Nils Hanke
6bb6f1c288
ci: remove Go setup where Bazel is used for building
2023-03-14 15:28:36 +01:00
3u13r
fe767ba78e
introduce version.txt ( #1412 )
2023-03-14 14:53:33 +01:00
Paul Meyer
8679988b6c
fixup! bazel: add tidy and check
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
02c97fac03
bazel: add tidy and check
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
e1f0ea50a7
ci: only build GCP guest agent if necessary
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 12:19:46 -05:00
Paul Meyer
72530d45ae
ci: tag GCP guest agent with semver
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 12:19:46 -05:00
Paul Meyer
cc60de312e
ci: adopt tidy workflow for bazel
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 10:02:28 -05:00
Moritz Sanft
01705feb51
ci: upload cli version list ( #1377 )
...
* upload cli version list
* fix flag
* name
* allow cli kind for listing
* [remove] update vapi cli
* allow cli kind
* use latest versionsapi image version
* fix kind parsing
* use workflow calls in on_release action
* [remove] update container tag
* change back to latest tag
2023-03-10 10:21:58 +01:00
Malte Poll
bdba9d8ba6
bazel: add build files for go ( #1186 )
...
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-09 15:23:42 +01:00
Daniel Weiße
e07be3d6f8
fix: add measurement-reader to build pipeline ( #1386 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-09 15:01:09 +01:00
renovate[bot]
fede4ec6d2
deps: update GitHub action dependencies ( #1365 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:06:42 +01:00
Paul Meyer
74fc6239b2
deps: update to Go 1.20.2 ( #1366 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:05:36 +01:00
Paul Meyer
f4a4a044fe
ci: tee GitHub output
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 11:32:41 -05:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps ( #1345 )
2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d
attestation: remove PCR 0 and 10 on GCP
2023-03-06 13:09:57 +01:00
Moritz Eckert
29664fc481
ci: upload benchmark results to opensearch
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-03 09:43:49 +01:00
Moritz Eckert
12ba11ceee
ci: replace k-bench in e2e-test-weekly
2023-03-03 09:43:49 +01:00
Moritz Eckert
6fbca2818f
ci: replace k-bench in e2e-test-manual
2023-03-03 09:43:49 +01:00
Paul Meyer
6cb93d66df
ci: change push/pr token
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-03 02:55:17 -05:00
Paul Meyer
f9bb7c5f34
ci: frequently build up to date gcp guest-agent ( #1315 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 13:52:52 +01:00
Paul Meyer
8c171a1b66
ci: pin ko version ( #1309 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-28 18:53:28 +01:00
Moritz Sanft
732d15d013
ci: use iam destroy command for resource destruction ( #1272 )
...
* replace tf destruction with new command
* move iam destroy cmd
* fix typos
* exit post test on error
* [remove] test failure on iam destroy
* Revert "[remove] test failure on iam destroy"
This reverts commit 99449c0cc0
.
* [remove] test failure on terminate
* Revert "[remove] test failure on terminate"
This reverts commit 99c45bbc54
.
* gofumpt
2023-02-28 09:52:32 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create
on OpenStack ( #1283 )
...
* image: support OpenStack image build / upload
* cli: add OpenStack terraform template
* config: add OpenStack as CSP
* versionsapi: add OpenStack as CSP
* cli: add OpenStack as provider for `config generate` and `create`
* disk-mapper: add basic support for boot on OpenStack
* debugd: add placeholder for OpenStack
* image: fix config file sourcing for image upload
2023-02-27 18:19:52 +01:00
Otto Bittner
6c07a2892e
ci: adapt pipeline to use --kubernetes flag
2023-02-27 16:33:47 +01:00
Otto Bittner
08ee56911b
cli: overwrite chart versions during install/upgrade
...
* As charts receive information like the container image from
the cli it makes sense to also version the charts based on the cli
version.
* The pseudoversion is recalculated when running cmake.
* When merging changes from release branch to main,
a new commit is introduced to set the PROJECT_VERSION back
to 0.0.0, so that builds include a pseudoversion.
2023-02-27 16:06:35 +01:00
Otto Bittner
948a12461c
build: introduce pseudoversion for cli versions
...
All binaries that receive a version number during build
now receive a pseudoversion from hack/pseudo-version.
This makes any version-dependant behavior more similar
between dev and release versions. And in turn makes testing
easier.
2023-02-27 16:06:35 +01:00
Paul Meyer
4f480db77a
ci: ensure ci prs trigger workflows ( #1279 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-27 15:16:07 +01:00
Otto Bittner
05823680f3
ci: fix release pipeline ( #1253 )
...
* add pull-request permission to docs job
* readd permission for micro-services step
* run checkout action before building
* allow crane to read packages
2023-02-27 10:49:52 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci ( #1218 )
...
* add cli k8s compatibility api to ci
* extend versionsapi package
* rework cli info upload via ci
* join errors natively
* fix semver
* upload from hack file
* fix ci checks
* add distributionid
* setup go before running hack file
* setup go after repo checkout
* use logger instead of panic, invalidate cache
* use provided ctx
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
---------
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-24 12:00:04 +01:00
Nils Hanke
f13f80b8af
ci: update Syft to 0.72.0 and Grype to 0.57.1 ( #1120 )
...
* ci: update Syft to 0.72.0 and Grype to 0.57.1
* ci: install Cosign before Syft
* ci: directly read private key from environment for Cosign
* ci: add --add-cpes-if-none to Grype
* ci: use cosign attest directly instead of syft attest
2023-02-22 14:17:02 +01:00
Paul Meyer
f580f8216a
ci: add missing Go setup
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 08:50:11 -05:00
renovate[bot]
30f53f78d0
deps: update GitHub action dependencies ( #1239 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 13:49:47 +01:00
Moritz Sanft
0ba810240f
ci: integrate automatic iam creation in e2e test ( #1158 )
...
