Commit Graph

4108 Commits

Author SHA1 Message Date
Felix Schuster
7197a9b719
Rewrite "chain of trust" section (#3066)
Co-authored-by: 3u13r <lc@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2024-05-27 18:21:27 +02:00
Moritz Sanft
d14ee6ba1d
helm: update AWS CSI driver chart (#3121) 2024-05-27 16:22:56 +02:00
edgelessci
a2e417f5bb
image: update locked rpms (#3124)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-05-27 08:15:52 +02:00
3u13r
21c30ebb76
metadata-api: support dnsmasq (#3115) 2024-05-24 15:14:16 +02:00
Malte Poll
37e46b98c2 bazel: removed unused WORKSPACE dependency 2024-05-24 11:18:35 +02:00
Malte Poll
f1794eb97d bazel: upgrade aspect_bazel_lib to 2.7.6 2024-05-24 11:18:35 +02:00
Malte Poll
32a8d8ffca bazel: upgrade rules_go to 0.48.0 2024-05-24 11:18:35 +02:00
renovate[bot]
80917921e3
deps: update GitHub action dependencies (#3123)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-24 11:04:23 +02:00
Daniel Weiße
d4ab6a83bc
ci: check for pattern completion instead of file when creating archive (#3120)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-24 08:46:22 +02:00
Malte Poll
bd8466a8c8 misc: remove malt3 from issue assignments 2024-05-24 08:31:59 +02:00
Malte Poll
31653ec2b8 CODEOWNERS: remove malt3 2024-05-24 08:31:59 +02:00
edgelessci
be3f555573
image: update measurements and image version (#3119)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-24 08:08:42 +02:00
Malte Poll
b86faadfcc tidy: document MODULE.bazel.lock maintencance 2024-05-23 09:48:04 +02:00
Malte Poll
162e73de72 bazel: commit bzlmod lockfile
While it does have some quirks before Bazel 7.2, it is still vital for security.
2024-05-23 09:48:04 +02:00
Malte Poll
6533351dd9 bazel: limit concurrency of mkosi_image rule
The mkosi_image rule uses a lot of memory.
In order to allow higher levels of concurrency,
such as `bazel build --jobs 128`, we need to more accurately model the
amount of CPU and memory required.
2024-05-23 09:48:04 +02:00
Malte Poll
1b3b3041d7 renovate: match additional names for Bazel core deps 2024-05-23 09:48:04 +02:00
Malte Poll
8181582450 link-checker: add ignored sites 2024-05-23 09:48:04 +02:00
Malte Poll
f57698ac3f dev-docs: document new location of Go toolchain version 2024-05-23 09:48:04 +02:00
Malte Poll
2c8a16294e bazel: migrate rules_proto to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
d960121cba bazel: update BUILD files for rules_go bzlmod migration 2024-05-23 09:48:04 +02:00
Malte Poll
9e83ba12cd bazel: migrate rules_go and gazelle to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
73e4cf6a78 bazel: migrate buildifier to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
7e5f56f3ba bazel: migrate aspect_bazel_lib to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
fd70709192 bazel: migrate rules_python to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
2ba94f5ba8 bazel: migrate rules_pkg to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
8abac5c2fd bazel: migrate rules_cc to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
d179fae776 bazel: migrate hermetic_cc_toolchain to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
3be4adb7c4 bazel: migrate skylib to bzlmod 2024-05-23 09:48:04 +02:00
Malte Poll
8796edc9ad bazel: enable bzlmod
This change enables bzlmod without migrating any dependencies.
Instead, WORKSPACE dependencies can be migrated one by one.
2024-05-23 09:48:04 +02:00
Daniel Weiße
d0bab9eb08
ci: ignore missing files when creating archive (#3118)
* Reduce output noise from using 7zip
* Ignore non existent files when creating archive

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-23 09:24:15 +02:00
Moritz Sanft
9c100a542c
bootstrapper: prioritize etcd disk I/O (#3114) 2024-05-22 16:12:53 +02:00
Markus Rudy
902b7f49a8
operators: ignore node deletion errors on absence (#3113)
* operators: ignore node deletion errors on absence
2024-05-22 15:51:21 +02:00
edgelessci
71fe73a076
image: update locked rpms (#3111)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-05-20 11:29:16 +02:00
edgelessci
4434a85a51
image: update measurements and image version (#3110)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-17 08:12:51 +02:00
Malte Poll
5fb2a2cb89
dev-docs: document E-Mail to STACKIT on every release (#3108) 2024-05-16 18:23:31 +02:00
Daniel Weiße
036a4f2ee1
deps: remove obsolete Go replace to upgrade go-sev-guest (#3107)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-16 15:48:44 +02:00
renovate[bot]
fe65a6da76 deps: update Constellation containers 2024-05-16 13:11:53 +02:00
Moritz Sanft
5c3a7a5580
image: update to Fedora 40 (#3104)
* deps: upgrade OS to Fedora 40

* image: measure uki sections uname and sbat for systemd >= 254

* deps: update mainline kernel for Fedora 40

* image: update kernel to 6.6.30

* image: update upload docs

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2024-05-16 09:10:09 +02:00
Malte Poll
7eedd0e3de
cli: simplify log message on init call (#3105) 2024-05-15 16:17:12 +02:00
renovate[bot]
36a827056f
deps: update softprops/action-gh-release action to v2 (#3103)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 10:54:37 +02:00
Daniel Weiße
87e112085f
renovate: group all Terraform dependency updates into one PR (#3101)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-15 10:31:20 +02:00
edgelessci
36141b149c
image: update measurements and image version (#3100)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-15 09:36:01 +02:00
renovate[bot]
af64f99bfe
deps: update google-github-actions/auth action to v2.1.3 (#3094)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 09:28:58 +02:00
renovate[bot]
ed54277f78
deps: update actions/download-artifact action to v4 (#3096)
* deps: update actions/download-artifact action to v4

* Update slsa generator action to v2

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2024-05-15 09:26:10 +02:00
renovate[bot]
73d86c25df
deps: update azure/login action to v2 (#3097)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 09:05:50 +02:00
renovate[bot]
d5d5ea857d
deps: update github/codeql-action action to v3 (#3099)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 09:05:38 +02:00
renovate[bot]
62baa9bed2
deps: update cachix/install-nix-action action to v26 (#3098)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 08:59:07 +02:00
renovate[bot]
c866e3d670
deps: update actions/checkout action to v4 (#3095)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-15 08:58:56 +02:00
Daniel Weiße
8219005587
terraform: only set confidential_instance_type if cc_technology is SEV_SNP (#3085)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-14 16:02:30 +02:00
Markus Rudy
8e3cf5a270
s3proxy: commit image version on release, too (#3093) 2024-05-14 15:45:06 +02:00