renovate[bot]
acf0e27b49
deps: update module golang.org/x/crypto to v0.6.0 ( #1166 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 18:12:20 +01:00
Fabian Kammel
50522cb73c
expand variables ( #1161 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-10 17:57:26 +01:00
Paul Meyer
278031b066
ci: fix workdir of apko base image build
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 11:24:17 -05:00
renovate[bot]
f60f967bd8
deps: update Constellation containers to v2.6.0-pre.0.20230210122722-c29107f5be7b ( #1126 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 16:06:46 +01:00
stdoutput
e46f4280e7
update default k8s version in manual e2e test
2023-02-10 15:13:34 +01:00
Otto Bittner
a7ea85c738
ci: update k8s versions in e2e tests
...
The accepted format has been changed for upgrade support.
2023-02-10 15:13:34 +01:00
Daniel Weiße
90ce320bf5
cli: add option to automatically merge kubeconfig file on init ( #1136 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-10 14:59:44 +01:00
Otto Bittner
091f6fd13a
bootstrapper: fix loglevel in helm install retry
...
One needs to set a different log verbosity to see logs logged with
Debugf.
2023-02-10 13:49:41 +01:00
Daniel Weiße
c29107f5be
init: create kubeconfig file with unique user/cluster name ( #1133 )
...
* Generate kubeconfig with unique name
* Move create name flag to config
* Add name validation to config
* Move name flag in e2e tests to config generation
* Remove name flag from create
* Update ascii cinema flow
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-10 13:27:22 +01:00
Otto Bittner
fd860ddb91
config: fix incorrect kubernetes version validation ( #1155 )
...
Fix incorrect string comparison by replacing it with
call to semver.Compare.
Also add handling to check for missing v prefix.
2023-02-09 17:38:02 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation ( #1152 )
...
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-09 13:33:17 +01:00
Moritz Sanft
e01ddc08c2
cli: add debug logging to iam create command ( #1127 )
...
* AB#2787 add debug logging to iam create command
* AB#2787 add test logger
* AB#2787 reword log
* separate debug output with empty line
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-02-09 10:37:22 +01:00
Otto Bittner
8b7979c500
bootstrapper: retry helm chart installation ( #1151 )
...
Motivation for this change are intermittent
timeout errors while installing cert-manager.
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-09 09:05:43 +01:00
Otto Bittner
c275464634
cli: change upgrade-plan to upgrade-check
...
Upgrade check is used to find updates for the current cluster.
Optionally the found upgrades can be persisted to the config
for consumption by the upgrade-execute cmd.
The old `upgrade execute` in this commit does not work with
the new `upgrade plan`.
The current versions are read from the cluster.
Supported versions are read from the cli and the versionsapi.
Adds a new config field MicroserviceVersion that will be used
by `upgrade execute` to update the service versions.
The field is optional until 2.7
A deprecation warning for the upgrade key is printed during
config validation.
Kubernetes versions now specify the patch version to make it
explicit for users if an upgrade changes the k8s version.
2023-02-08 12:30:01 +01:00
Otto Bittner
f204c24174
cli: add version validation and force flag
...
Version validation checks that the configured versions
are not more than one minor version below the CLI's version.
The validation can be disabled using --force.
This is necessary for now during development as the CLI
does not have a prerelease version, as our images do.
2023-02-08 12:30:01 +01:00
Daniel Weiße
3a7b829107
internal: use go-kms-wrapping for KMS backends ( #1012 )
...
