Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,270 Commits 133 Branches 44 Tags 106 MiB
825dab0e0b
Commit Graph

881 Commits

Author SHA1 Message Date
Paul Meyer
7968d165c6 ci: use strict semver for gcp guest agent image 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-07-04 13:23:33 +02:00
Daniel Weiße
90dbeae16b
cli: fix duplicate backup creation during upgrade apply (#1997) 
* Use CLI to fetch measurements in e2e test

* Abort helm service upgrade early if user confirmation is missing

* Add container push to CLI build action

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-07-03 15:13:36 +02:00
renovate[bot]
576b48c8b7
deps: update GitHub action dependencies (#1848) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-07-03 08:19:10 +02:00
Adrian Stobbe
00ee11084e
add e2e mini to weekly (#1982) 2023-06-30 10:05:24 +02:00
Daniel Weiße
a241a84770
ci: use generate-config flag for old CLI versions (#1984) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-29 15:46:36 +02:00
Malte Poll
6dd8a571ec
ci: fix expected value for PCR7 on AWS (#1979) 
This has changed when upgrading to Fedora 38.
It didn't surface as a bug since the PCR is marked as warnOnly.
 2023-06-28 15:33:14 +02:00
miampf
77b28cb5e7
cli: change generate-config flag to update-config flag (#1897) 2023-06-28 12:47:44 +00:00
Malte Poll
78fb0066e4
ci: add automated tests for reproducible builds (#1914) 
* ci: reproducible builds test
* deps: upgrade actionlint to support macos-13 runners
 2023-06-23 12:12:32 +02:00
Otto Bittner
114103c46b
ci: download bootlogs in correct aws region (#1956) 2023-06-22 17:56:05 +02:00
Moritz Sanft
94b21e11ad
ci: Windows cli tests (#1859) 
* wip: add windows e2e test

* wip: register windows e2e tests

* remove registration

* wip: change CLI artifact name

* basic windows test

* checkout repo

* use correct iam create command

* remove trademarked name

* enable debug logs

* add pwsh liveliness check script

* delimiters

* set kubeconfig env var

* test

* use setx to set env var

* set envvar before liveness probe

* explicitly set kubeconfig
 2023-06-21 12:05:04 +02:00
Daniel Weiße
eb1e1502c1
ci: run cdbg with debug verbosity (#1953) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-21 10:26:22 +02:00
Moritz Sanft
f3c2198a9a
ci: improve pr template (#1946) 
* improve PR template

* Update .github/pull_request_template.md

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
 2023-06-21 08:59:29 +02:00
renovate[bot]
d2c4cd1785
deps: update aws-actions/configure-aws-credentials action to v2 (#1950) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-20 18:59:07 +02:00
renovate[bot]
3f714f538b
deps: update peter-evans/create-pull-request action to v5 (#1949) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-20 16:37:01 +02:00
renovate[bot]
684b61ac2b
deps: update docker/build-push-action action to v4 (#1948) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-20 13:39:32 +02:00
renovate[bot]
5bf59808e1
deps: update cachix/install-nix-action action to v22 (#1947) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-20 13:08:52 +02:00
renovate[bot]
de2c21b555
deps: update Python dependencies (#1888) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-20 11:04:48 +02:00
Adrian Stobbe
7dcd8c3dab
dev-docs: refactor and add information for newbies (#1912) 
* refactor dev-docs structure and add information

* improve doc

* Update dev-docs/workflows/create-debug-cluster.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update dev-docs/workflows/create-debug-cluster.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* pr feedback daniel

* Update dev-docs/README.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* move to howto again

* split up dev-setup and pull-request into sep files

* fix backticks

* add writing style convention + testing repo

* remove OSS cluster + reduce plugins vs code

* update bazel pre-pr doc

* ghcr img private hint

* add fetch measurement + provider sub-directory hint

* add label doc + pr title check in template

* add OSS build comment

* Update CONTRIBUTING.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update CONTRIBUTING.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update dev-docs/README.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update dev-docs/workflows/dev-setup.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas feedback

