constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 00:06:21 +00:00

Author	SHA1	Message	Date
Paul Meyer	abd5cdf362	ci: fix ccm build when no new version are found Previous output of findvers.sh would be [""] in case no version were found, now the output is []. Also, GitHub cannot handle empty arrays in the matrix field, so we add an if and check if the array is empty. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-23 15:05:22 +02:00
Moritz Sanft	54c52f17f6	ci: fix Windows e2e test (#2255 ) * fix Windows e2e test * check if caller workflow was scheduled * inherit secrets	2023-08-21 14:36:28 +02:00
Moritz Sanft	60bf770e62	ci: logcollection to OpenSearch in non-debug clusters (#2080 ) * refactor `debugd` file structure * create `hack`-tool to deploy logcollection to non-debug clusters * integrate changes into CI * update fields * update workflow input names * use `working-directory` * add opensearch creds to upgrade workflow * make template func generic * make templating func generic * linebreaks * remove magic defaults * move `os.Exit` to main package * make logging index configurable * make templating generic * remove excess brace * update fields * copy fields * fix flag name * fix linter warnings Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> * remove unused workflow inputs * remove makefiles * fix command * bazel: fix output paths of container This fixes the output paths of builds within the container by mounting directories to paths that exist on the host. We also explicitly set the output path in a .bazelrc to the user specific path. The rc file is mounted into the container and overrides the host rc. Also adding automatic stop in case start is called and a containers is already running. Sym links like bazel-out and paths bazel outputs should generally work with this change. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> * tabs -> spaces --------- Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-21 08:01:33 +02:00
Malte Poll	339492f314	ci: add aspect workflows (#2258 )	2023-08-18 11:31:24 +02:00
3u13r	8325f99b09	deps: support Kubernetes 1.28 (#2242 )	2023-08-18 11:13:24 +02:00
Paul Meyer	c6819b8d31	ci: automatically build GCP CCM container Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-16 16:31:04 +02:00
Paul Meyer	f43888bb6f	ci: remove azure-snp-reporter workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-16 11:41:02 +02:00
Paul Meyer	f604a8dfd2	e2e: upload TCB versions in verify test The TCP versions are extracted from the MAA token, that itself is taken from the verify command output. The configapi is adapted to directly work on the MAA claims JSON. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-16 11:41:02 +02:00
Adrian Stobbe	5574092bcf	ref: update code for 2.11 (#2239 ) Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>	2023-08-16 11:34:58 +02:00
renovate[bot]	841463d11e	deps: update GitHub action dependencies (#2234 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-15 14:38:48 +02:00
Daniel Weiße	ef4d789dc8	ci: fix notify trigger in e2e upgrade workflow (#2221 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-14 11:45:04 +02:00
Adrian Stobbe	c7bbf90989	ci: add e2e-mini to daily test (#2217 )	2023-08-14 08:13:29 +02:00
Paul Meyer	de9e841853	e2e: use Kubernetes 1.26 in daily test Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-11 14:06:35 +02:00
Daniel Weiße	066fff951f	ci: correctly default to false for upgrade e2e notifications (#2208 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-11 09:05:44 +02:00
Daniel Weiße	0dd62fc59d	ci: allow setting region/zone for e2e tests (#2205 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-10 12:53:40 +02:00
Paul Meyer	e466ce2f26	e2e: detect changing idKeyDigests on azure by setting the Azure SNP enforcement policy to equal in the weekly e2e. The run should fail when there are unexpected ID Key digests used. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-08-09 16:45:42 +02:00
Adrian Stobbe	d1febd7276	fix e2e upgrade config migration (#2179 )	2023-08-09 10:28:13 +02:00
renovate[bot]	cc10613252	deps: update dependency cryptography to v41.0.3 [SECURITY] (#2150 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-07 09:23:18 +02:00
Malte Poll	92b0cd5a21	ci: update actions to use nodeGroups and remove deprecated flags	2023-08-04 12:36:45 +02:00
Moritz Sanft	af05e17f49	ci: keep embedded measurements if stable image is used (#2109 ) Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Malte Poll <mp@edgeless.systems>	2023-08-04 09:43:32 +02:00
3u13r	a983b08262	deps: bump go version (#2156 )	2023-08-03 12:07:27 +02:00
Daniel Weiße	321474c356	ci: remove old incompatible test option (#2149 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-08-02 08:18:55 +02:00
Otto Bittner	002c3a9a32	ci: upgrade fromVersion for upgrade tests (#2145 ) Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2023-08-01 10:34:11 +02:00
Otto Bittner	867f7490a2	ci: clone constellation repo into separate dir (#2143 )	2023-08-01 10:13:10 +02:00
Otto Bittner	583d3021fa	ci: parse ovmf binaries from metadata (#1962 ) Subsequently the metadata will be uploaded to the attestationconfigapi so the CLI can use the data to precalculate measurements.	2023-07-27 13:29:43 +02:00
