Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,962 Commits 133 Branches 44 Tags 106 MiB
50522cb73c
Commit Graph

427 Commits

Author SHA1 Message Date
Malte Poll
fe8518a4e3 release: update measurements 2023-01-11 11:10:44 +01:00
release[bot]
e8fad4b7f9 Update version to v2.4.0 2023-01-11 11:10:44 +01:00
Paul Meyer
ef086bf02d versionsapi: log aws region 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-10 17:02:01 +01:00
renovate[bot]
d24fac00f0
Update Constellation containers (#884) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-01-09 13:15:28 +01:00
Leonard Cohnen
2700d5182b operator: reconcile kubernetesClusterVersion 2023-01-09 12:16:54 +01:00
Leonard Cohnen
8c5e41b865 constants: rename components annotation key 2023-01-09 12:16:54 +01:00
Leonard Cohnen
3637909a46 internal: move components into their own package 2023-01-09 12:16:54 +01:00
Paul Meyer
49534d463d
deps: update cluster autoscaler (#835) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 16:47:31 +01:00
Paul Meyer
f4df4067bd
deps: upgrade Azure sdk (#887) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 16:26:30 +01:00
renovate[bot]
8b11a18239
Update K8s constrained Azure versions (#886) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 14:15:16 +01:00
renovate[bot]
f99a3189d8
Update K8s constrained versions (#799) 
* Update K8s constrained versions
* Update azure images to v1.26
* Revert upgrade for k8s v1.23

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 10:40:37 +01:00
Paul Meyer
66f2c446a4 versionsapi: replace shortname pkg 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 10:15:27 +01:00
Paul Meyer
f17b40b44a versionsapi: fix shortPath implementation 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-06 10:15:27 +01:00
Otto Bittner
e7c7e35f51 cli: create backups for CRDs and their resources 
These backups could be used in case an upgrade
misbehaves after helm declared it as successful.
The manual backups are required as helm-rollback
won't touch custom resources and changes to CRDs
delete resources of the old version.
 2023-01-05 16:52:06 +01:00
Paul Meyer
afbd4a3dc1
deps: upgrade AWS cloud controller manager (#863) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-05 16:35:19 +01:00
renovate[bot]
7eae68d4f9 Update Constellation containers 2023-01-05 15:43:11 +01:00
Leonard Cohnen
25c3a8a1f3 init: add cluster version to kubernetes components 2023-01-05 14:52:09 +01:00
renovate[bot]
9c71145862
Update K8s version independent containers to v0.0.35 (#872) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-05 13:26:55 +01:00
renovate[bot]
cf3169cf44
Update Constellation containers (#854) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-05 08:14:57 +01:00
Paul Meyer
f9458950cb
versionsapi: change image path (#856) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 17:07:16 +01:00
Paul Meyer
053f4552d9 versionsapi: fix semver dependency 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 16:00:14 +01:00
Paul Meyer
3c24e3fa01 cli: move image package into cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
f19a90527b cli: use versionsapi fetcher to fetch image ref 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
3561a16819 ci: replace add-version through versionsapi cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
d2d3a8e068 versionsapi: use read-only client 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
0011d960f7 versionsapi: implement rm cmd in cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
53cc63362f versionsapi: implement list cmd in cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
777c9406fd versionsapi: implement latest cmd in cli 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
5679c9d3de versionsapi: create cli, implement add cmd 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
b3f251909c versionsapi: implement Go client 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
9dbe6033f2 versionsapi: new fetcher implementation 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
3f00f89d55 versionsapi: new implementation 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
Paul Meyer
f43b653231 versionsapi: backup old API 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-04 11:39:19 +01:00
renovate[bot]
324ef42c42
Update Constellation containers (#852) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-01-03 12:30:07 +01:00
Paul Meyer
de6ee412ac deps: update AWS cloud controller manager 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-03 12:14:16 +01:00
3u13r
f14af0c3eb
upgrade: support Kubernetes components (#839) 
* upgrade: add Kubernetes components to NodeVersion

* update rfc
 2023-01-03 12:09:53 +01:00
Leonard Cohnen
4b43311fbd bump microservice versions 2023-01-03 11:51:29 +01:00
renovate[bot]
806f6b70dd
Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1 (#844) 
* Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1
* Rename talos-systems/talos to siderolabs/talos

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-02 13:33:56 +01:00
3u13r
47fb9f7cc8
gcp: unofficial support for internal LBs (#826) 2022-12-28 13:30:39 +01:00
Moritz Sanft
9859b30c4d
AB#2544 add upgrade agent for automatic version updates (#745) 2022-12-25 18:49:45 +01:00
Paul Meyer
8b39d3d368 versionsapi: fix cache invalidation 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-23 10:15:42 +01:00
Otto Bittner
efcd0337b4
Microservice upgrades (#729) 
Run with: constellation upgrade execute --helm.
This will only upgrade the helm charts. No config is needed.

