Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 08:15:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,287 Commits 131 Branches 43 Tags 105 MiB
6fd605b3c4
Commit Graph

318 Commits

Author SHA1 Message Date
Paul Meyer
95b8531fdd Add e2e autoscaling test 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
Paul Meyer
7108304046 Remove upload of state file 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
Paul Meyer
8aa84fd759 Remove installation of preinstalled dependencies 
in workflows

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-27 18:39:08 +02:00
renovate[bot]
acc82b205a
Update github actions dependencies (#366) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-26 15:48:35 +02:00
Malte Poll
f65475b2b2 Use fine grained GitHub PAT to commit "go mod tidy" fixes 2022-10-26 14:44:09 +02:00
Malte Poll
d81172e352
Pin setup-gcloud action to git tag (for renovate) (#376) 2022-10-26 13:58:05 +02:00
Paul Meyer
4cbec82edf Test operator code generation is up to date 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-25 16:50:46 +02:00
Thomas Tendyck
45dba96e31 remove conformance folder 2022-10-25 09:54:23 +02:00
Leonard Cohnen
5efd2716e3 add Rook deployment workaround 2022-10-23 05:50:49 +02:00
Malte Poll
2bf2cc6391
Use versioned Azure login action (#353) 
* Use versioned Azure login action
* Pin github actions to git tags
 2022-10-21 16:23:29 +02:00
Fabian Kammel
18ae86c38e
sbom signing (#303) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-21 15:19:51 +02:00
Otto Bittner
07f02a442c
Refactor Helm deployments (#341) 
* Wrap KMS deployment in one main chart that
deploys all other services. Other services will follow.
* Use .tgz via helm-package as serialization format
* Change Release type to carry chart as byte slice
* Remove KMSConfig
* Use json-schema to validate values
* Extend release.md to mention updating helm charts
 2022-10-21 12:01:28 +02:00
renovate[bot]
10a207c7ec Update github actions dependencies 2022-10-21 11:33:41 +02:00
Malte Poll
b57b25fdaa Image upload AWS 2022-10-21 11:04:25 +02:00
Malte Poll
743f5fa627 Remove all traces of CoreOS from the codebase 2022-10-21 11:04:25 +02:00
Malte Poll
35e2267cf9 Move mkosi folder to old image folder location 2022-10-21 11:04:25 +02:00
Malte Poll
26fdfa4bee Prefill PCR[11], PCR[12], PCR[13], PCR[15] 2022-10-21 11:04:25 +02:00
Malte Poll
6859c6b00e Precalculate expected PCR[8] 2022-10-21 11:04:25 +02:00
Malte Poll
1e9608c796 Precalculate expected PCR[4] 2022-10-21 11:04:25 +02:00
Malte Poll
f4e69ec6ec mkosi pipeline: Collect hashes 2022-10-21 11:04:25 +02:00
Nils Hanke
714b368a62 Add gcloud setup back to GCP login action for magic authentication 2022-10-21 11:04:25 +02:00
Malte Poll
34367ea3cc Create mkosi image build pipeline 2022-10-21 11:04:25 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing (#331) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-20 15:59:17 +02:00
Paul Meyer
2685b5be1f Let tfsec fail soft in CI 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-20 10:44:43 +02:00
Paul Meyer
a6b0edfcaa Tidy modules on renovate branches 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-19 10:51:44 +02:00
Paul Meyer
7c13302936 Checkout branch instead of head commit 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-19 10:51:44 +02:00
renovate[bot]
6d5cb6b581
Update sigstore/cosign-installer action to v2.8.1 (#323) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-19 10:29:37 +02:00
katexochen
3375b46b77 Update release.md 2022-10-18 17:36:48 +02:00
Paul Meyer
0e79af6f14 Run tests on push to release branch 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-18 17:02:16 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies (#311) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-18 13:54:53 +02:00
Otto Bittner
62168bbf98 AB#2490: Add KMS helm chart 
* Also run helm-lint in CI now
