Paul Meyer
f2b324cb88
hack: rename find-image dir
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:16:37 +01:00
Malte Poll
ba8c0a9e30
Fix e2e test networking issue ( #792 )
2022-12-13 10:07:09 +01:00
Malte Poll
cf0b04291a
Embed measurements for v2.3.0
2022-12-12 17:45:35 +01:00
Malte Poll
c9df5cfa09
Fix OS image build pipeline for releases
2022-12-12 17:45:35 +01:00
Malte Poll
3c5fa3175a
Fix image build pipeline: Use braces to group complex expressions ( #770 )
2022-12-09 14:48:52 +01:00
Malte Poll
4a8ebfd921
OS images: use "ref", "stream" and "version"
...
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
2022-12-09 13:37:43 +01:00
Paul Meyer
d3873988c9
ci: fix download scripts for serial logs
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:22:45 +01:00
Paul Meyer
9e9468ff44
ci: add csp name to serial log artifact name
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:22:45 +01:00
renovate[bot]
e371e4499f
Update GitHub action dependencies ( #765 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 11:10:23 +01:00
Malte Poll
95a33e7d35
No longer print constellation-id.json ( #749 )
2022-12-07 16:10:51 +01:00
Paul Meyer
a9ed8c0191
e2e: enable systemd logcollection
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:05:32 +01:00
Otto Bittner
e9ec9f2f29
Upload full logs instead of only the results junit
...
This includes all pod logs and systemd logs.
It increases the filesize significantly:
3.3MB for a quickrun with 5 nodes.
2022-12-05 16:28:32 +01:00
Paul Meyer
474f7ad356
ci: build logcollector images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:54:24 +01:00
Malte Poll
b9fd8237b9
manual e2e tests: Add option to keep embedded measurements ( #698 )
2022-12-01 15:43:40 +01:00
renovate[bot]
2e2bcb15e1
Update GitHub action dependencies ( #665 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:06:18 +01:00
Nils Hanke
89b25f8ebb
Add new generate measurements matrix CI/CD action (now with AWS support) ( #641 )
2022-11-25 12:08:24 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs ( #553 )
...
* Merge enforced and expected measurements
* Update measurement generation to new format
* Write expected measurements hex encoded by default
* Allow hex or base64 encoded expected measurements
* Allow hex or base64 encoded clusterID
* Allow security upgrades to warnOnly flag
* Upload signed measurements in JSON format
* Fetch measurements either from JSON or YAML
* Use yaml.v3 instead of yaml.v2
* Error on invalid enforced selection
* Add placeholder measurements to config
* Update e2e test to new measurement format
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 10:57:58 +01:00
Malte Poll
3dc9c60864
e2e tests: use new image versions
2022-11-23 15:47:46 +01:00
Daniel Weiße
e7ee4d6e59
Remove manual installation of csi drivers ( #600 )
...
* Remove manual installation of csi drivers
* Remove explicit storage class
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-22 14:02:31 +01:00
Paul Meyer
063162c205
deps: upgrade sonobuoy version
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 12:32:50 +01:00
renovate[bot]
b6d7289dfe
Update dependency numpy to v1.23.5 ( #604 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-22 10:07:44 +01:00
Malte Poll
239b9f6c26
Upgrade images to Fedora 37
2022-11-18 10:37:45 +01:00
Malte Poll
78481b32e8
Move image artifacts "/v1/" => "/constellation/v1" ( #579 )
2022-11-17 16:14:38 +01:00
renovate[bot]
827b62c2be
Update GitHub action dependencies ( #568 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-17 11:37:00 +01:00
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts ( #560 )
2022-11-16 15:45:10 +01:00
Leonard Cohnen
2f0b1a0f32
ci: add go generate check
2022-11-15 18:24:07 +01:00
Malte Poll
5f44668897
Extend AWS e2e test token expiration to 6 hours ( #547 )
2022-11-14 14:14:42 +01:00
Paul Meyer
056f98a2ab
ci: bump sonobuoy version
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-14 10:33:29 +01:00
Christoph Meyer
d612ed2cae
AB#2530 CI benchmarks compare to previous and generate graphs
...
