constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-05 01:25:23 -05:00

Author	SHA1	Message	Date
renovate[bot]	44612b1d93	deps: update Kubernetes versions (#3553 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-12-23 14:01:26 +01:00
renovate[bot]	fc0b3cc4a2	deps: update Kubernetes versions (#3516 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-12-02 14:26:59 +01:00
renovate[bot]	6ebfa28e6d	deps: update Kubernetes versions (#3472 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-12-01 13:13:48 +01:00
renovate[bot]	810f86582d	deps: update Kubernetes versions (#3358 ) * deps: update Kubernetes versions * e2e: run vale with python venv --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Markus Rudy <mr@edgeless.systems>	2024-10-11 19:23:31 +02:00
Moritz Sanft	eab9aca26f	terraform-provider-constellation: make kubeconfig output fine-grained (#3334 )	2024-09-03 16:26:08 +02:00
renovate[bot]	6e6ea1a9d5	deps: update Kubernetes versions (#3325 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-08-26 13:46:46 +02:00
renovate[bot]	cf5d9c2f12	deps: update Kubernetes versions (#3298 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-08-26 09:18:56 +02:00
Thomas Tendyck	399376d3e3	Make SEV-SNP the default attestation variant on GCP (#3267 ) * Make SNP the default on GCP * fixup! Make SNP * fixup! Make SNP	2024-07-22 13:29:27 +02:00
Markus Rudy	c911eb4e3a	versions: default to k8s v1.29, support k8s v1.30, EOL v1.27 (#3173 ) * versions: remove k8s 1.27 and patch-upgrade the others * versions: add support for k8s 1.30.2 * versions: upgrade cloud provider images	2024-06-19 17:34:34 +02:00
renovate[bot]	aa910cfc25	deps: update Kubernetes versions (#3102 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2024-06-03 15:08:09 +02:00
renovate[bot]	fffc9db2b5	deps: update Kubernetes versions (#3072 ) Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2024-05-09 13:38:01 +02:00
Moritz Sanft	913b09aeb8	Support SEV-SNP on GCP (#3011 ) * terraform: enable creation of SEV-SNP VMs on GCP * variant: add SEV-SNP attestation variant * config: add SEV-SNP config options for GCP * measurements: add GCP SEV-SNP measurements * gcp: separate package for SEV-ES * attestation: add GCP SEV-SNP attestation logic * gcp: factor out common logic * choose: add GCP SEV-SNP * cli: add TF variable passthrough for GCP SEV-SNP variables * cli: support GCP SEV-SNP for `constellation verify` * Adjust usage of GCP SEV-SNP throughout codebase * ci: add GCP SEV-SNP * terraform-provider: support GCP SEV-SNP * docs: add GCP SEV-SNP reference * linter fixes * gcp: only run test with TPM simulator * gcp: remove nonsense test * Update cli/internal/cmd/verify.go Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * Update docs/docs/overview/clouds.md Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * linter fixes * terraform_provider: correctly pass down CC technology * config: mark attestationconfigapi as unimplemented * gcp: fix comments and typos * snp: use nonce and PK hash in SNP report * snp: ensure we never use ARK supplied by Issuer (#3025) * Make sure SNP ARK is always loaded from config, or fetched from AMD KDS * GCP: Set validator `reportData` correctly --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * attestationconfigapi: add GCP to uploading * snp: use correct cert Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: enable fetching of attestation config values for GCP SEV-SNP * linter fixes --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2024-04-16 18:13:47 +02:00
Malte Poll	d69673fab7	terraform-provider: Add support for STACKIT / OpenStack	2024-03-11 15:59:23 +01:00
Malte Poll	f94c6ca0d4	misc: skip message about community license with marketplace image	2024-03-04 18:17:26 +01:00
Daniel Weiße	78b9b0fc96	terraform-provider: enable Azure TDX (#2854 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-26 15:46:21 +01:00
Malte Poll	a8bca88eeb	k8s: add 1.29, remove 1.26, default 1.28 (#2803 ) undefined	2024-01-08 16:53:12 +01:00
Daniel Weiße	7d778d1b5b	Add required kubernetes_version attribute to example Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-08 13:52:55 +01:00
Adrian Stobbe	f41ce43919	terraform-provider: require kubernetes and microservice version (#2791 )	2024-01-04 16:25:24 +01:00
renovate[bot]	c8fc04d991	deps: update Kubernetes versions (#2762 ) * deps: update Kubernetes versions * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2023-12-22 14:10:39 +01:00
Daniel Weiße	519efe637d	constellation-lib: run license check in Terraform provider and refactor code (#2740 ) * Clean up license checker code Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Create license check depending on init/upgrade actions Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Run license check in Terraform provider Signed-off-by: Daniel Weiße <dw@edgeless.systems> * fix license integration test action Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Run tests with enterprise tag Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Allow b64 encoding for license ID Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Update checker_enterprise.go --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-12-22 10:16:36 +01:00
Moritz Sanft	82e2875927	terraform-provider: add input validation (#2744 ) * terraform-provider: add validation for `constellation_image` * terraform-provider: add validation for `constellation_cluster` * image: accept short path versions * terraform-provider: correct error statement Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * terraform-provider: remove superfluous log statements * terraform-provider: fix error assertion casing * terraform-provider: remove superfluous semver check * Update terraform-provider-constellation/internal/provider/shared_attributes.go Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> --------- Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2023-12-20 15:56:48 +01:00
