Commit Graph

3883 Commits

Author SHA1 Message Date
Daniel Weiße
e6b1156849 AB#2169 Implement control-plane activation in activation service (#217)
* Implement Control Plane activation flow

* Rename Activation RPCs

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-21 11:10:32 +02:00
Fabian Kammel
a1103b6da6 Feat/pcr yaml output (#222)
* remove extra output and provide yaml option
* Add some explanation on how yaml format could be used.
2022-06-20 13:57:25 +02:00
Fabian Kammel
d856b0cd86 Feat/measurements in e2e (#218)
* Make e2e pipeline use the latest image available.

* Use pcr-reader to read & store measurements.

* buildvcs false in ci

* only notify teams on main

* plain yq syntax, since if already checks for csp

* previous version of yq requires explicit eval

* fix pcr-reader call

* actually pass variable between jobs

* fix typo

* Make order of images consistent.

* read measurements after create

Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-06-20 10:30:59 +02:00
Otto Bittner
3de5fd47b5 Add unittest-hack tests to ctest (#220)
The CI currently runs the tests in ./hack, but ctest did not.
This commit changes that.
2022-06-17 08:56:23 +02:00
katexochen
b926cf9006 Move aTLS fakes into atls package 2022-06-15 16:31:24 +02:00
katexochen
85ba2657e1 Fix grpc dialer 2022-06-15 16:31:24 +02:00
Daniel Weiße
4842d29aff AB#2111 Deploy activation service on cluster init (#205)
* Deploy activation service on cluster init

* Use base image with CA certificates for activation service

* Improve KMS server 

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 16:00:48 +02:00
Daniel Weiße
84ca9e3070 Fix container image workflows
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 14:00:21 +02:00
Paul Meyer
86d29a4567 Add concurrency tests for atls connections (#211) 2022-06-15 13:04:56 +02:00
Thomas Tendyck
e9916a7d3a atls: make client cfg reusable 2022-06-15 13:04:56 +02:00
Thomas Tendyck
989c128fa6 atls: rename nonce to clientNonce/serverNonce for clarification 2022-06-15 13:04:56 +02:00
Fabian Kammel
392ad7fe45 Create Application Insights early so they are ready when VM needs them. (#213) 2022-06-15 12:19:41 +02:00
Daniel Weiße
1c34792005 Fix variable name
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 11:03:47 +02:00
Daniel Weiße
3d041cab2b Activation Service and KMS server image build pipeline (#210)
* AB#2171 Add kms server container image build pipeline

* AB#2172 Add activation service container image  build pipeline

* Add manual workflow for building micro-service images

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 10:50:46 +02:00
Leonard Cohnen
766182b7e7 fix cilium WireGuard Pod2Pod connectivity 2022-06-14 14:01:56 +02:00
Fabian Kammel
f7ba87135d Fix/e2e fail on failure (#208) 2022-06-14 12:38:32 +02:00
Nils Hanke
82757ef2c0 Don't include labels in Docker image 2022-06-13 16:35:05 +02:00
Nils Hanke
f0b8412ef8 constellation-access-manager: Persistent SSH as ConfigMap (#184) 2022-06-13 16:23:19 +02:00
Daniel Weiße
1e19e64fbc Dynamic grpc client credentials (#204)
* Add an aTLS wrapper for grpc credentials

* Move grpc dialers to internal and use aTLS grpc credentials

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-13 11:40:27 +02:00
Daniel Weiße
6e9428a234 Fix gcp debug image command
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-10 15:51:34 +02:00
Fabian Kammel
84552ca8f7 AB#2104 Feat/azure logging (#198)
implementation for azure early boot logging
2022-06-10 13:18:30 +02:00
Daniel Weiße
963c6f98e5 Create kubernetes CA signed kubelet certificates on activation
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-10 08:34:06 +02:00
katexochen
4d50e4c657 Refactor coordinator run function 2022-06-08 17:33:51 +02:00
Daniel Weiße
691ab84326 Update version variable
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Daniel Weiße
3467df6b69 Move attestation, atls and oid packages to internal directory
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Daniel Weiße
b461c40c3a Implement activation service
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Daniel Weiße
0941ce8c7e Allow passing nil issuer to not embed attestation
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Malte Poll
49d1212cff debugd README: rename azureConfig to azure and gcpConfig to gcp. Only assign value if key exists. (#201) 2022-06-08 15:37:32 +02:00
katexochen
b3a51cca64 Move cli/status to internal/statuswaiter 2022-06-08 11:59:23 +02:00
katexochen
0627b14445 Move cli/cloud/cloudcmd into cli/internal 2022-06-08 11:59:23 +02:00
katexochen
b308db03fe Move cli/cloud/cloudtypes into /internal 2022-06-08 11:59:23 +02:00
katexochen
c3ebd3d3cd Move cli/cmd into cli/internal 2022-06-08 11:59:23 +02:00
katexochen
d71e97a940 Move ScalingGroup to cloudtypes 2022-06-08 11:59:23 +02:00
katexochen
87b9203110 Import config as config 2022-06-08 11:59:23 +02:00
katexochen
6a9419e89c Remove cli/ec2 2022-06-08 11:59:23 +02:00
katexochen
064151a956 Move cli/azure to cli/internal/azure 2022-06-08 11:59:23 +02:00
katexochen
180d7872dd Separate shared azure code 2022-06-08 11:59:23 +02:00
katexochen
6cd93e4179 Move cli/gcp to cli/internal/gcp 2022-06-08 11:53:55 +02:00
katexochen
48b4f10207 Separate shared gcp code 2022-06-08 11:53:55 +02:00
katexochen
21127a4cdc Remove azure instances 2022-06-08 11:53:55 +02:00
katexochen
3562345da4 Remove gcp instances 2022-06-08 11:53:55 +02:00
katexochen
4b30dd21c8 Remove cli/qemu, use cloudtypes instead 2022-06-08 11:53:55 +02:00
katexochen
f9b471e3c0 Create general cloudtypes instances 2022-06-08 11:53:55 +02:00
katexochen
4912ab0195 Move command sorting setting into cli/cmd 2022-06-08 11:53:55 +02:00
katexochen
67b25d2771 Move cli/cloudprovider into internal/cloud 2022-06-08 11:53:55 +02:00
katexochen
aee4d44b45 Create cli/internal package 2022-06-08 11:53:55 +02:00
katexochen
917be71d89 Add Go workspace files to dockerignore 2022-06-08 11:06:38 +02:00
Leonard Cohnen
e5c4171a14 fix cilium encryption in gcp 2022-06-04 18:43:42 +02:00
Fabian Kammel
a15605475e AB#2104 early boot logging (#175) 2022-06-03 11:55:18 +02:00
Leonard Cohnen
5ceab1c194 prepare release 2022-06-02 13:08:29 +02:00