Commit Graph

381 Commits

Author SHA1 Message Date
Daniel Weiße
7bb6ad6cc2
docs: fix broken links (#3359)
* Update cosign installation guide link
* Update cosign overview link
* Update cosign sbom link

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-09-17 15:33:08 +02:00
renovate[bot]
a295ecaffb
cli: add --subscriptionID flag for iam create azure command (#3328)
* deps: update Terraform azurerm to v4
* Set Azure subscription ID when applying Terraform files
* Upgrade azurerm to v4.1.0
* Mark subscriptionID flag as not required
* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-09-17 12:30:22 +02:00
renovate[bot]
5720fcc330
deps: update ubuntu:22.04 Docker digest to adbb901 (#3321)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-09 08:35:43 +02:00
renovate[bot]
6e6ea1a9d5
deps: update Kubernetes versions (#3325)
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-08-26 13:46:46 +02:00
Moritz Eckert
a54b59ab25
docs: remove deprecated master-secret flag from recovery (#3326) 2024-08-26 12:54:58 +02:00
renovate[bot]
cf5d9c2f12
deps: update Kubernetes versions (#3298)
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-08-26 09:18:56 +02:00
Thomas Tendyck
e2ee775483 docs: update Tab tags 2024-08-23 22:45:37 +02:00
Thomas Tendyck
e90b0e5109 docs: update docusaurus and enable broken anchor detection 2024-08-23 22:45:37 +02:00
Thomas Tendyck
ded559a3fe docs: update AsciinemaWidget tags 2024-08-23 22:45:37 +02:00
Thomas Tendyck
abe0397e0d docs: replace angle bracket links, which aren't supported by new mdx version 2024-08-23 22:45:37 +02:00
laralaske
1c78d2fde1
update readme banner (#3318)
* Add files via upload

* Update README.md

* Rename GitHub Banner_Constellation animated.svg to BannerConstellationanimated.svg

* Update README.md

* Delete docs/static/img/banner.svg

* Update BannerConstellationanimated.svg
2024-08-22 12:29:52 +02:00
Moritz Eckert
ec7b40d933
docs: sort clouds table alphabetical (#3315) 2024-08-20 10:35:41 +02:00
Thomas Tendyck
0551a862b3 docs: remove date from "feature status of clouds" page 2024-08-13 22:28:57 +02:00
renovate[bot]
f33e7e5ac5
deps: update ubuntu:22.04 Docker digest to 340d9b0 (#3252)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-02 15:05:28 +02:00
Thomas Tendyck
399376d3e3
Make SEV-SNP the default attestation variant on GCP (#3267)
* Make SNP the default on GCP

* fixup! Make SNP

* fixup! Make SNP
2024-07-22 13:29:27 +02:00
laralaske
eab42221a9
Update concept.svg (#3255)
* Update concept.svg

* Update concept.svg
2024-07-14 21:29:11 +02:00
Thomas Tendyck
712ff90ba0 docs: backport to old versions 2024-07-12 09:16:44 +02:00
Thomas Tendyck
1826801f0a docs: move compute benchmarks to own page 2024-07-12 09:16:44 +02:00
Moritz Eckert
5efe2a4c83
docs: update concept graphic (#3233) 2024-07-04 15:40:21 +02:00
edgelessci
7b6c3a710e
docs: add release v2.17.0 (#3221)
Co-authored-by: msanft <58110325+msanft@users.noreply.github.com>
2024-07-03 14:11:59 +02:00
Moritz Eckert
ca8d11861d
docs: add policy troubleshooting tip (#3212)
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-27 16:47:23 +02:00
renovate[bot]
f1f61ffd51
deps: update ubuntu:22.04 Docker digest to 19478ce (#3187)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-27 10:34:30 +02:00
Daniel Weiße
09d19fec22
cli: fix constellation verify depending on an initialized constellation-state.yaml file (#3184)
* Ignore missing state file if flags are provided
* Update verify docs to include requirement for config file

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-21 10:09:01 +02:00
Markus Rudy
c911eb4e3a
versions: default to k8s v1.29, support k8s v1.30, EOL v1.27 (#3173)
* versions: remove k8s 1.27 and patch-upgrade the others

* versions: add support for k8s 1.30.2

* versions: upgrade cloud provider images
2024-06-19 17:34:34 +02:00
Moritz Sanft
7d4e7eff65
docs: adjust MAA updating (#3152)
* docs: adjust MAA updating

