Otto Bittner
c275464634
cli: change upgrade-plan to upgrade-check
...
Upgrade check is used to find updates for the current cluster.
Optionally the found upgrades can be persisted to the config
for consumption by the upgrade-execute cmd.
The old `upgrade execute` in this commit does not work with
the new `upgrade plan`.
The current versions are read from the cluster.
Supported versions are read from the cli and the versionsapi.
Adds a new config field MicroserviceVersion that will be used
by `upgrade execute` to update the service versions.
The field is optional until 2.7
A deprecation warning for the upgrade key is printed during
config validation.
Kubernetes versions now specify the patch version to make it
explicit for users if an upgrade changes the k8s version.
2023-02-08 12:30:01 +01:00
renovate[bot]
535c359ee7
deps: update Constellation containers to v2.6.0-pre.0.20230131161703-e0354826e058 ( #1105 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-31 18:08:40 +01:00
Otto Bittner
6415d80ee4
versions: update constellation operator image
2023-01-31 11:36:49 +01:00
renovate[bot]
11e233e4be
deps: update ghcr.io/edgelesssys/cloud-provider-gcp:v26.0.1 Docker digest to 8708a33 ( #1110 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-30 16:54:11 +01:00
renovate[bot]
dcde73b4c4
deps: update Constellation containers to v2.6.0-pre.0.20230127131021-e174146e0c93 ( #1091 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 16:01:08 +01:00
renovate[bot]
fb1b1f50fd
deps: update K8s version independent containers to v0.1.1 ( #1020 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 15:25:05 +01:00
Paul Meyer
8364856d55
versions: remove Kubernetes v1.23
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 13:32:20 +01:00
renovate[bot]
c758aef1ff
deps: update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.25.3 ( #1082 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-27 11:30:43 +01:00
renovate[bot]
dd1140868e
deps: update Constellation containers to v2.6.0-pre ( #1074 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-26 14:58:51 +01:00
github-actions[bot]
9567cc09ce
release: bring back changes from v2.5.0 ( #1061 )
...
* deps: update version to v2.5.0
* attestation: hardcode measurements for v2.5.0
* bump operator versions
Co-authored-by: release[bot] <release[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-01-24 11:35:26 +01:00
renovate[bot]
5142497a3d
deps: update dependency containernetworking/plugins to v1.2.0 ( #1022 )
...
* Update dependency containernetworking/plugins to v1.2.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-23 14:56:28 +01:00
renovate[bot]
f688afff3f
Update K8s constrained Azure versions ( #1009 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-23 14:32:21 +01:00
renovate[bot]
9f05631afd
deps: update Constellation containers ( #1052 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-21 20:17:07 +01:00
Paul Meyer
c4d68d1c28
versions: update key-service name
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-21 19:55:14 +01:00
renovate[bot]
6708aff984
deps: update dependency kubernetes/kubernetes to v1.24.10 ( #1043 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 18:54:10 +01:00
Fabian Kammel
8482d26eef
deps: update cloud provider gcp image for k8s v1.26 ( #1051 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-20 15:54:24 +01:00
renovate[bot]
9b4dc9b478
Update Constellation containers to v2.5.0-pre.0.20230119145750-690b50b29de5 ( #1039 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 09:51:29 +01:00
renovate[bot]
99496c3c33
Update Kubernetes versions ( #1019 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 17:16:00 +01:00
Daniel Weiße
690b50b29d
dev-docs: Go package docs ( #958 )
...
* Remove unused package
* Add Go package docs to most packages
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-01-19 15:57:50 +01:00
Otto Bittner
a0ac957227
versions: update join- & keyservice images
2023-01-19 13:14:55 +01:00
Otto Bittner
9a1f52e94e
Refactor init/recovery to use kms URI
...
So far the masterSecret was sent to the initial bootstrapper
on init/recovery. With this commit this information is encoded
in the kmsURI that is sent during init.
