Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,855 Commits 133 Branches 44 Tags 106 MiB
7968d165c6
Commit Graph

114 Commits

Author SHA1 Message Date
renovate[bot]
27097b7f80
deps: update AWS SDK (#1996) 
* deps: update AWS SDK

* deps: tidy all modules

---------

Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-07-03 16:23:51 +02:00
Malte Poll
78fb0066e4
ci: add automated tests for reproducible builds (#1914) 
* ci: reproducible builds test
* deps: upgrade actionlint to support macos-13 runners
 2023-06-23 12:12:32 +02:00
Otto Bittner
7388240943
Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916)" (#1957) 
This reverts commit c7d12055d1.
 2023-06-22 17:08:44 +02:00
Otto Bittner
c7d12055d1
attestation: add SNP-based attestation for aws-sev-snp (#1916) 
* config: move AMD root key to global constant
* attestation: add SNP based attestation for aws
* Always enable SNP, regardless of attestation type.
* Make AWSNitroTPM default again

There exists a bug in AWS SNP implementation where sometimes
a host might not be able to produce valid SNP reports.
Since we have to wait for AWS to fix this we are merging SNP
attestation as opt-in feature.
 2023-06-21 14:19:55 +02:00
Malte Poll
2808012c9c
terraform: gcp node groups (#1941) 
* terraform: GCP node groups

* cli: marshal GCP node groups to terraform variables

This does not have any side effects for users.
We still strictly create one control-plane and one worker group.
This is a preparation for enabling customizable node groups in the future.
 2023-06-19 13:02:01 +02:00
Malte Poll
9b142f9a25 bazel: upgrade rules_go to a pre-release version to get stripped binaries 2023-06-16 16:30:47 +02:00
Malte Poll
18e7bffc67 bazel: upgrade bazeldnf to produce deterministic rpm2tar artifacts 2023-06-16 16:30:47 +02:00
renovate[bot]
4908b5f63c
deps: update golangci/golangci-lint to v1.53.2 (#1924) 
* deps: update golangci/golangci-lint to v1.53.2
* deps: tidy all modules
* attestation: silence linter warning


---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-06-16 09:40:08 +02:00
renovate[bot]
d964c74cbb
deps: update dependency io_bazel_rules_go to v0.39.1 (#1921) 
* deps: update dependency io_bazel_rules_go to v0.39.1
* deps: tidy all modules
* deps: remove duplicate urls

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-06-14 16:35:52 +02:00
renovate[bot]
520571c3d1
deps: update dependency com_github_bazelbuild_buildtools to v6 (#1925) 
* deps: update dependency com_github_bazelbuild_buildtools to v6
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-13 18:33:49 +02:00
renovate[bot]
16621b5d15
deps: update dependency rules_pkg to v0.9.1 (#1923) 
* deps: update dependency rules_pkg to v0.9.1
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-13 18:31:19 +02:00
renovate[bot]
42735ae1b1
deps: update bufbuild/buf to v1.21.0 (#1922) 
* deps: update bufbuild/buf to v1.21.0
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-13 18:20:44 +02:00
renovate[bot]
5442e86150
deps: update dependency bazel_gazelle to v0.31.1 (#1919) 
* deps: update dependency bazel_gazelle to v0.31.1
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-13 18:18:50 +02:00
renovate[bot]
053b371e93
deps: update dependency bazel_skylib to v1.4.2 (#1920) 
* deps: update dependency bazel_skylib to v1.4.2
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-13 18:03:40 +02:00
Daniel Weiße
ab74730fd7
Update go-tpm-tools fork (#1910) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-12 15:59:40 +02:00
renovate[bot]
167052d443
deps: update dependency hermetic_cc_toolchain to v2.0.0 (#1860) 
* deps: update dependency hermetic_cc_toolchain to v2.0.0
* deps: tidy all modules
* bazel: target glibc 2.23 to enable rbe

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-06-09 17:39:30 +02:00
renovate[bot]
7c345f4503
deps: update github.com/gophercloud/utils digest to de873b9 (#1843) 
* deps: update github.com/gophercloud/utils digest to de873b9
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-09 10:02:59 +02:00
3u13r
3ad9258a57
deps: bump ginkgo version (#1885) 2023-06-06 18:15:48 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion (#1881) 
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
 2023-06-06 15:22:06 +02:00
renovate[bot]
18da9b8128
deps: update dependency com_github_bazelbuild_buildtools to v4.2.5 (#1858) 
* deps: update dependency com_github_bazelbuild_buildtools to v4.2.5

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-02 11:56:14 +02:00
renovate[bot]
93569ff54c
deps: update golang.org/x/exp digest to 2e198f4 (#1844) 
* deps: update golang.org/x/exp digest to 2e198f4
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
 2023-06-02 11:03:33 +02:00
Adrian Stobbe
b51cc52945
config: sign Azure versions on upload & verify on fetch (#1836) 
* add SignContent() + integrate into configAPI

* use static client for upload versions tool; fix staticupload calleeReference bug

* use version to get proper cosign pub key.