Adrian Stobbe	a3184af7a2	cli: add `iam upgrade apply` (#2132 ) * add new iam upgrade apply * remove iam tf plan from upgrade apply check * add iam migration warning to upgrade apply * update release process * document migration * Apply suggestions from code review Co-authored-by: Otto Bittner <cobittner@posteo.net> * add iam upgrade * remove upgrade dir check in test * ask only without --yes * make iam upgrade provider specific * test without seperate logins * remove csi and only add conditionally * Revert "test without seperate logins" This reverts commit `05a12e59c9`. * fix msising cred * support iam migration for all csps * add iam upgrade label --------- Co-authored-by: Otto Bittner <cobittner@posteo.net>	2023-07-26 17:29:03 +02:00
Paul Meyer	342a71fa36	bazel: fix container versioning Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-07-26 13:46:27 +02:00
Paul Meyer	c8bc3ea5ee	ci: build bazel container Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-07-25 15:41:55 +02:00
Otto Bittner	c58d03a7b8	ci: fix ahead-check for working branch (#2120 ) Also list remote branches during on-release	2023-07-19 17:48:29 +02:00
renovate[bot]	dc373971b2	deps: update dependency cryptography to v41.0.2 [SECURITY] (#2106 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-18 15:33:23 +02:00
Daniel Weiße	484b6c5c24	ci: combine node count inputs into one (#2084 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-07-17 13:45:53 +02:00
Otto Bittner	c1c48f19bf	chore: bump e2e-upgrade fromVersion	2023-07-17 10:29:43 +02:00
Otto Bittner	6ed8fce6b0	ci: separate PCR0 value for aws-sev-snp variant (#2100 ) Co-authored-by: Malte Poll <mp@edgeless.systems>	2023-07-13 11:37:47 +02:00
Paul Meyer	01f518f0a4	deps: update to Go v1.20.6 (#2093 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-07-12 09:51:40 +02:00
Otto Bittner	f97edd512d	ci: use 2.8 as fromVersion in release upgrade test (#2086 ) The current value (2.7.1) is outdated since the release of 2.8.	2023-07-11 09:56:43 +02:00
Otto Bittner	cfa3bb6276	ci: do not build additional streams (#2085 ) Large amounts of uploaded data seem to break the GH Actions cache.	2023-07-10 17:46:08 +02:00
Malte Poll	c6230ff8ca	ci: add constellation-windows-amd64.exe to release artifacts uploaded to GitHub (#2075 )	2023-07-10 10:21:48 +02:00
Adrian Stobbe	fafafb48d7	pin dependency for aws-snp-launchmeasurement	2023-07-07 16:44:31 +02:00
Malte Poll	6c5ad09a93	ci: build all streams on release (#2058 )	2023-07-07 12:09:15 +02:00
Malte Poll	46d69abe10	bazel: rewrite pseudo-version stamping in bash (#2020 ) * bazel: simplify workspace_status command to only depend on bash and git * bazel: remove pseudo-version freshness code	2023-07-05 14:42:18 +02:00
Paul Meyer	7968d165c6	ci: use strict semver for gcp guest agent image Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-07-04 13:23:33 +02:00
Daniel Weiße	90dbeae16b	cli: fix duplicate backup creation during `upgrade apply` (#1997 ) * Use CLI to fetch measurements in e2e test * Abort helm service upgrade early if user confirmation is missing * Add container push to CLI build action --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-07-03 15:13:36 +02:00
renovate[bot]	576b48c8b7	deps: update GitHub action dependencies (#1848 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-07-03 08:19:10 +02:00
Adrian Stobbe	00ee11084e	add e2e mini to weekly (#1982 )	2023-06-30 10:05:24 +02:00
Malte Poll	6dd8a571ec	ci: fix expected value for PCR7 on AWS (#1979 ) This has changed when upgrading to Fedora 38. It didn't surface as a bug since the PCR is marked as warnOnly.	2023-06-28 15:33:14 +02:00
miampf	77b28cb5e7	cli: change generate-config flag to update-config flag (#1897 )	2023-06-28 12:47:44 +00:00
Malte Poll	78fb0066e4	ci: add automated tests for reproducible builds (#1914 ) * ci: reproducible builds test * deps: upgrade actionlint to support macos-13 runners	2023-06-23 12:12:32 +02:00
Moritz Sanft	94b21e11ad	ci: Windows cli tests (#1859 ) * wip: add windows e2e test * wip: register windows e2e tests * remove registration * wip: change CLI artifact name * basic windows test * checkout repo * use correct iam create command * remove trademarked name * enable debug logs * add pwsh liveliness check script * delimiters * set kubeconfig env var * test * use setx to set env var * set envvar before liveness probe * explicitly set kubeconfig	2023-06-21 12:05:04 +02:00
renovate[bot]	d2c4cd1785	deps: update aws-actions/configure-aws-credentials action to v2 (#1950 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-06-20 18:59:07 +02:00
renovate[bot]	3f714f538b	deps: update peter-evans/create-pull-request action to v5 (#1949 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-06-20 16:37:01 +02:00
renovate[bot]	684b61ac2b	deps: update docker/build-push-action action to v4 (#1948 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-06-20 13:39:32 +02:00
renovate[bot]	5bf59808e1	deps: update cachix/install-nix-action action to v22 (#1947 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-06-20 13:08:52 +02:00
Malte Poll	264b2df902	deps: upgrade to Fedora 38 (#1909 ) * image: upgrade mkosi distro version to Fedora 38 * image: remove downgrade of GCP kernel * ci: upgrade expected measurements for Fedora 38 * deps: upgrade bazeldnf packages to Fedora 38 * deps: upgrade container images to Fedora 38	2023-06-15 16:50:35 +02:00
Otto Bittner	c33ab624c1	ci: upgrade fromVersion in e2e-upgrade (#1931 ) We released 2.8 so we need to test that it can upgrade to HEAD.	2023-06-15 07:49:30 +02:00
Malte Poll	ee77e3922a	ci: explicitly add CLI signature as release artifact (#1917 )	2023-06-14 09:56:11 +02:00
