Commit Graph

536 Commits

Author SHA1 Message Date
Malte Poll
546e53f3df [node operator] NodeImage API gen
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-09 10:29:04 +02:00
Malte Poll
9feb0fb801 [node operator] update Makefile for kubebuilder 3.5.0
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-09 10:29:04 +02:00
Malte Poll
8ec23bf538 [node operator] Initial commit
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-09 10:29:04 +02:00
Daniel Weiße
60d5578475 AB#2215 Perform sanity check on GCP projectID (#349)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-09 10:26:29 +02:00
Otto Bittner
1b9600c307 AB#2266: Test all supported version with e2e-tests
* e2e-test workflows execute two hours earlier.
* Run quick-mode e2e tests for the two older versions we support.
This triggers every night, together with the existing e2e tests.
Idea here is that we know that a cluster can be setup and initialized.
* Run full e2e tests for the two older versions each sunday.
* Do not abort manual e2e runs. This allows for parallel runs.
* Run unprivileged container
2022-08-09 10:02:15 +02:00
Daniel Weiße
c52bfc79d3 Set default values for e2e-pipeline (#351)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Co-authored-by: Fabian Kammel <fabian@kammel.dev>
2022-08-09 08:20:23 +02:00
Fabian Kammel
503945f8cf Export and import of Azure VM images (#341)
* Improve performance of file size
* script for importing image to azure
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-08-08 16:19:34 +02:00
dependabot[bot]
2e71e6c740 Bump docker/build-push-action from 3.1.0 to 3.1.1 (#348)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1cb9d22b93...c84f382811)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 15:39:00 +02:00
Daniel Weiße
ab536ae3c8 AB#2278 Remove hardcoded values from config (#346)
* Update file handler to avoid incorrect usage of file.Option

* Remove hardcoded values

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-08 11:04:17 +02:00
Otto Bittner
129caae0e4 AB#2258: Fix flacky retry_test.go
Co-authored-by: <mp@edgeless.systems>
Co-authored-by: <pm@edgeless.systems>
2022-08-05 18:58:47 +02:00
Otto Bittner
6ef0f5d06b Remove "debug" from gcp image name.
Debug already is part of the family name.
2022-08-05 15:50:26 +02:00
Malte Poll
bf5816cc00 linter cleanup (#344)
* go fmt
* static check
2022-08-05 15:30:23 +02:00
Malte Poll
32a990b4f2 Update README 2022-08-05 12:37:22 +02:00
Malte Poll
58dbbdc072 Update HACKING.md 2022-08-05 12:37:22 +02:00
Malte Poll
9e057f5a7f Apply suggestions from code review
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-08-05 12:37:22 +02:00
Malte Poll
3b0b3f0335 Use local CoreOS assembler image instead of ghcr 2022-08-05 12:37:22 +02:00
Malte Poll
cba89c687d Add patches and Makefile for modified CoreOS assembler 2022-08-05 12:37:22 +02:00
Malte Poll
eab33817fd Update debugd README (#340)
* Update debugd README
* Add command to list available releases

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-08-05 12:28:57 +02:00
Daniel Weiße
8895693ae2 AB#2251 Parallel Azure scale set creation (#318)
* Parallel Azure scale set creation

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-05 10:35:38 +02:00
Malte Poll
f5fe4fe885 Replace armnetworks module until https://github.com/Azure/azure-sdk-for-go/issues/18704 is fixed 2022-08-05 10:35:38 +02:00
Malte Poll
081dfb5037 Upgrade Azure SDK
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-05 10:35:38 +02:00
dependabot[bot]
9741c0e6b1 Bump docker/build-push-action from 2.10.0 to 3.1.0 (#338)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ac9327eae2...1cb9d22b93)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:53:01 +02:00
dependabot[bot]
68cea57880 Bump docker/metadata-action from 3.8.0 to 4.0.1 (#337)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](b2391d37b4...69f6fc9d46)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:52:51 +02:00
Daniel Weiße
4151d365fb AB#2286 Return only primary IPs for instance metadata operations (#335)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-04 11:08:20 +02:00
Daniel Weiße
5c00dafe9b Fix CoreOS pipeline (#336)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-04 09:24:21 +02:00
Daniel Weiße
5da92d9d8b AB#2249 Rework image build pipeline (#326)
* Rework image build pipeline

