Nils Hanke
34f729ccd2
Case insensitive replace for every user input that could break azurerm
2022-10-27 11:35:14 +02:00
leongross
d457620941
AB#2458 AWS NitroTPM attestation ( #339 )
...
* add aws tpm attestation
* fix typos
* Fix return value issue
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-10-27 11:04:23 +02:00
renovate[bot]
8d82d8c0fa
Update module github.com/stretchr/testify to v1.8.1 ( #385 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:39:45 +02:00
Malte Poll
1a95fafc43
Group AWS and Azure SDKs for renovate ( #382 )
2022-10-27 08:33:10 +02:00
renovate[bot]
8c01a6647f
Update module github.com/spf13/cobra to v1.6.1 ( #384 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:25:21 +02:00
Daniel Weiße
e66cb84d6e
AB#2532 Dont clean up workspace if rollback fails ( #360 )
...
* Dont clean up workspace if rollback fails
* Remove dependency on CSP from terminate
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-26 15:57:00 +02:00
Leonard Cohnen
1f8eba37c8
RFC: update updates RFC
2022-10-26 15:51:43 +02:00
renovate[bot]
acc82b205a
Update github actions dependencies ( #366 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:48:35 +02:00
renovate[bot]
9210ae5d04
Update google.golang.org/genproto digest to 527a21c ( #320 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:47:16 +02:00
Malte Poll
447f0bbf39
Add AWS CCM versions
2022-10-26 15:07:34 +02:00
Paul Meyer
e8a8377572
Limit renovate to 4 concurrent PRs
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-26 14:44:09 +02:00
Malte Poll
f65475b2b2
Use fine grained GitHub PAT to commit "go mod tidy" fixes
2022-10-26 14:44:09 +02:00
Malte Poll
d81172e352
Pin setup-gcloud action to git tag (for renovate) ( #376 )
2022-10-26 13:58:05 +02:00
Paul Meyer
c05b22f1dc
Remove dead code ( #373 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-26 10:29:28 +02:00
Paul Meyer
4cbec82edf
Test operator code generation is up to date
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-25 16:50:46 +02:00
Malte Poll
c1e3231848
Preinstall kubelet systemd unit in OS images ( #365 )
2022-10-25 16:36:03 +02:00
Malte Poll
fa63e51370
Fix "enforceIdKeyDigest" capitalization ( #369 )
...
* Fix "enforceIdKeyDigest" capitalization
* Convert "enforceIdKeyDigest" to string for config map
2022-10-25 16:29:28 +02:00
Malte Poll
2d121d9243
Replace interface{} -> any ( #370 )
2022-10-25 15:51:23 +02:00
Malte Poll
7592143a69
Join-service helm chart: use correct casing for provider name ( #368 )
2022-10-25 13:21:27 +02:00
Malte Poll
52f140a968
Pin terraform provider hashes ( #361 )
2022-10-25 10:10:46 +02:00
Thomas Tendyck
45dba96e31
remove conformance folder
2022-10-25 09:54:23 +02:00
Thomas Tendyck
8b48b1b582
update k8s conformance folder to the recent submission
2022-10-25 09:54:23 +02:00
Daniel Weiße
6fe750f21b
Update operator image
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-25 08:41:42 +02:00
renovate[bot]
c452f17ca2
Update module golang.org/x/mod to v0.6.0 ( #335 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-24 18:44:03 +02:00
Daniel Weiße
b35b74b772
Use tags for UID and role parsing ( #242 )
...
* Apply tags to all applicable GCP resources
* Move GCP UID and role from VM metadata to labels
* Adjust Azure tags to be in line with GCP and AWS
* Dont rely on resource name to find resources
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-24 16:58:21 +02:00
Otto Bittner
c2814aeddb
AB#2504: Deploy join-service via helm ( #358 )
2022-10-24 12:23:18 +02:00
Malte Poll
d46408d00b
Dracut: use inst_rules to install udev rules ( #359 )
2022-10-24 12:05:55 +02:00
Malte Poll
07f2ed94f8
Manually create AWS state disk symlink ( #355 )
...
