constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-07 22:42:22 -04:00

Author	SHA1	Message	Date
Moritz Sanft	31b8ff9dea	versions: add K8s v1.32; remove K8s v1.29 (#3895 ) * versions: remove K8s v1.29 * versions: add K8s v1.32 * versions: default to K8s v1.31 * docs: add k8s v1.32 * versions: update microservice versions for k8s v1.32 * ci: bump k8s versions * dev-docs: mention ci k8s bump * bazel: ignore GO-2025-3770	2025-07-30 18:41:12 +02:00
Moritz Sanft	fa21c55f5d	dev-docs: Add guide on publishing marketplace images (#3734 ) Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2025-04-02 16:21:19 +02:00
Moritz Sanft	d97e60fea5	dev-docs: fix attestationconfigapi instructions (#3661 )	2025-02-24 08:58:57 +01:00
Daniel Weiße	53e937522f	dependencies: bump Go to v1.23.5 (#3599 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2025-01-20 11:53:55 +01:00
Daniel Weiße	900fb3f88b	ci: automate manual post-release steps (#3498 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-11-27 08:52:54 +01:00
Adrian Stobbe	143f683852	make post release more promiment (#3497 )	2024-11-26 16:50:41 +01:00
3u13r	204d684686	dev-docs: link to docs website instead of to local files (#3394 ) * dev-docs: link to docs website instead of to local files * dev-docs: pin sonobuoy link to latest working docs release * dev-docs: link to new libvirt docs URL	2024-10-07 19:05:21 +02:00
Joseph Mearman	5e1c09bdd6	chore: remove rogue character	2024-08-22 14:29:44 +02:00
Daniel Weiße	9c3cb08f92	deps: bump Go version to v1.22.5 (#3225 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-07-03 09:49:37 +02:00
Daniel Weiße	39b01f8dac	deps: bump Go version to v1.22.4 (#3146 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-06-05 10:27:39 +02:00
Malte Poll	b86faadfcc	tidy: document MODULE.bazel.lock maintencance	2024-05-23 09:48:04 +02:00
Malte Poll	f57698ac3f	dev-docs: document new location of Go toolchain version	2024-05-23 09:48:04 +02:00
Malte Poll	8796edc9ad	bazel: enable bzlmod This change enables bzlmod without migrating any dependencies. Instead, WORKSPACE dependencies can be migrated one by one.	2024-05-23 09:48:04 +02:00
Malte Poll	5fb2a2cb89	dev-docs: document E-Mail to STACKIT on every release (#3108 )	2024-05-16 18:23:31 +02:00
Malte Poll	03475b60b3	ci: disable BuildBuddy (#3077 )	2024-05-10 11:14:45 +02:00
Daniel Weiße	86c45d1d5f	deps: update to Go 1.22.3 (#3069 ) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-05-08 11:34:31 +02:00
Markus Rudy	f189aa186f	dev-docs: document security advisory process (#3024 ) * dev-docs: document security advisory process	2024-04-15 11:49:23 +02:00
Moritz Eckert	da26daeb49	docs: update clouds and marketplaces Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2024-01-24 09:57:35 +01:00
Moritz Sanft	e691e26bd3	cli: support for GCP marketplace images (#2792 ) * cli: support GCP marketplace images * ci: support GCP marketplace images * docs: support GCP marketplace images * bazel: generate * ci: allow GCP for mpi e2e test * Update docs/docs/overview/license.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * terraform-provider: allow GCP MPIs * terraform-provider: fix error message --------- Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2024-01-08 15:51:39 +01:00
Malte Poll	362d07fc52	nix: allow dev setup via direnv	2024-01-08 10:44:38 +01:00
Malte Poll	3a4f6ef9d1	bazel: use prebuilt Go toolchain (go.dev/dl) (#2796 ) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007	2024-01-05 11:52:22 +01:00
Adrian Stobbe	8730e72319	ci: e2e test for Terraform provider examples (#2745 )	2024-01-04 10:00:21 +01:00
Adrian Stobbe	0e84c6cc3e	update release process (#2747 )	2023-12-20 14:42:20 +01:00
Moritz Sanft	af791bd221	terraform-provider: add usage examples (#2713 ) * terraform-provider: add usage example for Azure * terraform-provider: add usage example for AWS * terraform-provider: add usage example for GCP * terraform-provider: update usage example for Azure * terraform-provider: update generated documentation * docs: adjust creation on Azure and link to examples * terraform-provider: unify image in-/output (#2725) * terraform-provider: check for returned error when converting microservices * terraform-provider: use state values for outputs after creation * terraform-provider: ignore invalid upgrades (#2728) --------- Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-12-18 10:15:54 +01:00
Daniel Weiße	9a4e96905f	bazel: place Terraform provider binaries in local registry path on devbuild (#2714 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-12-14 08:18:48 +01:00
Moritz Sanft	367136add2	terraform-provider: support importing Constellation clusters (#2702 ) * terraform-provider: support importing Constellation clusters * bazel: shfmt exclusion for import script * ci: fix godot check * bazel: shellcheck exclusion for import script * Update dev-docs/workflows/terraform-provider.md Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * ci: fix Terraform lock exclude directories --------- Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2023-12-12 16:00:03 +01:00
Daniel Weiße	22dcde86af	terraform-provider: create release in provider repo on Constellation release (#2686 ) * Create release in Terraform provider repo with provider binaries * Set target_commitish to input ref for easier release workflow * Rename release-cli workflow to draft-release * Update release guide --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-12-11 15:00:08 +01:00
