edgelessci
49a806a874
image: update measurements and image version ( #2859 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-26 08:15:43 +01:00
Daniel Weiße
e350ca0f57
attestation: add Azure TDX attestation ( #2827 )
...
* Implement Azure TDX attestation primitives
* Add default measurements and claims for Azure TDX
* Enable Constellation on Azure TDX
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-24 15:10:15 +01:00
edgelessci
6ae59bb986
image: update measurements and image version ( #2848 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-24 08:22:48 +01:00
Malte Poll
c8ffba0366
measurements: update expected PCR[1] on GCP
2024-01-23 21:55:12 +01:00
Malte Poll
a2e2f0387c
measurements: correctly override validation options
2024-01-23 21:55:12 +01:00
Malte Poll
3a5753045e
goleak: ignore rules_go SIGTERM handler
...
rules_go added a SIGTERM handler that has a goroutine that survives the scope of the goleak check.
Currently, the best known workaround is to ignore this goroutine.
https://github.com/uber-go/goleak/issues/119
https://github.com/bazelbuild/rules_go/pull/3749
https://github.com/bazelbuild/rules_go/pull/3827#issuecomment-1894002120
2024-01-22 13:11:58 +01:00
edgelessci
3b02edcc48
image: update measurements and image version ( #2833 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-19 09:12:24 +01:00
edgelessci
2acbd10ef7
image: update measurements and image version ( #2831 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2024-01-17 18:55:10 +01:00
edgelessci
6259815869
image: update measurements and image version ( #2828 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-17 08:11:53 +01:00
Malte Poll
9d6321faa3
uplosi: use separate galleries for Azure TDX and TDX
2024-01-16 17:34:44 +01:00
Malte Poll
336ba6bc34
attestation: add Azure TDX variant
...
Only a stub for now.
2024-01-16 17:34:44 +01:00
Malte Poll
181b8f64d2
image: add static (per-CSP) measurements during "measurement envelope"
...
This logic was previously performed in a GitHub Actions workflow
using yq.
Since every step should now be performed in Bazel, this now needs to happen here.
2024-01-15 13:53:15 +01:00
edgelessci
2fea43a320
image: update measurements and image version ( #2817 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-12 08:20:15 +01:00
edgelessci
c61507f220
image: update measurements and image version ( #2812 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-10 08:13:30 +01:00
Markus Rudy
ef6f63dc48
Fix various small things throughout the codebase ( #2800 )
...
* bootstrapper: remove obsolete log statement
* ci: simplify variable usage
Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>
* cli: add missing formatting directive
* helm: fix rm invocation
* ci: document reproducible-builds workflow
* constants: use variables for measurement files
* constants: use variables for CDN distribution ID
* ci: make Helm version explicit
* api: prettify versionsapi-list output
* ci: remove obsolete docstring
---------
Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>
2024-01-09 19:37:56 +01:00
edgelessci
cbf744a095
image: update measurements and image version ( #2795 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-05 09:27:11 +01:00
edgelessci
3d8e548dcd
image: update measurements and image version ( #2789 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-01-03 13:08:45 +01:00
edgelessci
6f6f28b8cc
image: update measurements and image version ( #2722 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-15 08:18:25 +01:00
edgelessci
2c50abcc91
image: update measurements and image version ( #2720 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-14 19:35:40 +01:00
edgelessci
8d8853ef31
image: update measurements and image version ( #2711 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-13 09:23:38 +01:00
edgelessci
b92635a0f0
image: update measurements and image version ( #2687 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-08 11:22:48 +01:00
edgelessci
ac056ae010
image: update measurements and image version ( #2681 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-07 09:10:28 +01:00
Adrian Stobbe
c07c333d3d
terraform-provider: data skeleton for cluster resource ( #2678 )
2023-12-05 16:16:50 +01:00
edgelessci
c1bc7840bf
image: update measurements and image version ( #2671 )
...
