Commit Graph

2721 Commits

Author SHA1 Message Date
Otto Bittner
30f2b332b3
api: restructure api pkg (#1851)
* api: rename AttestationVersionRepo to Client
* api: move client into separate subpkg for
clearer import paths.
* api: rename configapi -> attestationconfig
* api: rename versionsapi -> versions
* api: rename sut to client
* api: split versionsapi client and make it public
* api: split versionapi fetcher and make it public
* config: move attestationversion type to config
* api: fix attestationconfig client test

Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2023-06-02 09:19:23 +02:00
Malte Poll
289665eb22
ci: remove setup-go action / disable cache where applicable (#1850)
Runners sometimes fail because they run out of disk space.
One reason this happens is a change in the setup-go action@v4:

> The V4 edition of the action offers: Enabled caching by default

To combat this, we now disable the cache if it was not enabled explicitly before.
Additionally, we remove setup-go where it is no longer needed.
2023-06-01 15:16:00 +02:00
Adrian Stobbe
b51cc52945
config: sign Azure versions on upload & verify on fetch (#1836)
* add SignContent() + integrate into configAPI

* use static client for upload versions tool; fix staticupload calleeReference bug

* use version to get proper cosign pub key.

* mock fetcher in CLI tests

* only provide config.New constructor with fetcher

Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-06-01 13:55:46 +02:00
3u13r
e0285c122e
todo responsibilities and cleanup (#1837)
* chore: add TODO responsibilities

* chore: remove not needed TODOs

* chore: remove outdated migrations

* chore: remove resolved goleak exception

* chore: remove not needed cosign env

* config: add link to our Azure snp docs
2023-06-01 12:33:06 +02:00
Otto Bittner
0c13f3ed8d image: add aws_aws-sev-snp variant
This needs no changes to the existing AWS image.
The images have worked without modification so far.
2023-06-01 11:25:31 +02:00
Malte Poll
8a51ae1ec3
ci: do not sign & upload debug image measurements (#1849) 2023-06-01 10:58:34 +02:00
edgelessci
13ffb93ad8
image: update measurements and image version (#1840)
Co-authored-by: malt3 <malt3@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-01 10:45:25 +02:00
renovate[bot]
bff8e684e1
deps: update golang:1.20.4 Docker digest to 690e413 (#1845)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: malt3 <29139614+renovate[bot]@users.noreply.github.com>
2023-06-01 09:26:31 +02:00
renovate[bot]
1fde3929a7
deps: update fedora:37 Docker digest to ab2fd8d (#1846)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-01 09:03:05 +02:00
renovate[bot]
885febf109
deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY] (#1842)
* deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY]

* chore: tidy

* deps: update pseudo version tool hashes

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-31 23:30:27 +02:00
3u13r
fbcbb9a766
deps: align k8s deps (#1841) 2023-05-31 17:10:03 +02:00
Malte Poll
c5e016a8e2 attestation: allow measurement generator to work regardless of build tags 2023-05-31 14:00:00 +02:00
Malte Poll
a1ec899171 ci: use enterprise cli for e2e tests 2023-05-31 14:00:00 +02:00
Malte Poll
26bc653d0e bazel: build both cli variants as part of devbuild 2023-05-31 14:00:00 +02:00
Malte Poll
c62e54831b cli: define feature set of cli editions and exit early if a feature is not supported 2023-05-31 14:00:00 +02:00
Malte Poll
8a851c8f39 cli: dynamically select signature validation pubkey for release and pre-release artifacts 2023-05-31 14:00:00 +02:00
renovate[bot]
ada66a64a1
deps: update Kubernetes versions (#1807)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-30 16:36:07 +02:00
renovate[bot]
b041344331
deps: update registry.k8s.io/autoscaling/cluster-autoscaler Docker tag to v1.27.2 (#1831)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-30 15:10:51 +02:00
renovate[bot]
c50c5e69d9
deps: update K8s constrained Azure versions (#1787)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-30 14:36:37 +02:00
Malte Poll
29b93065b3
ci: static file uploader with automatic cache invalidation (#1833) 2023-05-30 13:48:29 +02:00
miampf
8686c5e7e2
bootstrapper: collect journald logs on failure (#1618) 2023-05-30 11:47:36 +00:00
Malte Poll
60b125cb59
cli: add windows amd64 build target (#1835) 2023-05-30 12:02:43 +02:00
Moritz Sanft
6d5e7e1f7c
cli: support StackIT provider on config generate (#1803)
* support stackit provider on config generate

