constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2025-03-28 17:48:14 -04:00

Author	SHA1	Message	Date
Malte Poll	3a5753045e	goleak: ignore rules_go SIGTERM handler rules_go added a SIGTERM handler that has a goroutine that survives the scope of the goleak check. Currently, the best known workaround is to ignore this goroutine. https://github.com/uber-go/goleak/issues/119 https://github.com/bazelbuild/rules_go/pull/3749 https://github.com/bazelbuild/rules_go/pull/3827#issuecomment-1894002120	2024-01-22 13:11:58 +01:00
Malte Poll	66faa5493f	deps: Go 1.21.6	2024-01-22 13:11:58 +01:00
Malte Poll	f465356ace	nix: update flake.lock	2024-01-22 13:11:58 +01:00
Malte Poll	64a4a2230d	deps: update gazelle and rules_go	2024-01-22 13:11:58 +01:00
Malte Poll	e40d1e56d8	deps: update hermetic_cc_toolchain	2024-01-22 13:11:58 +01:00
Malte Poll	00eacdf9e8	image: mark image upload as manual bazel target	2024-01-22 13:11:58 +01:00
Moritz Sanft	0030a26eaf	ci: parallelize upgrade e2e test (#2724 ) * ci: parallelize upgrade e2e test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * ci: revert name change * ci: upgrade checkout action * ci: add target version before building target cli * ci: rename input * ci: upload service account key * ci: download sa key on GCP --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2024-01-19 16:34:47 +01:00
edgelessci	3b02edcc48	image: update measurements and image version (#2833 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2024-01-19 09:12:24 +01:00
edgelessci	2acbd10ef7	image: update measurements and image version (#2831 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2024-01-17 18:55:10 +01:00
Malte Poll	b8933560be	image upload: use unique blob name for AWS images uploaded to S3 (#2830 ) When uploading images to AWS, they need to be uploaded to S3 first. Since blob names are not unique between attestation variants, there was a possibility for one S3 upload to be used for the wrong AMI.	2024-01-17 17:09:07 +01:00
edgelessci	6259815869	image: update measurements and image version (#2828 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2024-01-17 08:11:53 +01:00
Malte Poll	9d6321faa3	uplosi: use separate galleries for Azure TDX and TDX	2024-01-16 17:34:44 +01:00
Malte Poll	52dec77508	nix: update uplosi to support Azure TDX	2024-01-16 17:34:44 +01:00
Malte Poll	336ba6bc34	attestation: add Azure TDX variant Only a stub for now.	2024-01-16 17:34:44 +01:00
Malte Poll	5063b815f1	config: allow Azure TDX instance types	2024-01-16 17:34:44 +01:00
Malte Poll	403acf75aa	image: add mainline kernel and azure tdx image target	2024-01-16 17:34:44 +01:00
Markus Rudy	e29ea77d23	helm: bump Cilium chart version (#2822 ) * helm: bump Cilium chart version * helm: generate Cilium chart	2024-01-16 14:49:24 +01:00
Markus Rudy	16c63d57cd	dev-docs: Helm chart for full L3 VPN connectivity (#2620 ) * dev-docs: add 'things to try' section to VPN howto * dev-docs: full L3 connectivity in VPN chart	2024-01-16 13:59:33 +01:00
Malte Poll	9181705299	ci: use sonobuoy 0.57.1 (#2821 )	2024-01-16 13:19:46 +01:00
Markus Rudy	2d3996d5b3	ci: don't check Wireguard weblinks (#2823 )	2024-01-15 15:45:45 +01:00
Moritz Sanft	bf02680477	ci: mirror GCP images to MPI project on release (#2820 )	2024-01-15 13:58:30 +01:00
Malte Poll	9a27e7bf77	image: only archive release images + QEMU / OpenStack image	2024-01-15 13:53:15 +01:00
Malte Poll	8a74893461	ci: build and upload OS image in single job	2024-01-15 13:53:15 +01:00
Malte Poll	5ec03c5b9d	image: add upload rules for images	2024-01-15 13:53:15 +01:00
Malte Poll	f237ae8ae2	bazel: add upload_os_images rule This rule combines uplosi, the upload command, measurement code and cosign to upload OS images, extract measurements, sign them and upload the measurements.	2024-01-15 13:53:15 +01:00
Malte Poll	b7bab7c3c8	image: replace "upload {aws\|azure\|gcp}" with uplosi	2024-01-15 13:53:15 +01:00
Malte Poll	fb392c2d50	image: add image uploader that uses uplosi in the background This implementation will replace the custom Go code in internal/osimage/{aws\|azure\|gcp} and still conforms to the same interface.	2024-01-15 13:53:15 +01:00