* add go proverb mention

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-06-19 17:39:43 +02:00
Paul Meyer
103a757557
deps: upgrade sonobuoy to v0.56.17 (#1937) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-06-15 16:54:38 +02:00
Malte Poll
264b2df902
deps: upgrade to Fedora 38 (#1909) 
* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
 2023-06-15 16:50:35 +02:00
Adrian Stobbe
159d28a2c7
doc: add context to PR template (#1932) 
* add context to PR template

* Update pull_request_template.md
 2023-06-15 09:13:47 +02:00
Otto Bittner
c33ab624c1
ci: upgrade fromVersion in e2e-upgrade (#1931) 
We released 2.8 so we need to test that it can upgrade to HEAD.
 2023-06-15 07:49:30 +02:00
Adrian Stobbe
07de6482b2
config: drop support for deprecated Azure's service principal authentication (#1906) 
* invalidate app client id field for azure and provide info

* remove TestNewWithDefaultOptions case

* fix test

* remove appClientID field

* remove client secret + rename err

* remove from docs

* otto feedback

* update docs

* delete env test in cfg since no envs set anymore

* Update dev-docs/workflows/github-actions.md

Co-authored-by: Otto Bittner <cobittner@posteo.net>

* WARNING to stderr

* fix check

---------

Co-authored-by: Otto Bittner <cobittner@posteo.net>
 2023-06-14 17:50:57 +02:00
Otto Bittner
7a1c70d7e5
ci: replace katexochen with elchead in assignee list (#1928) 
katexochen is currently working on CoCo and not
involved in active development.
 2023-06-14 11:44:45 +02:00
Malte Poll
ee77e3922a
ci: explicitly add CLI signature as release artifact (#1917) 2023-06-14 09:56:11 +02:00
3u13r
b71b5103ae
ci: migrate e2e lb test to bazel (#1892) 
* ci: migrate lb e2e test to bazel
* ci: disable shared bazel cache on github runners
 2023-06-09 16:59:19 +02:00
Otto Bittner
8f21972aec
attestation: add awsSEVSNP as new variant (#1900) 
* variant: move into internal/attestation
* attesation: move aws attesation into subfolder nitrotpm
* config: add aws-sev-snp variant
* cli: add tf option to enable AWS SNP

For now the implementations in aws/nitrotpm and aws/snp
are identical. They both contain the aws/nitrotpm impl.
A separate commit will add the actual attestation logic.
 2023-06-09 15:41:02 +02:00
Moritz Sanft
72e168e653
bazel: pseudo version tool freshness check (#1869) 
* switch to darwin compatible shasum

* add bazel rule

* update shellscript for in-place updates

* Revert "update shellscript for in-place updates"

This reverts commit 87d39b06f7.

* add version tool freshness check

* remove pseudo-version file

* revert to `sha256sum`

* fix workflow indentation
 2023-06-09 11:50:51 +02:00
Moritz Sanft
892752a1f8
add necessary permissions (#1905) 2023-06-09 11:50:39 +02:00
Otto Bittner
3a54ca91a7
deps: bump go patch version (#1903) 2023-06-09 10:53:17 +02:00
Malte Poll
8c3617faf0
ci: do not manually clear measurements on verify e2e (#1889) 2023-06-09 09:25:30 +02:00
Adrian Stobbe
e9f9337cb9
Revert "ci: fix versionsapi cli container Dockerfile (#1856)" (#1896) 
This reverts commit 0fac6a03cc.
 2023-06-07 17:18:59 +02:00
renovate[bot]
25037026e1
deps: update Python dependencies (#1887) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-07 10:36:52 +02:00
renovate[bot]
6f7c8999f3
deps: update dependency cryptography to v41 [SECURITY] (#1875) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-06 18:15:26 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion (#1881) 
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
 2023-06-06 15:22:06 +02:00
Malte Poll
025d34a259
ci: fix docker-login on macOS runner (#1877) 2023-06-06 12:20:09 +02:00
3u13r
7c07e3be18
Add --insecure to config fetch-measurement (#1879) 
* cli: add --insecure to fetch-measurements

