Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,125 Commits 133 Branches 44 Tags 106 MiB
1b7b80673c
Commit Graph

992 Commits

Author SHA1 Message Date
Moritz Sanft
1b7b80673c
image: update measurements and image version (#3144) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-06-05 09:22:32 +02:00
Markus Rudy
5a100d1fc9
helm: use Cilium chart from fork (#3130) 2024-06-05 07:56:11 +02:00
renovate[bot]
aa910cfc25
deps: update Kubernetes versions (#3102) 
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
 2024-06-03 15:08:09 +02:00
renovate[bot]
93cabbe0b2
deps: update Constellation containers to v2.17.0-pre.0.20240524110423-80917921e3d6 (#3106) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-06-03 13:13:48 +02:00
edgelessci
ce3b00668b
image: update measurements and image version (#3131) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-06-03 08:53:59 +02:00
edgelessci
79d3781f3e
image: update measurements and image version (#3128) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-29 08:18:27 +02:00
Moritz Sanft
d14ee6ba1d
helm: update AWS CSI driver chart (#3121) 2024-05-27 16:22:56 +02:00
edgelessci
be3f555573
image: update measurements and image version (#3119) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-24 08:08:42 +02:00
Malte Poll
2c8a16294e bazel: migrate rules_proto to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
d960121cba bazel: update BUILD files for rules_go bzlmod migration 2024-05-23 09:48:04 +02:00
edgelessci
4434a85a51
image: update measurements and image version (#3110) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-17 08:12:51 +02:00
Daniel Weiße
036a4f2ee1
deps: remove obsolete Go replace to upgrade go-sev-guest (#3107) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-16 15:48:44 +02:00
renovate[bot]
fe65a6da76 deps: update Constellation containers 2024-05-16 13:11:53 +02:00
Malte Poll
7eedd0e3de
cli: simplify log message on init call (#3105) 2024-05-15 16:17:12 +02:00
edgelessci
36141b149c
image: update measurements and image version (#3100) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-15 09:36:01 +02:00
Daniel Weiße
4f1768e660
cloud: hide kubernetes iptables usage behind linux build tag (#3088) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-13 13:22:22 +02:00
Malte Poll
cfaba0b1c3 misc: update golangci-lint related changes 2024-05-13 08:47:15 +02:00
edgelessci
d0bb738607
image: update measurements and image version (#3074) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-13 08:39:52 +02:00
renovate[bot]
1ead19e69a
deps: update ghcr.io/edgelesssys/cloud-provider-gcp Docker tag to v29.0.1 (#3073) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-10 09:57:07 +02:00
renovate[bot]
fffc9db2b5
deps: update Kubernetes versions (#3072) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-05-09 13:38:01 +02:00
3u13r
0325483504
helm: disable cilium ipmasq agent when in conformance mode (#3062) 2024-05-08 18:51:12 +02:00
Daniel Weiße
9def35ed06
deps: update all Go dependencies (#3071) 
* Upgrade Go dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Group Go dependency upgrades

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Remove usage of deprecated docker types

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Fix usage of invalid validation tags

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Regenerate bazel files

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Keep github.com/bazelbuild/buildtools at old version to not break other dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-08 17:31:47 +02:00
Daniel Weiße
47fbbd42a9
Fix tool not generating measurements for gcp-sev-snp (#3061) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-03 09:52:57 +02:00
edgelessci
96b71b0205
image: update measurements and image version (#3060) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-03 09:28:57 +02:00
edgelessci
3d2a023ccf
image: update measurements and image version (#3057) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-02 08:20:51 +02:00
Moritz Sanft
002c6fa5a4
snp: don't print warning if no ASK is present (#3048) 
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
 2024-04-29 14:38:34 +02:00
renovate[bot]
c1740b17d9
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240314 (#3042) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-29 11:01:21 +02:00
edgelessci
0df26c0e9b
image: update measurements and image version (#3043) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-26 08:05:44 +02:00
renovate[bot]
3ea0e3a487
deps: update K8s constrained AWS versions (#2938) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 15:49:50 +02:00
renovate[bot]
0f6491f3c7
deps: update K8s constrained Azure versions (#2941) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 15:48:46 +02:00
renovate[bot]
f00890ab1e
deps: update module k8s.io/kubernetes to v1.29.4 [SECURITY] (#3039) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 14:03:24 +02:00
edgelessci
591aba99fd
image: update measurements and image version (#3040) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-24 08:16:45 +02:00
Daniel Weiße
4635a6c8b1
attestation: dont set a default for TDX MRSEAM (#3038) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-04-22 14:07:24 +02:00
miampf
b187966581
cli: allow tagging cloud resources with custom tags (#3033) 2024-04-19 09:07:57 +00:00
edgelessci
f60c133724
image: update measurements and image version (#3034) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-19 08:30:06 +02:00
edgelessci
ea17af3dcc
image: update measurements and image version (#3030) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-17 08:18:39 +02:00
Moritz Sanft
913b09aeb8
Support SEV-SNP on GCP (#3011) 
* terraform: enable creation of SEV-SNP VMs on GCP