* integrate automatic iam creation in e2e test
* fix typo
* break long line comments
* fix semvers
* correct bracing
2023-02-21 12:47:14 +01:00
Paul Meyer
df30197607
ci: fix self trigger paths of workflows
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 05:21:59 -05:00
Paul Meyer
937ced0223
ci: update Go tidy check workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
955316c661
ci: use new -C flag of Go subcommands
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
e011a20c49
deps: update to Go 1.20
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
62fbbff91f
ci: commit as edgelessci
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 10:40:08 -05:00
Paul Meyer
c5977840f6
ci: add missing token in terraform workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 10:40:08 -05:00
Otto Bittner
68b4b95741
ci: use correct container name to tag joinservice
2023-02-17 11:17:26 +01:00
Fabian Kammel
656e109e17
fix: upload signature of measurements. ( #1213 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-17 10:53:57 +01:00
renovate[bot]
7500112d37
deps: update GitHub action dependencies ( #1201 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:47:42 +01:00
Malte Poll
77216f7492
deps: vendor node-maintenance-operator api ( #1172 )
...
* deps: go generate script to vendor node-maintenance-operator api folder
* deps: vendor node-maintenance-operator api folder
* operators: use vendored node-maintenance-operator api
* ci: ignore 3rdparty dir for license check
2023-02-14 18:46:48 +01:00
Paul Meyer
b46e2b1681
ci: better naming for spelling check workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-13 11:42:12 -05:00
Thomas Tendyck
5a142748bc
ci: update vale action
2023-02-13 16:43:56 +01:00
Fabian Kammel
50522cb73c
expand variables ( #1161 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-10 17:57:26 +01:00
Paul Meyer
278031b066
ci: fix workdir of apko base image build
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 11:24:17 -05:00
stdoutput
e46f4280e7
update default k8s version in manual e2e test
2023-02-10 15:13:34 +01:00
Otto Bittner
a7ea85c738
ci: update k8s versions in e2e tests
...
The accepted format has been changed for upgrade support.
2023-02-10 15:13:34 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation ( #1152 )
...
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-09 13:33:17 +01:00
Paul Meyer
60254f21f4
ci: fix location of cli docgen output ( #1138 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-03 18:00:16 +01:00
Daniel Weiße
f74f589605
ci: add containerized libvirt build workflow ( #1130 )
...
* Add libvirt container build workflow
* Update release workflow
* Update image libvirt base image
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-02 14:40:05 +01:00
Fabian Kammel
64c4b1f766
allow workflow to create pr ( #1132 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-01 16:54:12 +01:00
Malte Poll
b7d3f3972b
ci: add bazel tests
2023-01-31 17:55:09 +01:00
renovate[bot]
bec82c2328
deps: update GitHub action dependencies ( #1112 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:38:44 +01:00
Paul Meyer
e5a2e519a3
ci: fix hasher permissions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:36:45 +01:00
Paul Meyer
e0354826e0
ci: trigger builds on workflow change
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 17:17:03 +01:00
Otto Bittner
176f366c53
ci: fix manual keyservice build workflow
2023-01-31 16:53:46 +01:00
Paul Meyer
c00004a321
ci: fix oras download in package hasher
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 15:06:13 +01:00
Fabian Kammel
c14e551af5
fix permissions ( #1119 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-31 14:30:36 +01:00
Otto Bittner
24409fe6ee
ci: ensure that unittests are run when touching helm charts
...
In case the helm charts are changed only yaml files are touched.
Thus the unit test workflow was not triggered.
2023-01-31 11:36:49 +01:00
Otto Bittner
88e3da750e
ci: adjust tags in build_ko
...
Currently tags can be empty when building a ko image.
However, --bare may not work in case --tags is empty,
as per ko docs.
Also remove redundant build step in release pipeline.
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-01-31 10:16:20 +01:00
Fabian Kammel
b21393ddb1
authorize purge branch ( #1113 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-30 17:55:41 +01:00
leongross
2187aa6cb0
ci: reproducible builds integration ( #1108 )
...
* remove `-ko` suffix from workflows
* integrate into `release.yaml`
* adjust helm charts to use hard coded `ko` binary path
2023-01-30 16:58:49 +01:00
Fabian Kammel
48c8a66114
Minimal GitHub Action token permissions. ( #1104 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-30 16:11:27 +01:00
Paul Meyer
32a540bff4
ci: tag apko base images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-30 16:05:00 +01:00
Paul Meyer
8268b6e23f
ci: don't build apko base images on release branch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-30 16:05:00 +01:00
Paul Meyer
88b4bc5857
ci: pin apk packages used in container base image
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-30 16:05:00 +01:00
renovate[bot]
17ff8c43d7
deps: update GitHub action dependencies ( #1099 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 16:12:26 +01:00
Paul Meyer
8364856d55
versions: remove Kubernetes v1.23
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 13:32:20 +01:00
Paul Meyer
ccd3a08eca
ci: improve readability of GitHub lables
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-26 18:29:38 +01:00
renovate[bot]
6c068674af
deps: update GitHub action dependencies ( #1085 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-26 15:22:33 +01:00
Paul Meyer
4bb1bb7595
ci: fix value substitution in pr messages
...
of release workflow
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-26 12:44:05 +01:00
Paul Meyer
bb419bdee5
ci: use peter-evans' action to create prs
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-25 18:39:15 +01:00
Malte Poll
ee869eaf9c
ci: prepare upgrade-agent for upload in e2e tests
2023-01-25 09:58:56 +01:00
Malte Poll
ce17a0c9ac
ci: set debug flag explicitly in os build pipeline
2023-01-25 09:58:56 +01:00
3u13r
f950fded9a
ci: add testdata trigger to unittest ( #1063 )
2023-01-24 11:39:26 +01:00
Paul Meyer
f5de2b7fc6
ci: move scheduled build into own workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-23 14:15:05 +01:00
Paul Meyer
94c0184e4d
ci: add workflow for proto code generation check
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-23 12:20:37 +01:00
Paul Meyer
a8cbfd848f
keyservice: use dash in container name ( #1016 )
...