Moritz Sanft	c15e4efef6	terraform: Azure Marketplace image support (#2651 ) * terraform: add Azure marketplace variable Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * config: add Azure marketplace variable Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * cli: use Terraform variables from config Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: pass down marketplace variable * image: pad Azure images to 1GiB * terraform: add version attribute to marketplace image * semver: allow versions to be exported without prefix * cli: boolean var to use marketplace images * config: remove dive key * dev-docs: add instructions on how to use marketplace images * terraform: fix unit test * terraform: only fetch image for non-marketplace images * mpimage: refactor image selection Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] increase minor version for image build Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: ignore changes to source_image_reference on upgrade * operator: add support for parsing Azure marketplace images Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * upgrade: fix imagefetcher call * docs: add info about azure marketplace * image: ensure more than 1GiB in size * image: test to pad to 2GiB * version: change back to v2.14.0-pre * image: GPT-conformant image size padding * [remove] increase version * mpimage: inline prefix func Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * ci: add marketplace image e2e test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] register workflow * ci: fix workflow name * ci: only allow azure test * cli: add marketplace image input to interface * cli: fix argument passing * version: roll back to v2.14.0 * ci: add force-flag support * Update docs/docs/overview/license.md * Update dev-docs/workflows/marketplace-images.md Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-12-08 14:40:31 +01:00
Adrian Stobbe	c07c333d3d	terraform-provider: data skeleton for cluster resource (#2678 )	2023-12-05 16:16:50 +01:00
Malte Poll	cd6e03049a	libvirt: build containerized libvirt as nix container image	2023-12-01 09:35:33 +01:00
Daniel Weiße	97aea98e77	ci: update GCP service accounts for CI (#2629 ) * Update CI to use different GCP project for e2e tests * Update GCP image project service accounts * Update default GCP bucket name for image builds --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-11-27 13:04:41 +01:00
Adrian Stobbe	98673b0983	ci: only generate lock files where provider is used (#2636 )	2023-11-27 12:16:45 +01:00
Moritz Sanft	34bf3ad296	terraform-provider: add image datasource (#2642 ) * terraform-provider: init Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: add basic docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix build steps Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: extend build process and docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * dev-docs: document provider usage Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: upload aspect lib mirror Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: don't try to create lockfiles Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: fix shellcheck issues * bazel: separate paths to check * terraform-provider: clean up old files * terraform-provider: update provider resource * terraform-provider: add image data source * dev-docs: remove unnecessary init * bazel: adhere to Terraform naming expectations * terraform-provider: fix expected data type * terraform-provider: generate docs * terraform-provider: improve errors * terraform-provider: add acceptance tests for data source * terraform-provider: fix dependencies * bazel: quote var reference * terraform-provider: make region optional * terraform-provider: bind imagefetcher to data source * bazel: tidy * terraform-provider: remove unused parameter * terraform-provider: remove unused parameter * terraform-provider: extend acceptance tests * terraform-provider: allow tests to be ran without Bazel * dev-docs: document testing * terraform-provider: set binary path accordingly * dev-docs: document docgen process for the provider * bazel: run acceptance test in writable environment * bazel: try to write to `$TMPDIR` * terraform-provider: style nits * terraform-provider: leave TODO * bazel: tidy * terraform-provider: regenerate docs * terraform-provider: fix comment --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-11-27 09:00:08 +01:00
Moritz Sanft	9a62657b80	terraform-provider: init provider scaffolding (#2632 ) * terraform-provider: init Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: add basic docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix build steps Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: extend build process and docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * dev-docs: document provider usage Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: upload aspect lib mirror Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: add docstring to fix linter Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: don't try to create lockfiles Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: fix shellcheck issues * bazel: separate paths to check * bazel: explain what updating lockfiles means Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix linter checks Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-11-24 15:58:21 +01:00
Markus Rudy	69c64d6c69	docs: improve developer documentation for folks new to the codebase * Correct example invocation of aws cli * Add warning to Helm Intellisense recommendation * Link code conventions in PR guidelines * Tighten debugd README * cmake is not used for building debugd anymore, remove references to it * make the debug-cluster workflow the authoritative source for cdbg usage - don't replicate the same instructions in different places * Document that Bazel eats a lot of RAM	2023-11-17 19:16:52 +01:00
Moritz Sanft	ce518486e5	dev-docs: fix instructions in release docs (#2611 )	2023-11-17 10:46:45 +01:00