For recover, the communication with the recoveryserver is
changed. Before a streaming gRPC call was used to
exchanges UUID for measurementSecret and state disk key.
Now a standard gRPC is made that includes the same kmsURI &
storageURI that are sent during init.
2023-01-19 13:14:55 +01:00
renovate[bot]
90ea35ae35
Update Constellation containers to v2.5.0-pre.0.20230118154955-632090c21b93 ( #1014 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-18 17:28:04 +01:00
renovate[bot]
41eb533d63
Update Constellation containers ( #1003 )
...
https://github.com/edgelesssys/constellation/actions/runs/3943576556/jobs/6748558235
2023-01-18 09:44:36 +01:00
renovate[bot]
bbda3d1ecd
Update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.25.2 ( #979 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:10:26 +01:00
renovate[bot]
a3035167b6
Update Constellation containers ( #965 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:59:49 +01:00
Otto Bittner
89f075d490
versions: rename KmsImage to KeyServiceImage
2023-01-16 15:14:23 +01:00
Paul Meyer
42135dfdd6
versions: update container images to v2.5.0-pre
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:54:41 +01:00
Otto Bittner
90b88e1cf9
kms: rename kms to keyservice
...
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00
Malte Poll
bcd8aa9acc
Use upstream node-maintenance-operator ( #115 )
2023-01-12 16:01:03 +01:00
Paul Meyer
4bc191e434
versions: move hash generator into own package
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:29:32 +01:00
Paul Meyer
c081664d03
versions: repair hash generation
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:29:32 +01:00
renovate[bot]
d24fac00f0
Update Constellation containers ( #884 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-09 13:15:28 +01:00
Leonard Cohnen
3637909a46
internal: move components into their own package
2023-01-09 12:16:54 +01:00
Paul Meyer
49534d463d
deps: update cluster autoscaler ( #835 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 16:47:31 +01:00
renovate[bot]
8b11a18239
Update K8s constrained Azure versions ( #886 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 14:15:16 +01:00
renovate[bot]
f99a3189d8
Update K8s constrained versions ( #799 )
...
* Update K8s constrained versions
* Update azure images to v1.26
* Revert upgrade for k8s v1.23
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 10:40:37 +01:00
Paul Meyer
afbd4a3dc1
deps: upgrade AWS cloud controller manager ( #863 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 16:35:19 +01:00
renovate[bot]
7eae68d4f9
Update Constellation containers
2023-01-05 15:43:11 +01:00
Leonard Cohnen
25c3a8a1f3
init: add cluster version to kubernetes components
2023-01-05 14:52:09 +01:00
renovate[bot]
9c71145862
Update K8s version independent containers to v0.0.35 ( #872 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 13:26:55 +01:00
renovate[bot]
cf3169cf44
Update Constellation containers ( #854 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 08:14:57 +01:00
renovate[bot]
324ef42c42
Update Constellation containers ( #852 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-03 12:30:07 +01:00
Paul Meyer
de6ee412ac
deps: update AWS cloud controller manager
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-03 12:14:16 +01:00
Leonard Cohnen
4b43311fbd
bump microservice versions
2023-01-03 11:51:29 +01:00
renovate[bot]
8ddc8cdb65
Update dependency kubernetes-sigs/cri-tools to v1.26.0
2022-12-16 10:43:33 +01:00
renovate[bot]
7ffbad12be
Update Constellation containers to v2.3.0-pre.0.20221212170906-a77f38efbb31 ( #779 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-14 10:46:15 +01:00
Paul Meyer
c741ccfb4b
kubernetes: use new registry
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Paul Meyer
6862c2587f
kubernetes: add v1.26, default to v1.25
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Malte Poll
c3b657de01
Bump version to v2.3.0
2022-12-12 17:45:35 +01:00
renovate[bot]
5eae12778a
Update Constellation containers ( #777 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-09 18:45:09 +01:00
renovate[bot]