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-01 16:14:27 +01:00
edgelessci
8532d1ff02
image: update measurements and image version ( #2668 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-01 09:36:26 +01:00
katexochen
e06848c68a
image: update measurements and image version
2023-11-29 08:45:52 +01:00
Adrian Stobbe
a2de1d23ec
terraform-provider: add attestation data source ( #2640 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2023-11-28 17:30:11 +01:00
derpsteb
bff65d563b
image: update measurements and image version
2023-11-27 10:57:21 +01:00
Otto Bittner
84d8bd8110
verify: query vlek ASK from KDS if not set
...
The user can choose to supply an intermediate
certificate through the config, like they can
for the root key. If none is supplied,
the KDS is queried for a valid ASK.
2023-11-24 15:49:48 +01:00
Otto Bittner
07eed0e319
attestation: use SNP-based attestation for AWS SNP
2023-11-24 15:49:48 +01:00
Otto Bittner
cdc91b50bc
verify: move CSP-specific code to internal/verify
...
With the introduction of SNP-based attestation on AWS
some of the information in the report (MAAToken) is not
applicable to all attestation reports anymore.
Thus, make verify cmd CSP-agnostic and move
CSP-specific logic to internal/verify.
Also make internal/attestation/snp CSP aware.
2023-11-24 15:49:48 +01:00
Otto Bittner
5ce55e3449
attestation: add snp package
...
The package holds code shared between SNP-based
attestation implementations on AWS and Azure .
2023-11-24 15:49:48 +01:00
katexochen
949186e5d7
image: update measurements and image version
2023-11-24 12:06:03 +01:00
edgelessci
e51513985a
image: update measurements and image version ( #2612 )
...
Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>
2023-11-17 12:49:54 +01:00
3u13r
183ce7a45a
image: update measurements and image version
2023-11-16 13:50:40 +01:00
katexochen
648eebab24
image: update measurements and image version
2023-11-15 11:10:40 +01:00
edgelessci
246b9ce069
image: update measurements and image version ( #2594 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-11-13 21:10:15 +01:00
edgelessci
e918a7af90
image: update measurements and image version ( #2571 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-11-13 06:54:09 +01:00
Otto Bittner
8341db3c33
attestation: clear certificate cache in azure snp
...
The unittest was flacky as testcases with valid certs
in the getter property lead to those certs being cached
inside the trust module. Other testcases however,
may want to explicitly use invalid certs. The cache
interferes with this.
Co-authored-by: Moritz Sanft <ms@edgeless.systems>
2023-11-08 13:31:26 +01:00
katexochen
45df17d527
image: update measurements and image version
2023-11-08 11:40:07 +01:00
katexochen
d67f1a035f
image: update measurements and image version
2023-11-03 09:04:06 +01:00
katexochen
33ff6eb5ae
image: update measurements and image version
2023-11-02 13:28:49 +01:00
katexochen
238a3c222b
image: update measurements and image version
2023-10-30 11:23:12 +01:00
katexochen
5eb6cc6d08
image: update measurements and image version
2023-10-25 10:54:56 +02:00
edgelessci
5cd70ac58a
image: update measurements and image version ( #2482 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-10-20 08:10:51 +02:00
edgelessci
43ee0791c6
image: update measurements and image version ( #2477 )
...
Co-authored-by: 3u13r <3u13r@users.noreply.github.com>
2023-10-19 14:50:52 +02:00
edgelessci
e231a24916
image: update measurements and image version ( #2428 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-10-11 10:33:54 +02:00
Moritz Sanft
8749cafcbd
explicitly initialize struct
2023-10-10 10:33:54 +02:00
Moritz Sanft
6f53dc90cf
fix go-sev-guest default product
2023-10-10 10:33:54 +02:00
Moritz Sanft
d0fe6c9272
update list of default idkeydigests ( #2415 )
2023-10-06 11:32:19 +02:00