 2022-10-18 13:33:37 +02:00
renovate[bot]
84fcf8d7f2
Update github actions dependencies (#294) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-18 13:00:41 +02:00
renovate[bot]
ccaad5e482
Update github actions dependencies (#274) 2022-10-17 11:14:41 +02:00
Malte Poll
c16f5a976d
AB#2365 Upgrade k8s base deployments (add full support for k8s 1.25) (#277) 
* Add container image release for CCM GCP v25.2.0
* Upgrade versions of kubernetes base components
 2022-10-17 08:58:13 +02:00
Malte Poll
0f57f03846
Allow concurrent actions on the same branch. (#281) 
Actions are free for public repos and we want to see every CI failure
 2022-10-14 17:47:46 +02:00
katexochen
f3d7ebb61f Change Azure auth method for manual test 2022-10-14 17:04:44 +02:00
Malte Poll
e7118223fe
Downgrade vale action (#280) 2022-10-14 15:32:38 +02:00
Paul Meyer
8cf8b5db12
Change Azure auth method for e2e test (#276) 2022-10-14 14:44:32 +02:00
Malte Poll
6c9e18a6b5 Run code tests on go.mod and go.sum changes 2022-10-14 10:50:32 +02:00
renovate[bot]
c08147baae Update google-github-actions/auth action to v0.8.2 2022-10-14 09:20:10 +02:00
renovate[bot]
3c34757274 Update actions/cache action to v3.0.11 2022-10-14 09:17:00 +02:00
renovate[bot]
2d767b02c1
Update hashicorp/setup-terraform digest to a2a0e9d (#254) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-13 17:34:28 +02:00
Leonard Cohnen
41a312f945 add documentation for Rook/CephFS 2022-10-13 17:29:16 +02:00
renovate[bot]
f90e8fc35a
Update actions/checkout digest to 8230315 (#246) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-13 16:54:43 +02:00
renovate[bot]
078dc1eb8f
Update aquasecurity/tfsec-pr-commenter-action digest to d9fa643 (#247) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-10-13 16:49:33 +02:00
katexochen
41c42f547f Add tfsec workflow 2022-10-13 14:54:19 +02:00
katexochen
a00743e892 Add Terraform validation workflow 2022-10-13 14:54:19 +02:00
renovate[bot]
f032508c54
Configure Renovate (#237) 
* Configure renovate
* pin remaining github actions
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-13 14:41:55 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate (#238) 
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-12 18:05:58 +02:00
katexochen
dbd71eebd9 Fix replace deprecated set-output syntax 2022-10-12 11:51:09 +02:00
katexochen
1f290af09b Add dispatch trigger to all workflows 2022-10-12 11:32:19 +02:00
katexochen
49f233246c Replace deprecated set-output syntax 2022-10-12 11:32:19 +02:00
Paul Meyer
1c29638421
Use env to find bash in shebang (#225) 2022-10-10 14:21:17 +02:00
katexochen
baeaf9f0c5 Fix macos e2e test 2022-10-10 13:43:15 +02:00
Leonard Cohnen
2a7c6ba052 bump gcp guest agent in workflow 2022-10-10 13:43:15 +02:00
Leonard Cohnen
0c651c55dd increase control plane count during e2e tests 2022-10-07 03:44:24 +02:00
Nils Hanke
803209b12b
Update Go to 1.19.2 (#219) 2022-10-06 19:31:12 +02:00
katexochen
9edfc2f6ba Move k8s version window up 2022-10-06 19:16:20 +02:00
Paul Meyer
e4963b0511
Deactivate cache for tidycheck workflow (#216) 2022-10-06 11:19:15 +02:00
dependabot[bot]
2e93b354e4 Bump actions/cache from 3.0.8 to 3.0.10 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.10.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](fd5de65bc8...56461b9eb0)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-05 02:02:48 -07:00
dependabot[bot]
fdd4425974
Bump actions/checkout from 3.0.2 to 3.1.0 (#210) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](2541b1294d...93ea575cb5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-05 09:24:36 +02:00
Daniel Weiße
2ea695896f
AB#2439 Containerized libvirt (#191) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-10-05 09:11:30 +02:00
Daniel Weiße
804c173d52
Use terraform in CLI to create QEMU cluster (#172) 
* Use terraform in CLI to create QEMU cluster

