Commit Graph

4240 Commits

Author SHA1 Message Date
Daniel Weiße
d67d0ac9df Enable upload of TDX reports to Constellation CDN
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
9159b60331 Implement support for "latest" placeholders for Azure TDX
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
a34493caa6 Enable versions API to handle TDX versions
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
fbddbc9867 Dont re-marshal fetched objects
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
cd4c90af7e Rename apifetcher methods
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
Daniel Weiße
52a65c20ac Move upload/delete code to its own package
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-27 09:09:13 +02:00
edgelessci
5654e76f7e
image: update measurements and image version (#3204)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-27 08:00:56 +02:00
renovate[bot]
2df105f8dd
deps: update Go dependencies (#3199)
* deps: update Go dependencies

* Bump go.work Go version to v1.22.4

* Bump github.com/hashicorp/go-retryablehttp to v0.7.7 to fix GO-2024-2947

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-06-26 15:40:45 +02:00
3u13r
27946c6f2c
dev-docs: add bare-metal setup (#3126) 2024-06-25 14:23:12 +02:00
Moritz Sanft
50dcfd7905
bootstrapper: remove unnecessary stat (#3202) 2024-06-25 11:51:23 +02:00
Moritz Sanft
dcb8cca268
bootstrapper: remove static pod manifests before cluster init/join 2024-06-25 10:43:23 +02:00
Markus Rudy
3db3db3bf2
operator: fix gRPC dialing over UDS (#3201)
* operator: add test for gRPC connection over UDS
2024-06-25 10:11:57 +02:00
Daniel Weiße
e0c5acf2f3
deps: update k8s replace directive (#3193)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-24 16:04:07 +02:00
renovate[bot]
af3f2bcd42
deps: update GitHub action dependencies (#3198)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 15:19:00 +02:00
renovate[bot]
5f9e970ebd
deps: update Constellation containers to v2.17.0-pre.0.20240619151941-9cd11842442d (#3179)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 15:03:21 +02:00
renovate[bot]
1d3eae010f
deps: update rhysd/actionlint to v1.7.1 (#3197)
* deps: update rhysd/actionlint to v1.7.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-24 14:32:00 +02:00
renovate[bot]
c1b6d93fb9
deps: update dependency aspect_bazel_lib to v2.7.8 (#3196)
* deps: update dependency aspect_bazel_lib to v2.7.8

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-24 13:47:50 +02:00
Markus Rudy
9ad9ff4b51
bazel: use released version of gazelle (#3192) 2024-06-24 12:04:31 +02:00
edgelessci
3161adea5f
image: update locked rpms (#3195)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-23 15:00:08 +02:00
renovate[bot]
d8680367b0
deps: update golang Docker tag to v1.22.4 (#3191)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-22 10:30:26 +02:00
Daniel Weiße
d3f3697d00
ci: make bazel generate more stable (#3188)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 13:22:07 +02:00
renovate[bot]
fcf83318fd
deps: update dependency rules_proto to v6.0.2 (#3190)
* deps: update dependency rules_proto to v6.0.2

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-21 11:04:00 +02:00
Daniel Weiße
09d19fec22
cli: fix constellation verify depending on an initialized constellation-state.yaml file (#3184)
* Ignore missing state file if flags are provided
* Update verify docs to include requirement for config file

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:09:01 +02:00
renovate[bot]
e71819eb62
deps: update Go dependencies (#3185)
* deps: update Go dependencies
* deps: tidy all modules
* Replace deprecated `grpc.DialContext` with `grpc.NewClient`

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:05:57 +02:00
edgelessci
bd80ab89cb
image: update measurements and image version (#3189)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-21 08:28:27 +02:00
renovate[bot]
c01f735042
deps: update bazel (core) (#3186)
* deps: update bazel (core)

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:49:33 +02:00
renovate[bot]
afd6b35f18
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240611 (#3180)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-20 13:28:21 +02:00
renovate[bot]
364bc1c9c4
deps: update dependency aspect_bazel_lib to v2.7.7 (#3137)
* deps: update dependency aspect_bazel_lib to v2.7.7

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-20 13:27:48 +02:00
Daniel Weiße
c1e4da3ea1
debugd: reset unit failed status before restarting (#3183)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 11:22:37 +02:00
Daniel Weiße
a36e1a79f0
helm: upgrade cert-manager from v1.12.6 to v1.15.0 (#3177)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 10:49:00 +02:00
Daniel Weiße
0368047939
helm: update Azure CSI, GCP CSI, and CSI snapshotter charts (#3175)
* Update GCP CSI chart to v1.4.0
* Update Azure CSI chart to v1.4.0
* Update CSI snapshotter from v6.2.2 to v8.0.1

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-20 08:41:46 +02:00
Markus Rudy
6e2af89c01
ci: fix cdbg_deploy error reporting (#3182) 2024-06-20 08:25:30 +02:00
Markus Rudy
c911eb4e3a
versions: default to k8s v1.29, support k8s v1.30, EOL v1.27 (#3173)
* versions: remove k8s 1.27 and patch-upgrade the others

* versions: add support for k8s 1.30.2

* versions: upgrade cloud provider images
2024-06-19 17:34:34 +02:00
Markus Rudy
132d540ac0
ci: fix GCP CCM findvers.sh script (#3178) 2024-06-19 16:26:02 +02:00
renovate[bot]
9cd1184244
deps: update GitHub action dependencies (#3176)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-19 15:19:41 +02:00
Markus Rudy
9a295b2c3a
ci: better fence around tidy-check-generate summary (#3174) 2024-06-19 12:19:41 +02:00
edgelessci
1975a10721
image: update measurements and image version (#3172)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-19 08:26:57 +02:00
Daniel Weiße
9d99d05826
cli: fix unmarshalling of sev-snp attestation documents in constellation verify (#3171)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-17 13:38:59 +02:00
edgelessci
e0f52b4acd
image: update locked rpms (#3170)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-16 11:05:20 +02:00
Markus Rudy
429711bf5d
ci: don't assign 3u13r (#3169) 2024-06-14 13:32:10 +02:00
Markus Rudy
566137e7ab
ci: make cdbg deploy errors easier to spot (#3168)
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-14 13:31:42 +02:00
edgelessci
63dc0c79af
image: update measurements and image version (#3167)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-14 08:14:39 +02:00
Daniel Weiße
daaa7755a7
cli: enable JSON output for constellation verify on Azure TDX (#3164)
* Remove formatter factory
* Enable `constellation verify` with JSON output for Azure TDX

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 13:18:27 +02:00
renovate[bot]
b3fcdc9a22
deps: update module github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.6.0 [SECURITY] (#3163)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-12 08:04:52 +02:00
edgelessci
305bc692e9
image: update measurements and image version (#3162)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-12 08:03:25 +02:00
Daniel Weiße
8b76dd68ca
attetstation: enable Azure TDX CRL checking (#3160)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:02:47 +02:00
Daniel Weiße
c682558940
debugd: return systemd logs if restarting a unit fails (#3159)
* Wait until logcollection containers are ready
* Add systemd unit journal entries to error message

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:01:54 +02:00
Markus Rudy
08770a69c4
deps: upgrade to tink-go v2.1.0 (#3054)
* deps: leave notes on why forks are used

* deps: use upstream version of tink-go
2024-06-11 20:15:42 +02:00
renovate[bot]
f8e0ca4bb6
deps: update libvirtd_base Docker digest to 99dbf3c (#3157)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-11 17:44:55 +02:00
Markus Rudy
fddad83eb4
helm: upgrade Cilium to v1.15.5-edg.1 (#3149) 2024-06-11 11:53:00 +02:00