Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-12-12 09:24:24 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,516 Commits 135 Branches 49 Tags 108 MiB
5145f806ea
Commit Graph

481 Commits

Author SHA1 Message Date
Malte Poll
6f16e0b6fd
ci: use github actions cache to speedup bazel builds (#1444) 
* ci: use github actions cache to speedup bazel builds
* ci: warm bazel repo cache daily
 2023-03-21 10:06:32 +01:00
Paul Meyer
a3b328360d ci: always run bazel tidy/check/generate workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-20 11:17:16 -04:00
Paul Meyer
8d3fe6f477 bazel: add terrafrom to //:check and //:generate 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-20 11:17:16 -04:00
Nils Hanke
33cb3e8653 e2e: add "checks: write" permission for junit reports 2023-03-20 16:16:08 +01:00
Malte Poll
c3c0940adb
bazel: use remote caching (#1456) 
* bazel: add configuration for remote caching
* ci: enable bazel remote caching for building binaries
* ci: use bazel directly when building go binaries
* ci: enable cache for most build steps
* dev-docs: document remote caching
 2023-03-20 16:05:08 +01:00
Nils Hanke
914eacb4a3
e2e: use macOS for building Linux artifacts and remove caching steps (#1446) 2023-03-20 11:04:44 +01:00
Malte Poll
3fd9a34025
ci: disable upload of Azure TrustedLaunch image (#1440) 2023-03-17 10:51:44 +01:00
Paul Meyer
3a04786412 bazel: add actionlint to //:check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 13:02:11 -04:00
Paul Meyer
0fc15b2393 bazel: add shellcheck to //:check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 11:13:14 -04:00
Paul Meyer
e3f37e9a38 bazel: add shfmt to tidy target 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 04:39:45 -04:00
Nils Hanke
6bb6f1c288 ci: remove Go setup where Bazel is used for building 2023-03-14 15:28:36 +01:00
3u13r
fe767ba78e
introduce version.txt (#1412) 2023-03-14 14:53:33 +01:00
Paul Meyer
8679988b6c fixup! bazel: add tidy and check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-14 03:43:51 -04:00
Paul Meyer
02c97fac03 bazel: add tidy and check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-14 03:43:51 -04:00
Paul Meyer
e1f0ea50a7 ci: only build GCP guest agent if necessary 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 12:19:46 -05:00
Paul Meyer
72530d45ae ci: tag GCP guest agent with semver 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 12:19:46 -05:00
Paul Meyer
cc60de312e ci: adopt tidy workflow for bazel 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 10:02:28 -05:00
Moritz Sanft
01705feb51
ci: upload cli version list (#1377) 
* upload cli version list

* fix flag

* name

* allow cli kind for listing

* [remove] update vapi cli

* allow cli kind

* use latest versionsapi image version

* fix kind parsing

* use workflow calls in on_release action

* [remove] update container tag

* change back to latest tag
 2023-03-10 10:21:58 +01:00
Malte Poll
bdba9d8ba6
bazel: add build files for go (#1186) 
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-09 15:23:42 +01:00
Daniel Weiße
e07be3d6f8
fix: add measurement-reader to build pipeline (#1386) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-03-09 15:01:09 +01:00
renovate[bot]
fede4ec6d2
deps: update GitHub action dependencies (#1365) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-08 10:06:42 +01:00
Paul Meyer
74fc6239b2
deps: update to Go 1.20.2 (#1366) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-08 10:05:36 +01:00
Paul Meyer
f4a4a044fe ci: tee GitHub output 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-07 11:32:41 -05:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps (#1345) 2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Moritz Eckert
29664fc481 ci: upload benchmark results to opensearch 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-03 09:43:49 +01:00
Moritz Eckert
12ba11ceee ci: replace k-bench in e2e-test-weekly 2023-03-03 09:43:49 +01:00
Moritz Eckert
6fbca2818f ci: replace k-bench in e2e-test-manual 2023-03-03 09:43:49 +01:00
Paul Meyer
6cb93d66df ci: change push/pr token 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-03 02:55:17 -05:00
Paul Meyer
f9bb7c5f34
ci: frequently build up to date gcp guest-agent (#1315) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-01 13:52:52 +01:00
Paul Meyer
8c171a1b66
ci: pin ko version (#1309) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-28 18:53:28 +01:00
Moritz Sanft
732d15d013
ci: use iam destroy command for resource destruction (#1272) 
* replace tf destruction with new command

* move iam destroy cmd

* fix typos

* exit post test on error

* [remove] test failure on iam destroy

* Revert "[remove] test failure on iam destroy"

This reverts commit 99449c0cc0.

* [remove] test failure on terminate

* Revert "[remove] test failure on terminate"

This reverts commit 99c45bbc54.