Moritz Sanft	72e168e653	bazel: pseudo version tool freshness check (#1869 ) * switch to darwin compatible shasum * add bazel rule * update shellscript for in-place updates * Revert "update shellscript for in-place updates" This reverts commit `87d39b06f7`. * add version tool freshness check * remove pseudo-version file * revert to `sha256sum` * fix workflow indentation	2023-06-09 11:50:51 +02:00
Moritz Sanft	892752a1f8	add necessary permissions (#1905 )	2023-06-09 11:50:39 +02:00
Otto Bittner	3a54ca91a7	deps: bump go patch version (#1903 )	2023-06-09 10:53:17 +02:00
renovate[bot]	25037026e1	deps: update Python dependencies (#1887 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2023-06-07 10:36:52 +02:00
Malte Poll	b3c052e299	operators: cleanup placeholder nodeversion (#1881 ) * operators: cleanup placeholder nodeversion * e2e: improve upgrade test portability	2023-06-06 15:22:06 +02:00
Malte Poll	025d34a259	ci: fix docker-login on macOS runner (#1877 )	2023-06-06 12:20:09 +02:00
3u13r	7c07e3be18	Add --insecure to config fetch-measurement (#1879 ) * cli: add --insecure to fetch-measurements * cli: rename fake to stub * ci: upload measurements for debug images * fix cli docs	2023-06-06 10:32:22 +02:00
Malte Poll	900d51d49f	ci: select correct target version for upgrade e2e test in release pipeline (#1874 )	2023-06-05 13:56:16 +02:00
Adrian Stobbe	a813760f96	config: automatically upload new Azure SNP versions to API + sign version with release key (#1854 ) * sign version with release key and remove version from fetcher interface * extend azure-reporter GH action to upload updated version values to the Attestation API	2023-06-02 12:10:22 +02:00
Malte Poll	289665eb22	ci: remove setup-go action / disable cache where applicable (#1850 ) Runners sometimes fail because they run out of disk space. One reason this happens is a change in the setup-go action@v4: > The V4 edition of the action offers: Enabled caching by default To combat this, we now disable the cache if it was not enabled explicitly before. Additionally, we remove setup-go where it is no longer needed.	2023-06-01 15:16:00 +02:00
3u13r	e0285c122e	todo responsibilities and cleanup (#1837 ) * chore: add TODO responsibilities * chore: remove not needed TODOs * chore: remove outdated migrations * chore: remove resolved goleak exception * chore: remove not needed cosign env * config: add link to our Azure snp docs	2023-06-01 12:33:06 +02:00
Otto Bittner	0c13f3ed8d	image: add aws_aws-sev-snp variant This needs no changes to the existing AWS image. The images have worked without modification so far.	2023-06-01 11:25:31 +02:00
Malte Poll	8a51ae1ec3	ci: do not sign & upload debug image measurements (#1849 )	2023-06-01 10:58:34 +02:00
Malte Poll	a1ec899171	ci: use enterprise cli for e2e tests	2023-05-31 14:00:00 +02:00
Adrian Stobbe	0a6e5ec02e	config: dynamic attestation configuration through S3 backed API (#1808 )	2023-05-25 17:43:44 +01:00
3u13r	25211dc154	ci: codeql disable autobuild for go (#1828 )	2023-05-25 18:20:44 +02:00
Malte Poll	76bf5e8e28	ci: upload image info v2 and measurements v2 in image build pipeline	2023-05-25 15:01:15 +02:00
Otto Bittner	c010a4d742	ci: fix aws-snp-launchmeasurement pipeline Misspelled variable name.	2023-05-25 14:00:45 +02:00
Malte Poll	7cff47f30f	ci: run release workflow on temporary branch (#1628 )	2023-05-25 10:14:42 +02:00
Otto Bittner	06a32a85a7	ci: add pipeline to precalc launchmeasurements This is for SNP on AWS.	2023-05-24 12:58:39 +02:00
Malte Poll	050fccc591	ci: do not run unit tests on macOS	2023-05-23 15:11:10 +02:00
Malte Poll	c4ad246910	wip: cached unit tests	2023-05-23 15:11:10 +02:00
Leonard Cohnen	c98644df2b	ci: use bazel for unittests	2023-05-23 15:11:10 +02:00
Malte Poll	660781d35e	misc: bazelisk -> bazel	2023-05-23 15:11:10 +02:00
Malte Poll	a0ac230298	ci: remove bazel repo cache hosted in github actions cache	2023-05-23 15:11:10 +02:00
Malte Poll	41cc759b44	ci: use self hosted (cached) runners	2023-05-23 15:11:10 +02:00
3u13r	6062b10035	cli: split image into oss and enterprise (#1788 )	2023-05-23 10:49:47 +02:00
Malte Poll	dc9b3c1937	ci: run e2e tests as last step of release pipeline (#1793 )	2023-05-22 09:22:00 +02:00
3u13r	964775c4c2	Add autoscaling and cluster upgrade support for AWS (#1758 ) * aws: autoscaling and upgrades * docs: update scaling and upgrades for AWS * deps: pin vuln check against release	2023-05-19 13:57:31 +02:00
Otto Bittner	2dc105224d	ci: set toImage argument in e2e-test-release (#1722 )	2023-05-16 08:54:12 +02:00
3u13r	4024b9cf71	ci: fix minicon e2e test (#1763 ) * ci: push containers during minicon e2e * cli: set testing nvram for pre images in minicon	2023-05-12 17:14:32 +02:00
3u13r	dd2ea50a39	deps: bump go version (#1760 )	2023-05-11 14:14:15 +02:00
renovate[bot]	a8101c8c64	deps: update GitHub action dependencies (#1745 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-05-05 14:42:20 +02:00
Paul Meyer	30cd024076	deps: add Kubernetes v1.27, remove Kubernetes v1.24 (#1669 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-05-05 13:22:53 +02:00
Paul Meyer	b48866a756	ci: fix measurement generation on scheduled build (#1741 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-05-05 13:13:51 +02:00
Malte Poll	2efa3083dc	ci: use native go code for os image upload	2023-05-05 12:06:44 +02:00
Paul Meyer	b76583e4a0	ci: fix e2e miniconstellation abort condition (#1728 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-05-04 08:16:31 +02:00
