Malte Poll
2808012c9c
terraform: gcp node groups ( #1941 )
...
* terraform: GCP node groups
* cli: marshal GCP node groups to terraform variables
This does not have any side effects for users.
We still strictly create one control-plane and one worker group.
This is a preparation for enabling customizable node groups in the future.
2023-06-19 13:02:01 +02:00
Daniel Weiße
ab74730fd7
Update go-tpm-tools fork ( #1910 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-06-12 15:59:40 +02:00
renovate[bot]
7c345f4503
deps: update github.com/gophercloud/utils digest to de873b9 ( #1843 )
...
* deps: update github.com/gophercloud/utils digest to de873b9
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-09 10:02:59 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion ( #1881 )
...
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
2023-06-06 15:22:06 +02:00
Adrian Stobbe
b51cc52945
config: sign Azure versions on upload & verify on fetch ( #1836 )
...
* add SignContent() + integrate into configAPI
* use static client for upload versions tool; fix staticupload calleeReference bug
* use version to get proper cosign pub key.
* mock fetcher in CLI tests
* only provide config.New constructor with fetcher
Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-06-01 13:55:46 +02:00
renovate[bot]
885febf109
deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY] ( #1842 )
...
* deps: update module github.com/sigstore/rekor to v1.2.0 [SECURITY]
* chore: tidy
* deps: update pseudo version tool hashes
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-31 23:30:27 +02:00
3u13r
fbcbb9a766
deps: align k8s deps ( #1841 )
2023-05-31 17:10:03 +02:00
Malte Poll
60b125cb59
cli: add windows amd64 build target ( #1835 )
2023-05-30 12:02:43 +02:00
renovate[bot]
2afddcb0f8
deps: update K8s dependencies ( #1599 )
...
* deps: update K8s dependencies
* deps: bump controller runtime
* chore: tidy
* bump helm and migrate controller runtime
* fix helm deprecation
---------
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-24 18:57:45 +02:00
renovate[bot]
be8d993cb7
deps: update module github.com/sigstore/sigstore to v1.6.4 ( #1814 )
...
* deps: update module github.com/sigstore/sigstore to v1.6.4
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-23 16:25:26 +02:00
renovate[bot]
13f1eb23d7
deps: update module github.com/stretchr/testify to v1.8.3 ( #1815 )
...
* deps: update module github.com/stretchr/testify to v1.8.3
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 17:35:28 +02:00
renovate[bot]
6ba461015d
deps: update module github.com/hashicorp/hc-install to v0.5.2 ( #1812 )
...
* deps: update module github.com/hashicorp/hc-install to v0.5.2
* deps: tidy all modules
* chore: tidy + update
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-22 16:32:00 +02:00
renovate[bot]
2a721bfa33
deps: update module github.com/mattn/go-isatty to v0.0.19 ( #1813 )
...
* deps: update module github.com/mattn/go-isatty to v0.0.19
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 16:31:52 +02:00
renovate[bot]
971e814551
deps: update module github.com/google/go-tpm-tools to v0.3.12 ( #1811 )
...
* deps: update module github.com/google/go-tpm-tools to v0.3.12
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-22 15:40:42 +02:00
renovate[bot]
624af80f7f
deps: update module cloud.google.com/go/compute to v1.19.3 ( #1810 )
...
* deps: update module cloud.google.com/go/compute to v1.19.3
* chore: tidy
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-22 15:29:48 +02:00
renovate[bot]
4ee4423389
deps: update github.com/gophercloud/utils digest to 6eab72e ( #1791 )
...
* deps: update github.com/gophercloud/utils digest to 6eab72e
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-19 15:34:20 +02:00
renovate[bot]
12ccfea543
deps: update module golang.org/x/tools to v0.9.1 ( #1801 )
...
* deps: update module golang.org/x/tools to v0.9.1
* chore: tidy
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-19 13:18:54 +02:00
renovate[bot]
4c8568963b
deps: update module golang.org/x/crypto to v0.9.0 ( #1799 )
...
* deps: update module golang.org/x/crypto to v0.9.0
* chore: tidy
* deps: bump pseudo version tool
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-19 12:00:25 +02:00
Daniel Weiße
dd2da25ebe
attestation: tdx issuer/validator ( #1265 )
...
* Add TDX validator
* Add TDX issuer
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-17 11:37:26 +02:00
renovate[bot]
53758e65ad
deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4 ( #1764 )
...
* deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.4
* deps: tidy all modules
* update pseudo version tool
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-16 22:19:16 +02:00
renovate[bot]
230ea79bcc
deps: update Google SDK ( #1748 )
...
* deps: update Google SDK
* deps: fix grpc_testing import
* deps: update pseudo version tool hashes
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-16 18:13:17 +02:00
renovate[bot]
cd28b3a39f
deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY] ( #1762 )
...
