Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-20 20:31:38 -05:00
Code Issues Packages Projects Releases Wiki Activity
1,767 Commits 136 Branches 49 Tags 94 MiB
5cb10aef45
Commit Graph

185 Commits

Author SHA1 Message Date
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts (#560) 2022-11-16 15:45:10 +01:00
Leonard Cohnen
2f0b1a0f32 ci: add go generate check 2022-11-15 18:24:07 +01:00
Malte Poll
5f44668897
Extend AWS e2e test token expiration to 6 hours (#547) 2022-11-14 14:14:42 +01:00
Paul Meyer
056f98a2ab ci: bump sonobuoy version 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-14 10:33:29 +01:00
Christoph Meyer
d612ed2cae AB#2530 CI benchmarks compare to previous and generate graphs 
- Get the previous benchmark results from artifact store S3 bucket
- Compare the current benchmark to the previous results
- Attach markdown table comparing results to the workflow output
- Update benchmarks in bucket if running on main
- Generate graphs from comparison
- Document continous benchmarking
 2022-11-11 18:37:35 +01:00
Paul Meyer
09969afd57 ci: fix workflows 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 16:38:29 +01:00
Paul Meyer
106b738fab ci: format shellscripts 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 15:53:57 +01:00
Paul Meyer
7aa7492474 Fix shellcheck warnings 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:40:13 +01:00
Paul Meyer
6fd605b3c4 e2e: print id file after create 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:30:34 +01:00
Paul Meyer
11672acf0a e2e: add AWS test 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521 ci: rename actions 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:30:34 +01:00
renovate[bot]
8e8ce070b7
Update google-github-actions/setup-gcloud action to v1 (#524) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-10 18:29:30 +01:00
renovate[bot]
92b647a099
Update google-github-actions/auth action to v1 (#523) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-10 18:28:47 +01:00
Malte Poll
e011c7ef78 Set azureImageOffer for debug images 2022-11-10 09:13:44 +01:00
Malte Poll
e9fecec0bc Only publish release AMIs 2022-11-09 14:29:58 +01:00
Paul Meyer
d3bad39223
e2e: fix deletion of persisten volumes (#476) 
Co-authored-by: Christoph Meyer <cme@edgeless.systems>
 2022-11-09 10:28:34 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch (#479) 
* Bump version to v2.2.0

* Update changelog

* Fix release detection in pipeline

* Fix PKI selection in pipeline

* Set enforced measurements for AWS

* Update default images

* Fix release docs

* Update mini-con defaults

* Fix measurements action

* Fix syft env variable naming

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-08 18:32:59 +01:00
Malte Poll
899ca91aa3 Move enforced measurement for clusterID to PCR[15] in e2e tests 2022-11-08 00:07:04 +01:00
Malte Poll
3e996efb3f Pass azure image offer from build variable action 2022-11-08 00:07:04 +01:00
Malte Poll
ed58fcccd3
CI: Add secure boot prod keys (#462) 
* Add production secure boot keys
* Refactor OS build and upload settings
 2022-11-04 16:48:52 +01:00
Nils Hanke
b24c799c80 Replace specific Azure/GCP credentials with secrets 2022-11-04 12:57:24 +01:00
Nils Hanke
a535ca1901 CI: Use lowercase image name for S3 upload 2022-11-04 12:57:24 +01:00
Nils Hanke
af08ffbb16 CI: Add group for building pcr-reader for better output 2022-11-04 12:57:24 +01:00
Nils Hanke
3ca88d6043 Fix Constellation measure CI action 2022-11-04 12:57:24 +01:00
renovate[bot]
72caeca69b Update dependency matplotlib to v3.6.2 2022-11-03 16:01:52 +01:00
Christoph Meyer
273d6162de fix: don't run CI K-Bench with less than 2 worker nodes 
K-Bench's network benchmarks require two distinct worker nodes.
Add check prior to running the benchmark that terminates early, if not
enough workers scheduled.
 2022-11-02 18:45:56 +01:00
Christoph Meyer
94429c8db8 Add CI action to install CSI drivers 2022-11-02 18:30:59 +01:00
Nils Hanke
7ca4a6d0e1 Adjust CI scripts to avoid termination prompt 2022-11-02 18:18:30 +01:00
renovate[bot]
f60120bbbc
Update github actions dependencies (#420) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-02 11:00:40 +01:00
Christoph Meyer
1952eb5721 AB#2191 Evaluate K-Bench benchmarks in CI 
Install Python for K-bench evaluation
Add scripts to evaluate the K-Bench results in CI
Attach graphs to the workflow results in GitHub Actions
 2022-11-01 12:27:25 +01:00
Christoph Meyer
f4ff473677 AB#2191 Add K-Bench CI step to manual workflow 
Add the option to run K-Bench performance to the manual CI workflow
Install CSI drivers in the cluster for K-Bench benchmarks
Attach the results to the workflow in the GitHub Actions view
 2022-11-01 12:27:25 +01:00
Paul Meyer
3933a97567 e2e: rework schedule of e2e test daily/weekly 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-31 18:22:05 +01:00
Paul Meyer
4cd659b394
e2e: fix collection of boot logs on GCP (#401) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-31 10:40:08 +01:00
Paul Meyer
050223e4c5 e2e: add nop payload to only test infra creation 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-28 17:46:37 +02:00
Malte Poll
9297a4e8a2
Normalize naming: "sonobuoy fast" -> "sonobuoy quick" (#389) 2022-10-28 11:01:31 +02:00
Paul Meyer
b7415647a6 Move sonobuoy action 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
Paul Meyer
95b8531fdd Add e2e autoscaling test 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
Paul Meyer
7108304046 Remove upload of state file 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
Paul Meyer
8aa84fd759 Remove installation of preinstalled dependencies 
in workflows

