Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 08:15:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,169 Commits 131 Branches 43 Tags 105 MiB
1624af0cc7
Commit Graph

61 Commits

Author SHA1 Message Date
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps (#1345) 2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create on OpenStack (#1283) 
* image: support OpenStack image build / upload

* cli: add OpenStack terraform template

* config: add OpenStack as CSP

* versionsapi: add OpenStack as CSP

* cli: add OpenStack as provider for `config generate` and `create`

* disk-mapper: add basic support for boot on OpenStack

* debugd: add placeholder for OpenStack

* image: fix config file sourcing for image upload
 2023-02-27 18:19:52 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci (#1218) 
* add cli k8s compatibility api to ci

* extend versionsapi package

* rework cli info upload via ci

* join errors natively

* fix semver

* upload from hack file

* fix ci checks

* add distributionid

* setup go before running hack file

* setup go after repo checkout

* use logger instead of panic, invalidate cache

* use provided ctx

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

---------

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-24 12:00:04 +01:00
Paul Meyer
f580f8216a ci: add missing Go setup 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 08:50:11 -05:00
Fabian Kammel
656e109e17
fix: upload signature of measurements. (#1213) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-17 10:53:57 +01:00
Fabian Kammel
50522cb73c
expand variables (#1161) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-10 17:57:26 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation (#1152) 
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-09 13:33:17 +01:00
Fabian Kammel
48c8a66114
Minimal GitHub Action token permissions. (#1104) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-30 16:11:27 +01:00
renovate[bot]
17ff8c43d7
deps: update GitHub action dependencies (#1099) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-27 16:12:26 +01:00
renovate[bot]
6c068674af
deps: update GitHub action dependencies (#1085) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-26 15:22:33 +01:00
Malte Poll
ce17a0c9ac ci: set debug flag explicitly in os build pipeline 2023-01-25 09:58:56 +01:00
Paul Meyer
f5de2b7fc6 ci: move scheduled build into own workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-23 14:15:05 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 10:57:42 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings (#967) 
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-17 16:12:23 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc (#983) 2023-01-16 18:15:17 +01:00
Paul Meyer
3393e458e0 ci: schedule os image builds 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-16 14:55:24 +01:00
Malte Poll
938f114086
ci: implement "console" stream for OS images (#969) 
* image: add AUTOLOGIN environment variable to conditionally enable serial console login
* ci: implement "console" stream for OS images
* debugd: remove serial console login access code
 2023-01-16 12:20:01 +01:00
Malte Poll
3077dd4f27 ci: implement first half of release checklist 2023-01-12 13:24:07 +01:00
Paul Meyer
6a20d18082 ci: change gcp image and image family names 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-09 17:06:59 +01:00
renovate[bot]
f62f8e5d79
Update GitHub action dependencies (#902) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 17:35:54 +01:00
renovate[bot]
32b839e9f7
Update GitHub action dependencies (#877) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-05 16:17:51 +01:00
Paul Meyer
f9458950cb
versionsapi: change image path (#856) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 17:07:16 +01:00
Paul Meyer
3561a16819 ci: replace add-version through versionsapi cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
3u13r
473e16feb2
image: add upgrade-agent (#827) 2022-12-29 17:50:11 +01:00
Thomas Tendyck
990cae58a5 ci: don't checkout head ref for PRs from forks 2022-12-19 16:09:40 +01:00
renovate[bot]
5967b98c25
Update GitHub action dependencies (#778) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-14 14:55:14 +01:00
Malte Poll
3f6817653b Match pki set and key 2022-12-12 17:45:35 +01:00
Malte Poll
6154a5ef68 OS build pipeline: Correctly choose PKI set 2022-12-12 17:45:35 +01:00
Malte Poll
4a8ebfd921 OS images: use "ref", "stream" and "version" 
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
 2022-12-09 13:37:43 +01:00
Paul Meyer
cbd5a4a118 ci: print image version in summary 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-01 13:25:53 +01:00
Paul Meyer
8004edcc14
image: add version and debug field to lookup table (#682) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-01 11:51:33 +01:00
Malte Poll
efaa0622a8 Include image version in mkosi builds 2022-11-18 10:37:45 +01:00
Malte Poll
74aabe86fa Move PCR[8] -> PCR[12] 2022-11-18 10:37:45 +01:00
Malte Poll
239b9f6c26 Upgrade images to Fedora 37 2022-11-18 10:37:45 +01:00
renovate[bot]
f5f6be1c56
Update actions/download-artifact action to v3 (#583) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-18 08:55:56 +01:00
Malte Poll
78481b32e8
Move image artifacts "/v1/" => "/constellation/v1" (#579) 2022-11-17 16:14:38 +01:00
renovate[bot]
827b62c2be
Update GitHub action dependencies (#568) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2022-11-17 11:37:00 +01:00
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts (#560) 2022-11-16 15:45:10 +01:00
Paul Meyer
09969afd57 ci: fix workflows 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 16:38:29 +01:00
Paul Meyer
fb6f425696 ci: checkout with head ref 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 14:00:11 +01:00
renovate[bot]
1fc663efc9 Update actions/checkout action to v3 2022-11-11 14:00:11 +01:00
Paul Meyer
f6b3ef6a57 ci: login azure only if needed 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521 ci: rename actions 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:30:34 +01:00
Malte Poll
e9fecec0bc Only publish release AMIs 2022-11-09 14:29:58 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch (#479) 
* Bump version to v2.2.0

* Update changelog

* Fix release detection in pipeline

* Fix PKI selection in pipeline

* Set enforced measurements for AWS

* Update default images

* Fix release docs

* Update mini-con defaults

* Fix measurements action

* Fix syft env variable naming

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-08 18:32:59 +01:00
renovate[bot]
efa2fb2fd0
Update anchore/sbom-action action to v0.13.1 (#463) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-04 17:42:09 +01:00
Malte Poll
ed58fcccd3
CI: Add secure boot prod keys (#462) 
* Add production secure boot keys
* Refactor OS build and upload settings
 2022-11-04 16:48:52 +01:00
Malte Poll
4a7024c469
Make AMI public on creation (#426) 2022-11-03 15:22:51 +01:00
Malte Poll
2842328457
Update mkosi to version 14 (#391) 2022-11-02 10:14:42 +01:00