Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,071 Commits 133 Branches 44 Tags 106 MiB
5c3a7a5580
Commit Graph

4071 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Moritz Sanft
5c3a7a5580
image: update to Fedora 40 (#3104) 
* deps: upgrade OS to Fedora 40

* image: measure uki sections uname and sbat for systemd >= 254

* deps: update mainline kernel for Fedora 40

* image: update kernel to 6.6.30

* image: update upload docs

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
 2024-05-16 09:10:09 +02:00
Malte Poll
7eedd0e3de
cli: simplify log message on init call (#3105) 2024-05-15 16:17:12 +02:00
renovate[bot]
36a827056f
deps: update softprops/action-gh-release action to v2 (#3103) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 10:54:37 +02:00
Daniel Weiße
87e112085f
renovate: group all Terraform dependency updates into one PR (#3101) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-15 10:31:20 +02:00
edgelessci
36141b149c
image: update measurements and image version (#3100) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-15 09:36:01 +02:00
renovate[bot]
af64f99bfe
deps: update google-github-actions/auth action to v2.1.3 (#3094) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 09:28:58 +02:00
renovate[bot]
ed54277f78
deps: update actions/download-artifact action to v4 (#3096) 
* deps: update actions/download-artifact action to v4

* Update slsa generator action to v2

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-15 09:26:10 +02:00
renovate[bot]
73d86c25df
deps: update azure/login action to v2 (#3097) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 09:05:50 +02:00
renovate[bot]
d5d5ea857d
deps: update github/codeql-action action to v3 (#3099) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 09:05:38 +02:00
renovate[bot]
62baa9bed2
deps: update cachix/install-nix-action action to v26 (#3098) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 08:59:07 +02:00
renovate[bot]
c866e3d670
deps: update actions/checkout action to v4 (#3095) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-15 08:58:56 +02:00
Daniel Weiße
8219005587
terraform: only set confidential_instance_type if cc_technology is SEV_SNP (#3085) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-14 16:02:30 +02:00
Markus Rudy
8e3cf5a270
s3proxy: commit image version on release, too (#3093) 2024-05-14 15:45:06 +02:00
Malte Poll
93fcb51e67 ci: explicitly set bazel test timeout to four hours for e2e tests 
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2024-05-14 13:34:50 +02:00
Thomas Tendyck
547d435aca deps: remove replacement of go-tpm with fork 2024-05-14 10:25:08 +02:00
Markus Rudy
43e6b85026
ci: only assign reviewer to bot PRs (#3091) 2024-05-14 10:02:00 +02:00
Markus Rudy
c0a39eab89
deps: bump stackit terraform provider to 0.17.0 (#3089) 2024-05-14 09:46:40 +02:00
renovate[bot]
93daf811d7
deps: update Go dependencies (#3087) 
* deps: update Go dependencies