* gofumpt
 2023-02-28 09:52:32 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create on OpenStack (#1283) 
* image: support OpenStack image build / upload

* cli: add OpenStack terraform template

* config: add OpenStack as CSP

* versionsapi: add OpenStack as CSP

* cli: add OpenStack as provider for `config generate` and `create`

* disk-mapper: add basic support for boot on OpenStack

* debugd: add placeholder for OpenStack

* image: fix config file sourcing for image upload
 2023-02-27 18:19:52 +01:00
Otto Bittner
6c07a2892e ci: adapt pipeline to use --kubernetes flag 2023-02-27 16:33:47 +01:00
Otto Bittner
08ee56911b cli: overwrite chart versions during install/upgrade 
* As charts receive information like the container image from
the cli it makes sense to also version the charts based on the cli
version.
* The pseudoversion is recalculated when running cmake.
* When merging changes from release branch to main,
a new commit is introduced to set the PROJECT_VERSION back
to 0.0.0, so that builds include a pseudoversion.
 2023-02-27 16:06:35 +01:00
Otto Bittner
948a12461c build: introduce pseudoversion for cli versions 
All binaries that receive a version number during build
now receive a pseudoversion from hack/pseudo-version.
This makes any version-dependant behavior more similar
between dev and release versions. And in turn makes testing
easier.
 2023-02-27 16:06:35 +01:00
Paul Meyer
4f480db77a
ci: ensure ci prs trigger workflows (#1279) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-27 15:16:07 +01:00
Otto Bittner
05823680f3
ci: fix release pipeline (#1253) 
* add pull-request permission to docs job
* readd permission for micro-services step
* run checkout action before building
* allow crane to read packages
 2023-02-27 10:49:52 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci (#1218) 
* add cli k8s compatibility api to ci

* extend versionsapi package

* rework cli info upload via ci

* join errors natively

* fix semver

* upload from hack file

* fix ci checks

* add distributionid

* setup go before running hack file

* setup go after repo checkout

* use logger instead of panic, invalidate cache

* use provided ctx

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

---------

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-24 12:00:04 +01:00
Nils Hanke
f13f80b8af
ci: update Syft to 0.72.0 and Grype to 0.57.1 (#1120) 
* ci: update Syft to 0.72.0 and Grype to 0.57.1
* ci: install Cosign before Syft
* ci: directly read private key from environment for Cosign
* ci: add --add-cpes-if-none to Grype
* ci: use cosign attest directly instead of syft attest
 2023-02-22 14:17:02 +01:00
Paul Meyer
f580f8216a ci: add missing Go setup 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 08:50:11 -05:00
renovate[bot]
30f53f78d0
deps: update GitHub action dependencies (#1239) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 13:49:47 +01:00
Moritz Sanft
0ba810240f
ci: integrate automatic iam creation in e2e test (#1158) 
* integrate automatic iam creation in e2e test

* fix typo

* break long line comments

* fix semvers

* correct bracing
 2023-02-21 12:47:14 +01:00
Paul Meyer
df30197607 ci: fix self trigger paths of workflows 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 05:21:59 -05:00
Paul Meyer
937ced0223 ci: update Go tidy check workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-20 12:08:24 -05:00
Paul Meyer
955316c661 ci: use new -C flag of Go subcommands 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-20 12:08:24 -05:00
Paul Meyer
e011a20c49 deps: update to Go 1.20 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-20 12:08:24 -05:00
Paul Meyer
62fbbff91f ci: commit as edgelessci 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-20 10:40:08 -05:00
Paul Meyer
c5977840f6 ci: add missing token in terraform workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-20 10:40:08 -05:00
Otto Bittner
68b4b95741 ci: use correct container name to tag joinservice 2023-02-17 11:17:26 +01:00
Fabian Kammel
656e109e17
fix: upload signature of measurements. (#1213) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-17 10:53:57 +01:00
renovate[bot]
7500112d37
deps: update GitHub action dependencies (#1201) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-02-15 14:47:42 +01:00
Malte Poll
77216f7492
deps: vendor node-maintenance-operator api (#1172) 
* deps: go generate script to vendor node-maintenance-operator api folder

* deps: vendor node-maintenance-operator api folder

* operators: use vendored node-maintenance-operator api

* ci: ignore 3rdparty dir for license check
 2023-02-14 18:46:48 +01:00
Paul Meyer
b46e2b1681 ci: better naming for spelling check workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-13 11:42:12 -05:00
Thomas Tendyck
5a142748bc ci: update vale action 2023-02-13 16:43:56 +01:00
Fabian Kammel
50522cb73c
expand variables (#1161) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-10 17:57:26 +01:00
Paul Meyer
278031b066 ci: fix workdir of apko base image build 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-10 11:24:17 -05:00
stdoutput
e46f4280e7 update default k8s version in manual e2e test 2023-02-10 15:13:34 +01:00
Otto Bittner
a7ea85c738 ci: update k8s versions in e2e tests 
The accepted format has been changed for upgrade support.
 2023-02-10 15:13:34 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation (#1152) 
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-09 13:33:17 +01:00
Paul Meyer
60254f21f4
ci: fix location of cli docgen output (#1138) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-03 18:00:16 +01:00
Daniel Weiße
f74f589605
ci: add containerized libvirt build workflow (#1130) 
* Add libvirt container build workflow

