again * add info about zone update + refactor * add comment in docs about zone update * Update cli/internal/cmd/iamcreate_test.go Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * thomas feedback * add format check to config validation * remove TODO * Update docs/docs/workflows/config.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * thomas nit --------- Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-07-04 13:55:52 +02:00
Daniel Weiße	d95ddd01d3	helm: fix upgrade command unintentionally skipping all service upgrades (#1992 ) * Fix usage of errors.As in upgrade command implementation * Use struct pointers when working with custom errors --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-06-30 16:46:05 +02:00
edgelessci	05c43137e4	image: update measurements and image version (#1988 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-06-30 08:48:38 +02:00
Moritz Sanft	7ad284d672	cli: deploy aws csi driver per default (#1981 ) * add aws csi driver helm chart * update chart * add CSI driver to Constellation default deployment * generate config doc * update buildfiles * use upstream chart * update buildfile * set `DeployCSIDriver` in default config * fix helm test * whitespace	2023-06-30 08:46:32 +02:00
Adrian Stobbe	161bb37cba	config: improve usage and meaning of validate (#1975 ) * discuss miniup config.Default() usage + discourage usage for Default() in comment * Update internal/config/config_test.go Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * add enterprise version check for config.Default * split config comment lines * daniel feedback * featureset.CanUseEmbeddedMeasurmentsAndImage --------- Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>	2023-06-28 10:28:48 +02:00
Otto Bittner	0a36ce6171	config: validate instance type for aws SNP based on attestation variant (#1963 ) * config: validate instance type for aws SNP * apply suggestions	2023-06-26 17:05:12 +02:00
Daniel Weiße	e139eff552	fix: small formating/spelling issues (#1965 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-06-26 08:34:37 +02:00
Otto Bittner	3a7bb52560	attestation: docs and config changes for SNP attestation (#1959 ) * docs: describe SEV-SNP support on AWS * config: remove launchMeasurement awsSEVSNP attestation config should not have this value. It doesn't have a function yet.	2023-06-23 15:38:24 +02:00
Otto Bittner	7388240943	Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916 )" (#1957 ) This reverts commit `c7d12055d1`.	2023-06-22 17:08:44 +02:00
Otto Bittner	c7d12055d1	attestation: add SNP-based attestation for aws-sev-snp (#1916 ) * config: move AMD root key to global constant * attestation: add SNP based attestation for aws * Always enable SNP, regardless of attestation type. * Make AWSNitroTPM default again There exists a bug in AWS SNP implementation where sometimes a host might not be able to produce valid SNP reports. Since we have to wait for AWS to fix this we are merging SNP attestation as opt-in feature.	2023-06-21 14:19:55 +02:00
Adrian Stobbe	be4a636361	cli: improve user warning / information (#1933 ) * print success * warn when debug img but !debugCluster * malte feedback * rename to IsNamedLikeDebugImage	2023-06-19 16:51:39 +02:00
edgelessci	a717cefc26	image: update measurements and image version (#1939 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-06-16 08:27:45 +02:00
Adrian Stobbe	07de6482b2	config: drop support for deprecated Azure's service principal authentication (#1906 ) * invalidate app client id field for azure and provide info * remove TestNewWithDefaultOptions case * fix test * remove appClientID field * remove client secret + rename err * remove from docs * otto feedback * update docs * delete env test in cfg since no envs set anymore * Update dev-docs/workflows/github-actions.md Co-authored-by: Otto Bittner <cobittner@posteo.net> * WARNING to stderr * fix check --------- Co-authored-by: Otto Bittner <cobittner@posteo.net>	2023-06-14 17:50:57 +02:00
Adrian Stobbe	c5f75513b1	fix: Azure SEV-SNP version always gets overwritten by latest API versions (#1930 ) * fix that manual version gets overwritten by latest * put azure in seperate config file * otto feedback	2023-06-14 14:17:52 +02:00
edgelessci	8910e9bac4	image: update measurements and image version (#1927 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-06-14 08:31:30 +02:00

1 2 3 4 5 ...

350 Commits