Malte Poll
5e241bcb45
deps: update Go to v1.22.1
2024-03-06 14:50:01 +01:00
Daniel Weiße
d5b3d4fd6f
ci: use collision resistant name for Terraform e2e test ( #2967 )
...
* Use collision resistant name for Terraform e2e test
* Remove test suffix from Terraform provider examples
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-03-04 13:48:30 +01:00
Malte Poll
c513c3f40c
ci: v2.16 post-release cleanup
2024-02-29 18:36:07 +01:00
Malte Poll
93eb8f0694
release: use cosign sign-blob in non-interative mode ( #2953 )
2024-02-29 09:40:13 +01:00
Malte Poll
0b6eeb3747
ci: match version of actions/download-artifact for slsa provenance ( #2957 )
2024-02-29 09:39:41 +01:00
Daniel Weiße
80518379c4
ci: fix artifact naming problems in e2e test ( #2948 )
...
* Fix potentially artifact naming in weekly tests
* Use e2e prefix for artifact naming in e2e-benchmark
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-27 08:59:22 +01:00
renovate[bot]
62acec17f6
deps: update Constellation containers ( #2921 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-02-22 14:04:42 +01:00
Malte Poll
2300a31276
deps: update all 3rdparty github actions
2024-02-21 17:53:53 +01:00
Daniel Weiße
7edd6259d1
ci: fix duplicate benchmark artificat name ( #2934 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-21 15:34:30 +01:00
Markus Rudy
98a1cfa2ca
ci: fetch latest console logs on aws ( #2926 )
2024-02-21 13:46:25 +01:00
renovate[bot]
abf6b4924a
deps: update Python dependencies
2024-02-21 13:32:15 +01:00
Malte Poll
38ef546362
deps: update Go to 1.22.0
2024-02-20 18:27:16 +01:00
Malte Poll
5ef12895fa
bazel: remove deprecated Bazel container
...
It doesn't work properly with nix and a nix shell exists for all developers.
2024-02-20 12:50:13 +01:00
Malte Poll
980b2f0e87
ci: login to OpenStack provider
2024-02-19 18:16:45 +01:00
Moritz Sanft
ffb1ef9185
ci: fix artifact overwriting in upgrade test ( #2913 )
2024-02-19 15:12:04 +01:00
renovate[bot]
cdf1282996
deps: update dependency cryptography to v42.0.2 [SECURITY] ( #2916 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-19 15:11:19 +01:00
Moritz Sanft
68cfa0addf
ci: update fromVersion
to v2.15.1
( #2914 )
2024-02-16 13:35:57 +01:00
Daniel Weiße
c5b17fb828
ci: prevent duplicate artifact naming in same workflow ( #2903 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-12 09:56:53 +01:00
renovate[bot]
3765cb0762
deps: update actions/upload-artifact and actions/download-artifact action to v4 ( #2756 )
...
* deps: update actions/upload-artifact action to v4
* deps: update actions/download-artifacts action to v4
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-07 14:50:15 +01:00
renovate[bot]
b1dc427108
deps: update dependency cryptography to v42 [SECURITY] ( #2894 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-07 13:57:49 +01:00
Moritz Sanft
dde3430da8
terraform: support AWS marketplace images ( #2888 )
...
* terraform: support AWS marketplace images
* terraform-provider: support AWS marketplace images
* docs: add instructions on AWS marketplace images
* ci: adapt marketplace image test for AWS
* Update internal/config/config.go
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
* docs: update config
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* docs: update license information
* docs: use CSP tabs for marketplace overview
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
---------
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2024-02-06 12:13:59 +01:00
Daniel Weiße
64c32c2236
ci: make instance type configurable for provider sample ( #2893 )
...
* Make default instance type configurable for provider sample
* Set TDX instance type when running TDX provider e2e test
* Fix missing attestation variant when setting up stub config in provider e2e test
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-05 15:46:57 +01:00
Daniel Weiße
f21252c57d
ci: fix workspace related errors when setting up k8s version for test ( #2891 )
...
* Fail workflow on error in subshell
* Remove relative paths from workflow
* Set up MMA only for SEV-SNP, not for Azure TDX
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-05 13:29:03 +01:00
Markus Rudy
c020f7ac20
cleanup: various minor debugging improvements ( #2889 )
...
* ci: improve constellation_create error message
When we hit a timeout due to nodes not coming up, the actual error
message is hard to make out because it's buried in a group. With the
right formatting, the error message will be highlighted in the UI.
Another improvement is to output the state of nodes, which helps
debugging the cause of nodes not joining or not becoming ready.
* cleanup: use NodeVersionResourceName constant
... instead of literal strings.
