Commit Graph

629 Commits

Author SHA1 Message Date
Daniel Weiße
7c832273fd
AB#2309 constellation upgrade execute (#2)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-29 16:49:44 +02:00
Otto Bittner
7c5556864b AB#2333: Add AMD SNP-based attestation
Currently only available on Azure CVMs.

* Get the public attestation key from the TPM.
* Get the snp report from the TPM.
* Get the VCEK and ASK certificate from the metadata api.
* Verify VCEK using hardcoded root key (ARK)
* Verify SNP report using VCEK
* Verify HCLAkPub using SNP report by comparing
AK with runtimeData
* Extend unittest

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-08-29 16:29:33 +02:00
Fabian Kammel
0a3a4e9c7f move util
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-29 16:07:55 +02:00
Fabian Kammel
22c912a56d move nodestate and role
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-29 16:07:55 +02:00
Malte Poll
26e9c67a00 Move cloud metadata packages and kubernetes resources marshaling to internal
Decouples cloud provider metadata packages from kubernetes related code

Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-29 16:07:55 +02:00
Nils Hanke
89e3acf6a1 Fix link to CHANGELOG.md in PR template 2022-08-29 04:40:49 -07:00
Nils Hanke
a8cc8a5859 Disable golangci-lint cache 2022-08-29 02:25:04 -07:00
Nils Hanke
6da228758c
GCP: Add more N2D VMs to supported list (#6) 2022-08-29 09:50:40 +02:00
Thomas Tendyck
6b6b6df7e1
Update check-licenses.sh 2022-08-28 17:40:49 +02:00
Thomas Tendyck
6b8a2a0063 remove image pull secret 2022-08-28 15:57:08 +02:00
Fabian Kammel
d972f053f9 AB#2287 Public image sharing in Azure (#350)
Trusted launch VM images in original SIG, additional SIG for community images for CVM
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-26 17:34:46 +02:00
Malte Poll
f5270c6c01 debugd: Allow root login on serial console when using debug image (#407) 2022-08-26 14:07:53 +02:00
Simon Röckinghausen
a796c7ee69 added constellation shell animation (#405) 2022-08-26 12:59:36 +02:00
Fabian Kammel
5b40e0cc77 AB#2327 move debugd code into internal folder (#403)
* move debugd code into internal folder
* Fix paths in CMakeLists.txt
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-26 11:58:18 +02:00
Malte Poll
708c6e057e Remove azure single instance support (#402) 2022-08-26 11:45:32 +02:00
Fabian Kammel
9e43701d3c Remove klog (#376)
* remove logging altogether
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-25 17:01:54 +02:00
Malte Poll
716ba52588 create on Azure: Allow toggling between CVMs / Trusted Launch VMs (#401) 2022-08-25 15:24:31 +02:00
Fabian Kammel
45beec15f5 AB#2360 enterprise build tag (#397)
* enterprise build switch to disable license checking in default (OSS) version
* remove community license quota
* empty image references on OSS build in config
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-25 14:06:29 +02:00
katexochen
6b1c20792a Use the correct context package 2022-08-24 14:56:30 +02:00
katexochen
35a5d34497 Remove legacy build tags 2022-08-24 14:56:30 +02:00
Paul Meyer
904ea06214 Update golangci-lint workflow (#396) 2022-08-24 14:55:55 +02:00
katexochen
409f6fec65 Use function for commands
instead of func init() and global var
2022-08-24 14:30:02 +02:00
katexochen
54319e4324 Read cdbg deploy IPs from ID file 2022-08-24 14:30:02 +02:00
dependabot[bot]
a07e3bfaf4 Bump actions/setup-go from 3.2.1 to 3.3.0 (#399) 2022-08-24 09:59:35 +00:00
katexochen
e761c9bf97 Manually manage GCP service accounts 2022-08-24 11:44:05 +02:00
Malte Poll
f9c70d5c5a constellation create azure: use custom poller to check for scale set creation (#394)
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-08-24 11:31:43 +02:00
Daniel Weiße
d1495e9285 Fix helm csp selection (#362)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-08-24 09:45:02 +02:00
katexochen
e57c3991f7 Don't add loadbalancer IP routing rule on workers 2022-08-23 18:11:20 +02:00
katexochen
2b25862c33 Update changelog 2022-08-23 18:11:20 +02:00
katexochen
d770957975 Add debugd ssh key distribution 2022-08-23 18:11:20 +02:00
katexochen
cf9662641c Send cdbg deploy only to loadbalancer 2022-08-23 18:11:20 +02:00
katexochen
df9db94079 Add method for building resource names 2022-08-23 18:11:20 +02:00
katexochen
14ef07aca9 Add method for building resource URIs 2022-08-23 18:11:20 +02:00
katexochen
a02a46e454 Use multiple loadbalancers on GCP 2022-08-23 18:11:20 +02:00
katexochen
c954ec089f Check for 404 errors in GCP termination 2022-08-23 18:11:20 +02:00
katexochen
9f599c3993 Remove checks for GetState/SetState 2022-08-23 18:11:20 +02:00
katexochen
f28e00659c Use uber/multierr for error composition 2022-08-23 18:11:20 +02:00
katexochen
a859accf1f Use id file for init ip 2022-08-23 18:11:20 +02:00
katexochen
7bbcc564bb Refactor id file interaction
* Use IP instead of endpoint in clusterIDsFile
* Move and rename validateEnpoint to addPortIfMissing
* Refactor clusterIDsFile handling in verify cmd
2022-08-23 18:11:20 +02:00
katexochen
c2faa20d6e Fix naming in state file 2022-08-23 18:11:20 +02:00
Fabian Kammel
779a73a03d Add sed back to gcp image commmand (#392)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>

Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 16:47:51 +02:00
Moritz Eckert
94460654e7 Apply feedback for readme (#389)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2022-08-23 13:46:06 +02:00
Fabian Kammel
33626986fe Feat/cli multi os arch (#390)
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 13:43:20 +02:00
Fabian Kammel
ec79484948 Feat/version manifests (#387)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-08-23 13:19:37 +02:00
Malte Poll
cdcbed6ff9 Re-add build-cli workflow 2022-08-19 18:29:10 +02:00
Malte Poll
f16e4bd5f9 e2e test manual: upload measurements 2022-08-19 18:22:55 +02:00
Malte Poll
f7cc72215e manual e2e test: allow parallel runs 2022-08-19 18:22:55 +02:00
Malte Poll
e841d9201b Use Azure CVMs in e2e tests 2022-08-19 18:22:55 +02:00
Malte Poll
ec548a6d17 Update image references for v1.5.0 2022-08-19 18:22:55 +02:00
Malte Poll
2d87db3914 Update pseudo-version script to determine future release version based on branch name 2022-08-19 18:22:55 +02:00