Commit Graph

873 Commits

Author SHA1 Message Date
Malte Poll
58dbbdc072 Update HACKING.md 2022-08-05 12:37:22 +02:00
Malte Poll
9e057f5a7f Apply suggestions from code review
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-08-05 12:37:22 +02:00
Malte Poll
3b0b3f0335 Use local CoreOS assembler image instead of ghcr 2022-08-05 12:37:22 +02:00
Malte Poll
cba89c687d Add patches and Makefile for modified CoreOS assembler 2022-08-05 12:37:22 +02:00
Malte Poll
eab33817fd Update debugd README (#340)
* Update debugd README
* Add command to list available releases

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-08-05 12:28:57 +02:00
Daniel Weiße
8895693ae2 AB#2251 Parallel Azure scale set creation (#318)
* Parallel Azure scale set creation

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-05 10:35:38 +02:00
Malte Poll
f5fe4fe885 Replace armnetworks module until https://github.com/Azure/azure-sdk-for-go/issues/18704 is fixed 2022-08-05 10:35:38 +02:00
Malte Poll
081dfb5037 Upgrade Azure SDK
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-05 10:35:38 +02:00
dependabot[bot]
9741c0e6b1 Bump docker/build-push-action from 2.10.0 to 3.1.0 (#338)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ac9327eae2...1cb9d22b93)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:53:01 +02:00
dependabot[bot]
68cea57880 Bump docker/metadata-action from 3.8.0 to 4.0.1 (#337)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](b2391d37b4...69f6fc9d46)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-05 08:52:51 +02:00
Daniel Weiße
4151d365fb AB#2286 Return only primary IPs for instance metadata operations (#335)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-04 11:08:20 +02:00
Daniel Weiße
5c00dafe9b Fix CoreOS pipeline (#336)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-04 09:24:21 +02:00
Daniel Weiße
5da92d9d8b AB#2249 Rework image build pipeline (#326)
* Rework image build pipeline

* Dont cancel workflow runs on main

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-03 16:01:36 +02:00
Malte Poll
d3435b06a2 AB#2283 Build CCM GCP from github actions in constellation repo (#334)
* Build CCM GCP from github actions in constellation repo
* Deploy correct version of GCP CCM
2022-08-03 11:46:11 +02:00
Otto Bittner
70336e4c9b AB#2289: Release v1.4.0 2022-08-03 08:06:05 +02:00
Otto Bittner
a13d1d8bd8 Bump coreos-img version 2022-08-03 08:06:05 +02:00
Otto Bittner
ba9555033d Bump service-image versions to v1.4.0 2022-08-03 08:06:05 +02:00
Fabian Kammel
985585f578 fix linter issues (#329)
* fix linter issues
* replace fmt with logger
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-08-02 16:25:47 +02:00
Otto Bittner
1859dc1718 AB#2288: Fix/kernel panic (#328)
* More debug info & don't use guestfish
* Sync image runner script with deployed code
* Add missing = for --wait in sonobuoy action

Co-authored-by: <mp@edgeless.systems>
2022-08-02 15:34:17 +02:00
Daniel Weiße
19871ee422 Enable integrity protection on boot (#300)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:35:23 +02:00
Daniel Weiße
aa7fcce8af Add configurable node disk type (#317)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-02 12:24:55 +02:00
Malte Poll
6a84bb5b4b go pseudo version hack script: update main
- use correct default major version
- Warn (but do not fail) if no version tag exists yet.
2022-08-02 11:02:48 +02:00
Malte Poll
f9dc21685f go pseudo version hack script: use correct commit hash length 2022-08-02 11:02:48 +02:00
Fabian Kammel
a705fabf43 wait at most 5 hours (#322) 2022-08-01 21:44:12 +02:00
Fabian Kammel
ffc3097c10 [RFC] Secure Software Distribution (#234)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2022-08-01 16:52:32 +02:00
Fabian Kammel
19b731b5f7 Add node name to early boot logging (#323)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-01 12:32:28 +02:00
Fabian Kammel
050e8fdc4a AB#2159 Feat/cli/fetch measurements (#301)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-01 09:37:05 +02:00
Daniel Weiße
7baf98f014 Add test vectors for key derivation functions (#320)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-01 09:11:13 +02:00
Fabian Kammel
87083ca624 Awesome README.md badges (#316)
awesome readme badges
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-29 16:37:35 +02:00
Daniel Weiße
e0ae4e1fe6 Bump kms, joinservice, and verification service image to latest (#319)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-29 10:42:23 +02:00
Daniel Weiße
9a3bd38912 Generate random salt for key derivation on init (#309)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-29 09:52:47 +02:00
3u13r
e0ce2e8a51 add namespace to kubectl requests (#315)
* add namespace to kubectl requests