012f739c67
Update Constellation containers ( #759 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 16:32:58 +01:00
renovate[bot]
72ba97efcc
Update K8s constrained versions ( #762 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:17:55 +01:00
renovate[bot]
3435ac216f
Update Constellation containers ( #748 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-08 11:38:05 +01:00
renovate[bot]
bb9122f115
Update Constellation containers to v2.3.0-pre.0.20221207104854-286803fb97a0 ( #747 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-07 15:12:04 +01:00
renovate[bot]
be01cf7129
Update Constellation containers to v2.3.0-pre.0.20221206170532-a9ed8c0191ac ( #733 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 10:44:45 +01:00
Paul Meyer
cb734a2e66
debugd: pin logcollector container digest
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:05:32 +01:00
renovate[bot]
1766f0e4b3
Update Constellation containers to v2.3.0-pre.0.20221205155634-0981ab6fa45b ( #725 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 13:29:54 +01:00
renovate[bot]
0981ab6fa4
Update Constellation containers to v2.3.0-pre.0.20221205121645-176dae317f6c ( #719 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:56:34 +01:00
Paul Meyer
176dae317f
debugd: fix logcollector container image naming
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 13:16:45 +01:00
Paul Meyer
226a6b6626
debugd: let renovate manage logcollector images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:54:24 +01:00
renovate[bot]
3c62b841ed
Update Constellation containers ( #705 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:48:03 +01:00
Leonard Cohnen
0c71cc77f6
joinservice: use configmap for k8s components
2022-12-02 14:34:38 +01:00
renovate[bot]
de77f1d9be
Update ghcr.io/edgelesssys/constellation/qemu-metadata-api Docker tag to v2.3.0-pre.0.20221201105133-8004edcc144d ( #700 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 18:49:02 +01:00
Malte Poll
e67f65709f
Prepare release checklist for v2.3 ( #690 )
2022-12-01 10:46:04 +01:00
renovate[bot]
da114519ca
Update Constellation containers ( #693 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 08:07:09 +01:00
Leonard Cohnen
7e57944cc0
versions: bump qemu metadata image
2022-11-30 18:58:22 +01:00
renovate[bot]
016f7a67c2
Update Constellation containers to v2.3.0-pre.0.20221130104839-9537fb73c015 ( #684 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:53:58 +01:00
Paul Meyer
b93b24e058
debugd: add logcollector
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
renovate[bot]
8fbc4b9b19
Update ghcr.io/edgelesssys/constellation/node-operator Docker tag to v2.3.0-pre.0.20221129130129-a32f9ae75290 ( #671 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:34:57 +01:00
renovate[bot]
e2673cac29
Update Constellation containers ( #663 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 13:46:13 +01:00
Leonard Cohnen
c978329839
helm: fix expected helm charts
2022-11-27 16:43:50 +01:00
renovate[bot]
a3661d6c07
Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7 ( #652 )
...
* Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7
* Update node operator and add hashes back for every container image
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-25 15:17:58 +01:00
renovate[bot]
0b85709dd2
Update Constellation containers to v2.3.0-pre.0.20221124095758-f8001efbc0d0
2022-11-24 13:52:44 +01:00
renovate[bot]
8ce954e012
Update Constellation containers to v2.3.0-pre.0.20221123084142-3dc9c6086469 ( #636 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-24 09:22:49 +01:00
Leonard Cohnen
1e98b686b6
kubernetes: verify Kubernetes components
2022-11-23 10:48:03 +01:00
renovate[bot]
bc346805aa
Update Constellation containers to v2.3.0-pre.0.20221121163101-1362e40f53ad ( #615 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 12:39:50 +01:00
renovate[bot]
a5aa820d8c
Update Constellation containers ( #602 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-21 11:23:06 +01:00
Otto Bittner
bdd9dd922b
AB#2589: Deploy operators via Helm ( #575 )
...
* Only deploy operators on GCP/Azure.
