constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-19 15:56:03 +00:00

Author	SHA1	Message	Date
Thomas Tendyck	547d435aca	deps: remove replacement of go-tpm with fork	2024-05-14 10:25:08 +02:00
renovate[bot]	93daf811d7	deps: update Go dependencies (#3087 ) * deps: update Go dependencies * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-05-14 08:15:57 +02:00
Malte Poll	dfeeb788ec	deps: update distroless base	2024-05-13 08:47:15 +02:00
Malte Poll	fcf233492e	deps: update skylib	2024-05-13 08:47:15 +02:00
Malte Poll	58238f5a0a	deps: update rules_nixpkgs	2024-05-13 08:47:15 +02:00
Malte Poll	ccdc87ad74	deps: update bazel_tools	2024-05-13 08:47:15 +02:00
Malte Poll	f67292d0de	deps: update hermetic_cc	2024-05-13 08:47:15 +02:00
Malte Poll	5b6f8d838e	deps: update rules_go / gazelle	2024-05-13 08:47:15 +02:00
Malte Poll	c540feb209	deps: update CI deps	2024-05-13 08:47:15 +02:00
Malte Poll	e79c74cd97	deps: update buildifier	2024-05-13 08:47:15 +02:00
Malte Poll	9116d2b82a	deps: update aspect/bazel-lib	2024-05-13 08:47:15 +02:00
Malte Poll	4fec2dba99	deps: update LTS kernel 6.7.6 -> 6.8.9	2024-05-10 18:27:40 +02:00
Malte Poll	1e8f08e350	deps: update LTS kernel 6.1.79 -> 6.1.90	2024-05-10 18:27:40 +02:00
Malte Poll	97e5c437b4	deps: update bazel buildtools (#3075 )	2024-05-10 11:10:14 +02:00
Daniel Weiße	9def35ed06	deps: update all Go dependencies (#3071 ) * Upgrade Go dependencies Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Group Go dependency upgrades Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Remove usage of deprecated docker types Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Fix usage of invalid validation tags Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Regenerate bazel files Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Keep github.com/bazelbuild/buildtools at old version to not break other dependencies Signed-off-by: Daniel Weiße <dw@edgeless.systems> --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-05-08 17:31:47 +02:00
renovate[bot]	f00890ab1e	deps: update module k8s.io/kubernetes to v1.29.4 [SECURITY] (#3039 ) Co-authored-by: Leonard Cohnen <lc@edgeless.systems>	2024-04-25 14:03:24 +02:00
Malte Poll	2a226fd8e9	deps: update Go toolchain to 1.22.2 (#3010 ) * deps: update Go toolchain to 1.22.2 * deps: update vulnerable dependencies (govulncheck)	2024-04-05 12:14:48 +02:00
renovate[bot]	4ca9db156b	deps: update module github.com/docker/docker to v25.0.5+incompatible [SECURITY] (#2998 ) * deps: update module github.com/docker/docker to v25.0.5+incompatible [SECURITY] * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-03-25 09:35:56 +01:00
Malte Poll	1670d977c6	openstack: vendor clouds.yaml Go type definitions from gophercloud v2 beta	2024-03-11 15:59:23 +01:00
Malte Poll	281c7c320c	deps: update protobuf to v1.33.0	2024-03-06 14:50:01 +01:00
Malte Poll	6f60cee6f9	deps: update Linux LTS and mainline kernel (#2947 ) LTS: 6.1.79 Mainline: 6.7.6	2024-02-26 16:59:34 +01:00
renovate[bot]	ae0e00383b	deps: update module helm.sh/helm/v3 to v3.14.2 [SECURITY] (#2944 ) * deps: update module helm.sh/helm/v3 to v3.14.2 [SECURITY] --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-02-23 09:26:36 +01:00
renovate[bot]	5674d9742a	deps: update Constellation containers (#2936 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-02-22 09:12:18 +01:00
Malte Poll	71c8a27539	deps: replace use of deprecated module azsecrets github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets -> github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets	2024-02-21 18:40:16 +01:00
Malte Poll	6a467e5594	deps: update all Go deps	2024-02-21 18:40:16 +01:00
Malte Poll	68fc2b0811	deps: update all Bazel toolchains / rule deps	2024-02-21 17:54:07 +01:00
miampf	96c5980651	cli: collect debug logs in file (#2906 )	2024-02-21 15:39:12 +00:00
Malte Poll	38ef546362	deps: update Go to 1.22.0	2024-02-20 18:27:16 +01:00
Malte Poll	889677c795	image: update mkosi and use package directory feature	2024-02-20 12:50:13 +01:00
Malte Poll	5ef12895fa	bazel: remove deprecated Bazel container It doesn't work properly with nix and a nix shell exists for all developers.	2024-02-20 12:50:13 +01:00
Malte Poll	a4d25646f5	deps: update to bazel 7	2024-02-20 12:50:13 +01:00
Malte Poll	c6e0714a42	deps: update go-git	2024-02-20 10:00:38 +01:00
renovate[bot]	3b2da12781	deps: update Constellation containers (#2919 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-02-19 16:14:05 +01:00
