Otto Bittner
7388240943
Revert "attestation: add SNP-based attestation for aws-sev-snp ( #1916 )" ( #1957 )
...
This reverts commit c7d12055d1
.
2023-06-22 17:08:44 +02:00
Otto Bittner
c7d12055d1
attestation: add SNP-based attestation for aws-sev-snp ( #1916 )
...
* config: move AMD root key to global constant
* attestation: add SNP based attestation for aws
* Always enable SNP, regardless of attestation type.
* Make AWSNitroTPM default again
There exists a bug in AWS SNP implementation where sometimes
a host might not be able to produce valid SNP reports.
Since we have to wait for AWS to fix this we are merging SNP
attestation as opt-in feature.
2023-06-21 14:19:55 +02:00
Malte Poll
2808012c9c
terraform: gcp node groups ( #1941 )
...
* terraform: GCP node groups
* cli: marshal GCP node groups to terraform variables
This does not have any side effects for users.
We still strictly create one control-plane and one worker group.
This is a preparation for enabling customizable node groups in the future.
2023-06-19 13:02:01 +02:00
Daniel Weiße
ab74730fd7
Update go-tpm-tools fork ( #1910 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-06-12 15:59:40 +02:00
renovate[bot]
7c345f4503
deps: update github.com/gophercloud/utils digest to de873b9 ( #1843 )
...
* deps: update github.com/gophercloud/utils digest to de873b9
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-09 10:02:59 +02:00
3u13r
3ad9258a57
deps: bump ginkgo version ( #1885 )
2023-06-06 18:15:48 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion ( #1881 )
...
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
2023-06-06 15:22:06 +02:00
renovate[bot]
93569ff54c
deps: update golang.org/x/exp digest to 2e198f4 ( #1844 )
...
* deps: update golang.org/x/exp digest to 2e198f4
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-02 11:03:33 +02:00
Adrian Stobbe
b51cc52945
config: sign Azure versions on upload & verify on fetch ( #1836 )
...
* add SignContent() + integrate into configAPI
* use static client for upload versions tool; fix staticupload calleeReference bug
* use version to get proper cosign pub key.
* mock fetcher in CLI tests
* only provide config.New constructor with fetcher
Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-06-01 13:55:46 +02:00
renovate[bot]
885febf109
deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY] ( #1842 )
...
* deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY]
* chore: tidy
* deps: update pseudo version tool hashes
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-31 23:30:27 +02:00
3u13r
fbcbb9a766
deps: align k8s deps ( #1841 )
2023-05-31 17:10:03 +02:00
Malte Poll
60b125cb59
cli: add windows amd64 build target ( #1835 )
2023-05-30 12:02:43 +02:00
renovate[bot]
2afddcb0f8
deps: update K8s dependencies ( #1599 )
...
* deps: update K8s dependencies
* deps: bump controller runtime
* chore: tidy
* bump helm and migrate controller runtime
* fix helm deprecation
---------
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-24 18:57:45 +02:00
renovate[bot]
be8d993cb7
deps: update module github.com/sigstore/sigstore to v1.6.4 ( #1814 )
...
* deps: update module github.com/sigstore/sigstore to v1.6.4
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-23 16:25:26 +02:00
renovate[bot]
13f1eb23d7
deps: update module github.com/stretchr/testify to v1.8.3 ( #1815 )
...
* deps: update module github.com/stretchr/testify to v1.8.3
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 17:35:28 +02:00
renovate[bot]
6ba461015d
deps: update module github.com/hashicorp/hc-install to v0.5.2 ( #1812 )
...
* deps: update module github.com/hashicorp/hc-install to v0.5.2
* deps: tidy all modules
* chore: tidy + update
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-22 16:32:00 +02:00
renovate[bot]
2a721bfa33
deps: update module github.com/mattn/go-isatty to v0.0.19 ( #1813 )
...
* deps: update module github.com/mattn/go-isatty to v0.0.19
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 16:31:52 +02:00
renovate[bot]
971e814551
deps: update module github.com/google/go-tpm-tools to v0.3.12 ( #1811 )
...
* deps: update module github.com/google/go-tpm-tools to v0.3.12
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 15:40:42 +02:00
renovate[bot]
624af80f7f
deps: update module cloud.google.com/go/compute to v1.19.3 ( #1810 )
...
* deps: update module cloud.google.com/go/compute to v1.19.3
* chore: tidy
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-22 15:29:48 +02:00
renovate[bot]
4ee4423389
deps: update github.com/gophercloud/utils digest to 6eab72e ( #1791 )
...
* deps: update github.com/gophercloud/utils digest to 6eab72e
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-19 15:34:20 +02:00
3u13r
964775c4c2
Add autoscaling and cluster upgrade support for AWS ( #1758 )
...
