Malte Poll
2a226fd8e9
deps: update Go toolchain to 1.22.2 ( #3010 )
...
* deps: update Go toolchain to 1.22.2
* deps: update vulnerable dependencies (govulncheck)
2024-04-05 12:14:48 +02:00
Malte Poll
24c346c657
bazel: patch Go SDK to increase tls maxHandshake size ( #3009 )
2024-04-03 14:08:45 +02:00
Malte Poll
5e241bcb45
deps: update Go to v1.22.1
2024-03-06 14:50:01 +01:00
Malte Poll
38ef546362
deps: update Go to 1.22.0
2024-02-20 18:27:16 +01:00
Malte Poll
a4d25646f5
deps: update to bazel 7
2024-02-20 12:50:13 +01:00
Markus Rudy
473001be55
vpn: ship our own container image ( #2909 )
...
* vpn: ship our own container image
The container image used in the VPN chart should be reproducible and
stable. We're sticking close to the original nixery.dev version by
building the image with nix ourselves, and then publishing the single
layer from the result with Bazel OCI rules. The resulting image should
be handled similar to s3proxy: it's built as a part of the Constellation
release process and then consumed from a Helm chart in our registry.
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2024-02-15 13:08:27 +01:00
Malte Poll
66faa5493f
deps: Go 1.21.6
2024-01-22 13:11:58 +01:00
Malte Poll
f7b22f3705
bazel: add tool dependencies for image upload
2024-01-15 13:53:15 +01:00
Malte Poll
3a4f6ef9d1
bazel: use prebuilt Go toolchain (go.dev/dl) ( #2796 )
...
We had to switch to a Go toolchain from nixpkgs,
since prebuilt Go toolchain versions were not usable on NixOS.
Since Go 1.21, the prebuilt Go toolchain is statically linked
and works out of the box.
Reference: https://github.com/golang/go/issues/57007
2024-01-05 11:52:22 +01:00
Adrian Stobbe
4c8041d2cf
bazel: used sed from nixpkgs ( #2706 )
...
This is required since sed on macos has different flags and may behave differently.
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-12-12 14:46:11 +01:00
Malte Poll
e113253262
bazel: migrate all integration tests (and retire CMakeLists.txt)
2023-12-08 14:27:46 +01:00
Malte Poll
4ca88cd779
bazel: remove bazeldnf and pinned rpms
2023-12-01 09:35:33 +01:00
Malte Poll
5c19b2c27b
bazel: add cross compiler for darwin
...
This allows cross compiling from aarch64-darwin to x86_64-linux.
It is required for building Go binaries on macos that target Linux and have CGO enabled.
2023-12-01 09:35:33 +01:00
Malte Poll
c5acb18c2b
bazel: use openssl for selected target platform
2023-12-01 09:35:33 +01:00
Malte Poll
9be252fccb
bazel: import C libraries from nix as cc_libary
...
This also includes aliases to select the correct library based on the target platform.
2023-12-01 09:35:33 +01:00
Malte Poll
e174c4dfe1
bazel: add patchelf rule
...
This rule allows overwriting a binaries' rpath.
This is required to use binaries built by Bazel that link against cc_library
targets from nix (like `/nix/store/<hash>/lib/*.so`).
2023-12-01 09:35:33 +01:00
Moritz Sanft
9a62657b80
terraform-provider: init provider scaffolding ( #2632 )
...
* terraform-provider: init
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: add basic docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix build steps
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: extend build process and docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* dev-docs: document provider usage
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: upload aspect lib mirror
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: add docstring to fix linter
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: don't try to create lockfiles
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: fix shellcheck issues
* bazel: separate paths to check
* bazel: explain what updating lockfiles means
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix linter checks
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-24 15:58:21 +01:00
Malte Poll
8d5ce524d5
bazel: add bazel itself as nixpkgs dependency
2023-11-10 18:15:59 +01:00
Adrian Stobbe
b765231175
deps: bump Go to 1.21.4 ( #2569 )
...
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-11-09 20:17:14 +01:00
Malte Poll
8bc1d80d86
image: install rpms from lockfile
2023-10-17 09:23:56 +02:00
3u13r
9e1a0c06bf
Deps: bump Go to 1.21.3 ( #2450 )
...