Moritz Sanft	8e4feb7e2a	terraform: add Terraform module for Azure (#2566 ) * add Azure Terraform module * add maa-patching command to cli * refactor release process * factor out image fetching to own action * add CI * generate * fix some unnecessary changes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use `constellation maa-patch` in ci * insecure flag when using debug image Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only update maa url if existing Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * make node group zone optional on aws and gcp Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] register updated workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * Revert "[remove] register updated workflow" This reverts commit e70b9515b7eabbcbe0d41fa1296c48750cd02ace. * create MAA Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * make maa-patching only run on azure Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add comment Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * require node group zone for GCP and AWS * remove unnecessary bazel action * stamp version to correct file * refer to `maa-patch` command in docs * run Azure test in weekly e2e * comment / naming improvements * remove sa_account resource * disable spellcheck ot use "URL" * `create_maa` variable * don't write maa url to config Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * default to nightly image * use input ref and stream * fix command check * don't set region in weekly e2e call * patch maa if url is not empty Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove `create_maa` variable * remove binaries Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove undefined input * replace invalid attestation URL error message Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * fix punctuation Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * skip hidden commands in clidocgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * enable spellcheck before code block * move spellcheck trigger out of info block Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix workflow dependencies * let image default to CLI version --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-11-13 18:46:20 +01:00
Adrian Stobbe	b765231175	deps: bump Go to 1.21.4 (#2569 ) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>	2023-11-09 20:17:14 +01:00
Adrian Stobbe	cea6204b37	terraform: Terraform module for AWS (#2503 )	2023-11-08 19:10:01 +01:00
Otto Bittner	b0ee39a96d	ci: publish s3proxy chart during release	2023-11-06 10:21:11 +01:00
Daniel Weiße	f4bfbe3564	docs: refer to apply command instead of `init` or `upgrade apply` (#2487 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-10-27 08:30:59 +02:00
Malte Poll	d22f53d7cc	bazel: always use nix	2023-10-12 14:42:24 +02:00
Malte Poll	8e706d6de3	image: update README	2023-09-27 17:58:19 +02:00
Moritz Sanft	f4b2d02194	ci: collect cluster metrics to OpenSearch (#2347 ) * add Metricbeat deployment to debugd Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * set metricbeat debugd image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix k8s deployment Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use 2 separate deployments Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only deploy via k8s in non-debug-images Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing tilde * remove k8s metrics Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * unify flag Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add cloud metadata processor to filebeat Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * ci: fix debugd logcollection (#2355) * add missing keyvault access role Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bump logstash image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bump filebeat / metricbeat image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * log used image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use debugging image versions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * increase wait timeout for image upload * add cloud metadata processor to filebeat Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix template locations in container Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix image version typo Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add filebeat / metricbeat users Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove user additions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update workflow step name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only mount config files Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * document potential rc Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix IAM permissions in workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix AWS permissions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing workflow input Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * rename action Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * pin image versions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary workflow inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add refStream input Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove inputs.yml dep Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * increase system metric period Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix linkchecker Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-09-27 16:17:31 +02:00
Adrian Stobbe	118f789c2f	cli: fix Azure SEV-SNP latest version logic (#2343 )	2023-09-25 11:53:02 +02:00
Daniel Weiße	442f904ceb	ci: don't automatically create git tag in release pipeline (#2316 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2023-09-07 08:47:01 +02:00
Adrian Stobbe	7c9a78fe51	make release idempotent (#2278 )	2023-08-28 09:21:25 +02:00
Adrian Stobbe	f15c5444da	upgrade test from v2.10.1 (#2279 )	2023-08-24 09:15:43 +02:00
Adrian Stobbe	c42e81bf23	docs: update release docs (#2226 )	2023-08-22 14:30:20 +02:00
Otto Bittner	b2fa9988b9	docs: add note on how we handle deprecations (#2185 )	2023-08-21 16:48:10 +02:00

1 2

87 commits