renovate[bot]
f3e14f2b42
deps: update ubuntu:22.04 Docker digest to ca5534a ( #1744 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-05 14:38:11 +02:00
Paul Meyer
30cd024076
deps: add Kubernetes v1.27, remove Kubernetes v1.24 ( #1669 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-05 13:22:53 +02:00
Malte Poll
653bf3621d
image: replicate AWS images to eu-west-1 and eu-west-3
2023-05-05 12:06:44 +02:00
Daniel Weiße
c3b13178aa
docs: add short explanation on attestation config options ( #1654 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-04 15:00:06 +02:00
Daniel Weiße
d7a2ddd939
config: add separate option for handling attestation parameters ( #1623 )
...
* Add attestation options to config
* Add join-config migration path for clusters with old measurement format
* Always create MAA provider for Azure SNP clusters
* Remove confidential VM option from provider in favor of attestation options
* cli: add config migrate command to handle config migration (#1678 )
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-03 11:11:53 +02:00
Moritz Sanft
478b6ddb72
add terraform debug docs ( #1627 )
2023-04-21 08:43:27 +02:00
Moritz Sanft
3031d395a9
cli: force-delete Azure resource group ( #1667 )
...
* force-delete Azure resource group
* were not -> weren't
* fix typo
2023-04-19 08:30:11 +02:00
3u13r
14d26e1af4
terraform: use nat gateway on azure ( #1655 )
...
* terraform: use nat gateway on azure
* docs: add new azure permission
2023-04-17 11:00:35 +02:00
Moritz Sanft
1d0ee796e8
cli: add Terraform log support ( #1620 )
...
* add Terraform logging
* add TF logging to CLI
* fix path
* only create file if logging is enabled
* update bazel files
* register persistent flags manually
* clidocgen
* move logging code to separate file
* reword yes flag parsing error
* update bazel buildfile
* factor out log level setting
2023-04-14 14:15:07 +02:00
Moritz Eckert
af9e03f66b
docs: update versioned benchmarks
2023-04-11 14:28:21 +02:00
Moritz Eckert
0b66119a41
docs: group perf graphics by csp
2023-04-11 14:28:21 +02:00
Moritz Eckert
db32251daa
docs: update benchmarks with v2.6.0
...
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-04-11 14:28:21 +02:00
Moritz Eckert
a1f5e0e53d
ci: Add tooling to create benchmark figures
2023-04-11 14:28:21 +02:00
edgelessci
06bbdda9dc
docs: add release v2.7.0 ( #1592 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-05 10:33:16 +02:00
Moritz Sanft
e71c33c88d
cli: print attestation document with constellation verify ( #1577 )
...
* wip: verification output
* wip: Azure cert parsing
* wip: print actual PCRs
* wip: use string builder for output formatting
* compare PCR expected with actual
* tests
* change naming
* update cli reference
* update bazel buildfile
* bazel update
* change loop signature
2023-04-03 15:06:27 +02:00
Paul Meyer
176d32599f
terraform: add missing permission to AWS iam
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 07:23:00 -04:00
Paul Meyer
63b07ede8a
terraform: sort permissions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 07:23:00 -04:00
Otto Bittner
c8c2953d7b
cli: add status cmd
...
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
Paul Meyer
b8d6b110b1
cli: add missing -y short flag to iam create ( #1572 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-31 17:26:14 +02:00
Moritz Sanft
1f7acf8dfb
docs: list minimal permissions for Constellation setup ( #1442 )
...
* add required Azure perms
* add minimal aws permissions
* add minimal gcp permissions
* [wip] split Azure perms by iam create/create step
* Update docs/docs/getting-started/install.md
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* Update docs/docs/getting-started/install.md
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* minimal gcp permissions for iam create/create step
* escape footnote bracket
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* active voice
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* link to config step
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* add predefined roles for Azure
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* add AWS and GCP predefined min roles
* add Azure attestationprovider perm
* footnote for attestation mode
* Update docs/docs/getting-started/install.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* accept superset
* fix negation
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* update footnote
---------
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-30 10:16:57 +02:00
Thomas Tendyck
6fabb2a84b
docs: rearrange troubleshooting
2023-03-29 10:57:17 +02:00
Otto Bittner
861bc84f94
cli: only apply upgrades on gcp/azure ( #1518 )
...
The constellation-operator currently doesn't support the
necessary operations for AWS, OpenStack and QEMU.