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-01-20 18:51:06 +01:00
Fabian Kammel
582412d275
Fix GCP CCM build, add v26, and exclude old broken versions until fixed. ( #1038 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-20 15:17:00 +01:00
Paul Meyer
a31d79e9cb
ci: curl flags
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 14:23:32 +01:00
Paul Meyer
71708a967c
ci: run tests on workflow file change
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 16:47:47 +01:00
Paul Meyer
acc3f64dee
ci: only build apko base images on change
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 15:18:26 +01:00
Paul Meyer
5dc080c3b3
ci: only run CodeQL on main
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 12:16:40 +01:00
Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover ( #845 )
...
* AB#2256 Add recover e2e test
* AB#2256 move test & fix minor objections
* AB#2256 fix path
* AB#2256 rename hacky filename
2023-01-19 10:41:07 +01:00
Paul Meyer
2cee7cb454
ci: run CodeQL only on Go/Python changes
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 10:34:36 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action ( #1011 )
2023-01-18 17:33:10 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies ( #1007 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:04:46 +01:00
Paul Meyer
8e18c7012c
ci: install shellcheck using the action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:02:40 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation ( #1005 )
2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f
ci: unified order and style of workflows/actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
41690288a1
ci: remove unneeded brackets in if statements
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings ( #967 )
...
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 16:12:23 +01:00
Fabian Kammel
8f88129cac
Configure CodeQL and scorecard workflow. ( #986 )
...
* Configure CodeQL and scorecard workflow.
* Fix CodeQL finding.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 14:01:47 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc ( #983 )
2023-01-16 18:15:17 +01:00
Paul Meyer
d39cf1cd6e
ci: fix cron tab mismatch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 17:33:17 +01:00
Paul Meyer
2241e41fcf
ci: delete old images of all streams on ref main
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:57:13 +01:00
Paul Meyer
3393e458e0
ci: schedule os image builds
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:55:24 +01:00
Paul Meyer
98040ff89c
ci: run shellfmt and shellcheck on changes in /image
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Paul Meyer
d37bd077d8
ci: delete old images from main ref
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Paul Meyer
4a6c64a02f
ci: copy versionsapi binary from container to host
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Otto Bittner
4239191b0d
ci: remove residual references to "kms"
2023-01-16 12:43:03 +01:00
Malte Poll
938f114086
ci: implement "console" stream for OS images ( #969 )
...
* image: add AUTOLOGIN environment variable to conditionally enable serial console login
* ci: implement "console" stream for OS images
* debugd: remove serial console login access code
2023-01-16 12:20:01 +01:00
Otto Bittner
90b88e1cf9
kms: rename kms to keyservice
...
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00
leongross
c36a009188
ci: reproducible builds ko (no gcp) ( #871 )
...
* add ko build actions and worklflows
* add apko build actions and worklflows
* add .ko.yaml file
* add apko image definitions
* add signing container, add signing sboms, add uploading sboms
2023-01-13 16:38:31 +01:00
Paul Meyer
5cb10aef45
ci: find latest image with versionsapi action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-13 10:23:43 +01:00
Paul Meyer
6d6ef99f11
ci: run versionsapi as docker action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-13 10:23:43 +01:00
Paul Meyer
8cfa402c9a
ci: refactor titles of prs made by bots
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-13 10:08:51 +01:00
Paul Meyer
5782e0c884
ci: deactivate dryrun of image deletion
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-12 13:43:42 +01:00
Paul Meyer
d0e9f427d1
deps: update Go to v1.19.5 ( #949 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-12 13:36:17 +01:00
Malte Poll
7cc8f2c884
ci: manual e2e: github.event.inputs -> inputs
2023-01-12 13:24:07 +01:00
Malte Poll
5ba1b6780b
ci: auto detect if released OS images should be marked as "latest"
2023-01-12 13:24:07 +01:00
Malte Poll
67be4016f5
ci: generate signed measurements for QEMU
2023-01-12 13:24:07 +01:00
Malte Poll
d851623c0d
ci: implement second half of release checklist
2023-01-12 13:24:07 +01:00
Malte Poll
142af75776
ci: implement second half of release checklist
2023-01-12 13:24:07 +01:00
Malte Poll
49288f5d30
ci: use explicit input to choose cosign key for OS image measurements
2023-01-12 13:24:07 +01:00
Malte Poll
16d27b5157
ci: update hardcoded measurements during release pipeline
2023-01-12 13:24:07 +01:00
Malte Poll
3077dd4f27
ci: implement first half of release checklist
2023-01-12 13:24:07 +01:00
Paul Meyer
c1e776a1a2
ci: join macos with normal tests ( #933 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:27:18 +01:00
Leonard Cohnen
e9da70fde9
ci: remove versions manifest
2023-01-11 11:10:44 +01:00
Paul Meyer
e9442ac1ce
deps: update and pin github.com/katexochen/sh ( #922 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 10:17:31 +01:00
renovate[bot]
9fbf298565
Update actions/cache action to v3.2.3 ( #909 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 18:30:41 +01:00
Paul Meyer
6a20d18082
ci: change gcp image and image family names
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 17:06:59 +01:00
Paul Meyer
00ca87a7ec
ci: fix versionsapi workflow remove cmd
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 17:02:45 +01:00
Paul Meyer
8643c791f0
ci: add missing secrets to purge branch workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 16:17:31 +01:00
Paul Meyer
636567d65a
ci: add purge branch workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 13:54:19 +01:00
Paul Meyer
dc73411301
hack: remove build-manifest
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 13:15:09 +01:00
Moritz Sanft
ecdc465a42
AB2564 Add constellation verify e2e test ( #875 )
2023-01-09 08:54:41 +01:00
renovate[bot]
f62f8e5d79
Update GitHub action dependencies ( #902 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 17:35:54 +01:00
renovate[bot]
32b839e9f7
Update GitHub action dependencies ( #877 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 16:17:51 +01:00
Leonard Cohnen
94694c6e06
operator: add v2 to package name
2023-01-05 14:52:09 +01:00
Paul Meyer
f9458950cb
versionsapi: change image path ( #856 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 17:07:16 +01:00
Paul Meyer
f720726074
ci: fix rebuild loop of microservice images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 16:01:12 +01:00
Paul Meyer
3561a16819
ci: replace add-version through versionsapi cli
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 11:39:19 +01:00
Paul Meyer
195fe27870
ci: add versionsapi workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 11:39:19 +01:00
renovate[bot]
d2c04ecc40
Update GitHub action dependencies ( #848 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-03 10:09:02 +01:00
3u13r
473e16feb2
image: add upgrade-agent ( #827 )
2022-12-29 17:50:11 +01:00
Paul Meyer
c7ecf13e7f
ci: fix workflows with tokens running on forks
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-23 11:39:09 +01:00
Paul Meyer
caed4ff287
ci: print image in find-image action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-21 18:39:03 +01:00
Paul Meyer
582615dfb3
ci: enable manual e2e runs on any git ref
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-21 18:39:03 +01:00
Fabian Kammel
83f09e1058
implement e2e test lb ( #815 )
...