* mock fetcher in CLI tests

* only provide config.New constructor with fetcher

Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2023-06-01 13:55:46 +02:00
renovate[bot]
885febf109
deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY] (#1842) 
* deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY]

* chore: tidy

* deps: update pseudo version tool hashes

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-31 23:30:27 +02:00
3u13r
fbcbb9a766
deps: align k8s deps (#1841) 2023-05-31 17:10:03 +02:00
Malte Poll
60b125cb59
cli: add windows amd64 build target (#1835) 2023-05-30 12:02:43 +02:00
renovate[bot]
2afddcb0f8
deps: update K8s dependencies (#1599) 
* deps: update K8s dependencies

* deps: bump controller runtime

* chore: tidy

* bump helm and migrate controller runtime

* fix helm deprecation

---------

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-24 18:57:45 +02:00
renovate[bot]
be8d993cb7
deps: update module github.com/sigstore/sigstore to v1.6.4 (#1814) 
* deps: update module github.com/sigstore/sigstore to v1.6.4

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-23 16:25:26 +02:00
renovate[bot]
13f1eb23d7
deps: update module github.com/stretchr/testify to v1.8.3 (#1815) 
* deps: update module github.com/stretchr/testify to v1.8.3

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-22 17:35:28 +02:00
renovate[bot]
6ba461015d
deps: update module github.com/hashicorp/hc-install to v0.5.2 (#1812) 
* deps: update module github.com/hashicorp/hc-install to v0.5.2

* deps: tidy all modules

* chore: tidy + update

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-22 16:32:00 +02:00
renovate[bot]
2a721bfa33
deps: update module github.com/mattn/go-isatty to v0.0.19 (#1813) 
* deps: update module github.com/mattn/go-isatty to v0.0.19

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-22 16:31:52 +02:00
renovate[bot]
971e814551
deps: update module github.com/google/go-tpm-tools to v0.3.12 (#1811) 
* deps: update module github.com/google/go-tpm-tools to v0.3.12

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-22 15:40:42 +02:00
renovate[bot]
624af80f7f
deps: update module cloud.google.com/go/compute to v1.19.3 (#1810) 
* deps: update module cloud.google.com/go/compute to v1.19.3

* chore: tidy

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-22 15:29:48 +02:00
Malte Poll
ab257944f9
bazel: provide semi-hermetic python toolchain (#1753) 
The actual python version used in bazel is hermetic after this PR.
However, we still require a host python toolchain for bootstrapping (this will be fixed soon upstream) and host wide glibc (+ libcrypt.so.1).
 2023-05-22 09:10:41 +02:00
renovate[bot]
4ee4423389
deps: update github.com/gophercloud/utils digest to 6eab72e (#1791) 
* deps: update github.com/gophercloud/utils digest to 6eab72e

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-19 15:34:20 +02:00
renovate[bot]
8bd93680f1
deps: update katexochen/ghh to v0.2.1 (#1805) 
* deps: update katexochen/ghh to v0.2.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-19 14:18:16 +02:00
3u13r
964775c4c2
Add autoscaling and cluster upgrade support for AWS (#1758) 
* aws: autoscaling and upgrades

* docs: update scaling and upgrades for AWS

* deps: pin vuln check against release
 2023-05-19 13:57:31 +02:00
renovate[bot]
12ccfea543
deps: update module golang.org/x/tools to v0.9.1 (#1801) 
* deps: update module golang.org/x/tools to v0.9.1

* chore: tidy

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-19 13:18:54 +02:00
renovate[bot]
4c8568963b
deps: update module golang.org/x/crypto to v0.9.0 (#1799) 
* deps: update module golang.org/x/crypto to v0.9.0

* chore: tidy

* deps: bump pseudo version tool

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-19 12:00:25 +02:00
Daniel Weiße
dd2da25ebe attestation: tdx issuer/validator (#1265) 
* Add TDX validator

* Add TDX issuer

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-05-17 11:37:26 +02:00
renovate[bot]
daea874b46
deps: update com_github_ash2k_bazel_tools digest to 2add5bb (#1789) 
* deps: update com_github_ash2k_bazel_tools digest to 2add5bb
* deps: set bazel-tools hash

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-05-17 09:43:36 +02:00
renovate[bot]
53758e65ad
deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4 (#1764) 
* deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4

* deps: tidy all modules

* update pseudo version tool

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-16 22:19:16 +02:00
renovate[bot]
230ea79bcc
deps: update Google SDK (#1748) 
* deps: update Google SDK

* deps: fix grpc_testing import

* deps: update pseudo version tool hashes

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-16 18:13:17 +02:00
Malte Poll
d7b63bdc37
deps: update bazeldnf digest to v0.5.7 (#1782) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-05-16 17:54:25 +02:00
renovate[bot]
cd28b3a39f
deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY] (#1762) 
* deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY]

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2023-05-12 18:07:20 +02:00
renovate[bot]
fe115bdb16
deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY] (#1729) 
* deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY]

* deps: bump oras

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-05-11 17:23:17 +02:00
renovate[bot]
0db7f68093
deps: update Azure SDK (#1747) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 15:12:25 +02:00
renovate[bot]
5de413d7b1
deps: update distroless_static Docker digest to 7198a35 (#1742) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 14:39:15 +02:00
Malte Poll
ee91d8b1cc image: implement idempotent upload of os images 2023-05-05 12:06:44 +02:00
renovate[bot]
4cfa7a0306
deps: update golang.org/x/exp digest to 47ecfdc (#1690) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 17:51:46 +02:00
3u13r
1bdf410b52
bazel: allow custom container_prefix (#1693) 
* build: allow custom container registry

* build: fix .bazeloverwriterc import
 2023-04-27 11:52:02 +02:00