Paul Meyer	ab74958b4a	ci: fix e2e release abort condition (#1726 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-05-03 18:18:16 +02:00
Malte Poll	d2cbf3dc83	ci: skip e2e tests if caller was not successful (#1714 )	2023-05-03 11:40:09 +02:00
Paul Meyer	7ab23c28b8	Revert "misc: replace sha256sum with shasum -a 256 (#1681 )" This reverts commit `ec1d5e9fb5`. While the change enabled shasum calculation on mac, it broke it on some Linux distros.	2023-05-02 11:07:05 +02:00
Otto Bittner	5deccc3d01	ci: push images in e2e-upgrade	2023-04-28 15:48:12 +02:00
Otto Bittner	481eeeaf3e	ci: add simulatedTargetVersion to e2e-upgrade This allows us to build a CLI that reports the given version during an upgrade test. With this we can test patch upgrades.	2023-04-28 15:48:12 +02:00
Paul Meyer	1d24036f21	ci: fix os image build schedule (#1703 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-28 12:57:11 +02:00
Malte Poll	635b98a34f	ci: rename all usages of bazel push target from //:push to //bazel/release:push (#1701 )	2023-04-28 09:26:15 +02:00
Moritz Sanft	261fe611a9	ci: add Terraform logging (#1665 ) * enable Terraform logging * change to debug level * rename artifact * add name suffix * remove blank line	2023-04-27 14:03:49 +02:00
Malte Poll	0c206e62d0	deps: rename bazel-zig-cc to hermetic_cc_toolchain (#1695 )	2023-04-27 10:27:43 +02:00
Paul Meyer	bf051174f6	ci: update measurements and image version on scheduled build Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-27 10:20:27 +02:00
Paul Meyer	82d0475e2a	ci: don't pick from release to main Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-27 10:20:27 +02:00
Malte Poll	ec1d5e9fb5	misc: replace sha256sum with shasum -a 256 (#1681 )	2023-04-26 13:40:18 +02:00
Malte Poll	84dd25600f	image: upgrade mkosi to support repart (#1684 )	2023-04-25 18:22:40 +02:00
Otto Bittner	c962e1745f	ci: add missing permissions for e2e-upgrade job (#1679 ) Missed a spot..	2023-04-24 13:49:02 +02:00
Otto Bittner	e6d5c2f116	ci: remove obsolete env variables these variables influence the azure cli auth behavior. we now use OIDC as login mechanism.	2023-04-24 12:38:08 +02:00
Otto Bittner	840eb401c6	ci: add missing permissions to workflows + packages: write + checks: write	2023-04-24 12:38:08 +02:00
Malte Poll	5145f806ea	bazel: remove apko and Dockerfile where Bazel is used to build container images	2023-04-18 15:35:15 +02:00
Malte Poll	19ff132ee8	ci: upload container images when running e2e tests	2023-04-18 15:35:15 +02:00
Paul Meyer	4b9bce9bb7	ci: fix notification trigger (#1673 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-18 14:50:36 +02:00
Paul Meyer	e335421dd2	ci: trigger notify only in scheduled workflows (#1671 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-17 17:30:56 +02:00
3u13r	3cb6ab04f1	ci: don't set IAM env for Azure (#1670 )	2023-04-17 16:47:12 +02:00
Paul Meyer	c1d3b38a5f	ci: replace release[bot] with edgelessci Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-17 12:08:42 +02:00
Paul Meyer	7a1af4937c	ci: remove outdated iam code Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-17 12:08:42 +02:00
Paul Meyer	b80d1576f3	ci: use include list to define e2e matrix Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-17 12:08:42 +02:00
Paul Meyer	4020e7840a	ci: always use tee -a instead of redirecting into GITHUB_OUTPUT Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-17 12:08:42 +02:00
Paul Meyer	860d72a083	ci: reduce number of steps with continue-on-error (#1593 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-14 18:50:58 +02:00
Paul Meyer	632b24e7cd	ci: fix version publishing on release (#1658 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-14 18:04:03 +02:00
Paul Meyer	1f82b4d266	ci: reduce continue-on-error usage in e2e upgrade Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-14 13:12:39 +02:00
Paul Meyer	d24ebd660e	ci: fix order in e2e upgrade Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-14 13:12:39 +02:00
Paul Meyer	677ed052a4	ci: use iam created Azure resource group in e2e upgrade Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-14 13:12:39 +02:00
Otto Bittner	d2967fff6b	cli: fix misleading error while applying kubernetes-only upgrade (#1630 ) * The check would previously fail if e.g. `apply` did not upgrade the image, but a new image was specified in the config. This could happen if the specified image was too new, but a valid Kuberentes upgrade was specified. * ci: fix variable expansion in e2e-upgrade call * e2e: do not verify measurement signature	2023-04-13 15:58:37 +02:00
Paul Meyer	dea41bd1ed	ci: refactor e2e test failure notifications (#1625 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-12 16:06:26 +02:00
Moritz Sanft	6ba294e175	ci: separate e2e permissions (#1555 ) * split e2e test iam create / create perms * remove global Azure credentials * remove unnecessary azure actions * use UUID * fix e2e upgrade test * rename create inputs * remove continue-on-error for resource deletion * de-exclude verify test * fix exclude * fix release e2e test --------- Co-authored-by: Nils Hanke <nils.hanke@outlook.com>	2023-04-12 13:24:13 +02:00
Malte Poll	2b962598bf	deps: update go to 1.20.3 (#1622 )	2023-04-06 16:36:07 +02:00