* Add tests for missing/wrong namespace

Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-07-28 16:07:29 +02:00
katexochen
c37fab0a4c Add cdbg warning for non-debug image 2022-07-28 13:11:55 +02:00
Otto Bittner
5d87b48769 Bump image version 2022-07-28 09:57:11 +02:00
Otto Bittner
5a2809aca2 Disable automatic image builds (#310)
We only need new images for bootstrapper changes
for each release. Between releases we can use debug images.
For releases we have to build images manually anyway.
Therefore, let's not build these images unnecessarily.
2022-07-28 09:56:49 +02:00
Daniel Weiße
a3a85b31cf Remove mentions of unique ID (#311)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-27 16:10:50 +02:00
katexochen
ed5f64dc0a Fix stateservice test and increase speed 2022-07-27 15:07:53 +02:00
katexochen
d43ee053ed Log disk uuid to cloud logging 2022-07-27 14:25:31 +02:00
katexochen
d6b5e954e7 Tidy hack go.mod 2022-07-27 13:56:40 +02:00
Otto Bittner
44b5e042ea AB#2077: Kubernetes 1.22.12 support (#302)
* Necessary changes to build join-service image
* Reference new join-service image

Tested on GCP and Azure using microservice-demo.
2022-07-27 13:38:14 +02:00
Otto Bittner
83d2c7b6a3 AB#2077: add v1.24.3 support (#298)
This is a squashed commit. 
* Necessary changes for 1.24 support. Trigger join-service build.
* Update joinservice version. Image was created 
by manually triggered workflow, based on now squashed commit.

microservice-demo can be deployed successfully.
No errors during cluster setup.
2022-07-26 17:08:57 +02:00
Otto Bittner
ff5100f332 AB#2234: Introduce AddNodeSelectorsToDeployment
Add the above function to the different client interfaces.
Remove previously used Command.Exec call.
2022-07-26 16:53:41 +02:00
Otto Bittner
6b6a3ee976 AB#2234: Introduce AddTolerationsToDeployment
Add the above function to the different client interfaces.
Update adjacent functions to provided needed ctx and client
objects.
2022-07-26 16:53:41 +02:00
Moritz Eckert
ad02249b9a Add VerifyService port to GCP LB (#291)
* Add VerifyService port to GCP LB

* cli verify command: Use verify service port by default

Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-07-26 16:35:14 +02:00
Thomas Tendyck
244426305d fix integration test workflow 2022-07-26 15:59:04 +02:00
Thomas Tendyck
aa0a07592b check licenses (#297)
* AB#2222 check licenses of dependencies

* AB#2222 check-licenses: use setup-go
2022-07-26 11:49:13 +02:00
Daniel Weiße
db79784045 AB#2200 Merge Owner and Cluster ID (#282)
* Merge Owner and Cluster ID into single value

* Remove aTLS from KMS, as it is no longer used for cluster external communication

* Update verify command to use cluster-id instead of unique-id flag

* Remove owner ID from init output

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-26 10:58:39 +02:00
Thomas Tendyck
48d614c959 AB#2222 replace unlicensed passwd package with own implementation 2022-07-25 15:10:29 +02:00
dependabot[bot]
f57a7e3ed0 Bump docker/setup-buildx-action from 1.7.0 to 2 (#285)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.7.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f211e3e9de...dc7b9719a9)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-25 12:14:17 +02:00
Fabian Kammel
3a52bcabeb First suggestion for issue and pr templates. (#289)
* First suggestion for issue and pr templates.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-25 12:13:02 +02:00