Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,356 Commits 133 Branches 44 Tags 106 MiB
43f7d9f736
Commit Graph

261 Commits

Author SHA1 Message Date
edgelessci
e231a24916
image: update measurements and image version (#2428) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-10-11 10:33:54 +02:00
katexochen
957f8ad203 image: update measurements and image version 2023-10-06 08:09:28 +02:00
edgelessci
7e899d09c4
image: update measurements and image version (#2405) 
Co-authored-by: malt3 <malt3@users.noreply.github.com>
 2023-10-04 14:24:57 +02:00
Moritz Sanft
a5021c52d3
joinservice: cache certificates for Azure SEV-SNP attestation (#2336) 
* add ASK caching in joinservice

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* use cached ASK in Azure SEV-SNP attestation

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* update test charts

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix linter

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix typ

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* make caching mechanism less provider-specific

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* update buildfiles

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add `omitempty` flag

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* frontload certificate getter

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* rename frontloaded function

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* pass cached certificates to constructor

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix race condition

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix marshalling of empty certs

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix validator usage

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* [wip] add certcache tests

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add certcache tests

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* tidy

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix validator test

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* remove unused fields in validator

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix certificate precedence

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* use separate context

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* tidy

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* linter fixes

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* linter fixes

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* Remove unnecessary comment

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* use background context

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* Use error format directive

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* `azure` -> `Azure`

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* improve error messages

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add x509 -> PEM util function

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* use crypto util functions

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix certificate replacement logic

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* only require ASK from certcache

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* tidy

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix comment typo

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-09-29 14:29:50 +02:00
edgelessci
f543922944
image: update measurements and image version (#2383) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-27 08:28:32 +02:00
Adrian Stobbe
118f789c2f
cli: fix Azure SEV-SNP latest version logic (#2343) 2023-09-25 11:53:02 +02:00
edgelessci
df77696620
image: update measurements and image version (#2351) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-25 10:18:55 +02:00
katexochen
f3f4944239 image: update measurements and image version 2023-09-20 10:52:13 +02:00
Adrian Stobbe
22c2a73ae2
cli: store kubernetes version as strong type in config (#2287) 
Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: 3u13r <lc@edgeless.systems>
 2023-09-19 13:50:00 +02:00
katexochen
83cfc86df1 image: update measurements and image version 2023-09-15 08:37:08 +02:00
katexochen
9c54ff06e0 image: update measurements and image version 2023-09-14 10:16:45 +02:00
edgelessci
4813296062
image: update measurements and image version (#2320) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-09 15:19:24 +02:00
3u13r
a25c90e9bb
remove deprecated constellation create flags (#2325) 
* chore: clean-up TODOs

* cli: make OpenStack error explicit

* cli: remove deprecated flags

* config: require DeployCSIDriver field
 2023-09-08 21:15:02 +02:00
edgelessci
4b48b5fdef
image: update measurements and image version (#2309) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-06 08:40:59 +02:00
edgelessci
463833433c
image: update measurements and image version (#2295) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-01 08:19:37 +02:00
edgelessci
eed2be0aa3
image: update measurements and image version (#2294) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-30 14:03:35 +02:00
edgelessci
0f4bd8296b
image: update measurements and image version (#2284) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-25 08:45:50 +02:00
edgelessci
3d5d291891
image: update measurements and image version (#2274) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-23 09:38:12 +02:00
3u13r
8325f99b09
deps: support Kubernetes 1.28 (#2242) 2023-08-18 11:13:24 +02:00
edgelessci
04ece90172
image: update measurements and image version (#2247) 
Co-authored-by: malt3 <malt3@users.noreply.github.com>
 2023-08-17 08:17:28 +02:00
edgelessci
f270e91724
image: update measurements and image version (#2238) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-16 09:41:01 +02:00
edgelessci
aa787a3ea6
image: update measurements and image version (#2206) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-11 11:19:57 +02:00
Daniel Weiße
c9cae643e2
internal: fix unmarshalling attestation version numbers from JSON (#2187) 
* Fix unmarshalling attestation version numbers from JSON