* ci: correctly notify on e2e upgrade error
* atls: report cert extension OIDs on mismatch
If the certificate contains an attestation document for SEV-SNP, but the
given validator is for Nitro, verifyEmbeddedReport should not claim that
there is no attestation document, but that there is no _compatible_ one
and what the incompatible ones were.
2024-02-02 16:46:28 +01:00
Moritz Sanft
d5e4435e3d
ci: reduce amount of regular tests ( #2885 )
...
* .github: add e2e test to pr checklist
* ci: use sonobuoy quick where possible
* ci: run malicious join test on release
* ci: remove self managed infra test
* ci: remove non-example terraform test from weekly
* ci: run Sonobuoy full on the latest k8s version weekly
* ci: run weekly sonobuoy quick on all k8s versions
* ci: don't run double sonobuoy tests on latest k8s version
2024-02-01 15:05:07 +01:00
Daniel Weiße
befc7cdf63
ci: don't delete local cached providers when uploading Terraform state ( #2884 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-01 09:54:40 +01:00
Adrian Stobbe
9b547bced0
ci: v2.15 post-release cleanup ( #2881 )
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-01-31 16:45:20 +01:00
miampf
eabcdbe931
ci: Upload e2e terraform state as artifact ( #2853 )
2024-01-31 15:22:05 +00:00
Adrian Stobbe
d873ddb09d
fix self managed azure tdx ( #2878 )
2024-01-31 08:18:51 +01:00
Adrian Stobbe
efc7290454
ci: fix upload CLI path line splitting ( #2877 )
2024-01-30 09:26:40 +01:00
Daniel Weiße
40c4109dc2
ci: fix empty run-id in OpenSearch URL ( #2876 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-30 08:57:27 +01:00
Adrian Stobbe
3799525103
ci: set board fields for tf example test ( #2867 )
2024-01-29 16:45:26 +01:00
Markus Rudy
f78f5540bc
ci: pin the kube-bench plugin definitions for sonobuoy ( #2861 )
2024-01-29 14:50:27 +01:00
Daniel Weiße
d372130bfd
ci: safely set attestation variant in OpenSearch URL ( #2864 )
...
* Add attestation variant to notify hooks
* Quote all inputs in OpenSearch URL
* Add clusterCreation field to OpenSearch URL
* Omit empty fields in OpenSearch URL
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-29 11:52:41 +01:00
Daniel Weiße
64e5efb49d
Fix evaluation statement
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 17:06:28 +01:00
Daniel Weiße
d17e7459db
Choose TDX supported region for TDX tests
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 17:06:28 +01:00
Daniel Weiße
65d28f913f
Allow starting e2e tests based on attestation variant instead of csp
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 17:06:28 +01:00
Daniel Weiße
78b9b0fc96
terraform-provider: enable Azure TDX ( #2854 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 15:46:21 +01:00
renovate[bot]
d58d888f54
deps: update dependency Pillow to v10.2.0 [SECURITY]
2024-01-26 15:41:44 +01:00
Moritz Eckert
26f6fd074f
ci: fix e2e_benchmark comparison
2024-01-25 11:12:32 +01:00
Adrian Stobbe
77276cb4ca
add provider example test to weekly ( #2840 )
2024-01-25 11:09:27 +01:00
Adrian Stobbe
4431ac3233
ci: fix missing quotes in Opensearch link ( #2852 )
2024-01-24 17:29:19 +01:00
Thomas Tendyck
ad5ff6e1bb
ci: update vale
2024-01-24 09:07:19 +01:00
Adrian Stobbe
4db0662b06
ci: remove broken label from OpenSearch query link ( #2839 )
2024-01-23 08:32:02 +01:00
Malte Poll
66faa5493f
deps: Go 1.21.6
2024-01-22 13:11:58 +01:00
Moritz Sanft
0030a26eaf
ci: parallelize upgrade e2e test ( #2724 )
...
* ci: parallelize upgrade e2e test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* ci: revert name change
* ci: upgrade checkout action
* ci: add target version before building target cli
* ci: rename input
* ci: upload service account key
* ci: download sa key on GCP
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-01-19 16:34:47 +01:00
Malte Poll
9181705299
ci: use sonobuoy 0.57.1 ( #2821 )
2024-01-16 13:19:46 +01:00
Moritz Sanft
bf02680477
ci: mirror GCP images to MPI project on release ( #2820 )
2024-01-15 13:58:30 +01:00
Malte Poll
8a74893461
ci: build and upload OS image in single job
2024-01-15 13:53:15 +01:00
Adrian Stobbe
60a0a6020e
ci: add upgrade to provider example test ( #2775 )
2024-01-13 13:13:10 +01:00