renovate[bot]	7980689e82	deps: update module helm.sh/helm/v3 to v3.14.1 [SECURITY] (#2911 ) * deps: update module helm.sh/helm/v3 to v3.14.1 [SECURITY] * deps: tidy all modules --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>	2024-02-15 18:01:36 +01:00
Markus Rudy	473001be55	vpn: ship our own container image (#2909 ) * vpn: ship our own container image The container image used in the VPN chart should be reproducible and stable. We're sticking close to the original nixery.dev version by building the image with nix ourselves, and then publishing the single layer from the result with Bazel OCI rules. The resulting image should be handled similar to s3proxy: it's built as a part of the Constellation release process and then consumed from a Helm chart in our registry. Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>	2024-02-15 13:08:27 +01:00
Moritz Sanft	901edd420b	terraform: remove cloud loggers (#2892 ) * terraform: remove cloud logging apps * internal/cloud: remove loggers * bootstrapper: remove logging * qemu-metadata-api: remove logging endpoint * docs: add instructions on how to get boot logs * bazel: tidy * docs: fix typo * cloud: remove unused types * Update go.mod Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * bazel: tidy * Update docs/docs/workflows/troubleshooting.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * Update docs/docs/workflows/troubleshooting.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * Update docs/docs/workflows/troubleshooting.md Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * docs: elaborate on how to get boot logs * bazel: tidy --------- Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2024-02-06 14:27:30 +01:00
Malte Poll	18acd0b12a	deps: update go-uefi and use new authenticode package (#2873 )	2024-02-05 12:06:48 +01:00
Markus Rudy	32d3b4e87c	ci: introduce keep-sorted (#2836 ) Long lists of items in source code or config can be hard to work with as a human, most problematic being out-of-order entries in an otherwise ordered list. This is where keep-sorted comes to the rescue: we can leave two little comments on every listing we care about, and keep-sorted ensures that the listing stays in order. This commit also applied keep-sorted to the CODEOWNERS file, hopefully demonstrating its usefulness to some extent. I'd expect more uses for keep-sorted to be discovered organically over time. keep-sorted is super fast, so it should not be a problem to add it to the //:tidy target, even if we scan all files in the code base. On my MacBook: $ time (find . -not -path "./.git/*" -type f \| sort \| xargs "${keep_sorted}" --mode fix) real 0m0.249s user 0m0.124s sys 0m0.129s	2024-01-30 14:39:49 +01:00
Malte Poll	d3cffa9fee	image: update Linux to 6.1.74 (#2851 )	2024-01-24 17:10:56 +01:00
Daniel Weiße	e350ca0f57	attestation: add Azure TDX attestation (#2827 ) * Implement Azure TDX attestation primitives * Add default measurements and claims for Azure TDX * Enable Constellation on Azure TDX --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-24 15:10:15 +01:00
Malte Poll	64a4a2230d	deps: update gazelle and rules_go	2024-01-22 13:11:58 +01:00
Malte Poll	e40d1e56d8	deps: update hermetic_cc_toolchain	2024-01-22 13:11:58 +01:00
Malte Poll	403acf75aa	image: add mainline kernel and azure tdx image target	2024-01-16 17:34:44 +01:00
Malte Poll	f237ae8ae2	bazel: add upload_os_images rule This rule combines uplosi, the upload command, measurement code and cosign to upload OS images, extract measurements, sign them and upload the measurements.	2024-01-15 13:53:15 +01:00
renovate[bot]	bacb8ff886	deps: update AWS SDK (#2809 ) * deps: update AWS SDK * deps: fix AWS SDK upgrade breakage --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Markus Rudy <mr@edgeless.systems>	2024-01-09 16:18:33 +01:00
Daniel Weiße	90f3336c8e	deps: remove `go.mod` files from submodules (#2769 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2024-01-08 13:19:38 +01:00
Malte Poll	0dae7908a7	bazel: remove stale bash completion file	2024-01-08 10:44:38 +01:00
Malte Poll	362d07fc52	nix: allow dev setup via direnv	2024-01-08 10:44:38 +01:00
Malte Poll	3a4f6ef9d1	bazel: use prebuilt Go toolchain (go.dev/dl) (#2796 ) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007	2024-01-05 11:52:22 +01:00
3u13r	07c884b945	ci: remove artifact encryption for public artifacts (#2776 ) * ci: remove artifact encryption for public artifacts * revert parts of #2765 * ci: add unused action exception for encrypted artifact download	2023-12-29 11:02:37 +01:00

1 2 3 4 5 ...

368 Commits