Daniel Weiße
485ebb151e
kubecmd: retry any k8s errors in CLI and Terraform ( #3028 )
...
* Retry any k8s errors in CLI and Terraform
* Use structured logging in `kubecmd` package
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-04-16 15:12:42 +02:00
edgelessci
41e4f144ed
image: update measurements and image version ( #3023 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-04-12 08:24:28 +02:00
Markus Rudy
f6dfea2a79
helm: unbreak helm test after Cilium version bump ( #3022 )
2024-04-11 09:38:15 +02:00
Markus Rudy
550798279a
Merge pull request from GHSA-g8fc-vrcg-8vjg
...
* helm: firewall pods
* helm: bump cilium chart version
---------
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-04-10 13:48:32 +02:00
edgelessci
7bdd4c2449
image: update measurements and image version ( #3019 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-04-10 08:25:16 +02:00
edgelessci
249148abe2
image: update measurements and image version ( #3013 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-04-05 15:23:44 +02:00
miampf
840f460bac
logging: unify debug log message format ( #2997 )
2024-04-03 13:49:03 +00:00
edgelessci
638a94c7c6
image: update measurements and image version ( #3008 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-04-03 08:28:45 +02:00
edgelessci
d6ac1967c5
image: update measurements and image version ( #3004 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-04-02 08:44:25 +02:00
edgelessci
367b278002
image: update measurements and image version ( #3000 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-25 08:19:58 +01:00
edgelessci
89f311dac1
image: update measurements and image version ( #2996 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-20 08:35:26 +01:00
edgelessci
e0bbb447a9
image: update measurements and image version ( #2987 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-15 07:54:20 +01:00
Markus Rudy
54af083da3
helm: retry uninstall manually if atomic install failed ( #2984 )
2024-03-14 10:52:11 +01:00
edgelessci
3b8fa95648
image: update measurements and image version ( #2983 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-13 09:08:44 +01:00
Malte Poll
923a41ba01
openstack: move credentials to instance user data
2024-03-11 16:43:36 +01:00
Malte Poll
c23f17de41
openstack: read credentials from clouds.yaml
2024-03-11 15:59:23 +01:00
Malte Poll
d69673fab7
terraform-provider: Add support for STACKIT / OpenStack
2024-03-11 15:59:23 +01:00
Malte Poll
1670d977c6
openstack: vendor clouds.yaml Go type definitions from gophercloud v2 beta
2024-03-11 15:59:23 +01:00
Malte Poll
6ddabd025d
openstack: rename client type
2024-03-11 15:59:23 +01:00
Daniel Weiße
27330490f3
cli: retry auth handshake deadline exceeded errors in CLI and Terraform ( #2976 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-03-08 13:15:06 +01:00
edgelessci
483c888a3c
image: update measurements and image version ( #2975 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-08 08:40:29 +01:00
Malte Poll
108784c580
openstack: improve error message on IMDS failures
2024-03-07 11:47:51 +01:00
Malte Poll
7f262d18a8
imagefetcher: allow any marketplace image for OpenStack
2024-03-07 11:47:51 +01:00
Malte Poll
281c7c320c
deps: update protobuf to v1.33.0
2024-03-06 14:50:01 +01:00
Malte Poll
8b41bcaecc
cli: correct measurements in config generate stackit
2024-03-04 18:17:26 +01:00
Malte Poll
f94c6ca0d4
misc: skip message about community license with marketplace image
2024-03-04 18:17:26 +01:00
Malte Poll
1c8a7e4c22
cli: add STACKIT to constellation config instance-types
2024-03-04 18:17:26 +01:00
edgelessci
d8a8d9b6b9
image: update measurements and image version ( #2963 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-01 08:31:34 +01:00
Malte Poll
3ce10eb00f
terraform: allow STACKIT / OpenStack instance type to be UUID or name
2024-02-28 15:48:53 +01:00
edgelessci
79aaa77b6b
image: update measurements and image version ( #2950 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-02-28 10:02:33 +01:00
edgelessci
b2ab5869b3
image: update measurements and image version ( #2943 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-02-23 09:33:12 +01:00
3u13r
2a61861a1c
stackit: add k8s api load balancer ( #2925 )
2024-02-22 17:39:34 +01:00
renovate[bot]
62acec17f6
deps: update Constellation containers ( #2921 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-02-22 14:04:42 +01:00
Malte Poll
00d39ff7fa
helm: update edgelesssys cinder-csi-plugin
2024-02-22 12:43:04 +01:00
Malte Poll
31f65fb486
openstack: find node CIDR with multiple subnets
2024-02-22 12:43:04 +01:00
Malte Poll
d8185fdafb
helm: use patched yawol with support for subnet choice
...
Constellation requires a CIDR that only Kubernetes nodes live in.
This is needed for cilium encryption.
To make yawol LBs work, they need to be placed in a different subnet
with their own CIDR.
This patched version supports that.
2024-02-22 12:43:04 +01:00
Malte Poll
1e987f6a85
terraform: add subnet for OpenStack LBs
2024-02-22 12:43:04 +01:00
Malte Poll
9d164de18b
helm: avoid waiting for non-essential services ( #2939 )
...
In our e2e tests, we see a lot of "etcd-leader changed" errors
while deploying non-essential helm charts.
If this transient error occurs, helm gets into a broken state
where it cannot uninstall cleanly and thus any retry attempts fail.
By not waiting for the installation of helm charts to succeed,
we can avoid making most of the kubernetes API calls while
control-plane nodes are joining.
This makes "constellation apply" faster and more resilient.
2024-02-22 12:18:55 +01:00
Malte Poll
522f2858c6
proto: update generated protobuf sources
2024-02-21 18:40:16 +01:00
Malte Poll
8541365341
sigstore: replace use of deprecated module go-tuf
2024-02-21 18:40:16 +01:00
Malte Poll
65903459a0
chore: fix unused parameter lint in new golangcilint version
2024-02-21 17:54:07 +01:00
renovate[bot]
cdd80a4f3f
deps: update dependency containernetworking/plugins to v1.4.0 ( #2896 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-02-21 17:42:48 +01:00
miampf
96c5980651
cli: collect debug logs in file ( #2906 )
2024-02-21 15:39:12 +00:00
Malte Poll
59faa2b692
attestation: add hardcoded OpenStack enterprise measurements
2024-02-21 13:31:32 +01:00
katexochen
70ff097e12
image: update measurements and image version
2024-02-21 08:49:20 +01:00
Malte Poll
a4d25646f5
deps: update to bazel 7
2024-02-20 12:50:13 +01:00
Malte Poll
75f16ce87b
image: upload OpenStack images to OpenStack
2024-02-19 18:16:45 +01:00
Malte Poll
6f9020d527
cli: use pre-uploaded image on OpenStack
...
Before, the terraform infrastructure code would upload an image on the fly.
Now, we upload images in advance and specify the image ID instead.
2024-02-19 18:16:45 +01:00
renovate[bot]
3b2da12781
deps: update Constellation containers ( #2919 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-19 16:14:05 +01:00
renovate[bot]
75f1c0b3e1
deps: update registry.k8s.io/autoscaling/cluster-autoscaler Docker tag to v1.27.5 ( #2761 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-16 13:26:59 +01:00