* Dont allow qemu creation on os/arch other than linux/amd64

* Allow usage of --name flag for QEMU resources

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-09-26 15:52:31 +02:00
Malte Poll
0d54f53ba1 update release guide to cover pre versions 2022-09-21 14:50:03 +02:00
Otto Bittner
0eb4a7831b AB#2413: Add workflow for snp-report-verify 
* Extend azure-snp-report-verify to also report fw SVNs.
* Add workflow based on azure-cvm to get maa-jwt and
verify it on a second runner.
 2022-09-21 10:58:10 +02:00
Otto Bittner
d85b281570 Move GCP cloud function files to .github/runners. 2022-09-21 10:58:10 +02:00
Otto Bittner
13f973f61e AB#2413: Add Azure function for CVMs 
Add code of an azure function that is a
close copy of the existing cloud function on google.
The function spawns a CVM and initializes it
as a GitHub runner. The tag is 'azure-cvm'.
 2022-09-21 10:58:10 +02:00
katexochen
de9bdaef24 Update release workflow 2022-09-21 10:32:00 +02:00
Daniel Weiße
95873d6a15
Run macos builds as separate jobs (#174) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-09-20 13:43:46 +02:00
katexochen
788cfd9bd9 Remove autoscaling from workflows 2022-09-20 13:41:23 +02:00
katexochen
7f2608c623 Update operator workflow 2022-09-20 13:41:23 +02:00
katexochen
7eb245d7ee Checkout last instead of merge commit in workflows 2022-09-19 14:02:59 +02:00
katexochen
bce85324c2 Add go-tidy-check workflow 2022-09-19 14:02:59 +02:00
Nils Hanke
de1268ffb9 Pin cache action against specific commit 2022-09-19 04:49:55 -07:00
Nils Hanke
fdfe7ddece Add macOS E2E check to release guidelines 2022-09-19 01:09:56 -07:00
Nils Hanke
979164ab37 CI: Remove GOPRIVATE from actions 2022-09-19 01:09:56 -07:00
Nils Hanke
c8b22e87e3 CI: Add cdbg/debugd unit tests for macOS 2022-09-19 01:09:56 -07:00
Nils Hanke
52d1afaf0b CI: Consolidate multi-OS & multi-arch builds into one job 2022-09-19 01:09:56 -07:00
Nils Hanke
1dad1631ca E2E: Add manual macOS E2E test 2022-09-19 01:09:56 -07:00
Nils Hanke
6df92c127c E2E: Download external binaries depending on host OS & arch 2022-09-19 01:09:56 -07:00
Nils Hanke
a1fd971c3c CI/E2E: Update rekor-cli to 0.12.0 2022-09-19 01:09:56 -07:00
Nils Hanke
0f08c4f318 E2E: Update sonobuoy to 0.56.10 2022-09-19 01:09:56 -07:00
Nils Hanke
711532158f E2E: Fix TEAMS_JOB_NAME for manual test 2022-09-19 01:09:56 -07:00
Nils Hanke
707cbf83b4 CI: Add macOS CLI unit tests 2022-09-19 01:09:56 -07:00
Nils Hanke
2c344a35e2 CI: Test multi-arch CLI builds on push 2022-09-19 01:09:56 -07:00
Nils Hanke
7338563d14 CI/E2E: (Re)move redunant setup steps 2022-09-19 01:09:56 -07:00
Thomas Tendyck
7b7c4b3246 docs: fix CLI reference heading 2022-09-16 15:57:50 +02:00
Nils Hanke
82f03d08e4 Add missing secret definitions for E2E runs 2022-09-15 06:45:10 -07:00
katexochen
5db3a426a5 Add govulncheck action 2022-09-14 13:07:04 +02:00
Nils Hanke
4898f06421 Delete downloaded rekor-cli binary 2022-09-14 03:01:09 -07:00
Nils Hanke
9da3078445 Set working-directory to build for rekor-cli download 2022-09-14 03:01:09 -07:00
Thomas Tendyck
45ee84965f tidy link checking 2022-09-14 11:23:17 +02:00
Nils Hanke
82d9263d86 Add generate measurements step to release documentation 2022-09-14 01:22:18 -07:00
Nils Hanke
79229e04df Create seperate create measurement action 2022-09-14 01:22:18 -07:00
Nils Hanke
9f246d3cc6 E2E: Don't sign & measure E2E built CLI binaries 2022-09-14 01:22:18 -07:00
Nils Hanke
472ba642b7 E2E: Build OSS CLI by default 2022-09-14 01:22:18 -07:00
katexochen
ebd9472866 Use go.work for CI workflows 2022-09-13 15:58:38 +02:00
katexochen
f55524a8d3 Run golangci-lint for all submodules 2022-09-13 15:58:38 +02:00
Felix Schuster
eb213878a2
Re-wording in docs/workflows (#135) 
* Quick pass over create.md

* pass over verify.md

* Re-arrange workflows

* Quick polish of scale.md and upgrade.md

* Quick polish of terminate.md

* Cut recovery.md down

* Brush over ssh

* storage

* Brush over trusted launch VMs

* Update docs/docs/workflows/verify-cluster.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update docs/docs/workflows/verify-cluster.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update docs/docs/workflows/verify-cluster.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Add Azure back to title

* Update docs/docs/workflows/verify-cluster.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* fix lint errors

* publish to 2.0

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
 2022-09-13 15:12:05 +02:00
Otto Bittner
c7f39388e4 Update verification dev docs to reference new tool 2022-09-13 14:58:21 +02:00