constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 00:06:21 +00:00

Author	SHA1	Message	Date
Daniel Weiße	273a6ba853	ci: use structured logging for all parts of the malicious-join test (#2557 ) * Use structured logging for all parts of the test * Fix malicious-join image build action --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-11-07 09:02:19 +01:00
Otto Bittner	b0ee39a96d	ci: publish s3proxy chart during release	2023-11-06 10:21:11 +01:00
Otto Bittner	8ebd813480	s3proxy: ship as helm chart	2023-11-06 10:21:11 +01:00
Otto Bittner	a19227cac9	s3proxy: initial e2e tests and workflows	2023-11-06 10:21:11 +01:00
Malte Poll	76d7d30245	ci: do not upload terraform logs (#2554 )	2023-11-04 19:14:29 +01:00
Moritz Sanft	813405f080	ci: share e2e workflow (#2550 ) * re-use workflow in internal LB e2e test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add self-managed infra workfloww Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-11-03 16:27:28 +01:00
renovate[bot]	17b0915a10	deps: update docker/build-push-action action to v5 (#2531 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-11-02 10:13:14 +01:00
Daniel Weiße	e8cf0f59bd	ci: force delete files on self-managed destroy (#2538 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-31 12:45:10 +01:00
Moritz Sanft	8d08ace0b5	ci: mark self-managed infrastructure tests (#2537 ) * mark self-managed infrastructure tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add TODO --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-10-30 14:33:58 +01:00
renovate[bot]	b3002d21e3	deps: update dependency Pillow to v10 [SECURITY] (#2400 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-27 14:22:34 +02:00
Moritz Sanft	402a8834ca	ci: add e2e test for self-managed infrastructure (#2472 ) * add self-managed infra e2e test * self-managed terminatio Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix upgrade test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix indentation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use -r when copying dir Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add terraform variable parsing * copy constellation conf Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary line breaks * add missing value Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add image fetching for CSP Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix quoting Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing input to internal lb test * normalize Azure URLs.. Of course * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix expressions * initsecret to hex * update hexdump cmd * add build test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add node / pod cidr outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * explicitly delete the state file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing license header Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * always write all outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix list output Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove state-file and admin-conf on destroy * dont use test payload Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] use self managed infra in manual e2e for testing Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * init: always skip infrastructure phase * patch maa in workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * default to Constellation-created infra in e2e test --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-10-27 09:37:26 +02:00
Daniel Weiße	149fedb90f	cli: add `constellation apply` command to replace `init` and `upgrade apply` (#2484 ) * Add apply command * Mark init and upgrade apply as deprecated * Use apply command in CI * Add skippable phases for attestation config and cert SANs --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-26 15:59:13 +02:00
renovate[bot]	e445dac590	deps: update docker/metadata-action action to v5 (#2512 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-26 08:19:55 +02:00
renovate[bot]	0563ce7336	deps: update aws-actions/configure-aws-credentials action to v4 (#2510 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-26 08:18:37 +02:00
renovate[bot]	0e7462728a	deps: update docker/login-action action to v3 (#2511 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-25 17:40:25 +02:00
Paul Meyer	1261ccb569	Revert "ci: execute unit tests and tidy check against merge of PR branch and main (#2452 )" This reverts commit `43f7d9f736`.	2023-10-24 14:43:09 +02:00
Adrian Stobbe	5d640ff4f9	ci: fix win build (#2499 )	2023-10-23 14:39:45 +02:00
Adrian Stobbe	9c1c876830	pick random azure region (#2483 )	2023-10-20 13:38:08 +02:00
Daniel Weiße	eeaba28d02	ci: remove force flag from CLI commands (#2479 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-20 08:10:26 +02:00
Malte Poll	ee54b71a9e	ci: build rpmdb explicitly (#2476 )	2023-10-19 08:34:17 +02:00
Adrian Stobbe	5819a11d25	api: for Azure attestationconfigapi use TCB values from SNP report instead of MAA token (#2429 )	2023-10-17 17:36:50 +02:00
3u13r	0c89f57ac5	Support internal load balancers (#2388 ) * arch: support internal lb on Azure * arch: support internal lb on GCP * helm: remove lb svc from verify deployment * arch: support internal lb on AWS * terraform: add jump hosts for internal lb * cli: expose internalLoadBalancer in config * ci: add e2e-manual-internal * add in-cluster endpoint to terraform output	2023-10-17 15:46:15 +02:00
Malte Poll	1a141c3972	image: add rpm database as build output (#2442 ) For reproducibility reasons, the final OS image does not ship the rpm database in sqlite format. For supply chain security and license compliance reasons, we want to keep the rpm database of os images as a detached build artifact. We now ship a reproducible, human readable manifest of installed rpms in the image under "/usr/share/constellation/packagemanifest" and upload the full rpm database as a build artifact (rpmdb.tar).	2023-10-17 14:04:41 +02:00
Malte Poll	e93de82c0b	image: use systemd-dissect from the host when calculating measurements (#2473 ) * image: use systemd-dissect from the host when calculating measurements * ci: setup bazel and nix toolchains before merging os image measurements	2023-10-17 13:26:07 +02:00
renovate[bot]	abbe3853cb	deps: update cachix/install-nix-action action to v23 (#2469 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-10-17 10:48:52 +02:00
renovate[bot]	4fbf94ceb8	deps: update golang:1.21.3 Docker digest to 24a0937 (#2468 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-10-17 10:48:38 +02:00