* aws: autoscaling and upgrades
* docs: update scaling and upgrades for AWS
* deps: pin vuln check against release
2023-05-19 13:57:31 +02:00
renovate[bot]
12ccfea543
deps: update module golang.org/x/tools to v0.9.1 ( #1801 )
...
* deps: update module golang.org/x/tools to v0.9.1
* chore: tidy
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-19 13:18:54 +02:00
renovate[bot]
4c8568963b
deps: update module golang.org/x/crypto to v0.9.0 ( #1799 )
...
* deps: update module golang.org/x/crypto to v0.9.0
* chore: tidy
* deps: bump pseudo version tool
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-19 12:00:25 +02:00
Daniel Weiße
dd2da25ebe
attestation: tdx issuer/validator ( #1265 )
...
* Add TDX validator
* Add TDX issuer
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-17 11:37:26 +02:00
renovate[bot]
53758e65ad
deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4 ( #1764 )
...
* deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4
* deps: tidy all modules
* update pseudo version tool
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-16 22:19:16 +02:00
renovate[bot]
230ea79bcc
deps: update Google SDK ( #1748 )
...
* deps: update Google SDK
* deps: fix grpc_testing import
* deps: update pseudo version tool hashes
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-16 18:13:17 +02:00
renovate[bot]
cd28b3a39f
deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY] ( #1762 )
...
* deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY]
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-12 18:07:20 +02:00
renovate[bot]
fe115bdb16
deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY] ( #1729 )
...
* deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY]
* deps: bump oras
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-11 17:23:17 +02:00
renovate[bot]
0db7f68093
deps: update Azure SDK ( #1747 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-05 15:12:25 +02:00
Malte Poll
ee91d8b1cc
image: implement idempotent upload of os images
2023-05-05 12:06:44 +02:00
renovate[bot]
4cfa7a0306
deps: update golang.org/x/exp digest to 47ecfdc ( #1690 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 17:51:46 +02:00
renovate[bot]
1ae39703d1
deps: update module golang.org/x/tools to v0.8.0 ( #1642 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 17:31:48 +02:00
renovate[bot]
326460c037
deps: update module golang.org/x/mod to v0.10.0 ( #1640 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:48:50 +02:00
renovate[bot]
44dc127036
deps: update module github.com/spf13/cobra to v1.7.0 ( #1638 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:46:16 +02:00
renovate[bot]
ee7ca3428a
deps: update module golang.org/x/crypto to v0.8.0 ( #1639 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:41:01 +02:00
renovate[bot]
b8c9c4f251
deps: update golang.org/x/vuln digest to aaaefcd ( #1635 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:38:37 +02:00
renovate[bot]
aa3b49aced
deps: update module github.com/hashicorp/terraform-exec to v0.18.1 ( #1615 )
...
* deps: update module github.com/hashicorp/terraform-exec to v0.18.1
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-06 10:45:25 +02:00
renovate[bot]
509b3d5d58
deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY] ( #1614 )
...
* deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY]
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-05 12:14:19 +02:00
renovate[bot]
13365d7272
deps: update module github.com/mattn/go-isatty to v0.0.18 ( #1601 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 21:15:59 +02:00
renovate[bot]
7a8c4727f5
deps: update AWS SDK ( #1594 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 18:36:53 +02:00
renovate[bot]
d3587a34d7
deps: update github.com/gophercloud/utils digest to 5bd5e1d ( #1586 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:42:01 +02:00
renovate[bot]
d260007672
deps: update module github.com/docker/docker to v20.10.23+incompatible ( #1589 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:01:48 +02:00
renovate[bot]
661cf922ec
deps: update module helm.sh/helm/v3 to v3.11.2 ( #1590 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 16:40:49 +02:00
renovate[bot]
5cb1899c27
deps: update golang.org/x/vuln digest to a42f991 ( #1588 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 14:32:13 +02:00
renovate[bot]
33d0b8f59d
deps: update golang.org/x/exp digest to 10a5072 ( #1587 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 14:28:53 +02:00
Otto Bittner
7c8215e507
cli: add kubernetes pkg to interface with cluster
...
Previously the content of files status and upgrade within the
cloudcmd pkg did not fit cloudcmd's pkg description.
This patch introduces a separate pkg to fix that.
2023-04-03 12:03:41 +02:00
Otto Bittner
c8c2953d7b
cli: add status cmd
...
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
Malte Poll
827c4f548d
bazel: deps mirror ( #1522 )
...
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.
It also normalizes deps rules.
* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
130112688c
bazel: add stringer
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
renovate[bot]
f0fc655365
deps: update golang.org/x/vuln digest to 9550759 ( #1550 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:43:24 +02:00