Commit Graph

691 Commits

Author SHA1 Message Date
katexochen
7bbcc564bb Refactor id file interaction
* Use IP instead of endpoint in clusterIDsFile
* Move and rename validateEnpoint to addPortIfMissing
* Refactor clusterIDsFile handling in verify cmd
2022-08-23 18:11:20 +02:00
katexochen
c2faa20d6e Fix naming in state file 2022-08-23 18:11:20 +02:00
Fabian Kammel
779a73a03d Add sed back to gcp image commmand (#392)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>

Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 16:47:51 +02:00
Moritz Eckert
94460654e7 Apply feedback for readme (#389)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2022-08-23 13:46:06 +02:00
Fabian Kammel
33626986fe Feat/cli multi os arch (#390)
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 13:43:20 +02:00
Fabian Kammel
ec79484948 Feat/version manifests (#387)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-08-23 13:19:37 +02:00
Malte Poll
cdcbed6ff9 Re-add build-cli workflow 2022-08-19 18:29:10 +02:00
Malte Poll
f16e4bd5f9 e2e test manual: upload measurements 2022-08-19 18:22:55 +02:00
Malte Poll
f7cc72215e manual e2e test: allow parallel runs 2022-08-19 18:22:55 +02:00
Malte Poll
e841d9201b Use Azure CVMs in e2e tests 2022-08-19 18:22:55 +02:00
Malte Poll
ec548a6d17 Update image references for v1.5.0 2022-08-19 18:22:55 +02:00
Malte Poll
2d87db3914 Update pseudo-version script to determine future release version based on branch name 2022-08-19 18:22:55 +02:00
Malte Poll
fdcdd5fb78 Update versions 2022-08-19 18:22:55 +02:00
Malte Poll
b8f17c2aa3 Update release docs 2022-08-19 18:22:55 +02:00
Malte Poll
7d94ffee28 Updated CHANGELOG 2022-08-19 18:22:55 +02:00
Fabian Kammel
9c60150aa4 Have a heart for dark mode users (#385)
* conditionally use dark/light product overview image
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-19 17:31:31 +02:00
Fabian Kammel
276d25fe11 we are fine to use AGPL-3.0 (#384)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-19 15:57:01 +02:00
Malte Poll
92e4e4d95a manual operator pipeline (#383) 2022-08-19 15:19:08 +02:00
Moritz Eckert
38c1b9003c Ref/readme (#375)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Simon Röckinghausen <s2401r@gmail.com>
2022-08-19 14:54:11 +02:00
Malte Poll
5216de0803 Update CHANGELOG 2022-08-19 14:39:36 +02:00
Malte Poll
8d642be204 Azure: switch default region to west us and replicate images to multiple regions 2022-08-19 14:39:36 +02:00
Malte Poll
3c6350a332 Update coreos-assembler patch to latest changes 2022-08-19 14:39:36 +02:00
Malte Poll
7575f7688a replace github.com/google/go-attestation
workaround for https://github.com/google/go-attestation/issues/283
2022-08-19 14:39:36 +02:00
Malte Poll
5883278d4a Enable secure boot on Azure CVMs 2022-08-19 14:39:36 +02:00
Malte Poll
da41cb6962 disk-mapper: systemd cryptsetup unit for state disk 2022-08-19 14:39:36 +02:00
Otto Bittner
0892525915 Switch to Azure CVMs 2022-08-19 14:39:36 +02:00
3u13r
29a1b5de42 increase helm install timeout (#381) 2022-08-19 13:28:16 +02:00
Malte Poll
402fc7761b Disable l7 proxy on QEMU (#378) 2022-08-19 08:44:36 +02:00
Malte Poll
af99f91fec update qemu metadata image version and use correct CSP name in qemu state (#377) 2022-08-18 15:59:01 +02:00
Malte Poll
f050a301d0 [node-operator] autoscalingstrategy-controller: improve test robustness (#372) 2022-08-17 18:38:54 +02:00
Fabian Kammel
4176f038df Generate CLI reference also for sub-commands (#374)
* include all subcommands
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-17 16:58:36 +02:00
Fabian Kammel
059a3eacc0 Use consistent k8s version (#373)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-17 15:25:05 +02:00
Paul Meyer
0969ff4ac3 Fix tests and linting (#370)
* Fix license integration test
* Fix build tags in lint config
* Fix missing error checks
* Fix use of MarkNodeAsInitialized
* Fix attestation tests
* Add license integration test to cmake list
2022-08-17 13:50:43 +02:00
Malte Poll
397c9013ea Remove azure-sdk-for-go/armnetwork replace directive (#371)
https: //github.com/Azure/azure-sdk-for-go/issues/18704 was resolved
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-17 11:19:40 +02:00
Fabian Kammel
6a29dcea9c AB#2323 Update release docs (#367)
* update release docs since release images are no longer build automatically
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-17 10:59:10 +02:00
Fabian Kammel
82eb9f4544 AB#2299 License check in CLI during init (#366)
* license server interaction
* logic to read from license file
* print license information during init
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-08-16 16:06:38 +02:00
Fabian Kammel
170a8bf5e0 AB#2306 Public image sharing in Google (#358)
* document how to publicly share images in gcloud
* Write disclamer in debugd
* Add disclamer about debug images to contributing file
* Print debug banner on startup
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-16 15:53:54 +02:00
Malte Poll
abb4fb4f0f Build GCP guest agent from github actions in constellation repo 2022-08-16 08:47:58 +02:00
Malte Poll
23dfc5549b [node-operator] nodeimage-controller: improve test robustness
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-16 08:47:34 +02:00
Otto Bittner
aee432ed6f Fix syntax in yq command
Fixes syntax error in 4db5ea3b164e8e762693035cb06d643f711a3d39
2022-08-15 11:41:48 +02:00
Fabian Kammel
97c985a7f4 provide commands for all new image schemas (#363)
* provide commands for all new image schemas
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-15 11:09:10 +02:00
Otto Bittner
3018bfa03e Add enforcedMeasurements default value to config
A previous change started enforcing PCR values.
This makes it necessary to update the respective config
values before running init.
2022-08-15 09:37:18 +02:00
Daniel Weiße
ba4471a228 AB#2316 Configurable enforced PCRs (#361)
* Add warnings for non enforced, untrusted PCRs

