Commit Graph

160 Commits

Author SHA1 Message Date
renovate[bot]
2da3ae3f09
deps: update Azure SDK (major) (#2253)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-24 07:55:56 +02:00
Malte Poll
0be3d4b132 bazel: provide k8s / envtest toolchains 2023-08-17 10:46:45 +02:00
renovate[bot]
26c41aacd2
deps: update module golang.org/x/vuln to v1 (#2231)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-15 15:12:39 +02:00
renovate[bot]
91ec474b80
deps: update bufbuild/buf to v1.26.1 (#2233)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-15 15:02:53 +02:00
renovate[bot]
d12b6bf443
deps: update dependency rules_python to v0.24.0 (#2197)
* deps: update dependency rules_python to v0.24.0

* deps: upgrade rules_python archive

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-08-10 12:47:39 +02:00
renovate[bot]
34228cd261
deps: update module github.com/bazelbuild/rules_go to v0.41.0 (#2198)
* deps: update module github.com/bazelbuild/rules_go to v0.41.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-08-10 11:24:20 +02:00
Malte Poll
f70fc36075
deps: update bazel, rules_go and gazelle (#2203)
* deps: update dependency bazel to v6.3.2

* deps: update dependency io_bazel_rules_go to v0.41.0

* deps: update dependency bazel_gazelle to v0.32.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-08-10 10:52:15 +02:00
renovate[bot]
947ceaa670
deps: update bufbuild/buf to v1.25.1 (#2191)
* deps: update bufbuild/buf to v1.25.1
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-08-10 08:55:24 +02:00
Adrian Stobbe
70861ee8ad
cli: declare mastersecret as immutable and print attestationCfg diff in warning (#2167) 2023-08-08 13:03:23 +02:00
Paul Meyer
e97b2afc14 cli: print maa token in verify
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-08 11:50:26 +02:00
renovate[bot]
ef60d00a60
deps: update module github.com/docker/docker to v23.0.6+incompatible (#2070)
* deps: update module github.com/docker/docker to v23.0.6+incompatible

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-07-31 09:58:51 +02:00
Daniel Weiße
6a40c73ff7
disk-mapper: set LUKS2 token to allow reusing unintialized state disks (#2083)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-07-18 16:20:03 +02:00
Malte Poll
738b22caba
cli: fix broken "constellation mini up" due to incompatible terraform json (#2081)
* deps: downgrade terraform-json to v0.15.0

terraform-exec requires a matching version of terraform json.
Since the latest released version of terraform-exec still uses terraform-json v0.15.0,
we need to stay on that version.

* cli: add "--skip-helm-wait" flag for "constellation init" to "constellation mini up"
2023-07-10 15:16:45 +02:00
renovate[bot]
d3ad46f727
deps: update module github.com/bazelbuild/rules_go to v0.40.1 (#2072)
* deps: update module github.com/bazelbuild/rules_go to v0.40.1
* deps: tidy all modules
* deps: updated bazel rules toolchain

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-07-10 10:58:51 +02:00
3u13r
52f4410334
deps: bump go-secure-stdlib/awsutil (#2076)
* deps: bump  go-secure-stdlib/awsutil

* deps: tidy after upgrade

---------

Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-07-10 10:52:20 +02:00
Adrian Stobbe
344343e40b fix GHSA-hqxw-f8mx-cpmw 2023-07-07 16:44:31 +02:00
renovate[bot]
ab4b948421
deps: update module google.golang.org/grpc to v1.56.2 (#2057)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 14:26:41 +02:00
renovate[bot]
050db3a5d8
deps: update github.com/thomasten/go-tpm digest to f43f8e2 (#2048)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2023-07-07 13:17:58 +02:00
renovate[bot]
aa5105809c
deps: update module google.golang.org/api to v0.130.0 (#2059)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 11:27:25 +02:00
renovate[bot]
3a6dc4971a
deps: update K8s dependencies to v0.27.3 (#2051)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-07-07 11:26:14 +02:00
renovate[bot]
c199c6825b
deps: update dependency rules_python to v0.23.1 (#2047)
* deps: update dependency rules_python to v0.23.1