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-05-14 08:15:57 +02:00
Daniel Weiße
4f1768e660
cloud: hide kubernetes iptables usage behind linux build tag (#3088) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-13 13:22:22 +02:00
renovate[bot]
d76c9ac82d
deps: update GitHub action dependencies (#3086) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-13 10:42:07 +02:00
renovate[bot]
dda426a51e
deps: update ubuntu:22.04 Docker digest to a6d2b38 (#3084) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-13 10:18:56 +02:00
renovate[bot]
10a2bca9f9 deps: update fedora:38 Docker digest to b9ff6f2 2024-05-13 09:37:54 +02:00
Malte Poll
39805a41ba deps: update Bazel 2024-05-13 08:47:15 +02:00
Malte Poll
57ad6f6bc5 deps: update flakes 2024-05-13 08:47:15 +02:00
Malte Poll
cfaba0b1c3 misc: update golangci-lint related changes 2024-05-13 08:47:15 +02:00
Malte Poll
dfeeb788ec deps: update distroless base 2024-05-13 08:47:15 +02:00
Malte Poll
fcf233492e deps: update skylib 2024-05-13 08:47:15 +02:00
Malte Poll
58238f5a0a deps: update rules_nixpkgs 2024-05-13 08:47:15 +02:00
Malte Poll
ccdc87ad74 deps: update bazel_tools 2024-05-13 08:47:15 +02:00
Malte Poll
f67292d0de deps: update hermetic_cc 2024-05-13 08:47:15 +02:00
Malte Poll
5b6f8d838e deps: update rules_go / gazelle 2024-05-13 08:47:15 +02:00
Malte Poll
c540feb209 deps: update CI deps 2024-05-13 08:47:15 +02:00
Malte Poll
e79c74cd97 deps: update buildifier 2024-05-13 08:47:15 +02:00
Malte Poll
9116d2b82a deps: update aspect/bazel-lib 2024-05-13 08:47:15 +02:00
edgelessci
d0bb738607
image: update measurements and image version (#3074) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-13 08:39:52 +02:00
edgelessci
19cf9b7f40
image: update locked rpms (#3080) 
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
 2024-05-12 17:16:47 +02:00
Malte Poll
4fec2dba99 deps: update LTS kernel 6.7.6 -> 6.8.9 2024-05-10 18:27:40 +02:00
Malte Poll
1e8f08e350 deps: update LTS kernel 6.1.79 -> 6.1.90 2024-05-10 18:27:40 +02:00
Malte Poll
03475b60b3
ci: disable BuildBuddy (#3077) 2024-05-10 11:14:45 +02:00
Malte Poll
97e5c437b4
deps: update bazel buildtools (#3075) 2024-05-10 11:10:14 +02:00
renovate[bot]
1ead19e69a
deps: update ghcr.io/edgelesssys/cloud-provider-gcp Docker tag to v29.0.1 (#3073) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-10 09:57:07 +02:00
Markus Rudy
174c3ab48a
terraform: add missing policies for AWS ALB (#3063) 
* terraform: add missing policies for AWS ALB
 2024-05-10 08:51:32 +02:00
renovate[bot]
fffc9db2b5
deps: update Kubernetes versions (#3072) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-05-09 13:38:01 +02:00
3u13r
0325483504
helm: disable cilium ipmasq agent when in conformance mode (#3062) 2024-05-08 18:51:12 +02:00
Daniel Weiße
9def35ed06
deps: update all Go dependencies (#3071) 
* Upgrade Go dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Group Go dependency upgrades

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Remove usage of deprecated docker types

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Fix usage of invalid validation tags

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Regenerate bazel files

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Keep github.com/bazelbuild/buildtools at old version to not break other dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-08 17:31:47 +02:00
Malte Poll
1c0c7d6227
ci: disable e2e-attestationconfigapi on PRs (#2937) 
This workflow touches shared state by deleting all objects of a bucket and then
uploading a signed blob of data to that S3 bucket under a fixed name.
It also does so multiple times in a row, while invalidating the cloudfront
cache and checking if the uploaded object exists.
All runs of this workflow share the same bucket.
Since this pipeline runs on any modification of go.mod, it is very prone
to race condition between PRs (or PRs and main).
 2024-05-08 14:59:03 +02:00
renovate[bot]
adf03ad76c
deps: update GitHub action dependencies (#3070) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-08 14:33:35 +02:00
Daniel Weiße
86c45d1d5f
deps: update to Go 1.22.3 (#3069) 
* Update renovate syntax
* Update to Go 1.22.3

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-08 11:34:31 +02:00
Daniel Weiße
a15cf54477
ci: use 7zip for creating archives (#3068) 
* Use 7zip for creating and processing encrypted archives
* Switch to .7z file extension
* Fix shell check issues
* Fix tfstate update logic

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-08 10:34:10 +02:00
Daniel Weiße
edc0c7068e
ci: fix delete artifact conditional (#3067) 
* Fix state exists check
* Dont fail if folder to remove does not exist

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-07 08:48:38 +02:00