* Add unit test for UnmarshalJSON

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-08-09 15:11:14 +02:00
Adrian Stobbe
d8db9d0add
strict input validation on attestation version numbers (#2180) 2023-08-09 11:41:04 +02:00
edgelessci
81a13319b7
image: update measurements and image version (#2183) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-09 10:14:39 +02:00
3u13r
4564017b13
config: fix aws instance type validation (#2171) 2023-08-04 18:16:49 +02:00
Malte Poll
15bb9588d7
cli: update config migration to migrate v3 -> v4 (#2166) 2023-08-04 15:57:36 +02:00
Malte Poll
7bfcb0bd5d cli: remove old config migration from v2 to v3 2023-08-04 12:36:45 +02:00
Malte Poll
c0177c565f config: update tests 2023-08-04 12:36:45 +02:00
Malte Poll
b61deb6a03 config: update validation to work with nodeGroups 2023-08-04 12:36:45 +02:00
Malte Poll
2246c31b7b config: define lists of valid disk types 2023-08-04 12:36:45 +02:00
Malte Poll
15bb3b31fd config: add nodeGroups 2023-08-04 12:36:45 +02:00
edgelessci
75c49b6515
image: update measurements and image version (#2163) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-04 09:58:31 +02:00
edgelessci
d71422667e
image: update measurements and image version (#2157) 
Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>
 2023-08-04 08:35:19 +02:00
Daniel Weiße
86c5fb5fab
config: reorder values (#2154) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-08-02 16:01:10 +02:00
edgelessci
da1376cd90
image: update measurements and image version (#2151) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-02 10:13:56 +02:00
Otto Bittner
dac690656e
api: add functions to transparently handle signatures upon API interaction (#2142) 2023-08-01 16:48:13 +02:00
Otto Bittner
1d5a8283e0
cli: use Semver type to represent microservice versions (#2125) 
Previously we used strings to pass microservice versions. This invited
bugs due to missing input validation.
 2023-07-25 14:20:25 +02:00
Malte Poll
8da6a23aa5
bootstrapper: add fallback endpoint and custom endpoint to SAN field (#2108) 
terraform: collect apiserver cert SANs and support custom endpoint

constants: add new constants for cluster configuration and custom endpoint

cloud: support apiserver cert sans and prepare for endpoint migration on AWS

config: add customEndpoint field

bootstrapper: use per-CSP apiserver cert SANs

cli: route customEndpoint to terraform and add migration for apiserver cert SANs

bootstrapper: change interface of GetLoadBalancerEndpoint to return host and port separately
 2023-07-21 16:43:51 +02:00
edgelessci
3324a4eba2
image: update measurements and image version (#2124) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-21 16:20:41 +02:00
edgelessci
2660c1aa87
image: update measurements and image version (#2116) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-19 08:35:56 +02:00
Otto Bittner
ff4b5db74c
config: make deployCSIDriver backwards compatible (#2088) 
We added the field in 2.9 but can only require it in 2.10.
 2023-07-12 15:08:37 +02:00
Adrian Stobbe
7e83991154
feat: status shows attestation config (#2056) 
* init

* update doc

* fix tests

* unmarshal typed attestation config for consistent yaml formatting

* fix comments

* marshal numerical attestation values in join-config

* GetAttestationConfig marshals numerical value
 2023-07-07 17:02:01 +02:00
edgelessci
b71d5cdc17
image: update measurements and image version (#2054) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-07 08:13:54 +02:00
Thomas Tendyck
274fed0990 cli: fix/improve some user-facing strings 2023-07-06 09:05:17 +02:00
edgelessci
37288deacf
image: update measurements and image version (#2019) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-05 08:32:25 +02:00
Adrian Stobbe
e72ec60d13
config: iam create aws check zone contains availability zone (#1913) 
* init

* make zone flag mandatory again

* add info about zone update + refactor

* add comment in docs about zone update

* Update cli/internal/cmd/iamcreate_test.go

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas feedback

* add format check to config validation

* remove TODO

* Update docs/docs/workflows/config.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas nit

---------

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-07-04 13:55:52 +02:00
Daniel Weiße
d95ddd01d3
helm: fix upgrade command unintentionally skipping all service upgrades (#1992) 
* Fix usage of errors.As in upgrade command implementation

* Use struct pointers when working with custom errors

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-30 16:46:05 +02:00
edgelessci
05c43137e4
image: update measurements and image version (#1988) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-06-30 08:48:38 +02:00
Moritz Sanft
7ad284d672
cli: deploy aws csi driver per default (#1981) 
* add aws csi driver helm chart

* update chart

* add CSI driver to Constellation default deployment

* generate config doc

* update buildfiles

* use upstream chart

* update buildfile

* set `DeployCSIDriver` in default config

* fix helm test

* whitespace
 2023-06-30 08:46:32 +02:00