* Dont cancel workflow runs on main

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-03 16:01:36 +02:00
Malte Poll
d3435b06a2 AB#2283 Build CCM GCP from github actions in constellation repo (#334)
* Build CCM GCP from github actions in constellation repo
* Deploy correct version of GCP CCM
2022-08-03 11:46:11 +02:00
Otto Bittner
70336e4c9b AB#2289: Release v1.4.0 2022-08-03 08:06:05 +02:00
Otto Bittner
a13d1d8bd8 Bump coreos-img version 2022-08-03 08:06:05 +02:00
Otto Bittner
ba9555033d Bump service-image versions to v1.4.0 2022-08-03 08:06:05 +02:00
Fabian Kammel
985585f578 fix linter issues (#329)
* fix linter issues
* replace fmt with logger
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-08-02 16:25:47 +02:00
Otto Bittner
1859dc1718 AB#2288: Fix/kernel panic (#328)
* More debug info & don't use guestfish
* Sync image runner script with deployed code
* Add missing = for --wait in sonobuoy action

Co-authored-by: <mp@edgeless.systems>
2022-08-02 15:34:17 +02:00
Daniel Weiße
19871ee422 Enable integrity protection on boot (#300)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:35:23 +02:00
Daniel Weiße
aa7fcce8af Add configurable node disk type (#317)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:24:55 +02:00
Malte Poll
6a84bb5b4b go pseudo version hack script: update main
- use correct default major version
- Warn (but do not fail) if no version tag exists yet.
2022-08-02 11:02:48 +02:00
Malte Poll
f9dc21685f go pseudo version hack script: use correct commit hash length 2022-08-02 11:02:48 +02:00
Fabian Kammel
a705fabf43 wait at most 5 hours (#322) 2022-08-01 21:44:12 +02:00
Fabian Kammel
ffc3097c10 [RFC] Secure Software Distribution (#234)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2022-08-01 16:52:32 +02:00
Fabian Kammel
19b731b5f7 Add node name to early boot logging (#323)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-01 12:32:28 +02:00
Fabian Kammel
050e8fdc4a AB#2159 Feat/cli/fetch measurements (#301)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-01 09:37:05 +02:00
Daniel Weiße
7baf98f014 Add test vectors for key derivation functions (#320)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-01 09:11:13 +02:00
Fabian Kammel
87083ca624 Awesome README.md badges (#316)
awesome readme badges
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-29 16:37:35 +02:00
Daniel Weiße
e0ae4e1fe6 Bump kms, joinservice, and verification service image to latest (#319)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-29 10:42:23 +02:00
Daniel Weiße
9a3bd38912 Generate random salt for key derivation on init (#309)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-29 09:52:47 +02:00
3u13r
e0ce2e8a51 add namespace to kubectl requests (#315)
* add namespace to kubectl requests

* Add tests for missing/wrong namespace

Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-07-28 16:07:29 +02:00
katexochen
c37fab0a4c Add cdbg warning for non-debug image 2022-07-28 13:11:55 +02:00
Otto Bittner
5d87b48769 Bump image version 2022-07-28 09:57:11 +02:00
Otto Bittner
5a2809aca2 Disable automatic image builds (#310)
We only need new images for bootstrapper changes
for each release. Between releases we can use debug images.
For releases we have to build images manually anyway.
Therefore, let's not build these images unnecessarily.
2022-07-28 09:56:49 +02:00
Daniel Weiße
a3a85b31cf Remove mentions of unique ID (#311)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-27 16:10:50 +02:00
katexochen
ed5f64dc0a Fix stateservice test and increase speed 2022-07-27 15:07:53 +02:00