* deps: update module github.com/docker/docker to v23.0.3+incompatible [SECURITY]
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-05-12 18:07:20 +02:00
renovate[bot]
fe115bdb16
deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY] ( #1729 )
...
* deps: update module github.com/sigstore/rekor to v1.1.1 [SECURITY]
* deps: bump oras
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-05-11 17:23:17 +02:00
renovate[bot]
0db7f68093
deps: update Azure SDK ( #1747 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-05 15:12:25 +02:00
Malte Poll
ee91d8b1cc
image: implement idempotent upload of os images
2023-05-05 12:06:44 +02:00
renovate[bot]
1ae39703d1
deps: update module golang.org/x/tools to v0.8.0 ( #1642 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 17:31:48 +02:00
renovate[bot]
326460c037
deps: update module golang.org/x/mod to v0.10.0 ( #1640 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:48:50 +02:00
renovate[bot]
44dc127036
deps: update module github.com/spf13/cobra to v1.7.0 ( #1638 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 16:46:16 +02:00
renovate[bot]
ee7ca3428a
deps: update module golang.org/x/crypto to v0.8.0 ( #1639 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 15:41:01 +02:00
renovate[bot]
aa3b49aced
deps: update module github.com/hashicorp/terraform-exec to v0.18.1 ( #1615 )
...
* deps: update module github.com/hashicorp/terraform-exec to v0.18.1
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-06 10:45:25 +02:00
renovate[bot]
509b3d5d58
deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY] ( #1614 )
...
* deps: update module github.com/docker/docker to v20.10.24+incompatible [SECURITY]
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-04-05 12:14:19 +02:00
renovate[bot]
13365d7272
deps: update module github.com/mattn/go-isatty to v0.0.18 ( #1601 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 21:15:59 +02:00
renovate[bot]
7a8c4727f5
deps: update AWS SDK ( #1594 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-03 18:36:53 +02:00
renovate[bot]
d3587a34d7
deps: update github.com/gophercloud/utils digest to 5bd5e1d ( #1586 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:42:01 +02:00
renovate[bot]
d260007672
deps: update module github.com/docker/docker to v20.10.23+incompatible ( #1589 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 17:01:48 +02:00
renovate[bot]
661cf922ec
deps: update module helm.sh/helm/v3 to v3.11.2 ( #1590 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 16:40:49 +02:00
Otto Bittner
c8c2953d7b
cli: add status cmd
...
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
renovate[bot]
b12858660e
deps: update github.com/gophercloud/utils digest to 05e9e7f ( #1549 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:42:34 +02:00
renovate[bot]
52e85862b0
deps: update AWS SDK ( #1508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:40:06 +01:00
renovate[bot]
dc52038dbc
deps: update Azure SDK ( #1498 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 09:50:09 +01:00
renovate[bot]
3f35a6c904
deps: update K8s dependencies ( #1496 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:53:06 +01:00
renovate[bot]
be94710f5b
deps: update Google SDK ( #1500 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:16:52 +01:00
renovate[bot]
7d899d7aa5
deps: update module github.com/schollz/progressbar/v3 to v3.13.1 ( #1497 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:11:50 +01:00
renovate[bot]
e95d79f97e
deps: update github.com/gophercloud/utils digest to e15d7ee ( #1486 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 10:33:43 +01:00
Daniel Weiße
5a0234b3f2
attestation: add option for MAA fallback to verify azure's snp-sev id key digest ( #1257 )
...
* Convert enforceIDKeyDigest setting to enum
* Use MAA fallback in Azure SNP attestation
* Only create MAA provider if MAA fallback is enabled
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-21 12:46:49 +01:00
Moritz Sanft
f2ce9518a3
cli: support custom attestation policies for maa ( #1375 )
...
* create and update maa attestation policy
* use interface to allow unit testing
* fix test csp
* http request for policy patch
* go mod tidy
* remove hyphen
* go mod tidy
* wip: adapt to feedback
* linting fixes
* remove csp from tf call
* fix type assertion
* Add MAA URL to instance tags (#1409 )
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* conditionally create maa provider
* only set instance tag when maa is created
* fix azure unit test
* bazel tidy
* remove AzureCVM const
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* encode policy at runtime
* remove policy arg
* fix unit test
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-20 13:33:04 +01:00
renovate[bot]
a6021be714
deps: update K8s dependencies ( #1401 )
...
* deps: update K8s dependencies
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-03-17 15:55:44 +01:00
renovate[bot]
cb2d2b0b89
deps: update module github.com/spf13/afero to v1.9.5 ( #1396 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 18:40:17 +01:00
Paul Meyer
acbd70c741
openstack: implement api client and metadata list
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 09:04:57 -05:00
Daniel Weiße
5eb73706f5
internal: refactor storage credentials ( #1071 )
...
* Move storage clients to separate packages
* Allow setting of client credentials for AWS S3
* Use managed identity client secret or default credentials for Azure Blob Storage
* Use credentials file to authorize GCS client
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-02 15:08:31 +01:00