Malte Poll	0ece41c146	bazel-deps-mirror: upgrade command (#1617 ) * bazel-deps-mirror: upgrade command This command can be used to upgrade a dependency. Users are supposed to replace any upstream URLs and run the upgrade command. It replaces the expected hash and uploads the new dep to the mirror.	2023-04-05 17:32:51 +02:00
Paul Meyer	b6778ab3e8	ci: always release cli on release-cli workflow (#1611 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-04 18:07:48 +02:00
renovate[bot]	8f17e4b9df	deps: update actions/setup-go action to v4 (#1605 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-04-04 11:06:30 +02:00
Paul Meyer	00efc30e24	ci: fix empty image input of verify e2e on release (#1604 ) * ci: fix empty image input of verify e2e on release * ci: increase parallelism of e2e release workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-04 10:47:26 +02:00
Otto Bittner	b5ce95a7a1	ci: do not run tests on macOS (#1595 ) only run two tests on macOS as a simple smoketest	2023-04-03 17:47:21 +02:00
renovate[bot]	5dad9bfad7	deps: update GitHub action dependencies (#1591 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-03 16:36:43 +02:00
Paul Meyer	cbdaec65da	ci: purge images on main (#1583 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-04-03 13:44:46 +02:00
Otto Bittner	1dd5eae594	ci: do not skip e2e-weekly if trigger is successful (#1584 )	2023-04-03 13:40:42 +02:00
Otto Bittner	180ef931fd	ci: do not create branch during release workflow This seems to bother the create-pull-request action. See: https://github.com/peter-evans/create-pull-request/issues/1203	2023-04-03 11:35:39 +02:00
Otto Bittner	cc2bde9a3e	ci: only commit version.txt if a change happened	2023-04-03 11:35:39 +02:00
Otto Bittner	4df33b93fe	ci: add e2e-test-release workflow This workflow is used to run e2e tests in preparation to a release. It is triggered by the successful completion of the release workflow. Also trigger e2e-mini through the release workflow completion. This makes restarting the tests easier if they fail during release preparation. Co-authored-by: stdoutput <moritz.sanft@outlook.de>	2023-04-03 11:35:39 +02:00
3u13r	efe4681214	add version.txt step to release pipeline (#1493 ) * add version.txt step to release pipeline * refresh git status * make minicon e2e test less flaky	2023-03-31 12:41:32 +02:00
Paul Meyer	e021245660	bazel: add cli doc generation to //:generate Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-30 12:01:13 -04:00
Paul Meyer	399b052f9e	bazel: add protoc codegen to //:generate target (#1554 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-30 14:47:29 +02:00
Otto Bittner	ef5d64b170	ci: set correct fromVersion in upgrade test (#1535 )	2023-03-30 09:46:41 +02:00
Malte Poll	827c4f548d	bazel: deps mirror (#1522 ) bazel-deps-mirror is an internal tools used to upload external dependencies that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror. It also normalizes deps rules. * hack: add tool to mirror Bazel dependencies * hack: bazel-deps-mirror tests * bazel: add deps mirror commands * ci: upload Bazel dependencies on renovate PRs * update go mod * run deps_mirror_upload Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-30 09:41:56 +02:00
Paul Meyer	d3e2f30f7b	ci: fix diff check in tidy workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-29 12:51:40 -04:00
Paul Meyer	909bfb9274	bazel: add go generate to //:generate target Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-29 12:51:40 -04:00
Malte Poll	2a8169dd3b	ci: use bazel repository cache for tidy checks (#1525 )	2023-03-29 14:13:51 +02:00
Paul Meyer	f108ff8539	bazel: add govulncheck to //:check target (#1512 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-27 13:35:51 +02:00
Paul Meyer	00c7611245	bazel: add license checks to //:check target (#1509 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-27 10:42:30 +02:00
Otto Bittner	da4e2521a9	ci: don't statically set PCR 5 (#1521 ) This value can't be statically precomputed and leads to warnings during runtime.	2023-03-24 17:08:39 +01:00
Paul Meyer	f7713df833	bazel: add golangci-lint to //:check target (#1494 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-23 17:27:09 +01:00
Paul Meyer	01d6724bae	ci: run e2e test daily on last release Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-23 10:54:59 -04:00
Paul Meyer	4628222780	ci: always use tee -a when writing output Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-23 10:54:59 -04:00
Paul Meyer	332c78da60	ci: run e2e test weekly on last release Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-23 10:54:59 -04:00
Paul Meyer	24f974de66	ci: run e2e test manual on last release Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-23 10:54:59 -04:00
Otto Bittner	cac43a1dd0	ci: add e2e-upgrade test The test is implemented as a go test. It can be executed as a bazel target. The general workflow is to setup a cluster, point the test to the workspace in which to find the kubeconfig and the constellation config and specify a target image, k8s and service version. The test will succeed if it detects all target versions in the cluster within the configured timeout. The CI automates the above steps. A separate workflow is introduced as there are multiple input fields to the test. Adding all of these to the manual e2e test seemed confusing. Co-authored-by: Fabian Kammel <fk@edgeless.systems>	2023-03-23 14:57:38 +01:00
renovate[bot]	0a190c2bf6	deps: update GitHub action dependencies (#1499 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-22 17:57:47 +01:00