* versioned-docs: backport fix
2024-06-07 13:56:10 +02:00
renovate[bot]
aa910cfc25
deps: update Kubernetes versions (#3102)
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-03 15:08:09 +02:00
Felix Schuster
7197a9b719
Rewrite "chain of trust" section (#3066)
Co-authored-by: 3u13r <lc@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2024-05-27 18:21:27 +02:00
renovate[bot]
dda426a51e
deps: update ubuntu:22.04 Docker digest to a6d2b38 (#3084)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-13 10:18:56 +02:00
Markus Rudy
174c3ab48a
terraform: add missing policies for AWS ALB (#3063)
* terraform: add missing policies for AWS ALB
2024-05-10 08:51:32 +02:00
renovate[bot]
fffc9db2b5
deps: update Kubernetes versions (#3072)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-05-09 13:38:01 +02:00
Felix Schuster
7d46d0f7d6
Small changes in docs/README (#3050)
* Change concept image

* Add sentence to "first steps"
2024-04-30 16:01:56 +02:00
miampf
b187966581
cli: allow tagging cloud resources with custom tags (#3033) 2024-04-19 09:07:57 +00:00
Moritz Sanft
913b09aeb8
Support SEV-SNP on GCP (#3011)
* terraform: enable creation of SEV-SNP VMs on GCP

* variant: add SEV-SNP attestation variant

* config: add SEV-SNP config options for GCP

* measurements: add GCP SEV-SNP measurements

* gcp: separate package for SEV-ES

* attestation: add GCP SEV-SNP attestation logic

* gcp: factor out common logic

* choose: add GCP SEV-SNP

* cli: add TF variable passthrough for GCP SEV-SNP variables

* cli: support GCP SEV-SNP for `constellation verify`

* Adjust usage of GCP SEV-SNP throughout codebase

* ci: add GCP SEV-SNP

* terraform-provider: support GCP SEV-SNP

* docs: add GCP SEV-SNP reference

* linter fixes

* gcp: only run test with TPM simulator

* gcp: remove nonsense test

* Update cli/internal/cmd/verify.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update docs/docs/overview/clouds.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go

Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>

* linter fixes

* terraform_provider: correctly pass down CC technology

* config: mark attestationconfigapi as unimplemented

* gcp: fix comments and typos

* snp: use nonce and PK hash in SNP report

* snp: ensure we never use ARK supplied by Issuer (#3025)

* Make sure SNP ARK is always loaded from config, or fetched from AMD KDS
* GCP: Set validator `reportData` correctly

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* attestationconfigapi: add GCP to uploading

* snp: use correct cert

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: enable fetching of attestation config values for GCP SEV-SNP

* linter fixes

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2024-04-16 18:13:47 +02:00
Moritz Eckert
c3eae84fbb
docs: update images with inter font (#2995) 2024-04-08 07:28:01 +02:00
Moritz Eckert
c40e1a9bbd
docs: change to inter font (#2989) 2024-03-15 15:38:34 +01:00
Thomas Tendyck
9e3d605cf2
Add STACKIT to readme (#2988)
* Add STACKIT to readme

and sort CSPs alphabetically in sentences

* fix links
2024-03-15 11:53:13 +01:00
Moritz Eckert
912575eb31
docs: order csp strictly alphabetically (#2986) 2024-03-15 10:13:57 +01:00
Adrian Stobbe
1334b84c2e
Update docs (#2982)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2024-03-13 14:09:51 +01:00
Malte Poll
1b973bf23f
docs: remove steps for STACKIT credentials in config (#2980)
The OpenStack credentials (username and password) can now be retrieved
from the "clouds.yaml" by the Constellation CLI and terraform code.
This simplifies the configuration for end-users.
2024-03-12 07:27:45 +01:00
Malte Poll
25624e91e8
docs: add runtime measurement table for Constellation v2.16 (#2979) 2024-03-12 07:27:26 +01:00
Malte Poll
35260a4455 docs: document OpenStack related config files on Windows 2024-03-11 16:43:36 +01:00
Malte Poll
353b02c17c docs: document STACKIT CC features
Co-Authored-By: Moritz Eckert <m1gh7ym0@gmail.com>
2024-03-11 16:43:36 +01:00
Malte Poll
63b9761962 docs: explain recovery steps on STACKIT 2024-03-11 16:43:36 +01:00
Malte Poll
220f292181 docs: mention all zones where STACKIT instances are available 2024-03-11 16:43:36 +01:00
Malte Poll
7fb2a357d9 docs: add STACKIT to the terraform provider page 2024-03-11 15:59:23 +01:00
Malte Poll
52e4e64316 docs: add installation instructions for the Windows CLI variant 2024-03-08 10:45:36 +01:00
Malte Poll
fc08e50605
docs: update STACKIT flavors (#2964) 2024-03-01 10:59:06 +01:00
malt3
c4f27f62ee docs: add release v2.16.0 2024-02-29 17:22:19 +01:00
Malte Poll
5e40f49ca4 docs: update STACKIT instance types 2024-02-28 15:48:53 +01:00
Malte Poll
4b3d9e15a5 docs: add STACKIT 2024-02-23 13:32:22 +01:00