* implement e2e test lb
* add lb e2e test to weekly schedule
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-12-21 10:49:21 +01:00
Thomas Tendyck
990cae58a5
ci: don't checkout head ref for PRs from forks
2022-12-19 16:09:40 +01:00
Paul Meyer
58a5c47d30
ci: update pinned hashes on renovate updates
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-16 10:43:33 +01:00
Fabian Kammel
b718e92d1d
update slsa-verifier ( #803 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-12-15 09:45:46 +01:00
Fabian Kammel
6564fcbf6c
E2E Test Mini Constellation ( #796 )
...
* fix: typo to build amd64 for macos
* Implement E2E test for mini constellation
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-12-14 16:51:42 +01:00
Malte Poll
a1d59df1c3
Release action: Do not fail if "latest" is not set ( #793 )
2022-12-14 14:59:06 +01:00
renovate[bot]
5967b98c25
Update GitHub action dependencies ( #778 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-14 14:55:14 +01:00
Paul Meyer
6862c2587f
kubernetes: add v1.26, default to v1.25
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Malte Poll
e207081274
adopt changes from linux e2e tests on macOS ( #790 )
2022-12-13 10:06:36 +01:00
Malte Poll
fed31c304a
Release CLI: Fix upload path
2022-12-12 17:45:35 +01:00
Malte Poll
3f6817653b
Match pki set and key
2022-12-12 17:45:35 +01:00
Malte Poll
6154a5ef68
OS build pipeline: Correctly choose PKI set
2022-12-12 17:45:35 +01:00
Malte Poll
4a8ebfd921
OS images: use "ref", "stream" and "version"
...
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
2022-12-09 13:37:43 +01:00
renovate[bot]
e371e4499f
Update GitHub action dependencies ( #765 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 11:10:23 +01:00
Paul Meyer
24f6c3807b
ci: no link checking on main
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 11:42:03 +01:00
Paul Meyer
3cc2a714a4
dependencies: upgrade to Go v1.19.4 ( #732 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 14:27:43 +01:00
Paul Meyer
5ba5d9d683
ci: unpin slsa-github-generator action digest ( #734 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 17:07:27 +01:00
Paul Meyer
176dae317f
debugd: fix logcollector container image naming
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 13:16:45 +01:00
Paul Meyer
474f7ad356
ci: build logcollector images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:54:24 +01:00
Paul Meyer
e6c4bb3406
ci: build microservices on change of pkg internal
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 11:14:58 +01:00
renovate[bot]
998c8ee889
Update GitHub action dependencies ( #701 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:33:19 +01:00
Malte Poll
b9fd8237b9
manual e2e tests: Add option to keep embedded measurements ( #698 )
2022-12-01 15:43:40 +01:00
Paul Meyer
4249050116
e2e: find default image if no input image specified
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 15:23:27 +01:00
Paul Meyer
cbd5a4a118
ci: print image version in summary
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 13:25:53 +01:00
Paul Meyer
8004edcc14
image: add version and debug field to lookup table ( #682 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 11:51:33 +01:00
Malte Poll
3aa51df74d
Add release trigger to make image versions available via CDN
2022-11-30 12:35:12 +01:00
Leonard Cohnen
954cbad214
ci: build qemu-metadata api
2022-11-30 12:28:37 +01:00
Paul Meyer
688003cdd9
ci: fix hcl lock files on renovate branch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 18:47:30 +01:00
Paul Meyer
48e0b3a9cd
ci: check hcl lock files are up to date
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 18:47:30 +01:00
renovate[bot]
2e2bcb15e1
Update GitHub action dependencies ( #665 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:06:18 +01:00
Fabian Kammel
c71fd89e80
Provenance for CLI ( #647 )
...
* provenance generation for cli
* document provenance generation for CLI
* include CLI SBOM in provenance
Co-authored-by: 3u13r <lc@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-25 16:13:20 +01:00
Nils Hanke
89b25f8ebb
Add new generate measurements matrix CI/CD action (now with AWS support) ( #641 )
2022-11-25 12:08:24 +01:00
Malte Poll
3dc9c60864
e2e tests: use new image versions
2022-11-23 15:47:46 +01:00
Paul Meyer
947920d4f5
Revert "warn about function argument count over 5 ( #558 )" ( #620 )
...