Malte Poll	181b8f64d2	image: add static (per-CSP) measurements during "measurement envelope" This logic was previously performed in a GitHub Actions workflow using yq. Since every step should now be performed in Bazel, this now needs to happen here.	2024-01-15 13:53:15 +01:00
Malte Poll	f7b22f3705	bazel: add tool dependencies for image upload	2024-01-15 13:53:15 +01:00
Markus Rudy	711dff37a4	ci: fetch OpenSearch password from e2e test project (#2818 )	2024-01-15 13:25:15 +01:00
edgelessci	84a90bb5bd	image: update locked rpms (#2819 ) Co-authored-by: malt3 <malt3@users.noreply.github.com>	2024-01-15 10:46:50 +01:00
Adrian Stobbe	60a0a6020e	ci: add upgrade to provider example test (#2775 )	2024-01-13 13:13:10 +01:00
edgelessci	2fea43a320	image: update measurements and image version (#2817 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2024-01-12 08:20:15 +01:00
Markus Rudy	bdca822d8a	ci: remove derpsteb from e2e assignee list (#2816 )	2024-01-12 08:09:38 +01:00
3u13r	120ae9d227	image: lower file limit for containerd (#2815 )	2024-01-11 12:47:38 +01:00
Adrian Stobbe	9a814f91b1	terraform-provider: validate microservice and image version during plan (#2814 )	2024-01-11 12:04:21 +01:00
Adrian Stobbe	baad7d8310	aws sev snp resolves latest version values on GetAttestationConfig (#2810 )	2024-01-10 13:32:13 +01:00
Markus Rudy	b267457541	ci: fix OpenSearch link for e2e notifications (#2813 ) * ci: fix OpenSearch link for e2e notifications	2024-01-10 09:49:47 +01:00
edgelessci	c61507f220	image: update measurements and image version (#2812 ) Co-authored-by: katexochen <katexochen@users.noreply.github.com>	2024-01-10 08:13:30 +01:00
Markus Rudy	49ecb2415f	ci: remove reference to absent go.mod file (#2811 )	2024-01-09 23:07:16 +01:00
Malte Poll	e618050c7a	bazel: add directories to ignore (#2805 )	2024-01-09 21:46:53 +01:00
Markus Rudy	ef6f63dc48	Fix various small things throughout the codebase (#2800 ) * bootstrapper: remove obsolete log statement * ci: simplify variable usage Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com> * cli: add missing formatting directive * helm: fix rm invocation * ci: document reproducible-builds workflow * constants: use variables for measurement files * constants: use variables for CDN distribution ID * ci: make Helm version explicit * api: prettify versionsapi-list output * ci: remove obsolete docstring --------- Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>	2024-01-09 19:37:56 +01:00
3u13r	badcdcb764	deps: bump cilium to v1.15.0-pre.3-edg.1 (#2808 )	2024-01-09 16:45:56 +01:00
renovate[bot]	bacb8ff886	deps: update AWS SDK (#2809 ) * deps: update AWS SDK * deps: fix AWS SDK upgrade breakage --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Markus Rudy <mr@edgeless.systems>	2024-01-09 16:18:33 +01:00
Malte Poll	a8bca88eeb	k8s: add 1.29, remove 1.26, default 1.28 (#2803 ) undefined	2024-01-08 16:53:12 +01:00
Moritz Sanft	e691e26bd3	cli: support for GCP marketplace images (#2792 ) * cli: support GCP marketplace images * ci: support GCP marketplace images * docs: support GCP marketplace images * bazel: generate * ci: allow GCP for mpi e2e test * Update docs/docs/overview/license.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * terraform-provider: allow GCP MPIs * terraform-provider: fix error message --------- Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2024-01-08 15:51:39 +01:00
Malte Poll	d3b951300d	ci: explicitly build s3proxy container image tag before referencing (#2806 ) Otherwise, the file might not exist.	2024-01-08 14:32:08 +01:00
Daniel Weiße	7d778d1b5b	Add required kubernetes_version attribute to example Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-08 13:52:55 +01:00
Daniel Weiße	1271e95c0c	Fix missing Kubernetes version for Terraform e2e test Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-08 13:52:55 +01:00
Daniel Weiße	90f3336c8e	deps: remove `go.mod` files from submodules (#2769 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-08 13:19:38 +01:00

1 2 3 4 5 ...

3781 Commits