2023-03-24 17:07:14 +01:00
derpsteb
870182987c
docs: update cli reference
2023-03-24 08:47:53 +01:00
Otto Bittner
55067b12cd
docs: explain how to change cluster measurements
...
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-23 18:08:18 +01:00
Malte Poll
44db16b42e
cli: give Azure uami all perms previously given to app registration ( #1334 )
...
This is the first step for deprecating app registrations on Azure.
The user-assigned managed identity (uami) should first gain all permissions that are currently held by the app registration.
* cli: give Azure uami all permissions previously given to app registratio
* docs: document required owner role for user-assigned managed identity on Azure
2023-03-21 10:00:13 +01:00
renovate[bot]
79395ddd20
deps: update ubuntu:22.04 Docker digest to 7a57c69 ( #1452 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-17 18:31:20 +01:00
Moritz Eckert
16f2f9bb64
docs: simplify readme svg ( #1418 )
2023-03-15 12:11:54 +01:00
Paul Meyer
d16f01d810
docs: pin base image of screencast container
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 13:08:19 -04:00
Thomas Tendyck
1a4c1f34bc
docs: refer to known issues ( #1414 )
...
* docs: refer to known issues
* publish
2023-03-14 08:27:06 +01:00
Thomas Tendyck
d8895446de
docs: remove pcr warning from asciinema casts
2023-03-13 08:26:56 +01:00
Fabian Kammel
566924caf8
docs: embedd asciinema casts ( #1154 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: 3u13r <lc@edgeless.systems>
2023-03-11 00:13:32 +01:00
derpsteb
02694c0648
docs: add release v2.6.0
2023-03-09 13:14:28 +01:00
edgelessci
ff7ac40590
docs: update cli reference ( #1378 )
...
Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>
2023-03-08 15:53:25 +01:00
Thomas Tendyck
c94d1db76d
attestation: remove PCR 0 and 10 on GCP
2023-03-06 13:09:57 +01:00
Thomas Tendyck
3471d73c6c
docs: publish
2023-03-06 10:43:49 +01:00
Thomas Tendyck
c7f0cf1e79
docs: few fixes and rewording
2023-03-06 10:43:49 +01:00
Thomas Tendyck
420fecb986
docs: publish minor fixes ( #1220 )
2023-03-03 16:45:00 +01:00
Otto Bittner
67a58bcc56
docs: rename components to microservices
...
Since we now have a config value called microserviceVersion
it hopefully makes it easier for users to understand what
this value controls if we also use the term microservice
in the docs.
2023-03-03 15:40:57 +01:00
Otto Bittner
273225968f
docs: rewrite upgrade docs for new commands
...
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-03 15:40:57 +01:00
Nirusu
9867faaf7e
docs: update cli reference
2023-03-03 09:12:34 +01:00
Nils Hanke
f67594a5ea
docs: adjust wording for resource provider troubleshooting
2023-03-01 16:10:06 +01:00
Nils Hanke
b327287577
docs: mention resource provider registration for Azure ( #1308 )
...
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-01 14:35:46 +01:00
Paul Meyer
483c0b47fe
docs: update cli reference ( #1293 )
...
Co-authored-by: derpsteb <derpsteb@users.noreply.github.com>
2023-02-28 18:40:10 +01:00
Moritz Sanft
a2096c2e33
docs: add docs on general Terraform usage ( #1263 )
...
* add docs on general tf usage
* reminder to not delete terraform dir
* fix spelling check
* add to sidebar
* reference terraform page
* embed link into natural language
* mention iam folder
* separate hack tools from official tf docs
* assume familiarity with tf
2023-02-28 10:36:20 +01:00
Paul Meyer
ca1a594f04
docs: update cli reference ( #1292 )
2023-02-28 09:31:44 +01:00
github-actions[bot]
95a6bd8030
docs: update cli reference ( #1254 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-27 15:36:45 +01:00
miampf
5137e9fa57
cli: iam destroy ( #946 )
2023-02-24 11:36:41 +01:00
Nils Hanke
3c24fa37e8
docs: specify requirement of 4 vCPUs more clearly
2023-02-22 15:25:51 +01:00
Nils Hanke
573de3191e
docs: add support for GCP C2D VMs
2023-02-22 15:25:51 +01:00
Otto Bittner
d78d22f95a
cli: add config kubernetes-versions
subcommand ( #1224 )
...
Allows users to learn which k8s versions are supported by the
current CLI.
Extend respective docs section.
2023-02-22 09:52:47 +01:00