* update cli reference

* default config values

* deploy csi driver

Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>

---------

Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2023-05-30 09:02:50 +02:00
Moritz Sanft
a0dea7e69b
make imagefetcher visible to all subpackages (#1832) 2023-05-26 12:05:02 +02:00
3u13r
661f084ffa
cli: use uami for in-cluter authentication (#1820) 2023-05-26 11:45:03 +02:00
renovate[bot]
9502bc8ff4
deps: update K8s constrained GCP versions (#1829)
* deps: update K8s constrained GCP versions

* deps: bump autoscaler image to 1.27

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-26 11:24:12 +02:00
Adrian Stobbe
0a6e5ec02e
config: dynamic attestation configuration through S3 backed API (#1808) 2023-05-25 17:43:44 +01:00
3u13r
25211dc154
ci: codeql disable autobuild for go (#1828) 2023-05-25 18:20:44 +02:00
Malte Poll
76bf5e8e28 ci: upload image info v2 and measurements v2 in image build pipeline 2023-05-25 15:01:15 +02:00
Malte Poll
217a744606 image: add go code to upload image info and measurements 2023-05-25 15:01:15 +02:00
Malte Poll
b8751f35f9 image: add intermediate "image" verb to upload tool 2023-05-25 15:01:15 +02:00
Malte Poll
0a7349ca41 attestation: merging of ImageMeasurementsV2 2023-05-25 15:01:15 +02:00
Malte Poll
874c4b76cf versionsapi: merging of ImageInfo 2023-05-25 15:01:15 +02:00
Malte Poll
d0e53cbb59 cli: image info (v2) 2023-05-25 15:01:15 +02:00
Malte Poll
cd7b116794 cli: image measurements (v2) 2023-05-25 15:01:15 +02:00
Malte Poll
e5b394db87 cli: image measurements (v2) 2023-05-25 15:01:15 +02:00
Malte Poll
2ebc0cf2c8 image: set attestation variant explicitly 2023-05-25 15:01:15 +02:00
Malte Poll
9a1ee8697e osimage: advertise SEV SNP support for gcp images 2023-05-25 15:01:15 +02:00
Otto Bittner
c010a4d742 ci: fix aws-snp-launchmeasurement pipeline
Misspelled variable name.
2023-05-25 14:00:45 +02:00
Malte Poll
7cff47f30f
ci: run release workflow on temporary branch (#1628) 2023-05-25 10:14:42 +02:00
renovate[bot]
2afddcb0f8
deps: update K8s dependencies (#1599)
* deps: update K8s dependencies

* deps: bump controller runtime

* chore: tidy

* bump helm and migrate controller runtime

* fix helm deprecation

---------

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-24 18:57:45 +02:00
Malte Poll
81c9c5205c
ci: explicitly disable cgo in golangci-lint (#1822) 2023-05-24 16:40:15 +02:00
renovate[bot]
0eeb1d2ceb deps: update dependency @cmfcmf/docusaurus-search-local to v1 2023-05-24 13:47:50 +02:00
renovate[bot]
9dd428557f
deps: update dependency prism-react-renderer to v2 (#1824)
* deps: update dependency prism-react-renderer to v2

* Update docusaurus.config.js

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-05-24 13:30:14 +02:00
renovate[bot]
1ea2814fe4
deps: update dependency mermaid to v10 (#1823)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-24 13:10:19 +02:00
Otto Bittner
06a32a85a7 ci: add pipeline to precalc launchmeasurements
This is for SNP on AWS.
2023-05-24 12:58:39 +02:00
renovate[bot]
be8d993cb7
deps: update module github.com/sigstore/sigstore to v1.6.4 (#1814)
* deps: update module github.com/sigstore/sigstore to v1.6.4

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-23 16:25:26 +02:00
Thomas Tendyck
69464bca4b docs: publish 2023-05-23 15:51:46 +02:00
Malte Poll
050fccc591 ci: do not run unit tests on macOS 2023-05-23 15:11:10 +02:00
Malte Poll
c4ad246910 wip: cached unit tests 2023-05-23 15:11:10 +02:00