This reverts commit 1110ccd270
.
2022-11-22 14:20:11 +01:00
renovate[bot]
fa2919e285
Update softprops/action-gh-release action to v0.1.15 ( #607 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 15:08:53 +01:00
Malte Poll
efaa0622a8
Include image version in mkosi builds
2022-11-18 10:37:45 +01:00
Malte Poll
74aabe86fa
Move PCR[8] -> PCR[12]
2022-11-18 10:37:45 +01:00
Malte Poll
239b9f6c26
Upgrade images to Fedora 37
2022-11-18 10:37:45 +01:00
renovate[bot]
f5f6be1c56
Update actions/download-artifact action to v3 ( #583 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 08:55:56 +01:00
Fabian Kammel
1110ccd270
warn about function argument count over 5 ( #558 )
...
* warn about function argument count over 5
* only on new code
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-17 17:31:00 +01:00
Malte Poll
78481b32e8
Move image artifacts "/v1/" => "/constellation/v1" ( #579 )
2022-11-17 16:14:38 +01:00
Paul Meyer
9c405ceb02
ci: use shfmt fork
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 16:10:13 +01:00
renovate[bot]
827b62c2be
Update GitHub action dependencies ( #568 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-17 11:37:00 +01:00
Paul Meyer
c61f6211f9
ci: use fixed renovate bot email for commits
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Paul Meyer
3fd678492f
ci: fix shellfmt workflow name
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts ( #560 )
2022-11-16 15:45:10 +01:00
Leonard Cohnen
2f0b1a0f32
ci: add go generate check
2022-11-15 18:24:07 +01:00
Leonard Cohnen
9b89e5cf10
ci: don't check cilium links
2022-11-15 18:24:07 +01:00
Paul Meyer
80a801629e
e2e: deactivate fail-fast for e2e daily
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-15 12:44:52 +01:00
renovate[bot]
c71eeffd1e
Update module github.com/sigstore/rekor to v1.0.1 ( #543 )
...
* Update module github.com/sigstore/rekor to v1.0.1
* quotes around string with spaces
* [bot] Tidy all modules
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: datosh <datosh@users.noreply.github.com>
2022-11-15 12:18:01 +01:00
Malte Poll
9f6a8ffd4c
Allow listing separate args for shfmt
2022-11-14 14:02:29 +01:00
renovate[bot]
c76d0672f8
Update golangci/golangci-lint-action action to v3.3.1 ( #542 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-14 10:43:54 +01:00
Paul Meyer
4f66519fb0
ci: improve shellfmt workflow code
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:50:21 +01:00
Paul Meyer
09969afd57
ci: fix workflows
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:38:29 +01:00
Paul Meyer
38cc2c1ab0
ci: add actionlint workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:38:29 +01:00
Paul Meyer
a7535fb449
ci: add shellfmt workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 15:53:57 +01:00
renovate[bot]
fd9dfb500d
Update actions/checkout digest to 5c3ccc2 ( #527 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 15:03:14 +01:00
Paul Meyer
fb6f425696
ci: checkout with head ref
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 14:00:11 +01:00
renovate[bot]
1fc663efc9
Update actions/checkout action to v3
2022-11-11 14:00:11 +01:00
Paul Meyer
eb66767a62
ci: decrease severity level of shellcheck
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:40:13 +01:00
Paul Meyer
7eb9d8a57c
e2e: add AWS test to schedule
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
11672acf0a
e2e: add AWS test
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
f6b3ef6a57
ci: login azure only if needed
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521
ci: rename actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Fabian Kammel
b92b3772ca
Remove access manager ( #470 )
...
* remove access manager from code base
* document new node ssh workflow
* keep config backwards compatible
* slow down link checking to prevent http 429
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-11 08:44:36 +01:00
renovate[bot]
8e8ce070b7
Update google-github-actions/setup-gcloud action to v1 ( #524 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 18:29:30 +01:00
Nils Hanke
a7e81aef73
Update GitHub workflow runners to Ubuntu 22.04 ( #513 )
...
* Update all GitHub action runners to ubuntu-22.04
* Fix license checker script for grep >3.4
2022-11-10 16:55:24 +01:00
Malte Poll
e9fecec0bc
Only publish release AMIs
2022-11-09 14:29:58 +01:00
renovate[bot]
c18feaaace
Update lycheeverse/lychee-action action to v1.5.4 ( #492 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-09 11:10:46 +01:00
Paul Meyer
d3bad39223
e2e: fix deletion of persisten volumes ( #476 )
...
Co-authored-by: Christoph Meyer <cme@edgeless.systems>
2022-11-09 10:28:34 +01:00
renovate[bot]
05f4b8698b
Update ludeeus/action-shellcheck digest to 6d3f514 ( #485 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 18:38:48 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ( #479 )
...
* Bump version to v2.2.0
* Update changelog
* Fix release detection in pipeline
* Fix PKI selection in pipeline
* Set enforced measurements for AWS
* Update default images
* Fix release docs
* Update mini-con defaults
* Fix measurements action
* Fix syft env variable naming
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
Paul Meyer
46e4ddd8c6
ci: don't run cli reference gen on release branch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 17:07:29 +01:00
renovate[bot]
efa2fb2fd0
Update anchore/sbom-action action to v0.13.1 ( #463 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-04 17:42:09 +01:00
Malte Poll
ed58fcccd3
CI: Add secure boot prod keys ( #462 )
...