* Update release workflow

* Update image libvirt base image

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-02-02 14:40:05 +01:00
Fabian Kammel
64c4b1f766
allow workflow to create pr (#1132) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-01 16:54:12 +01:00
Malte Poll
b7d3f3972b ci: add bazel tests 2023-01-31 17:55:09 +01:00
renovate[bot]
bec82c2328
deps: update GitHub action dependencies (#1112) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 17:38:44 +01:00
Paul Meyer
e5a2e519a3 ci: fix hasher permissions 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 17:36:45 +01:00
Paul Meyer
e0354826e0 ci: trigger builds on workflow change 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 17:17:03 +01:00
Otto Bittner
176f366c53 ci: fix manual keyservice build workflow 2023-01-31 16:53:46 +01:00
Paul Meyer
c00004a321 ci: fix oras download in package hasher 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 15:06:13 +01:00
Fabian Kammel
c14e551af5
fix permissions (#1119) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-31 14:30:36 +01:00
Otto Bittner
24409fe6ee ci: ensure that unittests are run when touching helm charts 
In case the helm charts are changed only yaml files are touched.
Thus the unit test workflow was not triggered.
 2023-01-31 11:36:49 +01:00
Otto Bittner
88e3da750e ci: adjust tags in build_ko 
Currently tags can be empty when building a ko image.
However, --bare may not work in case --tags is empty,
as per ko docs.

Also remove redundant build step in release pipeline.

Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-01-31 10:16:20 +01:00
Fabian Kammel
b21393ddb1
authorize purge branch (#1113) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-30 17:55:41 +01:00
leongross
2187aa6cb0
ci: reproducible builds integration (#1108) 
* remove `-ko` suffix from workflows
* integrate into `release.yaml`
* adjust helm charts to use hard coded `ko` binary path
 2023-01-30 16:58:49 +01:00
Fabian Kammel
48c8a66114
Minimal GitHub Action token permissions. (#1104) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-30 16:11:27 +01:00
Paul Meyer
32a540bff4 ci: tag apko base images 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 16:05:00 +01:00
Paul Meyer
8268b6e23f ci: don't build apko base images on release branch 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 16:05:00 +01:00
Paul Meyer
88b4bc5857 ci: pin apk packages used in container base image 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 16:05:00 +01:00
renovate[bot]
17ff8c43d7
deps: update GitHub action dependencies (#1099) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-27 16:12:26 +01:00
Paul Meyer
8364856d55 versions: remove Kubernetes v1.23 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-27 13:32:20 +01:00
Paul Meyer
ccd3a08eca ci: improve readability of GitHub lables 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-26 18:29:38 +01:00
renovate[bot]
6c068674af
deps: update GitHub action dependencies (#1085) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-26 15:22:33 +01:00
Paul Meyer
4bb1bb7595 ci: fix value substitution in pr messages 
of release workflow

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-26 12:44:05 +01:00
Paul Meyer
bb419bdee5 ci: use peter-evans' action to create prs 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-25 18:39:15 +01:00
Malte Poll
ee869eaf9c ci: prepare upgrade-agent for upload in e2e tests 2023-01-25 09:58:56 +01:00
Malte Poll
ce17a0c9ac ci: set debug flag explicitly in os build pipeline 2023-01-25 09:58:56 +01:00
3u13r
f950fded9a
ci: add testdata trigger to unittest (#1063) 2023-01-24 11:39:26 +01:00
Paul Meyer
f5de2b7fc6 ci: move scheduled build into own workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-23 14:15:05 +01:00
Paul Meyer
94c0184e4d ci: add workflow for proto code generation check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-23 12:20:37 +01:00
Paul Meyer
a8cbfd848f
keyservice: use dash in container name (#1016) 
Co-authored-by: Otto Bittner <cobittner@posteo.net>
 2023-01-20 18:51:06 +01:00
Fabian Kammel
582412d275
Fix GCP CCM build, add v26, and exclude old broken versions until fixed. (#1038) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-20 15:17:00 +01:00
Paul Meyer
a31d79e9cb ci: curl flags 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-20 14:23:32 +01:00
Paul Meyer
71708a967c ci: run tests on workflow file change 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-19 16:47:47 +01:00
Paul Meyer
acc3f64dee ci: only build apko base images on change 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-19 15:18:26 +01:00
Paul Meyer
5dc080c3b3 ci: only run CodeQL on main 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-19 12:16:40 +01:00
Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover (#845) 
* AB#2256 Add recover e2e test

* AB#2256 move test & fix minor objections

* AB#2256 fix path

* AB#2256 rename hacky filename
 2023-01-19 10:41:07 +01:00
Paul Meyer
2cee7cb454 ci: run CodeQL only on Go/Python changes 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-19 10:34:36 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action (#1011) 2023-01-18 17:33:10 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies (#1007) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 17:04:46 +01:00
Paul Meyer
8e18c7012c ci: install shellcheck using the action 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 17:02:40 +01:00