Moritz Sanft	9414f29b51	terraform-provider: lock-step microservice version (#2733 )	2023-12-18 14:21:19 +01:00
Moritz Sanft	af791bd221	terraform-provider: add usage examples (#2713 ) * terraform-provider: add usage example for Azure * terraform-provider: add usage example for AWS * terraform-provider: add usage example for GCP * terraform-provider: update usage example for Azure * terraform-provider: update generated documentation * docs: adjust creation on Azure and link to examples * terraform-provider: unify image in-/output (#2725) * terraform-provider: check for returned error when converting microservices * terraform-provider: use state values for outputs after creation * terraform-provider: ignore invalid upgrades (#2728) --------- Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-12-18 10:15:54 +01:00
Adrian Stobbe	9667dfff58	terraform: align infrastructure module attributes (#2703 ) * all vars have snail_case * make iam schema consistent * infrastructure schema * terraform: update AWS infrastructure module * fix ci * terraform: update AWS infrastructure module * terraform: update AWS IAM module * terraform: update Azure Infrastructure module inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update Azure IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update OpenStack Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update QEMU Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-module: fix input name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: tidy * cli: ignore whitespace in Terraform variable tests * terraform-module: fix AWS output names * terraform-module: fix output references Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: rename `api_server_cert_sans` * Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * fix self-managed * terraform: revert AWS modules output file renaming * terraform: remove duplicate varable declaration * terraform: rename Azure location field * ci: adjust output name in self-managed e2e test * e2e: continuously print output in upgrade test * e2e: write to output variables * cli: migrate IAM variable names * cli: make `location` field optional --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>	2023-12-15 10:36:58 +01:00
Adrian Stobbe	37580009fe	terraform-provider: cleanup and improve docs (#2685 ) Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-12-14 15:47:55 +01:00
Moritz Sanft	367136add2	terraform-provider: support importing Constellation clusters (#2702 ) * terraform-provider: support importing Constellation clusters * bazel: shfmt exclusion for import script * ci: fix godot check * bazel: shellcheck exclusion for import script * Update dev-docs/workflows/terraform-provider.md Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com> * ci: fix Terraform lock exclude directories --------- Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>	2023-12-12 16:00:03 +01:00
Moritz Sanft	60fc73e0e7	terraform-provider: implement `constellation_cluster` resource (#2691 ) * terraform: move module to legacy-directory * constellation-lib: refactor service account marshalling * terraform-provider: normalize Azure image URIs * constellation-lib: refactor Kubeconfig endpoint rewriting * terraform-provider: add conversion functions for AWS and GCP * terraform-provider: implement `constellation_cluster` resource * terraform-provider: refactor conversion * terraform-provider: implement image and k8s upgrades * terraform-provider: fix linter checks * terraform-provider: refactor to bundle init & upgrade method * constellation-lib: rewrite Kubeconfig endpoint in init * terraform-provider: bind logger and dialer constructors to struct * terraform-provider: move applier to function pointer * terraform-provider: gcp conversion fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix Azure UAMI input * terraform-provider: rename Kubeconfig variable * terraform-provider: tidy * terraform-provider: regenerate docs * constellation-lib: provide Kubeconfig in testing initserver --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-12-11 15:55:44 +01:00
Malte Poll	a87fd7607f	deps: update Kubernetes versions	2023-12-08 13:59:51 +01:00
Adrian Stobbe	c07c333d3d	terraform-provider: data skeleton for cluster resource (#2678 )	2023-12-05 16:16:50 +01:00
Moritz Sanft	9a62657b80	terraform-provider: init provider scaffolding (#2632 ) * terraform-provider: init Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: add basic docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix build steps Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: extend build process and docgen Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * dev-docs: document provider usage Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: upload aspect lib mirror Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: add docstring to fix linter Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: don't try to create lockfiles Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bazel: fix shellcheck issues * bazel: separate paths to check * bazel: explain what updating lockfiles means Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-provider: fix linter checks Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>	2023-11-24 15:58:21 +01:00

30 Commits