* Add production secure boot keys
* Refactor OS build and upload settings
2022-11-04 16:48:52 +01:00
Nils Hanke
b24c799c80
Replace specific Azure/GCP credentials with secrets
2022-11-04 12:57:24 +01:00
Nils Hanke
ee20ff8950
Replace E2E Azure RM credentials with secrets
2022-11-04 12:57:24 +01:00
Nils Hanke
28b2d84684
Add AzureRM authentication environment variables for PCR action
2022-11-04 12:57:24 +01:00
renovate[bot]
88110ff5f3
Update github actions dependencies ( #450 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-04 11:58:54 +01:00
Malte Poll
4a7024c469
Make AMI public on creation ( #426 )
2022-11-03 15:22:51 +01:00
Paul Meyer
ac3768bbc9
e2e: add k-bench to weekly run
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 18:47:16 +01:00
Nils Hanke
6d2ec109d0
Update to Go 1.19.3
2022-11-02 11:53:52 +01:00
renovate[bot]
f60120bbbc
Update github actions dependencies ( #420 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 11:00:40 +01:00
Malte Poll
2842328457
Update mkosi to version 14 ( #391 )
2022-11-02 10:14:42 +01:00
Christoph Meyer
f4ff473677
AB#2191 Add K-Bench CI step to manual workflow
...
Add the option to run K-Bench performance to the manual CI workflow
Install CSI drivers in the cluster for K-Bench benchmarks
Attach the results to the workflow in the GitHub Actions view
2022-11-01 12:27:25 +01:00
Otto Bittner
30bdbd9b85
Add helm unittests ( #380 )
2022-10-31 19:25:02 +01:00
Paul Meyer
3933a97567
e2e: rework schedule of e2e test daily/weekly
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-31 18:22:05 +01:00
renovate[bot]
4aa2069655
Update github actions dependencies ( #397 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-10-31 10:26:17 +01:00
Paul Meyer
050223e4c5
e2e: add nop payload to only test infra creation
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 17:46:37 +02:00
Malte Poll
9297a4e8a2
Normalize naming: "sonobuoy fast" -> "sonobuoy quick" ( #389 )
2022-10-28 11:01:31 +02:00
Paul Meyer
95b8531fdd
Add e2e autoscaling test
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
Paul Meyer
8aa84fd759
Remove installation of preinstalled dependencies
...
in workflows
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
renovate[bot]
acc82b205a
Update github actions dependencies ( #366 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:48:35 +02:00
Malte Poll
f65475b2b2
Use fine grained GitHub PAT to commit "go mod tidy" fixes
2022-10-26 14:44:09 +02:00
Paul Meyer
4cbec82edf
Test operator code generation is up to date
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-25 16:50:46 +02:00
Malte Poll
2bf2cc6391
Use versioned Azure login action ( #353 )
...
* Use versioned Azure login action
* Pin github actions to git tags
2022-10-21 16:23:29 +02:00
Fabian Kammel
18ae86c38e
sbom signing ( #303 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00
renovate[bot]
10a207c7ec
Update github actions dependencies
2022-10-21 11:33:41 +02:00
Malte Poll
b57b25fdaa
Image upload AWS
2022-10-21 11:04:25 +02:00
Malte Poll
743f5fa627
Remove all traces of CoreOS from the codebase
2022-10-21 11:04:25 +02:00
Malte Poll
35e2267cf9
Move mkosi folder to old image folder location
2022-10-21 11:04:25 +02:00
Malte Poll
26fdfa4bee
Prefill PCR[11], PCR[12], PCR[13], PCR[15]
2022-10-21 11:04:25 +02:00
Malte Poll
6859c6b00e
Precalculate expected PCR[8]
2022-10-21 11:04:25 +02:00
Malte Poll
1e9608c796
Precalculate expected PCR[4]
2022-10-21 11:04:25 +02:00
Malte Poll
f4e69ec6ec
mkosi pipeline: Collect hashes
2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc
Create mkosi image build pipeline
2022-10-21 11:04:25 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing ( #331 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-20 15:59:17 +02:00
Paul Meyer
2685b5be1f
Let tfsec fail soft in CI
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-20 10:44:43 +02:00
Paul Meyer
a6b0edfcaa
Tidy modules on renovate branches
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
Paul Meyer
7c13302936
Checkout branch instead of head commit
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:51:44 +02:00
Paul Meyer
0e79af6f14
Run tests on push to release branch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 17:02:16 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies ( #311 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:54:53 +02:00
Otto Bittner
62168bbf98
AB#2490: Add KMS helm chart
...
* Also run helm-lint in CI now
2022-10-18 13:33:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies ( #294 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:00:41 +02:00
renovate[bot]
ccaad5e482
Update github actions dependencies ( #274 )
2022-10-17 11:14:41 +02:00
Malte Poll
c16f5a976d
AB#2365 Upgrade k8s base deployments (add full support for k8s 1.25) ( #277 )
...
* Add container image release for CCM GCP v25.2.0
* Upgrade versions of kubernetes base components
2022-10-17 08:58:13 +02:00
Malte Poll
0f57f03846
Allow concurrent actions on the same branch. ( #281 )
...
Actions are free for public repos and we want to see every CI failure
2022-10-14 17:47:46 +02:00
katexochen
f3d7ebb61f
Change Azure auth method for manual test
2022-10-14 17:04:44 +02:00
Malte Poll
e7118223fe
Downgrade vale action ( #280 )
2022-10-14 15:32:38 +02:00
Paul Meyer
8cf8b5db12
Change Azure auth method for e2e test ( #276 )
2022-10-14 14:44:32 +02:00
Malte Poll
6c9e18a6b5
Run code tests on go.mod and go.sum changes
2022-10-14 10:50:32 +02:00
renovate[bot]
3c34757274
Update actions/cache action to v3.0.11
2022-10-14 09:17:00 +02:00
renovate[bot]
2d767b02c1
Update hashicorp/setup-terraform digest to a2a0e9d ( #254 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-13 17:34:28 +02:00
renovate[bot]
f90e8fc35a
Update actions/checkout digest to 8230315 ( #246 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-13 16:54:43 +02:00
renovate[bot]
078dc1eb8f
Update aquasecurity/tfsec-pr-commenter-action digest to d9fa643 ( #247 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-13 16:49:33 +02:00
katexochen
41c42f547f
Add tfsec workflow
2022-10-13 14:54:19 +02:00
katexochen
a00743e892
Add Terraform validation workflow
2022-10-13 14:54:19 +02:00
renovate[bot]
f032508c54
Configure Renovate ( #237 )
...