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
renovate[bot]
acc82b205a
Update github actions dependencies (#366) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-26 15:48:35 +02:00
Malte Poll
d81172e352
Pin setup-gcloud action to git tag (for renovate) (#376) 2022-10-26 13:58:05 +02:00
Fabian Kammel
18ae86c38e
sbom signing (#303) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-21 15:19:51 +02:00
renovate[bot]
10a207c7ec Update github actions dependencies 2022-10-21 11:33:41 +02:00
Malte Poll
743f5fa627 Remove all traces of CoreOS from the codebase 2022-10-21 11:04:25 +02:00
Nils Hanke
714b368a62 Add gcloud setup back to GCP login action for magic authentication 2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc Create mkosi image build pipeline 2022-10-21 11:04:25 +02:00
renovate[bot]
6d5cb6b581
Update sigstore/cosign-installer action to v2.8.1 (#323) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-19 10:29:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies (#294) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-18 13:00:41 +02:00
renovate[bot]
ccaad5e482
Update github actions dependencies (#274) 2022-10-17 11:14:41 +02:00
renovate[bot]
c08147baae Update google-github-actions/auth action to v0.8.2 2022-10-14 09:20:10 +02:00
renovate[bot]
3c34757274 Update actions/cache action to v3.0.11 2022-10-14 09:17:00 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate (#238) 
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-12 18:05:58 +02:00
katexochen
dbd71eebd9 Fix replace deprecated set-output syntax 2022-10-12 11:51:09 +02:00
katexochen
49f233246c Replace deprecated set-output syntax 2022-10-12 11:32:19 +02:00
Paul Meyer
1c29638421
Use env to find bash in shebang (#225) 2022-10-10 14:21:17 +02:00
Otto Bittner
0eb4a7831b AB#2413: Add workflow for snp-report-verify 
* Extend azure-snp-report-verify to also report fw SVNs.
* Add workflow based on azure-cvm to get maa-jwt and
verify it on a second runner.
 2022-09-21 10:58:10 +02:00
katexochen
788cfd9bd9 Remove autoscaling from workflows 2022-09-20 13:41:23 +02:00
Nils Hanke
de1268ffb9 Pin cache action against specific commit 2022-09-19 04:49:55 -07:00
Nils Hanke
979164ab37 CI: Remove GOPRIVATE from actions 2022-09-19 01:09:56 -07:00
Nils Hanke
52d1afaf0b CI: Consolidate multi-OS & multi-arch builds into one job 2022-09-19 01:09:56 -07:00
Nils Hanke
1dad1631ca E2E: Add manual macOS E2E test 2022-09-19 01:09:56 -07:00
Nils Hanke
6df92c127c E2E: Download external binaries depending on host OS & arch 2022-09-19 01:09:56 -07:00
Nils Hanke
a1fd971c3c CI/E2E: Update rekor-cli to 0.12.0 2022-09-19 01:09:56 -07:00
Nils Hanke
0f08c4f318 E2E: Update sonobuoy to 0.56.10 2022-09-19 01:09:56 -07:00
Nils Hanke
7338563d14 CI/E2E: (Re)move redunant setup steps 2022-09-19 01:09:56 -07:00
Nils Hanke
4898f06421 Delete downloaded rekor-cli binary 2022-09-14 03:01:09 -07:00
Nils Hanke
9da3078445 Set working-directory to build for rekor-cli download 2022-09-14 03:01:09 -07:00
Nils Hanke
79229e04df Create seperate create measurement action 2022-09-14 01:22:18 -07:00
Nils Hanke
472ba642b7 E2E: Build OSS CLI by default 2022-09-14 01:22:18 -07:00
Leonard Cohnen
a318a82968 fix e2e latest debug image selection 2022-09-13 10:08:51 +02:00
Nils Hanke
0949393dbb Update build environment to Fedora 36 & Go 1.19.1 2022-09-09 18:11:33 +02:00
Nils Hanke
9bedaf20ea Use CMake project version across all places & remove obsolete build tags 2022-09-09 15:33:16 +02:00
Malte Poll
aa75a065d7
