Commit Graph

4060 Commits

Author SHA1 Message Date
Daniel Weiße
8219005587
terraform: only set confidential_instance_type if cc_technology is SEV_SNP (#3085)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-14 16:02:30 +02:00
Markus Rudy
8e3cf5a270
s3proxy: commit image version on release, too (#3093) 2024-05-14 15:45:06 +02:00
Malte Poll
93fcb51e67 ci: explicitly set bazel test timeout to four hours for e2e tests
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-05-14 13:34:50 +02:00
Thomas Tendyck
547d435aca deps: remove replacement of go-tpm with fork 2024-05-14 10:25:08 +02:00
Markus Rudy
43e6b85026
ci: only assign reviewer to bot PRs (#3091) 2024-05-14 10:02:00 +02:00
Markus Rudy
c0a39eab89
deps: bump stackit terraform provider to 0.17.0 (#3089) 2024-05-14 09:46:40 +02:00
renovate[bot]
93daf811d7
deps: update Go dependencies (#3087)
* deps: update Go dependencies

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-05-14 08:15:57 +02:00
Daniel Weiße
4f1768e660
cloud: hide kubernetes iptables usage behind linux build tag (#3088)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-13 13:22:22 +02:00
renovate[bot]
d76c9ac82d
deps: update GitHub action dependencies (#3086)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-13 10:42:07 +02:00
renovate[bot]
dda426a51e
deps: update ubuntu:22.04 Docker digest to a6d2b38 (#3084)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-13 10:18:56 +02:00
renovate[bot]
10a2bca9f9 deps: update fedora:38 Docker digest to b9ff6f2 2024-05-13 09:37:54 +02:00
Malte Poll
39805a41ba deps: update Bazel 2024-05-13 08:47:15 +02:00
Malte Poll
57ad6f6bc5 deps: update flakes 2024-05-13 08:47:15 +02:00
Malte Poll
cfaba0b1c3 misc: update golangci-lint related changes 2024-05-13 08:47:15 +02:00
Malte Poll
dfeeb788ec deps: update distroless base 2024-05-13 08:47:15 +02:00
Malte Poll
fcf233492e deps: update skylib 2024-05-13 08:47:15 +02:00
Malte Poll
58238f5a0a deps: update rules_nixpkgs 2024-05-13 08:47:15 +02:00
Malte Poll
ccdc87ad74 deps: update bazel_tools 2024-05-13 08:47:15 +02:00
Malte Poll
f67292d0de deps: update hermetic_cc 2024-05-13 08:47:15 +02:00
Malte Poll
5b6f8d838e deps: update rules_go / gazelle 2024-05-13 08:47:15 +02:00
Malte Poll
c540feb209 deps: update CI deps 2024-05-13 08:47:15 +02:00
Malte Poll
e79c74cd97 deps: update buildifier 2024-05-13 08:47:15 +02:00
Malte Poll
9116d2b82a deps: update aspect/bazel-lib 2024-05-13 08:47:15 +02:00
edgelessci
d0bb738607
image: update measurements and image version (#3074)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-13 08:39:52 +02:00
edgelessci
19cf9b7f40
image: update locked rpms (#3080)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-05-12 17:16:47 +02:00
Malte Poll
4fec2dba99 deps: update LTS kernel 6.7.6 -> 6.8.9 2024-05-10 18:27:40 +02:00
Malte Poll
1e8f08e350 deps: update LTS kernel 6.1.79 -> 6.1.90 2024-05-10 18:27:40 +02:00
Malte Poll
03475b60b3
ci: disable BuildBuddy (#3077) 2024-05-10 11:14:45 +02:00
Malte Poll
97e5c437b4
deps: update bazel buildtools (#3075) 2024-05-10 11:10:14 +02:00
renovate[bot]
1ead19e69a
deps: update ghcr.io/edgelesssys/cloud-provider-gcp Docker tag to v29.0.1 (#3073)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-10 09:57:07 +02:00
Markus Rudy
174c3ab48a
terraform: add missing policies for AWS ALB (#3063)
* terraform: add missing policies for AWS ALB
2024-05-10 08:51:32 +02:00
renovate[bot]
fffc9db2b5
deps: update Kubernetes versions (#3072)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-05-09 13:38:01 +02:00
3u13r
0325483504
helm: disable cilium ipmasq agent when in conformance mode (#3062) 2024-05-08 18:51:12 +02:00
Daniel Weiße
9def35ed06
deps: update all Go dependencies (#3071)
* Upgrade Go dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Group Go dependency upgrades

