Commit Graph

1403 Commits

Author SHA1 Message Date
Malte Poll
26fdfa4bee Prefill PCR[11], PCR[12], PCR[13], PCR[15] 2022-10-21 11:04:25 +02:00
Malte Poll
3b6ee703f5 Move PCR indices for owner ID and cluster ID 2022-10-21 11:04:25 +02:00
Malte Poll
a901759725 docs: Updates for transition CoreOS -> mkosi / Fedora 2022-10-21 11:04:25 +02:00
Malte Poll
835f7702a4 Precalculate expected PCR[9] 2022-10-21 11:04:25 +02:00
Malte Poll
6859c6b00e Precalculate expected PCR[8] 2022-10-21 11:04:25 +02:00
Malte Poll
1e9608c796 Precalculate expected PCR[4] 2022-10-21 11:04:25 +02:00
Malte Poll
93801e1786 debugd: Allow autologin on serial console 2022-10-21 11:04:25 +02:00
Malte Poll
21617dc7db Add license identifiers to scripts 2022-10-21 11:04:25 +02:00
Malte Poll
9b57f2a91c Cilium: avoid requirements for jq on Constellation OS 2022-10-21 11:04:25 +02:00
Malte Poll
981796574c Disable access manager 2022-10-21 11:04:25 +02:00
Malte Poll
f4e69ec6ec mkosi pipeline: Collect hashes 2022-10-21 11:04:25 +02:00
Nils Hanke
714b368a62 Add gcloud setup back to GCP login action for magic authentication 2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc Create mkosi image build pipeline 2022-10-21 11:04:25 +02:00
Daniel Weiße
e5aaf0a42f Add hint about problematic iptables rules to minic11n requirements
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 09:35:39 +02:00
daniel-weisse
6cf5003321 CLI reference was updated by edgelesssys/constellation@085f7b1a 2022-10-21 08:29:24 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing (#331)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-20 15:59:17 +02:00
Daniel Weiße
085f7b1a2a Prompt user for confirmation before overwriting config
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-20 15:35:31 +02:00
Paul Meyer
2685b5be1f Let tfsec fail soft in CI
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-20 10:44:43 +02:00
renovate[bot]
8cf6189cf0
Update module github.com/fsnotify/fsnotify to v1.6.0 (#325)
* Update module github.com/fsnotify/fsnotify to v1.6.0

* [bot] Tidy all modules

* Use event.Has function

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-20 10:16:20 +02:00
Christoph Meyer
cd557e33fc AB#2493 Recreate benchmark graphs in edgeless colors 2022-10-19 18:53:43 +02:00
renovate[bot]
b0a6f0ea39 [bot] Tidy all modules 2022-10-19 13:37:16 +02:00
renovate[bot]
1d417029bf Update module github.com/google/tink/go to v1.7.0 2022-10-19 13:37:16 +02:00
Paul Meyer
a0e0091bfc
Let renovate ignore constellation module (#327)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:46:38 +02:00
renovate[bot]
38ff8b70c7
Update module github.com/spf13/cobra to v1.6.0 (#326)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:07:00 +02:00
Paul Meyer
a6b0edfcaa Tidy modules on renovate branches
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
Paul Meyer
7c13302936 Checkout branch instead of head commit
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
renovate[bot]
37a9dbfad2
Update k8s dependencies (#308)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:37:40 +02:00
renovate[bot]
6d5cb6b581
Update sigstore/cosign-installer action to v2.8.1 (#323)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 10:29:37 +02:00
renovate[bot]
f05bccb670
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.5.1 (#269)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:57:09 +02:00
renovate[bot]
3e209b9456
Update module github.com/coreos/go-systemd/v22 to v22.4.0 (#321)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:51:58 +02:00
katexochen
3375b46b77 Update release.md 2022-10-18 17:36:48 +02:00
Paul Meyer
0e79af6f14 Run tests on push to release branch
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 17:02:16 +02:00
Paul Meyer
1daa7a6b43 Group updates of Google cloud dependencies
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 16:48:42 +02:00
renovate[bot]
e8ec4ad91b
Update etcd to v3.5.5 (#295)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 16:20:31 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies (#311)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:54:53 +02:00
Otto Bittner
c6ccee1250 AB#2490: deploy KMS via Helm
* Bundle helm-install related code in speparate package
* Move cilium installation to new helm package
2022-10-18 13:33:37 +02:00
Otto Bittner
62168bbf98 AB#2490: Add KMS helm chart
* Also run helm-lint in CI now
2022-10-18 13:33:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies (#294)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:00:41 +02:00
renovate[bot]
9a1d795597
Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault (#267)
* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys to v0.8.1

* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets to v0.10.1

* Adjust Azure KMS opts struct

* Update kms readme formatting

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-18 12:08:59 +02:00
renovate[bot]
9af0640aad
Update Terraform azurerm to v3.27.0 (#301)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 11:54:29 +02:00
Paul Meyer
01df06e142
Use HTTPS for kube lb health check on Azure (#305)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 11:46:22 +02:00
renovate[bot]
c85dc674ba
Update Terraform libvirt to v0.7.0 (#304)
* Update Terraform libvirt to v0.7.0

* Use disk block

* Remove nulled disk options

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-18 11:24:43 +02:00
renovate[bot]
0c0a83550d
Update Terraform google to v4.41.0 (#302)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 08:30:24 +02:00
renovate[bot]
ecdf5d5165
Update module golang.org/x/text to v0.3.8 (#297)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 18:12:19 +02:00
Paul Meyer
a7ef79949d
Revert "Make renovate tidy all go modules" (#300)
This reverts commit a0bdf0c889.
2022-10-17 17:31:45 +02:00
renovate[bot]
7fb2639331
Update module github.com/stretchr/testify to v1.8.0 (#299)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 17:31:20 +02:00
Paul Meyer
a0bdf0c889 Make renovate tidy all go modules
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 17:10:15 +02:00
Paul Meyer
87d94c59fd Use nonroot distroless container for KMS
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 16:45:15 +02:00
Felix Schuster
c4d8fa54a6
Brush over MiniConstellation in docs and README (#285)
* Pass over mini-constellation
* Update version 2.1
* Update README
2022-10-17 16:41:56 +02:00
Paul Meyer
dd95b83e2b Group etcd dependency upgrades
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 16:05:51 +02:00