Commit Graph

22 Commits

Author SHA1 Message Date
Daniel Weiße
19871ee422 Enable integrity protection on boot (#300)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:35:23 +02:00
Daniel Weiße
db79784045 AB#2200 Merge Owner and Cluster ID (#282)
* Merge Owner and Cluster ID into single value

* Remove aTLS from KMS, as it is no longer used for cluster external communication

* Update verify command to use cluster-id instead of unique-id flag

* Remove owner ID from init output

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-26 10:58:39 +02:00
Malte Poll
cce2611e2a Simplify node lock and various small changes
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-07-14 17:25:18 +02:00
Malte Poll
260d2571c1 Only upload kubeadm certs if key is rotated
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d Bootstrapper 2022-07-14 17:25:18 +02:00
Daniel Weiße
24cba8d91a Use Constellation KMS instead of deprecated vpn API for requesting keys (#248)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-05 09:48:47 +02:00
Otto Bittner
7cada2c9e8 Add goleak to all tests (#227)
* Run goleak as part of all tests
We are already using goleak in various tests.
This commit adds a TestMain to all remaining tests
and calls goleak.VerifyTestMain in them.
* Add goleak to debugd/deploy package and fix bug.
* Run go mod tidy
* Fix integration tests
* Move goleak invocation for mount integration test
* Ignore leak in state integration tests

Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-06-30 15:24:36 +02:00
Christoph Meyer
9441e46e4b AB#2033 Remove redundant "failed" in error wrapping
Remove "failed" from wrapped errors
Where appropriate rephrase "unable to/could not" to "failed" in root
errors
Start error log messages with "Failed"
2022-06-22 12:02:10 +01:00
Daniel Weiße
0a24de24ee AB#2103 Derive key from LUKS UUID instead of disk name (#156)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-19 08:47:17 +02:00
Daniel Weiße
9c5590bbce Add LUKS2 header size constant (#140)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-13 09:24:54 +02:00
Daniel Weiße
437de8bcb1 Add function to retrieve real device path of mapped device
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
Daniel Weiße
6b3d45dd09 Add resize functions
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
Daniel Weiße
2b80341d99 Reorder to be more readable
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
katexochen
d83bc8727b Replace k8s.io/klog with k8s.io/klog/v2 2022-05-04 17:16:40 +02:00
Daniel Weiße
51d8bfddbe Report wipe progress every 30s for non terminal logging
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-03 08:15:38 +02:00
Daniel Weiße
3bb1ec96b1 Detect integrity file system request
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-03 08:15:38 +02:00
datosh
51068abc27 Ref/want err from err expected (#82)
consistent naming for test values using 'want' instead of 'expect/ed'
2022-04-26 16:54:05 +02:00
Daniel Weiße
604ed96160 Move READMEs to their own packages
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-01 16:47:27 +02:00
Daniel Weiße
5660f813f0 Remove kekID from cryptmapper
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-25 09:38:16 +01:00
Daniel Weiße
7626765d87 Rework mount folder structure
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-25 09:38:16 +01:00
Daniel Weiße
752571bbf8 Upgrade go-cryptsetup to latest version
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-23 11:48:15 +01:00
Leonard Cohnen
2d8fcd9bf4 monorepo
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00