Nils Hanke	1ab40b7ca6	e2e: install Terraform for macOS runner for boot log collection	2023-03-22 10:36:28 +01:00
Nils Hanke	093f0f0e28	ci: rename scheduled OS image build action	2023-03-21 14:32:56 +01:00
renovate[bot]	9a9688583d	deps: update aws-actions/configure-aws-credentials action to v2 (#1445 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-21 10:56:30 +01:00
Malte Poll	6f16e0b6fd	ci: use github actions cache to speedup bazel builds (#1444 ) * ci: use github actions cache to speedup bazel builds * ci: warm bazel repo cache daily	2023-03-21 10:06:32 +01:00
Paul Meyer	a3b328360d	ci: always run bazel tidy/check/generate workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-20 11:17:16 -04:00
Paul Meyer	8d3fe6f477	bazel: add terrafrom to //:check and //:generate Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-20 11:17:16 -04:00
Nils Hanke	33cb3e8653	e2e: add "checks: write" permission for junit reports	2023-03-20 16:16:08 +01:00
Malte Poll	c3c0940adb	bazel: use remote caching (#1456 ) * bazel: add configuration for remote caching * ci: enable bazel remote caching for building binaries * ci: use bazel directly when building go binaries * ci: enable cache for most build steps * dev-docs: document remote caching	2023-03-20 16:05:08 +01:00
Nils Hanke	914eacb4a3	e2e: use macOS for building Linux artifacts and remove caching steps (#1446 )	2023-03-20 11:04:44 +01:00
Malte Poll	3fd9a34025	ci: disable upload of Azure TrustedLaunch image (#1440 )	2023-03-17 10:51:44 +01:00
Paul Meyer	3a04786412	bazel: add actionlint to //:check Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-16 13:02:11 -04:00
Paul Meyer	0fc15b2393	bazel: add shellcheck to //:check Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-16 11:13:14 -04:00
Paul Meyer	e3f37e9a38	bazel: add shfmt to tidy target Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-16 04:39:45 -04:00
Nils Hanke	6bb6f1c288	ci: remove Go setup where Bazel is used for building	2023-03-14 15:28:36 +01:00
3u13r	fe767ba78e	introduce version.txt (#1412 )	2023-03-14 14:53:33 +01:00
Paul Meyer	8679988b6c	fixup! bazel: add tidy and check Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-14 03:43:51 -04:00
Paul Meyer	02c97fac03	bazel: add tidy and check Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-14 03:43:51 -04:00
Paul Meyer	e1f0ea50a7	ci: only build GCP guest agent if necessary Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-10 12:19:46 -05:00
Paul Meyer	72530d45ae	ci: tag GCP guest agent with semver Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-10 12:19:46 -05:00
Paul Meyer	cc60de312e	ci: adopt tidy workflow for bazel Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-10 10:02:28 -05:00
Moritz Sanft	01705feb51	ci: upload cli version list (#1377 ) * upload cli version list * fix flag * name * allow cli kind for listing * [remove] update vapi cli * allow cli kind * use latest versionsapi image version * fix kind parsing * use workflow calls in on_release action * [remove] update container tag * change back to latest tag	2023-03-10 10:21:58 +01:00
Malte Poll	bdba9d8ba6	bazel: add build files for go (#1186 ) * build: correct toolchain order * build: gazelle-update-repos * build: use pregenerated proto for dependencies * update bazeldnf * deps: tpm simulator * Update Google trillian module * cli: add stamping as alternative build info source * bazel: add go_test wrappers, mark special tests and select testing deps * deps: add libvirt deps * deps: go-libvirt patches * deps: cloudflare circl patches * bazel: add go_test wrappers, mark special tests and select testing deps * bazel: keep gazelle overrides * bazel: cleanup bazelrc * bazel: switch CMakeLists.txt to use bazel * bazel: fix injection of version information via stamping * bazel: commit all build files * dev-docs: document bazel usage * deps: upgrade zig-cc for go 1.20 * bazel: update Perl for macOS arm64 & Linux arm64 support * bazel: use static perl toolchain for OpenSSL * bazel: use static protobuf (protoc) toolchain * deps: add git and go to nix deps Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-09 15:23:42 +01:00
Daniel Weiße	e07be3d6f8	fix: add measurement-reader to build pipeline (#1386 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-03-09 15:01:09 +01:00
renovate[bot]	fede4ec6d2	deps: update GitHub action dependencies (#1365 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-08 10:06:42 +01:00
Paul Meyer	74fc6239b2	deps: update to Go 1.20.2 (#1366 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-08 10:05:36 +01:00
Paul Meyer	f4a4a044fe	ci: tee GitHub output Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-07 11:32:41 -05:00
Malte Poll	1624af0cc7	image: pin aws uefivars version and install new deps (#1345 )	2023-03-06 13:29:15 +01:00
Thomas Tendyck	c94d1db76d	attestation: remove PCR 0 and 10 on GCP	2023-03-06 13:09:57 +01:00
Moritz Eckert	29664fc481	ci: upload benchmark results to opensearch Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-03 09:43:49 +01:00
Moritz Eckert	12ba11ceee	ci: replace k-bench in e2e-test-weekly	2023-03-03 09:43:49 +01:00
Moritz Eckert	6fbca2818f	ci: replace k-bench in e2e-test-manual	2023-03-03 09:43:49 +01:00
Paul Meyer	6cb93d66df	ci: change push/pr token Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-03 02:55:17 -05:00
Paul Meyer	f9bb7c5f34	ci: frequently build up to date gcp guest-agent (#1315 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-01 13:52:52 +01:00