* Configure renovate
* pin remaining github actions
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-13 14:41:55 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate ( #238 )
...
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-12 18:05:58 +02:00
katexochen
dbd71eebd9
Fix replace deprecated set-output syntax
2022-10-12 11:51:09 +02:00
katexochen
1f290af09b
Add dispatch trigger to all workflows
2022-10-12 11:32:19 +02:00
katexochen
49f233246c
Replace deprecated set-output syntax
2022-10-12 11:32:19 +02:00
katexochen
baeaf9f0c5
Fix macos e2e test
2022-10-10 13:43:15 +02:00
Leonard Cohnen
2a7c6ba052
bump gcp guest agent in workflow
2022-10-10 13:43:15 +02:00
Leonard Cohnen
0c651c55dd
increase control plane count during e2e tests
2022-10-07 03:44:24 +02:00
Nils Hanke
803209b12b
Update Go to 1.19.2 ( #219 )
2022-10-06 19:31:12 +02:00
katexochen
9edfc2f6ba
Move k8s version window up
2022-10-06 19:16:20 +02:00
Paul Meyer
e4963b0511
Deactivate cache for tidycheck workflow ( #216 )
2022-10-06 11:19:15 +02:00
dependabot[bot]
2e93b354e4
Bump actions/cache from 3.0.8 to 3.0.10
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.8 to 3.0.10.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](fd5de65bc8...56461b9eb0
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-05 02:02:48 -07:00
dependabot[bot]
fdd4425974
Bump actions/checkout from 3.0.2 to 3.1.0 ( #210 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](2541b1294d...93ea575cb5
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-05 09:24:36 +02:00
Otto Bittner
0eb4a7831b
AB#2413: Add workflow for snp-report-verify
...
* Extend azure-snp-report-verify to also report fw SVNs.
* Add workflow based on azure-cvm to get maa-jwt and
verify it on a second runner.
2022-09-21 10:58:10 +02:00
Daniel Weiße
95873d6a15
Run macos builds as separate jobs ( #174 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-09-20 13:43:46 +02:00
katexochen
788cfd9bd9
Remove autoscaling from workflows
2022-09-20 13:41:23 +02:00
katexochen
7f2608c623
Update operator workflow
2022-09-20 13:41:23 +02:00
katexochen
7eb245d7ee
Checkout last instead of merge commit in workflows
2022-09-19 14:02:59 +02:00
katexochen
bce85324c2
Add go-tidy-check workflow
2022-09-19 14:02:59 +02:00
Nils Hanke
de1268ffb9
Pin cache action against specific commit
2022-09-19 04:49:55 -07:00
Nils Hanke
979164ab37
CI: Remove GOPRIVATE from actions
2022-09-19 01:09:56 -07:00
Nils Hanke
c8b22e87e3
CI: Add cdbg/debugd unit tests for macOS
2022-09-19 01:09:56 -07:00
Nils Hanke
52d1afaf0b
CI: Consolidate multi-OS & multi-arch builds into one job
2022-09-19 01:09:56 -07:00
Nils Hanke
1dad1631ca
E2E: Add manual macOS E2E test
2022-09-19 01:09:56 -07:00
Nils Hanke
711532158f
E2E: Fix TEAMS_JOB_NAME for manual test
2022-09-19 01:09:56 -07:00
Nils Hanke
707cbf83b4
CI: Add macOS CLI unit tests
2022-09-19 01:09:56 -07:00
Nils Hanke
2c344a35e2
CI: Test multi-arch CLI builds on push
2022-09-19 01:09:56 -07:00
Nils Hanke
7338563d14
CI/E2E: (Re)move redunant setup steps
2022-09-19 01:09:56 -07:00
Thomas Tendyck
7b7c4b3246
docs: fix CLI reference heading
2022-09-16 15:57:50 +02:00
katexochen
5db3a426a5
Add govulncheck action
2022-09-14 13:07:04 +02:00
Nils Hanke
79229e04df
Create seperate create measurement action
2022-09-14 01:22:18 -07:00
Nils Hanke
9f246d3cc6
E2E: Don't sign & measure E2E built CLI binaries
2022-09-14 01:22:18 -07:00
Nils Hanke
472ba642b7
E2E: Build OSS CLI by default
2022-09-14 01:22:18 -07:00
katexochen
ebd9472866
Use go.work for CI workflows
2022-09-13 15:58:38 +02:00
katexochen
f55524a8d3
Run golangci-lint for all submodules
2022-09-13 15:58:38 +02:00
Leonard Cohnen
c1427123d9
fix azure release image naming
2022-09-12 19:03:01 +02:00
Felix Schuster
ebb8d7ca96
Rewrite install.md and create verify-cli.md ( #124 )
...