e2e test: wait for specified amount of nodes to join the cluster and become ready (#87) 
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
 2022-09-09 13:28:53 +02:00
Nils Hanke
46c461c23e E2E: Don't use cloudProvider in constellation create 2022-09-08 13:38:24 +02:00
Nils Hanke
dd4ccdd390 E2E / debugd: Replace remains of ingressFirewall with debugCluster flag 2022-09-07 13:27:15 +02:00
Fabian Kammel
020cf51fc6
AB#2392 Store serial logs in actions (#39) 
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
 2022-09-05 18:12:46 +02:00
Malte Poll
1c1b29637f e2e-test gcp: Fix quoting in gcp config rewrite 2022-09-05 12:13:24 +02:00
Nils Hanke
b6385ad3bc Move serviceAccountKey.json creation before create 
The printed config does not contain the path
since it's printed before injection, so let's inject it before.
 2022-09-05 12:13:24 +02:00
katexochen
1741c2d941 e2e: Fix machine type 2022-09-05 12:13:24 +02:00
Malte Poll
e24808e936
e2e: Write service account key path for GCP (#67) 
Signed-off-by: Malte Poll <mp@edgeless.systems>
 2022-09-05 09:17:18 +02:00
katexochen
43924c7318 e2e: Silence curl 2022-09-02 19:08:33 +02:00
katexochen
9076404b06 Fix manual e2e test 2022-09-02 19:08:33 +02:00
Nils Hanke
39eb58b403 E2E: Use default VM machine type when not overriden 2022-09-02 07:04:11 -07:00
Nils Hanke
710ded2a89 E2E: Insert instanceType to config instead of CLI 2022-09-02 07:04:11 -07:00
katexochen
b256222b42 e2e: Use default shell parameters 2022-09-02 15:20:25 +02:00
katexochen
0c5c11e8b7 e2e: Group log lines 2022-09-02 15:20:25 +02:00
katexochen
ef8130a918 e2e: Enable parallel runs on Azure 2022-09-02 15:20:25 +02:00
katexochen
3c123d9fec e2e: Fix cleanup on error/cancel 2022-09-02 15:20:25 +02:00
Otto Bittner
276165064e Ensure no uid values end up in resource delete cmd 2022-08-31 16:38:32 +02:00
katexochen
84b4519ffd Add cleanup pre e2e test on Azure 2022-08-31 14:10:08 +02:00
katexochen
7c7a4699bc Azure e2e tests with manual creds 2022-08-31 14:10:08 +02:00
Nils Hanke
1ecc56b69f
Remove cdbg-config.yaml (#26) 
This removes systemd service upload support in cdbg,
but keeps it in the protobuf protocol.
 2022-08-31 12:25:27 +02:00
Nils Hanke
87e68961dd Add GCP ServiceAccount to E2E test 2022-08-30 04:26:21 -07:00
Fabian Kammel
d972f053f9 AB#2287 Public image sharing in Azure (#350) 
Trusted launch VM images in original SIG, additional SIG for community images for CVM
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-26 17:34:46 +02:00
Fabian Kammel
45beec15f5 AB#2360 enterprise build tag (#397) 
* enterprise build switch to disable license checking in default (OSS) version
* remove community license quota
* empty image references on OSS build in config
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-25 14:06:29 +02:00
Fabian Kammel
33626986fe Feat/cli multi os arch (#390) 
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-23 13:43:20 +02:00
Malte Poll
2d87db3914 Update pseudo-version script to determine future release version based on branch name 2022-08-19 18:22:55 +02:00
Malte Poll
8d642be204 Azure: switch default region to west us and replicate images to multiple regions 2022-08-19 14:39:36 +02:00
Otto Bittner
aee432ed6f Fix syntax in yq command 
Fixes syntax error in 4db5ea3b164e8e762693035cb06d643f711a3d39
 2022-08-15 11:41:48 +02:00
Otto Bittner
3018bfa03e Add enforcedMeasurements default value to config 
A previous change started enforcing PCR values.
This makes it necessary to update the respective config
values before running init.
 2022-08-15 09:37:18 +02:00