Daniel Weiße
d67d0ac9df
Enable upload of TDX reports to Constellation CDN
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
9159b60331
Implement support for "latest" placeholders for Azure TDX
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
a34493caa6
Enable versions API to handle TDX versions
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
fbddbc9867
Dont re-marshal fetched objects
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
cd4c90af7e
Rename apifetcher methods
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
52a65c20ac
Move upload/delete code to its own package
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
edgelessci
5654e76f7e
image: update measurements and image version ( #3204 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-27 08:00:56 +02:00
renovate[bot]
2df105f8dd
deps: update Go dependencies ( #3199 )
...
* deps: update Go dependencies
* Bump go.work Go version to v1.22.4
* Bump github.com/hashicorp/go-retryablehttp to v0.7.7 to fix GO-2024-2947
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-06-26 15:40:45 +02:00
3u13r
27946c6f2c
dev-docs: add bare-metal setup ( #3126 )
2024-06-25 14:23:12 +02:00
Moritz Sanft
50dcfd7905
bootstrapper: remove unnecessary stat ( #3202 )
2024-06-25 11:51:23 +02:00
Moritz Sanft
dcb8cca268
bootstrapper: remove static pod manifests before cluster init/join
2024-06-25 10:43:23 +02:00
Markus Rudy
3db3db3bf2
operator: fix gRPC dialing over UDS ( #3201 )
...
* operator: add test for gRPC connection over UDS
2024-06-25 10:11:57 +02:00
Daniel Weiße
e0c5acf2f3
deps: update k8s replace directive ( #3193 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-24 16:04:07 +02:00
renovate[bot]
af3f2bcd42
deps: update GitHub action dependencies ( #3198 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 15:19:00 +02:00
renovate[bot]
5f9e970ebd
deps: update Constellation containers to v2.17.0-pre.0.20240619151941-9cd11842442d ( #3179 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 15:03:21 +02:00
renovate[bot]
1d3eae010f
deps: update rhysd/actionlint to v1.7.1 ( #3197 )
...
* deps: update rhysd/actionlint to v1.7.1
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-24 14:32:00 +02:00
renovate[bot]
c1b6d93fb9
deps: update dependency aspect_bazel_lib to v2.7.8 ( #3196 )
...
* deps: update dependency aspect_bazel_lib to v2.7.8
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-24 13:47:50 +02:00
Markus Rudy
9ad9ff4b51
bazel: use released version of gazelle ( #3192 )
2024-06-24 12:04:31 +02:00
edgelessci
3161adea5f
image: update locked rpms ( #3195 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-23 15:00:08 +02:00
renovate[bot]
d8680367b0
deps: update golang Docker tag to v1.22.4 ( #3191 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-22 10:30:26 +02:00
Daniel Weiße
d3f3697d00
ci: make bazel generate more stable ( #3188 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 13:22:07 +02:00
renovate[bot]
fcf83318fd
deps: update dependency rules_proto to v6.0.2 ( #3190 )
...
* deps: update dependency rules_proto to v6.0.2
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-21 11:04:00 +02:00
Daniel Weiße
09d19fec22
cli: fix constellation verify
depending on an initialized constellation-state.yaml
file ( #3184 )
...
* Ignore missing state file if flags are provided
* Update verify docs to include requirement for config file
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:09:01 +02:00
renovate[bot]
e71819eb62
deps: update Go dependencies ( #3185 )
...
* deps: update Go dependencies
* deps: tidy all modules
* Replace deprecated `grpc.DialContext` with `grpc.NewClient`
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:05:57 +02:00
edgelessci
bd80ab89cb
image: update measurements and image version ( #3189 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-21 08:28:27 +02:00
renovate[bot]
c01f735042
deps: update bazel (core) ( #3186 )
...
* deps: update bazel (core)
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:49:33 +02:00
renovate[bot]
afd6b35f18
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240611 ( #3180 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-20 13:28:21 +02:00
renovate[bot]
364bc1c9c4
deps: update dependency aspect_bazel_lib to v2.7.7 ( #3137 )
...