* Rewrite install.md and create verify-cli
* Small beautification
* Address review comment
* Shorten examples.md
* Quick brush over examples
* Fix broken links in v2.0
* Fix broken links in v2.0
* fix lint errors
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2022-09-12 18:35:12 +02:00
dependabot[bot]
a527a88586
Bump azure/login from 1.4.5 to 1.4.6 ( #125 )
2022-09-12 06:17:39 +00:00
Nils Hanke
0949393dbb
Update build environment to Fedora 36 & Go 1.19.1
2022-09-09 18:11:33 +02:00
Nils Hanke
56accc7766
CI: Simplify "Generate reference docs" step
2022-09-09 11:24:59 +02:00
Nils Hanke
9a560847f7
CI: Remove obsolete checkout for old docs repo
2022-09-09 11:24:59 +02:00
Nils Hanke
9c8ba7b153
CI: Trigger CLI action on cli/cmd & cli/internal/cmd changes
2022-09-09 11:24:59 +02:00
Moritz Eckert
653b01499d
Pin docs actions to sha ( #105 )
2022-09-09 09:51:42 +02:00
Malte Poll
bd6c6ce836
e2e-tests: include k8s 1.25
2022-09-05 16:57:28 +02:00
Thomas Tendyck
a09c53a700
tidy link checking ( #63 )
...
* tidy link checking
* Update .github/docs/release.md
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
2022-09-05 16:08:00 +02:00
Malte Poll
3c0e2239d2
e2e-test azure: ignore unused parameter
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-09-05 12:13:24 +02:00
katexochen
1741c2d941
e2e: Fix machine type
2022-09-05 12:13:24 +02:00
katexochen
d0a3c2d3d1
e2e: Fix reintroduced Azure error
2022-09-05 12:13:24 +02:00
Malte Poll
45a1134915
Change default branch of constellation-fedora-coreos-config repo ( #72 )
2022-09-05 12:12:34 +02:00
Nils Hanke
3c7d76f5a6
Run link checker only when Markdown & HTML files have been changed
2022-09-05 10:36:14 +02:00
Thomas Tendyck
95ff987bfc
add license
2022-09-05 09:17:25 +02:00
Thomas Tendyck
517302e4dc
limit workflows to paths or filetypes
2022-09-05 08:51:36 +02:00
katexochen
43924c7318
e2e: Silence curl
2022-09-02 19:08:33 +02:00
katexochen
9076404b06
Fix manual e2e test
2022-09-02 19:08:33 +02:00
Fabian Kammel
2f871578b2
first implementation of SBOM generation ( #50 )
...
* first implementation of SBOM generation
* updated dependencies as per grype report
* hack: go mod tidy
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-09-02 16:49:59 +02:00
Nils Hanke
39eb58b403
E2E: Use default VM machine type when not overriden
2022-09-02 07:04:11 -07:00
katexochen
b256222b42
e2e: Use default shell parameters
2022-09-02 15:20:25 +02:00
katexochen
ef8130a918
e2e: Enable parallel runs on Azure
2022-09-02 15:20:25 +02:00
katexochen
3c123d9fec
e2e: Fix cleanup on error/cancel
2022-09-02 15:20:25 +02:00
katexochen
90b4067523
e2e: Run tests on GitHub instead of local runner
2022-09-02 15:20:25 +02:00
Moritz Eckert
b95f3dbc91
Add docs to repo ( #38 )
2022-09-02 11:52:42 +02:00
Moritz Eckert
db942ee4b5
Update references to docs ( #36 )
2022-09-01 09:27:25 +02:00
katexochen
7c7a4699bc
Azure e2e tests with manual creds
2022-08-31 14:10:08 +02:00
Daniel Weiße
f38f85b3bf
Run binary builds in parallel ( #28 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-31 12:37:18 +02:00
Nils Hanke
fc10b3419d
Build release CLI for Linux arm64 ( #29 )
2022-08-31 12:27:26 +02:00
Daniel Weiße
b27e205399
Use 4 vCPU instances by default ( #24 )
...
* Use 4 vcpu instances by default
* Remove 2 vcpu instance type option
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-31 10:33:33 +02:00
Fabian Kammel
66d8c8037b
Release/v0.0.1 ( #20 )
...
* bump images to 0.0.1
* add gh cli commands
* varibale with default value should not be required
* update release docs
* build and upload version manifest as part of release
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-30 15:54:35 +02:00
Nils Hanke
87e68961dd
Add GCP ServiceAccount to E2E test
2022-08-30 04:26:21 -07:00
Nils Hanke
a8cc8a5859
Disable golangci-lint cache
2022-08-29 02:25:04 -07:00
Fabian Kammel
d972f053f9
AB#2287 Public image sharing in Azure ( #350 )
...
Trusted launch VM images in original SIG, additional SIG for community images for CVM
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-26 17:34:46 +02:00
Paul Meyer
904ea06214
Update golangci-lint workflow ( #396 )
2022-08-24 14:55:55 +02:00
dependabot[bot]
a07e3bfaf4
Bump actions/setup-go from 3.2.1 to 3.3.0 ( #399 )
2022-08-24 09:59:35 +00:00
Moritz Eckert
94460654e7
Apply feedback for readme ( #389 )
...
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2022-08-23 13:46:06 +02:00
Fabian Kammel
33626986fe
Feat/cli multi os arch ( #390 )
...
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 13:43:20 +02:00
Malte Poll
cdcbed6ff9
Re-add build-cli workflow
2022-08-19 18:29:10 +02:00
Malte Poll
f16e4bd5f9
e2e test manual: upload measurements
2022-08-19 18:22:55 +02:00
Malte Poll
f7cc72215e
manual e2e test: allow parallel runs
2022-08-19 18:22:55 +02:00
Malte Poll
e841d9201b
Use Azure CVMs in e2e tests
2022-08-19 18:22:55 +02:00
Malte Poll
2d87db3914
Update pseudo-version script to determine future release version based on branch name
2022-08-19 18:22:55 +02:00
Malte Poll
92e4e4d95a
manual operator pipeline ( #383 )
2022-08-19 15:19:08 +02:00
Fabian Kammel
4176f038df
Generate CLI reference also for sub-commands ( #374 )
...
* include all subcommands
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-17 16:58:36 +02:00
Malte Poll
abb4fb4f0f
Build GCP guest agent from github actions in constellation repo
2022-08-16 08:47:58 +02:00