- Get the previous benchmark results from artifact store S3 bucket
- Compare the current benchmark to the previous results
- Attach markdown table comparing results to the workflow output
- Update benchmarks in bucket if running on main
- Generate graphs from comparison
- Document continous benchmarking
2022-11-11 18:37:35 +01:00
Paul Meyer
09969afd57
ci: fix workflows
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:38:29 +01:00
Paul Meyer
106b738fab
ci: format shellscripts
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 15:53:57 +01:00
Paul Meyer
7aa7492474
Fix shellcheck warnings
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:40:13 +01:00
Paul Meyer
6fd605b3c4
e2e: print id file after create
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
11672acf0a
e2e: add AWS test
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521
ci: rename actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
renovate[bot]
8e8ce070b7
Update google-github-actions/setup-gcloud action to v1 ( #524 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 18:29:30 +01:00
renovate[bot]
92b647a099
Update google-github-actions/auth action to v1 ( #523 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 18:28:47 +01:00
Malte Poll
e011c7ef78
Set azureImageOffer for debug images
2022-11-10 09:13:44 +01:00
Malte Poll
e9fecec0bc
Only publish release AMIs
2022-11-09 14:29:58 +01:00
Paul Meyer
d3bad39223
e2e: fix deletion of persisten volumes ( #476 )
...
Co-authored-by: Christoph Meyer <cme@edgeless.systems>
2022-11-09 10:28:34 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ( #479 )
...
* Bump version to v2.2.0
* Update changelog
* Fix release detection in pipeline
* Fix PKI selection in pipeline
* Set enforced measurements for AWS
* Update default images
* Fix release docs
* Update mini-con defaults
* Fix measurements action
* Fix syft env variable naming
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
Malte Poll
899ca91aa3
Move enforced measurement for clusterID to PCR[15] in e2e tests
2022-11-08 00:07:04 +01:00
Malte Poll
3e996efb3f
Pass azure image offer from build variable action
2022-11-08 00:07:04 +01:00
Malte Poll
ed58fcccd3
CI: Add secure boot prod keys ( #462 )
...
* Add production secure boot keys
* Refactor OS build and upload settings
2022-11-04 16:48:52 +01:00
Nils Hanke
b24c799c80
Replace specific Azure/GCP credentials with secrets
2022-11-04 12:57:24 +01:00
Nils Hanke
a535ca1901
CI: Use lowercase image name for S3 upload
2022-11-04 12:57:24 +01:00
Nils Hanke
af08ffbb16
CI: Add group for building pcr-reader for better output
2022-11-04 12:57:24 +01:00
Nils Hanke
3ca88d6043
Fix Constellation measure CI action
2022-11-04 12:57:24 +01:00
renovate[bot]
72caeca69b
Update dependency matplotlib to v3.6.2
2022-11-03 16:01:52 +01:00
Christoph Meyer
273d6162de
fix: don't run CI K-Bench with less than 2 worker nodes
...
K-Bench's network benchmarks require two distinct worker nodes.
Add check prior to running the benchmark that terminates early, if not
enough workers scheduled.
2022-11-02 18:45:56 +01:00
Christoph Meyer
94429c8db8
Add CI action to install CSI drivers
2022-11-02 18:30:59 +01:00
Nils Hanke
7ca4a6d0e1
Adjust CI scripts to avoid termination prompt
2022-11-02 18:18:30 +01:00
renovate[bot]
f60120bbbc
Update github actions dependencies ( #420 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 11:00:40 +01:00
Christoph Meyer
1952eb5721
AB#2191 Evaluate K-Bench benchmarks in CI
...
Install Python for K-bench evaluation
Add scripts to evaluate the K-Bench results in CI
Attach graphs to the workflow results in GitHub Actions
2022-11-01 12:27:25 +01:00
Christoph Meyer
f4ff473677
AB#2191 Add K-Bench CI step to manual workflow
...
Add the option to run K-Bench performance to the manual CI workflow
Install CSI drivers in the cluster for K-Bench benchmarks
Attach the results to the workflow in the GitHub Actions view
2022-11-01 12:27:25 +01:00
Paul Meyer
3933a97567
e2e: rework schedule of e2e test daily/weekly
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-31 18:22:05 +01:00
Paul Meyer
4cd659b394
e2e: fix collection of boot logs on GCP ( #401 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-31 10:40:08 +01:00
Paul Meyer
050223e4c5
e2e: add nop payload to only test infra creation
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 17:46:37 +02:00
Malte Poll
9297a4e8a2
Normalize naming: "sonobuoy fast" -> "sonobuoy quick" ( #389 )
2022-10-28 11:01:31 +02:00
Paul Meyer
b7415647a6
Move sonobuoy action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
Paul Meyer
95b8531fdd
Add e2e autoscaling test
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
Paul Meyer
7108304046
Remove upload of state file
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
Paul Meyer
8aa84fd759
Remove installation of preinstalled dependencies
...
