Commit Graph

331 Commits

Author SHA1 Message Date
Malte Poll
c3c068b65e bazel: allow running devbuild in containers with other filesystem layout 2023-04-17 12:06:21 +02:00
Malte Poll
eb11e9ac8a
bazel: download pseudo-version tool instead of "go build" (#1629)
Required for bootstrapping bazel stamping since we cannot use "bazel build" during the workspace_status command.
Adds a small script that builds the pseudo-version tool in bazel (without stamping) and uploads it to the mirror.
On the first bazel build with stamping, the pseudo-version tool is downloaded.
2023-04-12 17:41:13 +02:00
renovate[bot]
1ae39703d1
deps: update module golang.org/x/tools to v0.8.0 (#1642)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 17:31:48 +02:00
renovate[bot]
326460c037
deps: update module golang.org/x/mod to v0.10.0 (#1640)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:48:50 +02:00
renovate[bot]
44dc127036
deps: update module github.com/spf13/cobra to v1.7.0 (#1638)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:46:16 +02:00
renovate[bot]
fdaef3da0c
deps: update mvdan/gofumpt to v0.5.0 (#1643)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:12:57 +02:00
Paul Meyer
dea41bd1ed
ci: refactor e2e test failure notifications (#1625)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-12 16:06:26 +02:00
renovate[bot]
ee7ca3428a
deps: update module golang.org/x/crypto to v0.8.0 (#1639)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:41:01 +02:00
renovate[bot]
13e687f60d
deps: update rhysd/actionlint to v1.6.24 (#1637)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:40:01 +02:00
renovate[bot]
b8c9c4f251
deps: update golang.org/x/vuln digest to aaaefcd (#1635)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:38:37 +02:00
renovate[bot]
aa3b49aced
deps: update module github.com/hashicorp/terraform-exec to v0.18.1 (#1615)
* deps: update module github.com/hashicorp/terraform-exec to v0.18.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-06 10:45:25 +02:00
renovate[bot]
d95a764b65
deps: update golangci/golangci-lint to v1.52.2 (#1598)
* deps: update golangci/golangci-lint to v1.52.2
* deps: tidy all modules
* fix linting issues

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-04-05 18:40:35 +02:00
renovate[bot]
1c03b066a6
deps: update bufbuild/buf to v1.17.0 (#1597)
* deps: update bufbuild/buf to v1.17.0
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-05 18:09:28 +02:00
Malte Poll
0ece41c146
bazel-deps-mirror: upgrade command (#1617)
* bazel-deps-mirror: upgrade command

This command can be used to upgrade a dependency.
Users are supposed to replace any upstream URLs and run the upgrade command.
It replaces the expected hash and uploads the new dep to the mirror.
2023-04-05 17:32:51 +02:00
renovate[bot]
509b3d5d58
deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY] (#1614)
* deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY]
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-05 12:14:19 +02:00
Paul Meyer
00ced1bbc2
ci: run //:check and //:generate concurrently (#1606)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-04 10:39:57 +02:00
renovate[bot]
13365d7272
deps: update module github.com/mattn/go-isatty to v0.0.18 (#1601)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 21:15:59 +02:00
renovate[bot]
7a8c4727f5
deps: update AWS SDK (#1594)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 18:36:53 +02:00
renovate[bot]
d3587a34d7
deps: update github.com/gophercloud/utils digest to 5bd5e1d (#1586)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:42:01 +02:00
renovate[bot]
d260007672
deps: update module github.com/docker/docker to v20.10.23+incompatible (#1589)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:01:48 +02:00
renovate[bot]
661cf922ec
deps: update module helm.sh/helm/v3 to v3.11.2 (#1590)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 16:40:49 +02:00
renovate[bot]
5cb1899c27
deps: update golang.org/x/vuln digest to a42f991 (#1588)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 14:32:13 +02:00
renovate[bot]
33d0b8f59d
deps: update golang.org/x/exp digest to 10a5072 (#1587)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 14:28:53 +02:00
Otto Bittner
7c8215e507 cli: add kubernetes pkg to interface with cluster
Previously the content of files status and upgrade within the
cloudcmd pkg did not fit cloudcmd's pkg description.
This patch introduces a separate pkg to fix that.
2023-04-03 12:03:41 +02:00
Otto Bittner
c8c2953d7b cli: add status cmd
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
renovate[bot]
8ffd1dcf3f
deps: update bazel_gazelle digest to 4dfcb75 (#1516)
* deps: update gazelle and rules_go
* variant: remove renamed go_library label
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-03-31 10:43:07 +02:00
Paul Meyer
e021245660 bazel: add cli doc generation to //:generate
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 12:01:13 -04:00
Paul Meyer
8489516208 bazel: better ci script naming
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 12:01:13 -04:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target (#1554)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 14:47:29 +02:00
Malte Poll
827c4f548d
bazel: deps mirror (#1522)
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.

It also normalizes deps rules.

* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload


Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
d7fafb92b7 bazel: improve script template resilience
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274 bazel: add go generate to //:generate target
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
130112688c bazel: add stringer
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
81acdecd22 bazle: manage 3rdparty/node-maintainance-operator
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
8bbadecf2f bazel: add docgen tool
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
renovate[bot]
f0fc655365
deps: update golang.org/x/vuln digest to 9550759 (#1550)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:43:24 +02:00
renovate[bot]
b12858660e
deps: update github.com/gophercloud/utils digest to 05e9e7f (#1549)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:42:34 +02:00
3u13r
e934e1cbc8
exclude node modules from shellcheck (#1514) 2023-03-28 13:38:20 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target (#1512)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target (#1509)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 10:42:30 +02:00
renovate[bot]
52e85862b0
deps: update AWS SDK (#1508)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:40:06 +01:00
renovate[bot]
9b0ffa2737
deps: update io_bazel_rules_go digest to ea3cc4f (#1488)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-23 18:33:55 +01:00
Paul Meyer
e7fc541a57
bazel: add buf as protobuf formatter to //:tidy (#1511)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:08:49 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target (#1494)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:27:09 +01:00
Paul Meyer
e92c08be31
bazel: use export_files instead of genrule (#1506)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:26:48 +01:00
Otto Bittner
cac43a1dd0 ci: add e2e-upgrade test
The test is implemented as a go test.
It can be executed as a bazel target.
The general workflow is to setup a cluster,
point the test to the workspace in which to
find the kubeconfig and the constellation config
and specify a target image, k8s and
service version. The test will succeed
if it detects all target versions in the cluster
within the configured timeout.
The CI automates the above steps.
A separate workflow is introduced as there
are multiple input fields to the test.
Adding all of these to the manual e2e test
seemed confusing.

Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-03-23 14:57:38 +01:00
renovate[bot]
dc52038dbc
deps: update Azure SDK (#1498)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 09:50:09 +01:00
renovate[bot]
3f35a6c904
deps: update K8s dependencies (#1496)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:53:06 +01:00
renovate[bot]
be94710f5b
deps: update Google SDK (#1500)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:16:52 +01:00
Paul Meyer
b65b09fd9f
bazel: add terraform fmt to //:tidy target (#1501)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:14:35 +01:00
renovate[bot]
7d899d7aa5
deps: update module github.com/schollz/progressbar/v3 to v3.13.1 (#1497)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:11:50 +01:00
renovate[bot]
e95d79f97e
deps: update github.com/gophercloud/utils digest to e15d7ee (#1486)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 10:33:43 +01:00
Malte Poll
dff2ab6bf1
Revert "deps: update bazel-zig-cc digest to 6d2ee8c (#1479)" (#1482)
This reverts commit 015df546bf.
2023-03-21 16:27:58 +01:00
renovate[bot]
015df546bf
deps: update bazel-zig-cc digest to 6d2ee8c (#1479)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-21 16:00:19 +01:00
renovate[bot]
ebcba57a61
deps: update bazeldnf digest to 45f5d74 (#1478)
* deps: update bazeldnf digest to 45f5d74
* bazel: use new bazeldnf feature to write rpm rules in a macro

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-03-21 15:25:00 +01:00
Malte Poll
9bedb82d66
bazel: upgrade bazel-zig-cc to allow caching of launcher (#1474) 2023-03-21 14:29:30 +01:00
renovate[bot]
1f92b29b4d
deps: update bazel_gazelle digest to 97a754c (#1475)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-21 14:28:36 +01:00
Daniel Weiße
5a0234b3f2
attestation: add option for MAA fallback to verify azure's snp-sev id key digest (#1257)
* Convert enforceIDKeyDigest setting to enum

* Use MAA fallback in Azure SNP attestation

* Only create MAA provider if MAA fallback is enabled

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-21 12:46:49 +01:00
Paul Meyer
0f6e56badf bazel: get tfsec as binary download
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
daae4f8746 bazel: get gofumpt as binary download
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
7f3f4ca3c7 bazel: get actionlint as binary download
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
9819d71434 bazel: add missing hashes to shellcheck
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
8d3fe6f477 bazel: add terrafrom to //:check and //:generate
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
2693936906 bazel: add target for tfsec
but don't include in //:check yet, there are to many false positives.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
renovate[bot]
a6021be714
deps: update K8s dependencies (#1401)
* deps: update K8s dependencies
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-03-17 15:55:44 +01:00
Paul Meyer
3a04786412 bazel: add actionlint to //:check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 13:02:11 -04:00
Malte Poll
62e2e70699
bazel: use host platform by default (#1434) 2023-03-16 16:13:48 +01:00
Paul Meyer
0fc15b2393 bazel: add shellcheck to //:check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 11:13:14 -04:00
Paul Meyer
a0fddd44eb bazel: refactor shell rules into own package
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Paul Meyer
e3f37e9a38 bazel: add shfmt to tidy target
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Paul Meyer
88c2e14c64 bazel: add gofumpt to tidy target
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Paul Meyer
33fbac87fb tools: version tools in tools.go
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Malte Poll
122b5ff0a0
deps: upgrade rules_oci to v0.3.3 (#1402)
Release: https://github.com/bazel-contrib/rules_oci/releases/tag/v0.3.3
2023-03-15 13:10:05 +01:00
Malte Poll
bdff0d1d08
bazel: format devbuild files (#1428) 2023-03-14 14:37:58 +01:00
Malte Poll
a73cdb9b14
bazel: command to prepare development workspace (#1425)
This command symlinks all binaries into the current working directory (or the path specified by the first argument)

* bazel: command to prepare development workspace
* bazel: set malt3 as codeowner
2023-03-14 13:57:39 +01:00
Malte Poll
e4b5ef0ed4
bazel: remove java toolchain (#1427)
I thought we needed this since we saw issues on nixOS where we couldn't find a jdk.
It turns out this is not actually required.
2023-03-14 13:55:33 +01:00
Paul Meyer
8679988b6c fixup! bazel: add tidy and check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
02c97fac03 bazel: add tidy and check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
9b3af5af76 bazel: move toolchains into bazel folder
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
cc60de312e ci: adopt tidy workflow for bazel
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 10:02:28 -05:00
Malte Poll
bdba9d8ba6
bazel: add build files for go (#1186)
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-09 15:23:42 +01:00