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
2022-10-24 11:55:11 +02:00
Malte Poll
8ef1400810
Upgrade libvirt container image ( #348 )
2022-10-24 10:32:37 +02:00
Daniel Weiße
3ccde25584
Implement minimal feature support for bootstrapper on AWS ( #333 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-24 09:12:01 +02:00
Leonard Cohnen
5efd2716e3
add Rook deployment workaround
2022-10-23 05:50:49 +02:00
Malte Poll
2bf2cc6391
Use versioned Azure login action ( #353 )
...
* Use versioned Azure login action
* Pin github actions to git tags
2022-10-21 16:23:29 +02:00
Daniel Weiße
252a7226a9
Fix ordering of QEMU config values
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 16:19:00 +02:00
Fabian Kammel
18ae86c38e
sbom signing ( #303 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00
Daniel Weiße
c1b4193791
Add support for AWS to disk-mapper ( #329 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 15:04:34 +02:00
3u13r
90c94ec53e
initial draft for automatic updates ( #334 )
...
* draft for automatic updates
2022-10-21 15:02:20 +02:00
Malte Poll
26cfbfdd1f
Add AWS nvme udev rules ( #351 )
2022-10-21 14:55:13 +02:00
Daniel Weiße
c82d5ccba9
Hide cursor and fix dots ( #217 )
...
* Hide cursor and fix dots spinner
* Allow restarting of spinner
* Don't spin on non TTY output
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 14:26:42 +02:00
renovate[bot]
56981a709e
Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13 ( #346 )
...
* Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-21 14:08:36 +02:00
Leonard Cohnen
477a06789f
update grpc
2022-10-21 13:28:03 +02:00
renovate[bot]
02f1f5109a
Update module google.golang.org/grpc to v1.50.1
2022-10-21 13:28:03 +02:00
Nils Hanke
04c4cff9f6
AB#2436: Initial support for create/terminate AWS NitroTPM instances
...
* Add .DS_Store to .gitignore
* Add AWS to config / supported instance types
* Move AWS terraform skeleton to cli/internal/terraform
* Move currently unused IAM to hack/terraform/aws
* Print supported AWS instance types when AWS dev flag is set
* Block everything aTLS related (e.g. init, verify) until AWS attestation is available
* Create/Terminate AWS dev cluster when dev flag is set
* Restrict Nitro instances to NitroTPM supported specifically
* Pin zone for subnets
This is not great for HA, but for now we need to avoid the two subnets
ending up in different zones, causing the load balancer to not be able
to connect to the targets.
Should be replaced later with a better implementation that just uses
multiple subnets within the same region dynamically
based on # of nodes or similar.
* Add AWS/GCP to Terraform TestLoader unit test
* Add uid tag and create log group
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-10-21 12:24:18 +02:00
Otto Bittner
07f02a442c
Refactor Helm deployments ( #341 )
...
* Wrap KMS deployment in one main chart that
deploys all other services. Other services will follow.
* Use .tgz via helm-package as serialization format
* Change Release type to carry chart as byte slice
* Remove KMSConfig
* Use json-schema to validate values
* Extend release.md to mention updating helm charts
2022-10-21 12:01:28 +02:00
renovate[bot]
10a207c7ec
Update github actions dependencies
2022-10-21 11:33:41 +02:00
Malte Poll
f3d78a573f
Disable Azure VM agent and report VM as ready
2022-10-21 11:04:25 +02:00
Malte Poll
ed9acef9d4
Upgrade terraform azure provider to 3.28.0
2022-10-21 11:04:25 +02:00
Malte Poll
6a1405f7c9
Disable SSH key deployment with debugd / cdbg
2022-10-21 11:04:25 +02:00
Malte Poll
b57b25fdaa
Image upload AWS
2022-10-21 11:04:25 +02:00
Malte Poll
0c297f7b10
Update CHANGELOG
2022-10-21 11:04:25 +02:00
Malte Poll
743f5fa627
Remove all traces of CoreOS from the codebase
2022-10-21 11:04:25 +02:00