Malte Poll	c424ec8825	ci: fix PR label for rpm updates (#2464 )	2023-10-17 09:46:37 +02:00
Malte Poll	a9f245752c	ci: update rpm lockfile once per week	2023-10-17 09:23:56 +02:00
Daniel Weiße	afb154ceb7	ci: add missing quotation marks for region flag + revert to northeurope (#2459 ) * Add missing quotation marks for region flag * Revert default Azure region to northeurope --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-16 16:20:32 +02:00
Malte Poll	43f7d9f736	ci: execute unit tests and tidy check against merge of PR branch and main (#2452 )	2023-10-16 09:58:45 +02:00
Malte Poll	33d53a1da9	ci: remove python from codeql (#2451 )	2023-10-13 12:37:13 +02:00
3u13r	9e1a0c06bf	Deps: bump Go to 1.21.3 (#2450 ) * build: override go version to 1.21.3 * build: re-enable cachix * ci: set $USER if not set	2023-10-12 16:11:02 +02:00
Malte Poll	e80e6076b4	ci: install nix together with Bazel	2023-10-12 14:42:24 +02:00
Malte Poll	d22f53d7cc	bazel: always use nix	2023-10-12 14:42:24 +02:00
renovate[bot]	907b74a31f	deps: update module golang.org/x/tools to v0.14.0 (#2446 ) * deps: update module golang.org/x/tools to v0.14.0 * ci: don't error on cleanup --------- Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-10-12 14:07:59 +02:00
renovate[bot]	a1c84cb080	deps: update GitHub action dependencies (#2437 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-11 13:49:50 +02:00
renovate[bot]	117c9c53f8	deps: update golang Docker tag to v1.21.3 (#2436 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-11 13:43:53 +02:00
Adrian Stobbe	b35a042abd	fix verify test (#2424 )	2023-10-10 20:47:53 +02:00
Malte Poll	02c04f057f	ci: start v2.13-pre window (#2426 )	2023-10-10 18:33:04 +02:00
Moritz Sanft	005e865a13	cli: use state file on init and upgrade (#2395 ) * [wip] use state file in CLI Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use state file in CLI Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> take clusterConfig from IDFile for compat Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> various fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> wip Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add GCP-specific values in Helm loader test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary pointer Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * write ClusterValues in one step Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * move stub to test file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove mention of id-file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * move output to `migrateTerraform` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * unconditional assignments converting from idFile Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * move require block in go modules file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fall back to id file on upgrade Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix linter check Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add notice to remove Terraform state check on manual migration Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add `name` field Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> fix name tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * return early if no Terraform diff Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * return infrastructure state even if no diff exists Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add TODO to remove comment Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use state-file in miniconstellation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * cli: remove id-file (#2402) * remove id-file from `constellation create` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add file renaming to handler * rename id-file after upgrade * use idFile on `constellation init` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove id-file from `constellation verify` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * linter fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove id-file from `constellation mini` * remove id-file from `constellation recover` * linter fixes * remove id-file from `constellation terminate` * fix initSecret type * fix recover argument precedence * fix terminate test * generate * add TODO to remove id-file removal * Update cli/internal/cmd/init.go Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * fix verify arg parse logic Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add version test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove id-file from docs * add file not found log * use state-file in miniconstellation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove id-file from `constellation iam destroy` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove id-file from `cdbg deploy` Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * use state-file in CI Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update orchestration docs --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2023-10-09 13:04:29 +02:00
Malte Poll	dbf40d185c	ci: free up disk space on GitHub hosted runners (#2419 )	2023-10-09 11:00:22 +02:00
Daniel Weiße	8bb23c373b	ci: ensure API is only updated if image and measurements are uploaded (#2413 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-06 14:34:06 +02:00
Daniel Weiße	ce2465c3c7	ci: use West US region for Azure e2e test until problems are resolved (#2414 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-06 11:43:02 +02:00
Paul Meyer	b1d5d13990	github: replace discord with GitHub discussions Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-05 16:57:19 +02:00
Paul Meyer	53bfb3b71a	github: use new issue forms instead of template Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-10-05 16:57:19 +02:00
Moritz Sanft	2d797874c7	ci: add msanft to list of possible e2e assignees (#2410 ) * add msanft to list of possible e2e assignees Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add msanft to teams card --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-10-05 13:54:45 +02:00
Moritz Sanft	13e9359b5c	remove unnecessary link (#2407 )	2023-10-05 10:05:45 +02:00
Malte Poll	6ea0b38a66	ci: add large runner as allowed label	2023-10-04 13:17:44 +02:00
Moritz Sanft	0885646034	github: add AB ticket link to PR template (#2397 ) * add Azure DevOps ticket to PR template Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * make additional info not optional Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-10-04 10:26:10 +02:00
Malte Poll	b4fb8439d0	ci: use larger runners for os image pipeline (#2399 )	2023-10-04 10:13:43 +02:00

1 2 3 4 5 ...

937 Commits