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-07-07 10:54:49 +02:00
renovate[bot]
859dfc309f
deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.6 (#2053)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:41:04 +02:00
renovate[bot]
67e3a8240d
deps: update Google SDK (#2050)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:11:47 +02:00
renovate[bot]
4c00339700
deps: update etcd dependencies to v3.5.9 (#2049)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:09:24 +02:00
renovate[bot]
ed2943c5c8
deps: update module github.com/onsi/ginkgo/v2 to v2.11.0 (#2045)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 18:23:52 +02:00
renovate[bot]
73d7e1ae5c
deps: update module github.com/go-git/go-git/v5 to v5.7.0 (#2040)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 18:23:09 +02:00
renovate[bot]
81b88aa4b2
deps: update module github.com/hashicorp/go-kms-wrapping/v2 to v2.0.10 (#2046)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 17:42:46 +02:00
renovate[bot]
e9f220092f
deps: update module github.com/googleapis/gax-go/v2 to v2.12.0 (#2041)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 17:30:08 +02:00
renovate[bot]
ff729bfc85
deps: update module github.com/hashicorp/terraform-json to v0.17.1 (#2037)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 16:51:48 +02:00
renovate[bot]
95e9b771f1
deps: update module github.com/gophercloud/gophercloud to v1.5.0 (#2036)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 16:44:32 +02:00
renovate[bot]
49cff0aabb
deps: update module github.com/sigstore/rekor to v1.2.2 (#2033)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:41:14 +02:00
renovate[bot]
8c03e7e311
deps: update module libvirt.org/go/libvirt to v1.9004.0 (#2042)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:24:07 +02:00
renovate[bot]
0c53b535ec
deps: update module helm.sh/helm/v3 to v3.12.1 (#2039)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:13:01 +02:00
renovate[bot]
be23526023
deps: update module github.com/sigstore/sigstore to v1.7.1 (#2034)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 13:21:29 +02:00
renovate[bot]
c8b1e6fef3
deps: update module golang.org/x/crypto to v0.11.0 (#2014)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 13:20:20 +02:00
renovate[bot]
6f389be103
deps: update module golang.org/x/tools to v0.10.0 (#2017)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 11:50:33 +02:00
renovate[bot]
8b11678571
deps: update module k8s.io/kubernetes to v1.27.3 [SECURITY] (#2031)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-07-06 10:22:30 +02:00
renovate[bot]
874c9b3ad9
deps: update module golang.org/x/sys to v0.10.0 (#2016)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 15:57:39 +02:00
renovate[bot]
38b7be4b1f
deps: update module github.com/katexochen/sh/v3 to v3.7.0 (#2013)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-07-05 15:23:24 +02:00
renovate[bot]
5943c13006
deps: update module golang.org/x/mod to v0.12.0 (#2015)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 14:47:24 +02:00
renovate[bot]
53edee098a
deps: update module golang.org/x/vuln to v0.2.0 (#2018)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 08:30:18 +02:00
renovate[bot]
9de8660bd7
deps: update module github.com/stretchr/testify to v1.8.4 (#2008)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 17:23:09 +02:00
renovate[bot]
1dc204f5f1
deps: update katexochen/ghh to v0.3.0 (#2010)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-07-04 16:03:35 +02:00
renovate[bot]
c388ad6806
deps: update bufbuild/buf to v1.23.1 (#2009)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 15:15:59 +02:00
renovate[bot]
d66793df56
deps: update golangci/golangci-lint to v1.53.3 (#2007)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 15:03:35 +02:00
renovate[bot]
e698f4d3e0
deps: update golang.org/x/exp digest to 97b1e66 (#2004)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 14:55:35 +02:00
renovate[bot]
27097b7f80
deps: update AWS SDK (#1996)
* deps: update AWS SDK

* deps: tidy all modules

---------

Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-07-03 16:23:51 +02:00
Malte Poll
78fb0066e4
ci: add automated tests for reproducible builds (#1914)
* ci: reproducible builds test
* deps: upgrade actionlint to support macos-13 runners
2023-06-23 12:12:32 +02:00
Otto Bittner
7388240943
Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916)" (#1957)
This reverts commit c7d12055d1.
2023-06-22 17:08:44 +02:00
Otto Bittner
c7d12055d1
attestation: add SNP-based attestation for aws-sev-snp (#1916)
* config: move AMD root key to global constant
* attestation: add SNP based attestation for aws
* Always enable SNP, regardless of attestation type.
* Make AWSNitroTPM default again

There exists a bug in AWS SNP implementation where sometimes
a host might not be able to produce valid SNP reports.
Since we have to wait for AWS to fix this we are merging SNP
attestation as opt-in feature.
2023-06-21 14:19:55 +02:00