* Replace external KMS backend logic for AWS, Azure, and GCP with go-kms-wrapping
* Move kms client setup config into its own package for easier parsing
* Update kms integration flag naming
* Error if nil storage is passed to external KMS
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-08 12:03:54 +01:00
Daniel Weiße
68ce23b909
Enable cryptsetup read/write workqueue bypass ( #1150 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-08 12:01:14 +01:00
edgelessci
821f87b7be
deps: update apk package hashes ( #1153 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-08 05:03:02 -05:00
renovate[bot]
62f213ef09
deps: update dependency io_bazel_rules_go to v0.38.1 ( #1147 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-06 13:18:25 +01:00
Nils Hanke
0331e2dc78
cli: enable jumbo frames for GCP VPCs
2023-02-06 11:07:45 +01:00
renovate[bot]
a3f8bb30ac
deps: update golang Docker tag to v1.20.0 ( #1145 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:08:03 +01:00
renovate[bot]
ab4df370b6
deps: update ubuntu:22.04 Docker digest to c985bc3 ( #1142 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:07:34 +01:00
renovate[bot]
d753c4bb60
deps: update ubuntu:20.04 Docker digest to 4a45212 ( #1141 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:07:08 +01:00
renovate[bot]
a561d3c08f
deps: update gcr.io/distroless/static:nonroot Docker digest to 6b01107 ( #1140 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:06:47 +01:00
renovate[bot]
d5f466041a
deps: update gcr.io/distroless/static Docker digest to 390b7a3 ( #1139 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:06:21 +01:00
Paul Meyer
60254f21f4
ci: fix location of cli docgen output ( #1138 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:00:16 +01:00
Daniel Weiße
f74f589605
ci: add containerized libvirt build workflow ( #1130 )
...
* Add libvirt container build workflow
* Update release workflow
* Update image libvirt base image
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-02 14:40:05 +01:00
Fabian Kammel
64c4b1f766
allow workflow to create pr ( #1132 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-01 16:54:12 +01:00
renovate[bot]
b3495685fb
deps: update AWS SDK ( #1100 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-01 14:02:58 +01:00
Malte Poll
0b32f7abb4
build: specify C toolchains correctly ( #1128 )
2023-02-01 12:48:19 +01:00
Moritz Sanft
6166b52f5d
cli: refactor iam create command ( #1034 )
...
* AB#2788 refactor iam create
* AB#2788 go mod tidy
* AB#2788 encode b64 at runtime
* AB#2788 rename receiver
2023-02-01 11:32:01 +01:00
renovate[bot]
39b8d4e396
deps: update ubuntu:20.04 Docker digest to b872b03 ( #1124 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 18:23:15 +01:00
renovate[bot]
535c359ee7
deps: update Constellation containers to v2.6.0-pre.0.20230131161703-e0354826e058 ( #1105 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 18:08:40 +01:00
Paul Meyer
076103b7ac
build: set test timeout
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:55:09 +01:00
Paul Meyer
51e4f23fe0
build: add shell.nix
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:55:09 +01:00
Malte Poll
b7d3f3972b
ci: add bazel tests
2023-01-31 17:55:09 +01:00
Malte Poll
a722f911b7
build: convert buildifier check to bazel test
2023-01-31 17:55:09 +01:00
Malte Poll
311c9b2c8b
build: pin java toolchain
2023-01-31 17:55:09 +01:00
Malte Poll
f25c1c07de
build: pin bazel version
2023-01-31 17:55:09 +01:00
Malte Poll
731b316766
build: add Bazel workspace and toolchains
2023-01-31 17:55:09 +01:00
renovate[bot]
bec82c2328
deps: update GitHub action dependencies ( #1112 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:38:44 +01:00
Paul Meyer
e5a2e519a3
ci: fix hasher permissions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:36:45 +01:00
Paul Meyer
e0354826e0
ci: trigger builds on workflow change
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:17:03 +01:00
Otto Bittner
176f366c53
ci: fix manual keyservice build workflow
2023-01-31 16:53:46 +01:00
Paul Meyer
4f1a4ecb9e
ci: don't use k-bench install script
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 15:06:29 +01:00
Paul Meyer
c00004a321
ci: fix oras download in package hasher
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 15:06:13 +01:00
Fabian Kammel
c14e551af5
fix permissions ( #1119 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-31 14:30:36 +01:00
Otto Bittner
24409fe6ee
ci: ensure that unittests are run when touching helm charts
...
In case the helm charts are changed only yaml files are touched.
Thus the unit test workflow was not triggered.
2023-01-31 11:36:49 +01:00
Otto Bittner
3038b374da
cli: update helm chart render expectations
...
testdata is now expecting the charts to render for ko images.
2023-01-31 11:36:49 +01:00
Otto Bittner
6415d80ee4
versions: update constellation operator image
2023-01-31 11:36:49 +01:00