* cert-manager is now deployed by default (GCP/Azure)
* remove OLM
2022-11-21 10:35:40 +01:00
Fabian Kammel
56dccb77b4
Merge back changes from v2.2.2 release ( #580 )
...
* prepare v2.2.2 release and update release.md
* Updated QEMU measurements
* Terraform GCP: Always use the local account for resource creation (#571 )
* CoreOS is no longer used, change docs to OS.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-18 10:24:45 +01:00
Fabian Kammel
ca4764c466
Merge v2.2.1 changes back to main ( #563 )
...
* Bump version to v2.2.0
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Fix release detection in pipeline
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Update CHANGELOG for 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* bump constellation versions to 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-11-16 11:13:10 +01:00
Leonard Cohnen
c51694a51a
kubernetes: add hashes to components
2022-11-15 11:07:46 +01:00
renovate[bot]
df0c6159db
Update K8s constrained versions
2022-11-14 09:33:42 +01:00
Fabian Kammel
b92b3772ca
Remove access manager ( #470 )
...
* remove access manager from code base
* document new node ssh workflow
* keep config backwards compatible
* slow down link checking to prevent http 429
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-11 08:44:36 +01:00
renovate[bot]
c6f4b2e1a0
Update Constellation containers to v2.3.0-pre.0.20221109145754-0d12e37c9699 ( #497 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 18:17:31 +01:00
Fabian Kammel
0d12e37c96
Document exported funcs,types,interfaces and enable check. ( #475 )
...
* Include EXC0014 and fix issues.
* Include EXC0012 and fix issues.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-11-09 15:57:54 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ( #479 )
...
* Bump version to v2.2.0
* Update changelog
* Fix release detection in pipeline
* Fix PKI selection in pipeline
* Set enforced measurements for AWS
* Update default images
* Fix release docs
* Update mini-con defaults
* Fix measurements action
* Fix syft env variable naming
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
renovate[bot]
9ecc92e35f
Update dependency kubernetes-sigs/cri-tools to v1.25.0 ( #458 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-04 17:38:52 +01:00
3u13r
4f4cd4cc67
bump verify image 20221104 ( #459 )
2022-11-04 13:56:19 +01:00
Leonard Cohnen
6fce8f77d3
join-service: bump image for AWS support
2022-11-03 16:44:54 +01:00
renovate[bot]
302303f2ea
Update K8s constrained versions ( #428 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-02 13:28:41 +01:00
Leonard Cohnen
8f8236a491
bump verification service
2022-10-31 17:00:14 +01:00
renovate[bot]
116736a7b9
Update Constellation containers ( #402 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-31 11:00:36 +01:00
renovate[bot]
fd74ef754e
Update K8s version constrained containers (missing v1 prefix) ( #399 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-31 10:34:12 +01:00
Malte Poll
caadd50056
Use renovate to update versions.go ( #388 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 15:01:58 +02:00
Malte Poll
447f0bbf39
Add AWS CCM versions
2022-10-26 15:07:34 +02:00
Malte Poll
c1e3231848
Preinstall kubelet systemd unit in OS images ( #365 )
2022-10-25 16:36:03 +02:00
Daniel Weiße
6fe750f21b
Update operator image
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-25 08:41:42 +02:00
Daniel Weiße
b35b74b772
Use tags for UID and role parsing ( #242 )
...
* Apply tags to all applicable GCP resources
* Move GCP UID and role from VM metadata to labels
* Adjust Azure tags to be in line with GCP and AWS
* Dont rely on resource name to find resources
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-24 16:58:21 +02:00
Malte Poll
8ef1400810
Upgrade libvirt container image ( #348 )
2022-10-24 10:32:37 +02:00
Malte Poll
c16f5a976d
AB#2365 Upgrade k8s base deployments (add full support for k8s 1.25) ( #277 )
...
* Add container image release for CCM GCP v25.2.0
* Upgrade versions of kubernetes base components
2022-10-17 08:58:13 +02:00