Upgrades are implemented via helm's upgrade action, i.e. they
automatically roll back if something goes wrong. Releases could 
still be managed via helm, even after an upgrade with constellation
has been done.

Currently not user facing as CRD/CR backups are still in progress.
These backups should be automatically created and saved to the 
user's disk as updates may delete CRs. This happens implicitly 
through CRD upgrades, which are part of microservice upgrades.
 2022-12-19 16:52:15 +01:00
renovate[bot]
8ddc8cdb65 Update dependency kubernetes-sigs/cri-tools to v1.26.0 2022-12-16 10:43:33 +01:00
renovate[bot]
7ffbad12be
Update Constellation containers to v2.3.0-pre.0.20221212170906-a77f38efbb31 (#779) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-14 10:46:15 +01:00
Paul Meyer
c741ccfb4b kubernetes: use new registry 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-13 16:08:19 +01:00
Paul Meyer
6862c2587f kubernetes: add v1.26, default to v1.25 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-13 16:08:19 +01:00
Malte Poll
cf0b04291a Embed measurements for v2.3.0 2022-12-12 17:45:35 +01:00
Malte Poll
d6b2e9ea9a Expand PCR selection on AWS 2022-12-12 17:45:35 +01:00
Malte Poll
c3b657de01 Bump version to v2.3.0 2022-12-12 17:45:35 +01:00
renovate[bot]
5eae12778a
Update Constellation containers (#777) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-12-09 18:45:09 +01:00
renovate[bot]
012f739c67
Update Constellation containers (#759) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-09 16:32:58 +01:00
Malte Poll
4a8ebfd921 OS images: use "ref", "stream" and "version" 
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
 2022-12-09 13:37:43 +01:00
Paul Meyer
4795fe9695 hack: create latest endpoint in add-version script 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-09 13:37:43 +01:00
Paul Meyer
f23a2fe073 hack: implement new api for add-version script 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-09 13:37:43 +01:00
renovate[bot]
72ba97efcc
Update K8s constrained versions (#762) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-09 13:17:55 +01:00
Paul Meyer
9b1551e76a dependencies: migrate go-genproto to google-cloud-go 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-08 13:27:15 +01:00
renovate[bot]
3435ac216f
Update Constellation containers (#748) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-12-08 11:38:05 +01:00
Leonard Cohnen
a1161ae05d k8supdates: label nodes with k8s component hash 2022-12-08 11:19:22 +01:00
renovate[bot]
bb9122f115
Update Constellation containers to v2.3.0-pre.0.20221207104854-286803fb97a0 (#747) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-12-07 15:12:04 +01:00
Moritz Sanft
286803fb97
AB#2579 Add constellation iam create command (#624) 2022-12-07 11:48:54 +01:00
renovate[bot]
be01cf7129
Update Constellation containers to v2.3.0-pre.0.20221206170532-a9ed8c0191ac (#733) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-07 10:44:45 +01:00
Paul Meyer
cb734a2e66 debugd: pin logcollector container digest 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-06 18:05:32 +01:00
renovate[bot]
1766f0e4b3
Update Constellation containers to v2.3.0-pre.0.20221205155634-0981ab6fa45b (#725) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-06 13:29:54 +01:00
renovate[bot]
0981ab6fa4
Update Constellation containers to v2.3.0-pre.0.20221205121645-176dae317f6c (#719) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-05 16:56:34 +01:00
Paul Meyer
176dae317f debugd: fix logcollector container image naming 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-05 13:16:45 +01:00
Paul Meyer
226a6b6626 debugd: let renovate manage logcollector images 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-02 18:54:24 +01:00
Paul Meyer
8c5fc7a890 versionsapi: allow debug stream 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-02 18:49:17 +01:00
Paul Meyer
9c9c8e3d46 versionsapi: rename package 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-02 18:49:17 +01:00
renovate[bot]
3c62b841ed
Update Constellation containers (#705) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-02 18:48:03 +01:00
Leonard Cohnen
0c71cc77f6 joinservice: use configmap for k8s components 2022-12-02 14:34:38 +01:00
renovate[bot]
de77f1d9be
Update ghcr.io/edgelesssys/constellation/qemu-metadata-api Docker tag to v2.3.0-pre.0.20221201105133-8004edcc144d (#700) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-01 18:49:02 +01:00
Paul Meyer
8004edcc14
image: add version and debug field to lookup table (#682) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-01 11:51:33 +01:00
Malte Poll
e67f65709f
Prepare release checklist for v2.3 (#690) 2022-12-01 10:46:04 +01:00
renovate[bot]
da114519ca
Update Constellation containers (#693) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-12-01 08:07:09 +01:00
Leonard Cohnen
7e57944cc0 versions: bump qemu metadata image 2022-11-30 18:58:22 +01:00
renovate[bot]
016f7a67c2
Update Constellation containers to v2.3.0-pre.0.20221130104839-9537fb73c015 (#684) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-30 16:53:58 +01:00
Malte Poll
85d723ccbd Change path for version API: 
- Rename "updates" -> "versions"
- Add explicit "stream" in path to make API self-describing
 2022-11-30 16:36:12 +01:00
Paul Meyer
b93b24e058 debugd: add logcollector 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-30 16:26:25 +01:00
Malte Poll
9537fb73c0 use constants for default CDN paths 2022-11-30 12:35:12 +01:00
Malte Poll
3aa51df74d Add release trigger to make image versions available via CDN 2022-11-30 12:35:12 +01:00
Malte Poll
9bccf26ccf move update api 2022-11-30 12:35:12 +01:00
Malte Poll
ebf852b3ba Add image update API and use for "upgrade plan" 2022-11-30 12:35:12 +01:00
Thomas Tendyck
21529d0e9e don't promote Trusted Launch for now 2022-11-30 12:24:37 +01:00
renovate[bot]
8fbc4b9b19
Update ghcr.io/edgelesssys/constellation/node-operator Docker tag to v2.3.0-pre.0.20221129130129-a32f9ae75290 (#671) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-30 11:34:57 +01:00
renovate[bot]
e2673cac29
Update Constellation containers (#663) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-29 13:46:13 +01:00
Leonard Cohnen
3b6bc3b28f initserver: add client verification 2022-11-28 19:34:02 +01:00
Thomas Tendyck
64f03cf675
config: sort measurements numerically (#654) 
* config: sort measurements numerically

