Commit Graph

94 Commits

Author SHA1 Message Date
Paul Meyer
01f518f0a4
deps: update to Go v1.20.6 (#2093)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-12 09:51:40 +02:00
renovate[bot]
576b48c8b7
deps: update GitHub action dependencies (#1848)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-03 08:19:10 +02:00
Malte Poll
6dd8a571ec
ci: fix expected value for PCR7 on AWS (#1979)
This has changed when upgrading to Fedora 38.
It didn't surface as a bug since the PCR is marked as warnOnly.
2023-06-28 15:33:14 +02:00
Malte Poll
264b2df902
deps: upgrade to Fedora 38 (#1909)
* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
2023-06-15 16:50:35 +02:00
Otto Bittner
3a54ca91a7
deps: bump go patch version (#1903) 2023-06-09 10:53:17 +02:00
3u13r
7c07e3be18
Add --insecure to config fetch-measurement (#1879)
* cli: add --insecure to fetch-measurements

* cli: rename fake to stub

* ci: upload measurements for debug images

* fix cli docs
2023-06-06 10:32:22 +02:00
3u13r
e0285c122e
todo responsibilities and cleanup (#1837)
* chore: add TODO responsibilities

* chore: remove not needed TODOs

* chore: remove outdated migrations

* chore: remove resolved goleak exception

* chore: remove not needed cosign env

* config: add link to our Azure snp docs
2023-06-01 12:33:06 +02:00
Otto Bittner
0c13f3ed8d image: add aws_aws-sev-snp variant
This needs no changes to the existing AWS image.
The images have worked without modification so far.
2023-06-01 11:25:31 +02:00
Malte Poll
8a51ae1ec3
ci: do not sign & upload debug image measurements (#1849) 2023-06-01 10:58:34 +02:00
Malte Poll
76bf5e8e28 ci: upload image info v2 and measurements v2 in image build pipeline 2023-05-25 15:01:15 +02:00
3u13r
dd2ea50a39
deps: bump go version (#1760) 2023-05-11 14:14:15 +02:00
renovate[bot]
a8101c8c64
deps: update GitHub action dependencies (#1745)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-05 14:42:20 +02:00
Malte Poll
2efa3083dc ci: use native go code for os image upload 2023-05-05 12:06:44 +02:00
Paul Meyer
7ab23c28b8 Revert "misc: replace sha256sum with shasum -a 256 (#1681)"
This reverts commit ec1d5e9fb5.

While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
2023-05-02 11:07:05 +02:00
Paul Meyer
bf051174f6 ci: update measurements and image version
on scheduled build

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 10:20:27 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 (#1681) 2023-04-26 13:40:18 +02:00
Malte Poll
84dd25600f
image: upgrade mkosi to support repart (#1684) 2023-04-25 18:22:40 +02:00
Paul Meyer
4020e7840a ci: always use tee -a instead of redirecting
into GITHUB_OUTPUT

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-17 12:08:42 +02:00
Paul Meyer
860d72a083
ci: reduce number of steps with continue-on-error (#1593)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 18:50:58 +02:00
Malte Poll
2b962598bf
deps: update go to 1.20.3 (#1622) 2023-04-06 16:36:07 +02:00
renovate[bot]
8f17e4b9df
deps: update actions/setup-go action to v4 (#1605)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-04 11:06:30 +02:00
renovate[bot]
5dad9bfad7
deps: update GitHub action dependencies (#1591)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 16:36:43 +02:00
Otto Bittner
da4e2521a9
ci: don't statically set PCR 5 (#1521)
This value can't be statically precomputed and leads to
warnings during runtime.
2023-03-24 17:08:39 +01:00
Paul Meyer
4628222780 ci: always use tee -a when writing output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
renovate[bot]
0a190c2bf6
deps: update GitHub action dependencies (#1499)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 17:57:47 +01:00
renovate[bot]
9a9688583d
deps: update aws-actions/configure-aws-credentials action to v2 (#1445)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-21 10:56:30 +01:00
Malte Poll
c3c0940adb
bazel: use remote caching (#1456)
* bazel: add configuration for remote caching
* ci: enable bazel remote caching for building binaries
* ci: use bazel directly when building go binaries
* ci: enable cache for most build steps
* dev-docs: document remote caching
2023-03-20 16:05:08 +01:00
Malte Poll
3fd9a34025
ci: disable upload of Azure TrustedLaunch image (#1440) 2023-03-17 10:51:44 +01:00
3u13r
fe767ba78e
introduce version.txt (#1412) 2023-03-14 14:53:33 +01:00
Moritz Sanft
01705feb51
ci: upload cli version list (#1377)
* upload cli version list

* fix flag

* name

* allow cli kind for listing

* [remove] update vapi cli

* allow cli kind

* use latest versionsapi image version

* fix kind parsing

* use workflow calls in on_release action

* [remove] update container tag

* change back to latest tag
2023-03-10 10:21:58 +01:00
Daniel Weiße
e07be3d6f8
fix: add measurement-reader to build pipeline (#1386)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-09 15:01:09 +01:00
Paul Meyer
74fc6239b2
deps: update to Go 1.20.2 (#1366)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:05:36 +01:00
Paul Meyer
f4a4a044fe ci: tee GitHub output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 11:32:41 -05:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps (#1345) 2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create on OpenStack (#1283)
* image: support OpenStack image build / upload

* cli: add OpenStack terraform template

* config: add OpenStack as CSP

* versionsapi: add OpenStack as CSP

* cli: add OpenStack as provider for `config generate` and `create`

* disk-mapper: add basic support for boot on OpenStack

* debugd: add placeholder for OpenStack

* image: fix config file sourcing for image upload
2023-02-27 18:19:52 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci (#1218)
* add cli k8s compatibility api to ci

* extend versionsapi package

* rework cli info upload via ci

* join errors natively

* fix semver

* upload from hack file

* fix ci checks

* add distributionid

* setup go before running hack file

* setup go after repo checkout

* use logger instead of panic, invalidate cache

* use provided ctx

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

---------

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-24 12:00:04 +01:00
Paul Meyer
f580f8216a ci: add missing Go setup
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 08:50:11 -05:00
Fabian Kammel
656e109e17
fix: upload signature of measurements. (#1213)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-17 10:53:57 +01:00
Fabian Kammel
50522cb73c
expand variables (#1161)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-10 17:57:26 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation (#1152)
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-09 13:33:17 +01:00
Fabian Kammel
48c8a66114
Minimal GitHub Action token permissions. (#1104)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-30 16:11:27 +01:00
renovate[bot]
17ff8c43d7
deps: update GitHub action dependencies (#1099)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 16:12:26 +01:00
renovate[bot]
6c068674af
deps: update GitHub action dependencies (#1085)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-26 15:22:33 +01:00
Malte Poll
ce17a0c9ac ci: set debug flag explicitly in os build pipeline 2023-01-25 09:58:56 +01:00
Paul Meyer
f5de2b7fc6 ci: move scheduled build into own workflow
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-23 14:15:05 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings (#967)
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 16:12:23 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc (#983) 2023-01-16 18:15:17 +01:00
Paul Meyer
3393e458e0 ci: schedule os image builds
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:55:24 +01:00