* Fix global state in Config PCR map

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-12 15:59:45 +02:00
3u13r
9478303f80 deploy cilium via helmchart (#321) 2022-08-12 10:20:19 +02:00
Malte Poll
2c7129987a Deploy operator-lifecycle-manager (OLM), node-maintenance-operator (NMO) and constellation-node-operator
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-11 10:48:50 +02:00
Malte Poll
18a89d2881 Add constellation UID retrieval to cloudprovider metadata APIs
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-11 10:48:50 +02:00
Otto Bittner
2f925b5955 Add clone3-workaround to bootstrapper build container
The previously encountered error about misconfigured seccomp
filters is mitigated with the workaround added in this commit.
See the repo in the comment for detailed information on
the bug itself.
2022-08-10 17:17:23 +02:00
Fabian Kammel
c35e85b22b Make E2E cleanup easier (#353)
* Make E2E cleanup easier
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-10 10:13:18 +02:00
Otto Bittner
919a2165ae Run e2e test container on edgserver with privileged
The seccomp filter applied by docker presumably
stops curl from working correctly as the glibc changed the
way it creates processes (switch from clone to clone3).
The backwards compatibility layer of glibc does not work
correctly with docker's seccomp filter, making it necessary to
give the container privileged access.
2022-08-10 09:58:43 +02:00
Otto Bittner
c42e79ecfe AB#2281: Run e2e tests on latest debug image (#354)
* e2e tests now execute on the latest debug image available by default
* e2e-manual workflow now takes an optional image reference to run on
* isDebugImage is a flag that has to be set in case
you are running a debug image
2022-08-09 15:29:39 +02:00