* deps: update dependency aspect_bazel_lib to v2.7.7
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:27:48 +02:00
Daniel Weiße
c1e4da3ea1
debugd: reset unit failed status before restarting ( #3183 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 11:22:37 +02:00
Daniel Weiße
a36e1a79f0
helm: upgrade cert-manager from v1.12.6 to v1.15.0 ( #3177 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 10:49:00 +02:00
Daniel Weiße
0368047939
helm: update Azure CSI, GCP CSI, and CSI snapshotter charts ( #3175 )
...
* Update GCP CSI chart to v1.4.0
* Update Azure CSI chart to v1.4.0
* Update CSI snapshotter from v6.2.2 to v8.0.1
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 08:41:46 +02:00
Markus Rudy
6e2af89c01
ci: fix cdbg_deploy error reporting ( #3182 )
2024-06-20 08:25:30 +02:00
Markus Rudy
c911eb4e3a
versions: default to k8s v1.29, support k8s v1.30, EOL v1.27 ( #3173 )
...
* versions: remove k8s 1.27 and patch-upgrade the others
* versions: add support for k8s 1.30.2
* versions: upgrade cloud provider images
2024-06-19 17:34:34 +02:00
Markus Rudy
132d540ac0
ci: fix GCP CCM findvers.sh script ( #3178 )
2024-06-19 16:26:02 +02:00
renovate[bot]
9cd1184244
deps: update GitHub action dependencies ( #3176 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-19 15:19:41 +02:00
Markus Rudy
9a295b2c3a
ci: better fence around tidy-check-generate summary ( #3174 )
2024-06-19 12:19:41 +02:00
edgelessci
1975a10721
image: update measurements and image version ( #3172 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-19 08:26:57 +02:00
Daniel Weiße
9d99d05826
cli: fix unmarshalling of sev-snp attestation documents in constellation verify
( #3171 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-17 13:38:59 +02:00
edgelessci
e0f52b4acd
image: update locked rpms ( #3170 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-16 11:05:20 +02:00
Markus Rudy
429711bf5d
ci: don't assign 3u13r ( #3169 )
2024-06-14 13:32:10 +02:00
Markus Rudy
566137e7ab
ci: make cdbg deploy errors easier to spot ( #3168 )
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-14 13:31:42 +02:00
edgelessci
63dc0c79af
image: update measurements and image version ( #3167 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-14 08:14:39 +02:00
Daniel Weiße
daaa7755a7
cli: enable JSON output for constellation verify
on Azure TDX ( #3164 )
...
* Remove formatter factory
* Enable `constellation verify` with JSON output for Azure TDX
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 13:18:27 +02:00
renovate[bot]
b3fcdc9a22
deps: update module github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.6.0 [SECURITY] ( #3163 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-12 08:04:52 +02:00
edgelessci
305bc692e9
image: update measurements and image version ( #3162 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-12 08:03:25 +02:00
Daniel Weiße
8b76dd68ca
attetstation: enable Azure TDX CRL checking ( #3160 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:02:47 +02:00
Daniel Weiße
c682558940
debugd: return systemd logs if restarting a unit fails ( #3159 )
...
* Wait until logcollection containers are ready
* Add systemd unit journal entries to error message
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:01:54 +02:00
Markus Rudy
08770a69c4
deps: upgrade to tink-go v2.1.0 ( #3054 )
...
* deps: leave notes on why forks are used
* deps: use upstream version of tink-go
2024-06-11 20:15:42 +02:00
renovate[bot]
f8e0ca4bb6
deps: update libvirtd_base Docker digest to 99dbf3c ( #3157 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-11 17:44:55 +02:00
Markus Rudy
fddad83eb4
helm: upgrade Cilium to v1.15.5-edg.1 ( #3149 )
2024-06-11 11:53:00 +02:00