Daniel Weiße
19871ee422
Enable integrity protection on boot ( #300 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:35:23 +02:00
Daniel Weiße
db79784045
AB#2200 Merge Owner and Cluster ID ( #282 )
...
* Merge Owner and Cluster ID into single value
* Remove aTLS from KMS, as it is no longer used for cluster external communication
* Update verify command to use cluster-id instead of unique-id flag
* Remove owner ID from init output
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-26 10:58:39 +02:00
Malte Poll
cce2611e2a
Simplify node lock and various small changes
...
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-07-14 17:25:18 +02:00
Malte Poll
260d2571c1
Only upload kubeadm certs if key is rotated
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d
Bootstrapper
2022-07-14 17:25:18 +02:00
Daniel Weiße
24cba8d91a
Use Constellation KMS instead of deprecated vpn API for requesting keys ( #248 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-05 09:48:47 +02:00
Otto Bittner
7cada2c9e8
Add goleak to all tests ( #227 )
...
* Run goleak as part of all tests
We are already using goleak in various tests.
This commit adds a TestMain to all remaining tests
and calls goleak.VerifyTestMain in them.
* Add goleak to debugd/deploy package and fix bug.
* Run go mod tidy
* Fix integration tests
* Move goleak invocation for mount integration test
* Ignore leak in state integration tests
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-06-30 15:24:36 +02:00
Christoph Meyer
9441e46e4b
AB#2033 Remove redundant "failed" in error wrapping
...
Remove "failed" from wrapped errors
Where appropriate rephrase "unable to/could not" to "failed" in root
errors
Start error log messages with "Failed"
2022-06-22 12:02:10 +01:00
Daniel Weiße
0a24de24ee
AB#2103 Derive key from LUKS UUID instead of disk name ( #156 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-19 08:47:17 +02:00
Daniel Weiße
9c5590bbce
Add LUKS2 header size constant ( #140 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-13 09:24:54 +02:00
Daniel Weiße
437de8bcb1
Add function to retrieve real device path of mapped device
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
Daniel Weiße
6b3d45dd09
Add resize functions
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
Daniel Weiße
2b80341d99
Reorder to be more readable
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-12 13:53:39 +02:00
katexochen
d83bc8727b
Replace k8s.io/klog with k8s.io/klog/v2
2022-05-04 17:16:40 +02:00
Daniel Weiße
51d8bfddbe
Report wipe progress every 30s for non terminal logging
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-03 08:15:38 +02:00
Daniel Weiße
3bb1ec96b1
Detect integrity file system request
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-03 08:15:38 +02:00
datosh
51068abc27
Ref/want err from err expected ( #82 )
...
consistent naming for test values using 'want' instead of 'expect/ed'
2022-04-26 16:54:05 +02:00
Daniel Weiße
604ed96160
Move READMEs to their own packages
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-01 16:47:27 +02:00
Daniel Weiße
5660f813f0
Remove kekID from cryptmapper
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-25 09:38:16 +01:00
Daniel Weiße
7626765d87
Rework mount folder structure
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-25 09:38:16 +01:00
Daniel Weiße
752571bbf8
Upgrade go-cryptsetup to latest version
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-23 11:48:15 +01:00
Leonard Cohnen
2d8fcd9bf4
monorepo
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00