* variant: add SEV-SNP attestation variant

* config: add SEV-SNP config options for GCP

* measurements: add GCP SEV-SNP measurements

* gcp: separate package for SEV-ES

* attestation: add GCP SEV-SNP attestation logic

* gcp: factor out common logic

* choose: add GCP SEV-SNP

* cli: add TF variable passthrough for GCP SEV-SNP variables

* cli: support GCP SEV-SNP for `constellation verify`

* Adjust usage of GCP SEV-SNP throughout codebase

* ci: add GCP SEV-SNP

* terraform-provider: support GCP SEV-SNP

* docs: add GCP SEV-SNP reference

* linter fixes

* gcp: only run test with TPM simulator

* gcp: remove nonsense test

* Update cli/internal/cmd/verify.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update docs/docs/overview/clouds.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go

Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>

* linter fixes

* terraform_provider: correctly pass down CC technology

* config: mark attestationconfigapi as unimplemented

* gcp: fix comments and typos

* snp: use nonce and PK hash in SNP report

* snp: ensure we never use ARK supplied by Issuer (#3025)

* Make sure SNP ARK is always loaded from config, or fetched from AMD KDS
* GCP: Set validator `reportData` correctly

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* attestationconfigapi: add GCP to uploading

* snp: use correct cert

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: enable fetching of attestation config values for GCP SEV-SNP

* linter fixes

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
 2024-04-16 18:13:47 +02:00
Daniel Weiße
485ebb151e
kubecmd: retry any k8s errors in CLI and Terraform (#3028) 
* Retry any k8s errors in CLI and Terraform
* Use structured logging in `kubecmd` package

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-04-16 15:12:42 +02:00
edgelessci
41e4f144ed
image: update measurements and image version (#3023) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-12 08:24:28 +02:00
Markus Rudy
f6dfea2a79
helm: unbreak helm test after Cilium version bump (#3022) 2024-04-11 09:38:15 +02:00
Markus Rudy
550798279a
Merge pull request from GHSA-g8fc-vrcg-8vjg 
* helm: firewall pods

* helm: bump cilium chart version

---------

Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-10 13:48:32 +02:00
edgelessci
7bdd4c2449
image: update measurements and image version (#3019) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-10 08:25:16 +02:00
edgelessci
249148abe2
image: update measurements and image version (#3013) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-05 15:23:44 +02:00
miampf
840f460bac
logging: unify debug log message format (#2997) 2024-04-03 13:49:03 +00:00
edgelessci
638a94c7c6
image: update measurements and image version (#3008) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-03 08:28:45 +02:00
edgelessci
d6ac1967c5
image: update measurements and image version (#3004) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-02 08:44:25 +02:00
edgelessci
367b278002
image: update measurements and image version (#3000) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-25 08:19:58 +01:00
edgelessci
89f311dac1
image: update measurements and image version (#2996) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-20 08:35:26 +01:00
edgelessci
e0bbb447a9
image: update measurements and image version (#2987) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-15 07:54:20 +01:00
Markus Rudy
54af083da3
helm: retry uninstall manually if atomic install failed (#2984) 2024-03-14 10:52:11 +01:00