Paul Meyer	8c171a1b66	ci: pin ko version (#1309 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-28 18:53:28 +01:00
Moritz Sanft	732d15d013	ci: use iam destroy command for resource destruction (#1272 ) * replace tf destruction with new command * move iam destroy cmd * fix typos * exit post test on error * [remove] test failure on iam destroy * Revert "[remove] test failure on iam destroy" This reverts commit `99449c0cc0`. * [remove] test failure on terminate * Revert "[remove] test failure on terminate" This reverts commit `99c45bbc54`. * gofumpt	2023-02-28 09:52:32 +01:00
Malte Poll	b79f7d0c8c	cli: add basic support for `constellation create` on OpenStack (#1283 ) * image: support OpenStack image build / upload * cli: add OpenStack terraform template * config: add OpenStack as CSP * versionsapi: add OpenStack as CSP * cli: add OpenStack as provider for `config generate` and `create` * disk-mapper: add basic support for boot on OpenStack * debugd: add placeholder for OpenStack * image: fix config file sourcing for image upload	2023-02-27 18:19:52 +01:00
Otto Bittner	6c07a2892e	ci: adapt pipeline to use --kubernetes flag	2023-02-27 16:33:47 +01:00
Otto Bittner	08ee56911b	cli: overwrite chart versions during install/upgrade * As charts receive information like the container image from the cli it makes sense to also version the charts based on the cli version. * The pseudoversion is recalculated when running cmake. * When merging changes from release branch to main, a new commit is introduced to set the PROJECT_VERSION back to 0.0.0, so that builds include a pseudoversion.	2023-02-27 16:06:35 +01:00
Otto Bittner	948a12461c	build: introduce pseudoversion for cli versions All binaries that receive a version number during build now receive a pseudoversion from hack/pseudo-version. This makes any version-dependant behavior more similar between dev and release versions. And in turn makes testing easier.	2023-02-27 16:06:35 +01:00
Paul Meyer	4f480db77a	ci: ensure ci prs trigger workflows (#1279 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-27 15:16:07 +01:00
Otto Bittner	05823680f3	ci: fix release pipeline (#1253 ) * add pull-request permission to docs job * readd permission for micro-services step * run checkout action before building * allow crane to read packages	2023-02-27 10:49:52 +01:00
Moritz Sanft	a274ac8a7c	ci: add cli k8s compatibility table artifact upload to ci (#1218 ) * add cli k8s compatibility api to ci * extend versionsapi package * rework cli info upload via ci * join errors natively * fix semver * upload from hack file * fix ci checks * add distributionid * setup go before running hack file * setup go after repo checkout * use logger instead of panic, invalidate cache * use provided ctx Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> --------- Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-24 12:00:04 +01:00
Nils Hanke	f13f80b8af	ci: update Syft to 0.72.0 and Grype to 0.57.1 (#1120 ) * ci: update Syft to 0.72.0 and Grype to 0.57.1 * ci: install Cosign before Syft * ci: directly read private key from environment for Cosign * ci: add --add-cpes-if-none to Grype * ci: use cosign attest directly instead of syft attest	2023-02-22 14:17:02 +01:00
Paul Meyer	f580f8216a	ci: add missing Go setup Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-21 08:50:11 -05:00
renovate[bot]	30f53f78d0	deps: update GitHub action dependencies (#1239 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-21 13:49:47 +01:00
Moritz Sanft	0ba810240f	ci: integrate automatic iam creation in e2e test (#1158 ) * integrate automatic iam creation in e2e test * fix typo * break long line comments * fix semvers * correct bracing	2023-02-21 12:47:14 +01:00
Paul Meyer	df30197607	ci: fix self trigger paths of workflows Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-21 05:21:59 -05:00
Paul Meyer	937ced0223	ci: update Go tidy check workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-20 12:08:24 -05:00
Paul Meyer	955316c661	ci: use new -C flag of Go subcommands Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-20 12:08:24 -05:00
Paul Meyer	e011a20c49	deps: update to Go 1.20 Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-20 12:08:24 -05:00
Paul Meyer	62fbbff91f	ci: commit as edgelessci Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-20 10:40:08 -05:00
Paul Meyer	c5977840f6	ci: add missing token in terraform workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-20 10:40:08 -05:00
Otto Bittner	68b4b95741	ci: use correct container name to tag joinservice	2023-02-17 11:17:26 +01:00
Fabian Kammel	656e109e17	fix: upload signature of measurements. (#1213 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-02-17 10:53:57 +01:00
renovate[bot]	7500112d37	deps: update GitHub action dependencies (#1201 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2023-02-15 14:47:42 +01:00
Malte Poll	77216f7492	deps: vendor node-maintenance-operator api (#1172 ) * deps: go generate script to vendor node-maintenance-operator api folder * deps: vendor node-maintenance-operator api folder * operators: use vendored node-maintenance-operator api * ci: ignore 3rdparty dir for license check	2023-02-14 18:46:48 +01:00
Paul Meyer	b46e2b1681	ci: better naming for spelling check workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-13 11:42:12 -05:00
Thomas Tendyck	5a142748bc	ci: update vale action	2023-02-13 16:43:56 +01:00