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Remove usage of deprecated docker types

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Fix usage of invalid validation tags

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Regenerate bazel files

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Keep github.com/bazelbuild/buildtools at old version to not break other dependencies

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-08 17:31:47 +02:00
Malte Poll
1c0c7d6227
ci: disable e2e-attestationconfigapi on PRs (#2937)
This workflow touches shared state by deleting all objects of a bucket and then
uploading a signed blob of data to that S3 bucket under a fixed name.
It also does so multiple times in a row, while invalidating the cloudfront
cache and checking if the uploaded object exists.
All runs of this workflow share the same bucket.
Since this pipeline runs on any modification of go.mod, it is very prone
to race condition between PRs (or PRs and main).
2024-05-08 14:59:03 +02:00
renovate[bot]
adf03ad76c
deps: update GitHub action dependencies (#3070)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-08 14:33:35 +02:00
Daniel Weiße
86c45d1d5f
deps: update to Go 1.22.3 (#3069)
* Update renovate syntax
* Update to Go 1.22.3

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-08 11:34:31 +02:00
Daniel Weiße
a15cf54477
ci: use 7zip for creating archives (#3068)
* Use 7zip for creating and processing encrypted archives
* Switch to .7z file extension
* Fix shell check issues
* Fix tfstate update logic

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-08 10:34:10 +02:00
Daniel Weiße
edc0c7068e
ci: fix delete artifact conditional (#3067)
* Fix state exists check
* Dont fail if folder to remove does not exist

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-07 08:48:38 +02:00
Thomas Tendyck
012937740f
Update action.yml 2024-05-07 01:52:35 +02:00
3u13r
ecebd607c5
terraform: Allow nodes to join the cluster when using a jump host by removing the constellation-uid tag (#3064)
* terraform: remove constellation-uid tag from jump-host
2024-05-06 12:25:52 +02:00
edgelessci
3241e5a126
image: update locked rpms (#3065)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-05-05 17:25:51 +02:00
miampf
bd26cb592d
ci: correctly clean up failed windows e2e tests (#3059) 2024-05-03 10:54:08 +00:00
Daniel Weiße
f6999084c9
terraform: set empty default value for additional_tags (#3052)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-03 10:27:46 +02:00
Daniel Weiße
47fbbd42a9
Fix tool not generating measurements for gcp-sev-snp (#3061)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-03 09:52:57 +02:00
edgelessci
96b71b0205
image: update measurements and image version (#3060)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-03 09:28:57 +02:00
Daniel Weiße
35bd805bec
ci: enable gcp-sev-snp for daily tests (#3058)
* Run gcp-sev-snp debug e2e test in daily
* Fix verify e2e test not creating json file for gcp-sev-snp

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-03 08:18:21 +02:00
Daniel Weiße
259e85d9c1
ci: reduce noise from warnings (#3055)
* Fix whitespace errors
* Remove usage of external action to URI encode component
* Upgrade Azure login action to v2.1
* Remove GitHub actions warning when running e2e test with NOP payload
* Only try to upload updated tf state if it exists
* Upgrade out of date aws credential actions

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-03 08:17:40 +02:00
edgelessci
3d2a023ccf
image: update measurements and image version (#3057)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-02 08:20:51 +02:00
Felix Schuster
7d46d0f7d6
Small changes in docs/README (#3050)
* Change concept image

* Add sentence to "first steps"
2024-04-30 16:01:56 +02:00