Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-11 15:39:33 -05:00
Code Issues Packages Projects Releases Wiki Activity
4,501 Commits 136 Branches 49 Tags 93 MiB
7dd743b69e
Commit Graph

4501 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Moritz Sanft
dd385bce1f
helm: allow namespace handling for node-maintenance-operator (#3442) 2024-10-18 11:11:26 +02:00
edgelessci
e9203a2aee
image: update measurements and image version (#3441) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-18 08:08:45 +02:00
Moritz Sanft
0453f5b611
e2e: fix malicious join test (#3439) 2024-10-17 14:45:48 +02:00
Moritz Sanft
50df35438e
ci: fix artifact deletion (#3437) 
GitHub seemingly now adds a newline to the output of the gh CLI, so we need to cut it before using it.
 2024-10-17 09:37:59 +02:00
renovate[bot]
24af06b02f
deps: update Go dependencies (#3411) 
* deps: update Go dependencies

* bazel: force Gazelle generation for xDS

xDS has an upstream set of build files that makes Gazelle consider their project a whole new Bazel project, which makes Gazelle not generate any build files, even though the upstream ones aren't valid.

See https://github.com/cncf/xds/issues/104.

* go: update cel.dev/expr for Bazel fixes

cel.dev/expr had some upstream Bazel fixes in v0.16.2 without which Gazelle doesn't work.

* chore: generate

* e2e: remove references to kubeProxyVersion

kubeProxyVersion is deprecated as of KEP-4004. It was never being set to an accurate value before, and we only used it in the e2e test, so removing the additional check should not hurt here.

See https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/4004-deprecate-kube-proxy-version

* constellation-node-operator: use typed rate-limiter

The untyped rate-limiter was deprecated in favor of a generic one that can just be instantiated to `any` to achieve the previous behaviour.

* Advertise ALPN settings in NextProtos required by gRPC

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* atls: add nextProtos

nextProtos (for ALPN) is now required by gRPC, so add it.

* go: add cri-client replace

* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 17:35:51 +02:00
renovate[bot]
36f8beb3df
deps: update quay.io/medik8s/node-maintenance-operator Docker tag to v0.17.0 (#3425) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 17:07:37 +02:00
renovate[bot]
357e4366ff
deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1 (#3426) 
* deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 17:06:41 +02:00
renovate[bot]
8813a1ab04
deps: update registry.k8s.io/sig-storage/snapshot-validation-webhook Docker tag to v8.1.0 (#3431) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 17:06:06 +02:00
renovate[bot]
2e2dd855b5
deps: update registry.k8s.io/sig-storage/snapshot-controller Docker tag to v8.1.0 (#3430) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 16:07:41 +02:00
renovate[bot]
9733dc0cd5
deps: update dependency aspect_bazel_lib to v2.9.2 (#3428) 
* deps: update dependency aspect_bazel_lib to v2.9.2

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 11:51:48 +02:00
Daniel Weiße
dd73c4ce5f
ci: enable Teams mentions for burgerdev (#3422) 
* Enable Teams mentions for burgerdev
* Add instructions on how to update notify_teams assignees

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-10-16 10:54:53 +02:00
renovate[bot]
e27d80fa02
deps: update dependency containernetworking/plugins to v1.6.0 (#3420) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-10-16 10:28:37 +02:00
edgelessci
d3822f8e16
image: update measurements and image version (#3427) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 08:06:50 +02:00
renovate[bot]
c8bf4a8a43
deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1 (#3424) 
* deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-15 21:29:53 +02:00
renovate[bot]
5af5c72372
deps: update module k8s.io/endpointslice to v0.31.1 (#3421) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-15 16:40:19 +02:00
renovate[bot]
cfb3b70113
deps: update mvdan/gofumpt to v0.7.0 (#3423) 
* deps: update mvdan/gofumpt to v0.7.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-15 16:40:07 +02:00
renovate[bot]
8ca8849df6
deps: update module k8s.io/dynamic-resource-allocation to v0.31.1 (#3418) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-15 15:23:31 +02:00
Moritz Sanft
843d9bcb7c
treewide: upgrade to Go 1.23.2 (#3417) 
* treewide: upgrade to Go 1.23.2

* deps: update golangci/golangci-lint to v1.61.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-15 13:52:45 +02:00
renovate[bot]
9ef5b70966
deps: update kubernetes packages (#3416) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-15 13:10:39 +02:00
renovate[bot]
093fddb001
deps: update golangci/golangci-lint to v1.61.0 (#3415) 
* deps: update golangci/golangci-lint to v1.61.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-15 13:09:31 +02:00
renovate[bot]
fd280ecc5f
deps: update dependency kubernetes-sigs/cri-tools to v1.31.1 (#3414) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-10-14 22:11:09 +02:00
renovate[bot]
0b5b2ea65b
deps: update dependency containernetworking/plugins to v1.5.1 (#3408) 
* deps: update dependency containernetworking/plugins to v1.5.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 11:38:19 +02:00
renovate[bot]
70ebfea5ec
deps: update bufbuild/buf to v1.45.0 (#3407) 
* deps: update bufbuild/buf to v1.45.0