in workflows
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 18:39:08 +02:00
renovate[bot]
acc82b205a
Update github actions dependencies ( #366 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:48:35 +02:00
Malte Poll
d81172e352
Pin setup-gcloud action to git tag (for renovate) ( #376 )
2022-10-26 13:58:05 +02:00
Fabian Kammel
18ae86c38e
sbom signing ( #303 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00
renovate[bot]
10a207c7ec
Update github actions dependencies
2022-10-21 11:33:41 +02:00
Malte Poll
743f5fa627
Remove all traces of CoreOS from the codebase
2022-10-21 11:04:25 +02:00
Nils Hanke
714b368a62
Add gcloud setup back to GCP login action for ✨ magic ✨ authentication
2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc
Create mkosi image build pipeline
2022-10-21 11:04:25 +02:00
renovate[bot]
6d5cb6b581
Update sigstore/cosign-installer action to v2.8.1 ( #323 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 10:29:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies ( #294 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:00:41 +02:00
renovate[bot]
ccaad5e482
Update github actions dependencies ( #274 )
2022-10-17 11:14:41 +02:00
renovate[bot]
c08147baae
Update google-github-actions/auth action to v0.8.2
2022-10-14 09:20:10 +02:00
renovate[bot]
3c34757274
Update actions/cache action to v3.0.11
2022-10-14 09:17:00 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate ( #238 )
...
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-12 18:05:58 +02:00
katexochen
dbd71eebd9
Fix replace deprecated set-output syntax
2022-10-12 11:51:09 +02:00
katexochen
49f233246c
Replace deprecated set-output syntax
2022-10-12 11:32:19 +02:00
Paul Meyer
1c29638421
Use env to find bash in shebang ( #225 )
2022-10-10 14:21:17 +02:00
Otto Bittner
0eb4a7831b
AB#2413: Add workflow for snp-report-verify
...
* Extend azure-snp-report-verify to also report fw SVNs.
* Add workflow based on azure-cvm to get maa-jwt and
verify it on a second runner.
2022-09-21 10:58:10 +02:00
katexochen
788cfd9bd9
Remove autoscaling from workflows
2022-09-20 13:41:23 +02:00
Nils Hanke
de1268ffb9
Pin cache action against specific commit
2022-09-19 04:49:55 -07:00
Nils Hanke
979164ab37
CI: Remove GOPRIVATE from actions
2022-09-19 01:09:56 -07:00
Nils Hanke
52d1afaf0b
CI: Consolidate multi-OS & multi-arch builds into one job
2022-09-19 01:09:56 -07:00
Nils Hanke
1dad1631ca
E2E: Add manual macOS E2E test
2022-09-19 01:09:56 -07:00
Nils Hanke
6df92c127c
E2E: Download external binaries depending on host OS & arch
2022-09-19 01:09:56 -07:00
Nils Hanke
a1fd971c3c
CI/E2E: Update rekor-cli to 0.12.0
2022-09-19 01:09:56 -07:00
Nils Hanke
0f08c4f318
E2E: Update sonobuoy to 0.56.10
2022-09-19 01:09:56 -07:00
Nils Hanke
7338563d14
CI/E2E: (Re)move redunant setup steps
2022-09-19 01:09:56 -07:00
Nils Hanke
4898f06421
Delete downloaded rekor-cli binary
2022-09-14 03:01:09 -07:00
Nils Hanke
9da3078445
Set working-directory to build for rekor-cli download
2022-09-14 03:01:09 -07:00
Nils Hanke
79229e04df
Create seperate create measurement action
2022-09-14 01:22:18 -07:00
Nils Hanke
472ba642b7
E2E: Build OSS CLI by default
2022-09-14 01:22:18 -07:00
Leonard Cohnen
a318a82968
fix e2e latest debug image selection
2022-09-13 10:08:51 +02:00
Nils Hanke
0949393dbb
Update build environment to Fedora 36 & Go 1.19.1
2022-09-09 18:11:33 +02:00
Nils Hanke
9bedaf20ea
Use CMake project version across all places & remove obsolete build tags
2022-09-09 15:33:16 +02:00
Malte Poll
aa75a065d7
e2e test: wait for specified amount of nodes to join the cluster and become ready ( #87 )
...
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
2022-09-09 13:28:53 +02:00
Nils Hanke
46c461c23e
E2E: Don't use cloudProvider in constellation create
2022-09-08 13:38:24 +02:00
Nils Hanke
dd4ccdd390
E2E / debugd: Replace remains of ingressFirewall with debugCluster flag
2022-09-07 13:27:15 +02:00
Fabian Kammel
020cf51fc6
AB#2392 Store serial logs in actions ( #39 )
...
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-09-05 18:12:46 +02:00