* add comment to swap
 2022-11-28 11:09:39 +01:00
Daniel Weiße
d52f3db2a3
AB#2644 Fetch measurements from CDN (#653) 
* Fetch measurements from CDN

* Perform metadata validation on fetched measurements

* Remove deprecated public bucket

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-28 10:27:33 +01:00
Leonard Cohnen
c978329839 helm: fix expected helm charts 2022-11-27 16:43:50 +01:00
Nils Hanke
878d66dcda
Remove SSHUsers and UserKey from config v2 (#650) 
* Remove SSHUsers and UserKey as part of configVersion v2

* Add migration nodes to docs

* Update CHANGELOG.md
 2022-11-25 15:27:34 +01:00
renovate[bot]
a3661d6c07
Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7 (#652) 
* Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7
* Update node operator and add hashes back for every container image

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2022-11-25 15:17:58 +01:00
Nils Hanke
89b25f8ebb
Add new generate measurements matrix CI/CD action (now with AWS support) (#641) 2022-11-25 12:08:24 +01:00
Daniel Weiße
c2ea937fb5
Fix potential data race when accessing a validators OID (#640) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-24 15:50:59 +01:00
renovate[bot]
0b85709dd2 Update Constellation containers to v2.3.0-pre.0.20221124095758-f8001efbc0d0 2022-11-24 13:52:44 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs (#553) 
* Merge enforced and expected measurements

* Update measurement generation to new format

* Write expected measurements hex encoded by default

* Allow hex or base64 encoded expected measurements

* Allow hex or base64 encoded clusterID

* Allow security upgrades to warnOnly flag

* Upload signed measurements in JSON format

* Fetch measurements either from JSON or YAML

* Use yaml.v3 instead of yaml.v2

* Error on invalid enforced selection

* Add placeholder measurements to config

* Update e2e test to new measurement format

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-24 10:57:58 +01:00
renovate[bot]
8ce954e012
Update Constellation containers to v2.3.0-pre.0.20221123084142-3dc9c6086469 (#636) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-24 09:22:49 +01:00
Malte Poll
1331c171c3 Upgrade config to v2 2022-11-23 15:47:46 +01:00
Malte Poll
575b6e93f6 CLI: use global image version field 
- Restructure config by removing CSP-specific image references
- Add global image field
- Download image lookup table on create
- Download QEMU image on QEMU create
 2022-11-23 15:47:46 +01:00
Leonard Cohnen
1e98b686b6 kubernetes: verify Kubernetes components 2022-11-23 10:48:03 +01:00
Otto Bittner
6b2d9d16f8 Remove obsolote revive comments 2022-11-23 08:35:12 +01:00