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 11:37:40 +02:00
renovate[bot]
c392bec892
deps: update dependency rules_oci to v2.0.1 (#3412) 
* deps: update dependency rules_oci to v2.0.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 11:36:47 +02:00
Daniel Weiße
6c94b5ae6b
ci: upgrade to ubuntu-24.04 fixups (#3413) 
* Upgrade workflows to ubuntu-24.04
* Install missing tools for ubuntu-24.04

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-10-14 11:10:30 +02:00
renovate[bot]
898c37be2a
deps: update bazel (modules) (#3405) 
* deps: update bazel (modules)

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 08:29:37 +02:00
renovate[bot]
2006c0eb04
deps: update rhysd/actionlint to v1.7.3 (#3406) 
* deps: update rhysd/actionlint to v1.7.3

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 08:29:24 +02:00
edgelessci
47b2f59b7d
image: update locked rpms (#3410) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-14 08:25:05 +02:00
renovate[bot]
810f86582d
deps: update Kubernetes versions (#3358) 
* deps: update Kubernetes versions

* e2e: run vale with python venv

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Markus Rudy <mr@edgeless.systems>
 2024-10-11 19:23:31 +02:00
Markus Rudy
96d98aa136
CODEOWNERS: move ownership of Helm charts to burgerdev (#3400) 2024-10-11 17:04:35 +02:00
renovate[bot]
1bdc0944ae
deps: update K8s constrained Azure versions (#3374) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-11 17:04:08 +02:00
renovate[bot]
228aa18a2c
deps: update bazel (core) (#3368) 
* deps: update bazel (core)

* bazel: use non-release rules_nixpkgs

* Update bazel module lock file

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* bazel: resolve patch conflict after upgrading gazelle

The generated BUILD file has changed, so our patch needs to be adapted.

* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Markus Rudy <mr@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-11 16:40:35 +02:00
renovate[bot]
a33639a354
deps: update aquasecurity/tfsec to v1.28.11 (#3401) 
* deps: update aquasecurity/tfsec to v1.28.11

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-11 16:24:01 +02:00
Markus Rudy
60dcac1f1b
ci: ignore GO-2024-3166 in govulncheck (#3404) 
* ci: ignore GO-2024-3166 in govulncheck
 2024-10-11 15:39:44 +02:00
edgelessci
1561d67a12
image: update measurements and image version (#3402) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-11 09:35:11 +02:00
renovate[bot]
ac26c80a90
deps: update GitHub action dependencies (#3399) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-09 12:16:10 +02:00
Markus Rudy
b1cf9bc3fe
e2e: upgrade: allow specifying the origin k8s version (#3397) 2024-10-09 11:33:21 +02:00
3u13r
2854136192
Allow upgrades on azure without Terraform changes on LBs created from within Kubernetes (#3257) 
* k8s: use separate lb for K8s services on azure

* terraform: introduce local revision variable and data resource

* terraform: azure: dont expose full nodeport range

* docs: add Azure load balancer migration
 2024-10-09 11:31:17 +02:00
edgelessci
2dcea4fa63
image: update measurements and image version (#3398) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-09 08:34:16 +02:00
Markus Rudy
961fabbd1a
helm: upgrade Cilium to v1.15.8 (#3392) 
* helm: upgrade to Cilium v1.15.8

* fixup! helm: upgrade to Cilium v1.15.8

use proper release tag

* fixup! helm: upgrade to Cilium v1.15.8

use images build from tag
 2024-10-08 10:55:29 +02:00
renovate[bot]
02762f7956
deps: update distroless_static Docker digest to 69830f2 (#3391) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-07 19:07:25 +02:00
3u13r
204d684686
dev-docs: link to docs website instead of to local files (#3394) 
* dev-docs: link to docs website instead of to local files

* dev-docs: pin sonobuoy link to latest working docs release

* dev-docs: link to new libvirt docs URL
 2024-10-07 19:05:21 +02:00
Moritz Eckert
0f93af9aec
readme: remove demo references (#3393) 2024-10-07 15:16:54 +02:00
Markus Rudy
dd1763a36d
helm: manage CoreDNS addon as Helm chart (#3388) 
* Reapply "helm: manage CoreDNS addon as Helm chart (#3236)"

This reverts commit 4a9422d288.

* Reapply "helm: fix kubeadm bugs caused by CoreDNS installation (#3353)"

This reverts commit 9ecfc3fa19.
 2024-10-07 10:51:37 +02:00
renovate[bot]
32e00994bb
deps: update ubuntu:22.04 Docker digest to 58b8789 (#3365) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-07 10:39:06 +02:00
edgelessci
da623ad3cc
image: update locked rpms (#3390) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-07 09:54:36 +02:00
edgelessci
cecc57f993
image: update measurements and image version (#3386) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-07 08:45:03 +02:00
Markus Rudy
bd31361d3d
image: retire idle=poll option for AWS (#3387) 2024-10-04 17:01:18 +02:00
Felix Schuster
622406de2c
Add overview of security protocols (#3376) 2024-10-02 10:22:27 +02:00
edgelessci
097879a9ca
image: update measurements and image version (#3384) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-02 09:32:22 +02:00