* build: override go version to 1.21.3
* build: re-enable cachix
* ci: set $USER if not set
2023-10-12 16:11:02 +02:00
Malte Poll
e74dbda64e
bazel: use openssl from nixpkgs
2023-10-12 14:42:24 +02:00
Malte Poll
d22f53d7cc
bazel: always use nix
2023-10-12 14:42:24 +02:00
Malte Poll
d046ba01ff
nix: update nixpkgs
2023-10-12 14:42:24 +02:00
Malte Poll
81c5cc21f8
image: add kernel rpms
2023-09-27 17:58:19 +02:00
Malte Poll
78300ee5b0
use toolchains from nixpkgs (with fallback)
2023-09-27 17:58:19 +02:00
Malte Poll
5323c2d870
bazel: mkosi toolchain
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-09-27 17:58:19 +02:00
Malte Poll
347659e2b0
bazel: add rules_nixpkgs
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-09-27 17:58:19 +02:00
3u13r
6cb506bca7
deps: bump go version ( #2318 )
2023-09-08 10:19:07 +02:00
Malte Poll
de863aece0
bazel: name WORKSPACE
2023-08-18 16:36:13 +02:00
Malte Poll
0be3d4b132
bazel: provide k8s / envtest toolchains
2023-08-17 10:46:45 +02:00
3u13r
a983b08262
deps: bump go version ( #2156 )
2023-08-03 12:07:27 +02:00
Paul Meyer
01f518f0a4
deps: update to Go v1.20.6 ( #2093 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-12 09:51:40 +02:00
Moritz Sanft
c7457bd942
bazel: fill microservice version on devbuild
target ( #1994 )
...
* wip: fill microservice version on devbuild
* fill microservice versin on `devbuild`
2023-07-06 08:46:06 +02:00
renovate[bot]
167052d443
deps: update dependency hermetic_cc_toolchain to v2.0.0 ( #1860 )
...
* deps: update dependency hermetic_cc_toolchain to v2.0.0
* deps: tidy all modules
* bazel: target glibc 2.23 to enable rbe
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-06-09 17:39:30 +02:00
Otto Bittner
3a54ca91a7
deps: bump go patch version ( #1903 )
2023-06-09 10:53:17 +02:00
Malte Poll
ab257944f9
bazel: provide semi-hermetic python toolchain ( #1753 )
...
The actual python version used in bazel is hermetic after this PR.
However, we still require a host python toolchain for bootstrapping (this will be fixed soon upstream) and host wide glibc (+ libcrypt.so.1).
2023-05-22 09:10:41 +02:00
3u13r
dd2ea50a39
deps: bump go version ( #1760 )
2023-05-11 14:14:15 +02:00
Malte Poll
0c206e62d0
deps: rename bazel-zig-cc to hermetic_cc_toolchain ( #1695 )
2023-04-27 10:27:43 +02:00
Malte Poll
498e8241ff
bazel: only use crane for push / pull
2023-04-18 15:35:15 +02:00
Malte Poll
2b962598bf
deps: update go to 1.20.3 ( #1622 )
2023-04-06 16:36:07 +02:00
Malte Poll
827c4f548d
bazel: deps mirror ( #1522 )
...
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.
It also normalizes deps rules.
* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
81acdecd22
bazle: manage 3rdparty/node-maintainance-operator
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Malte Poll
9bedb82d66
bazel: upgrade bazel-zig-cc to allow caching of launcher ( #1474 )
2023-03-21 14:29:30 +01:00
Paul Meyer
0fc15b2393
bazel: add shellcheck to //:check
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 11:13:14 -04:00
Paul Meyer
33fbac87fb
tools: version tools in tools.go
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Malte Poll
122b5ff0a0
deps: upgrade rules_oci to v0.3.3 ( #1402 )
...
Release: https://github.com/bazel-contrib/rules_oci/releases/tag/v0.3.3
2023-03-15 13:10:05 +01:00
Malte Poll
e4b5ef0ed4
bazel: remove java toolchain ( #1427 )
...
I thought we needed this since we saw issues on nixOS where we couldn't find a jdk.
It turns out this is not actually required.
2023-03-14 13:55:33 +01:00
Paul Meyer
02c97fac03
bazel: add tidy and check
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
9b3af5af76
bazel: move toolchains into bazel folder
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00