Fabian Kammel	50522cb73c	expand variables (#1161 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-02-10 17:57:26 +01:00
Paul Meyer	278031b066	ci: fix workdir of apko base image build Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-10 11:24:17 -05:00
stdoutput	e46f4280e7	update default k8s version in manual e2e test	2023-02-10 15:13:34 +01:00
Otto Bittner	a7ea85c738	ci: update k8s versions in e2e tests The accepted format has been changed for upgrade support.	2023-02-10 15:13:34 +01:00
Fabian Kammel	4c5ab7c5e9	ci: refactor image measurement generation (#1152 ) * Merge measurements.image.json and measurements.json into latter. * Use static (known) measurement values for the ones we cannot precompute. Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-02-09 13:33:17 +01:00
Paul Meyer	60254f21f4	ci: fix location of cli docgen output (#1138 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-02-03 18:00:16 +01:00
Daniel Weiße	f74f589605	ci: add containerized libvirt build workflow (#1130 ) * Add libvirt container build workflow * Update release workflow * Update image libvirt base image --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-02-02 14:40:05 +01:00
Fabian Kammel	64c4b1f766	allow workflow to create pr (#1132 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-02-01 16:54:12 +01:00
Malte Poll	b7d3f3972b	ci: add bazel tests	2023-01-31 17:55:09 +01:00
renovate[bot]	bec82c2328	deps: update GitHub action dependencies (#1112 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-31 17:38:44 +01:00
Paul Meyer	e5a2e519a3	ci: fix hasher permissions Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-31 17:36:45 +01:00
Paul Meyer	e0354826e0	ci: trigger builds on workflow change Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-31 17:17:03 +01:00
Otto Bittner	176f366c53	ci: fix manual keyservice build workflow	2023-01-31 16:53:46 +01:00
Paul Meyer	c00004a321	ci: fix oras download in package hasher Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-31 15:06:13 +01:00
Fabian Kammel	c14e551af5	fix permissions (#1119 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-01-31 14:30:36 +01:00
Otto Bittner	24409fe6ee	ci: ensure that unittests are run when touching helm charts In case the helm charts are changed only yaml files are touched. Thus the unit test workflow was not triggered.	2023-01-31 11:36:49 +01:00
Otto Bittner	88e3da750e	ci: adjust tags in build_ko Currently tags can be empty when building a ko image. However, --bare may not work in case --tags is empty, as per ko docs. Also remove redundant build step in release pipeline. Co-authored-by: Malte Poll <mp@edgeless.systems>	2023-01-31 10:16:20 +01:00
Fabian Kammel	b21393ddb1	authorize purge branch (#1113 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-01-30 17:55:41 +01:00
leongross	2187aa6cb0	ci: reproducible builds integration (#1108 ) * remove `-ko` suffix from workflows * integrate into `release.yaml` * adjust helm charts to use hard coded `ko` binary path	2023-01-30 16:58:49 +01:00
Fabian Kammel	48c8a66114	Minimal GitHub Action token permissions. (#1104 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-01-30 16:11:27 +01:00
Paul Meyer	32a540bff4	ci: tag apko base images Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-30 16:05:00 +01:00
Paul Meyer	8268b6e23f	ci: don't build apko base images on release branch Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-30 16:05:00 +01:00
Paul Meyer	88b4bc5857	ci: pin apk packages used in container base image Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-30 16:05:00 +01:00
renovate[bot]	17ff8c43d7	deps: update GitHub action dependencies (#1099 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-27 16:12:26 +01:00
Paul Meyer	8364856d55	versions: remove Kubernetes v1.23 Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-27 13:32:20 +01:00
Paul Meyer	ccd3a08eca	ci: improve readability of GitHub lables Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-26 18:29:38 +01:00
renovate[bot]	6c068674af	deps: update GitHub action dependencies (#1085 ) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-26 15:22:33 +01:00
Paul Meyer	4bb1bb7595	ci: fix value substitution in pr messages of release workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-26 12:44:05 +01:00
Paul Meyer	bb419bdee5	ci: use peter-evans' action to create prs Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-25 18:39:15 +01:00
Malte Poll	ee869eaf9c	ci: prepare upgrade-agent for upload in e2e tests	2023-01-25 09:58:56 +01:00
Malte Poll	ce17a0c9ac	ci: set debug flag explicitly in os build pipeline	2023-01-25 09:58:56 +01:00
3u13r	f950fded9a	ci: add testdata trigger to unittest (#1063 )	2023-01-24 11:39:26 +01:00
Paul Meyer	f5de2b7fc6	ci: move scheduled build into own workflow Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-23 14:15:05 +01:00
Paul Meyer	94c0184e4d	ci: add workflow for proto code generation check Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-23 12:20:37 +01:00
Paul Meyer	a8cbfd848f	keyservice: use dash in container name (#1016 ) Co-authored-by: Otto Bittner <cobittner@posteo.net>	2023-01-20 18:51:06 +01:00
Fabian Kammel	582412d275	Fix GCP CCM build, add v26, and exclude old broken versions until fixed. (#1038 ) Signed-off-by: Fabian Kammel <fk@edgeless.systems>	2023-01-20 15:17:00 +01:00
Paul Meyer	a31d79e9cb	ci: curl flags Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-01-20 14:23:32 +01:00

... 3 4 5 6 7 ...

789 Commits