* cli: rename fake to stub

* ci: upload measurements for debug images

* fix cli docs
 2023-06-06 10:32:22 +02:00
Malte Poll
900d51d49f
ci: select correct target version for upgrade e2e test in release pipeline (#1874) 2023-06-05 13:56:16 +02:00
Adrian Stobbe
a813760f96
config: automatically upload new Azure SNP versions to API + sign version with release key (#1854) 
* sign version with release key and remove version from fetcher interface
* extend azure-reporter GH action to upload updated version values to the Attestation API
 2023-06-02 12:10:22 +02:00
Otto Bittner
0fac6a03cc
ci: fix versionsapi cli container Dockerfile (#1856) 
paths were not updated during refactoring
 2023-06-02 11:29:46 +02:00
Malte Poll
289665eb22
ci: remove setup-go action / disable cache where applicable (#1850) 
Runners sometimes fail because they run out of disk space.
One reason this happens is a change in the setup-go action@v4:

> The V4 edition of the action offers: Enabled caching by default

To combat this, we now disable the cache if it was not enabled explicitly before.
Additionally, we remove setup-go where it is no longer needed.
 2023-06-01 15:16:00 +02:00
3u13r
e0285c122e
todo responsibilities and cleanup (#1837) 
* chore: add TODO responsibilities

* chore: remove not needed TODOs

* chore: remove outdated migrations

* chore: remove resolved goleak exception

* chore: remove not needed cosign env

* config: add link to our Azure snp docs
 2023-06-01 12:33:06 +02:00
Otto Bittner
0c13f3ed8d image: add aws_aws-sev-snp variant 
This needs no changes to the existing AWS image.
The images have worked without modification so far.
 2023-06-01 11:25:31 +02:00
Malte Poll
8a51ae1ec3
ci: do not sign & upload debug image measurements (#1849) 2023-06-01 10:58:34 +02:00
renovate[bot]
bff8e684e1
deps: update golang:1.20.4 Docker digest to 690e413 (#1845) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: malt3 <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-01 09:26:31 +02:00
Malte Poll
a1ec899171 ci: use enterprise cli for e2e tests 2023-05-31 14:00:00 +02:00
Adrian Stobbe
0a6e5ec02e
config: dynamic attestation configuration through S3 backed API (#1808) 2023-05-25 17:43:44 +01:00
3u13r
25211dc154
ci: codeql disable autobuild for go (#1828) 2023-05-25 18:20:44 +02:00
Malte Poll
76bf5e8e28 ci: upload image info v2 and measurements v2 in image build pipeline 2023-05-25 15:01:15 +02:00
Otto Bittner
c010a4d742 ci: fix aws-snp-launchmeasurement pipeline 
Misspelled variable name.
 2023-05-25 14:00:45 +02:00
Malte Poll
7cff47f30f
ci: run release workflow on temporary branch (#1628) 2023-05-25 10:14:42 +02:00
Otto Bittner
06a32a85a7 ci: add pipeline to precalc launchmeasurements 
This is for SNP on AWS.
 2023-05-24 12:58:39 +02:00
Malte Poll
050fccc591 ci: do not run unit tests on macOS 2023-05-23 15:11:10 +02:00
Malte Poll
c4ad246910 wip: cached unit tests 2023-05-23 15:11:10 +02:00
Leonard Cohnen
c98644df2b ci: use bazel for unittests 2023-05-23 15:11:10 +02:00
Malte Poll
b467327128 ci: optimize bazel output for web-based console 2023-05-23 15:11:10 +02:00
Malte Poll
660781d35e misc: bazelisk -> bazel 2023-05-23 15:11:10 +02:00
Malte Poll
a0ac230298 ci: remove bazel repo cache hosted in github actions cache 2023-05-23 15:11:10 +02:00
Malte Poll
41cc759b44 ci: use self hosted (cached) runners 2023-05-23 15:11:10 +02:00
renovate[bot]
a5215d3268
deps: update dependency requests to v2.31.0 [SECURITY] (#1816) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-05-23 13:45:15 +02:00
3u13r
6062b10035
cli: split image into oss and enterprise (#1788) 2023-05-23 10:49:47 +02:00
Malte Poll
dc9b3c1937
ci: run e2e tests as last step of release pipeline (#1793) 2023-05-22 09:22:00 +02:00
3u13r
964775c4c2
Add autoscaling and cluster upgrade support for AWS (#1758) 
* aws: autoscaling and upgrades

* docs: update scaling and upgrades for AWS

* deps: pin vuln check against release
 2023-05-19 13:57:31 +02:00
Otto Bittner
2dc105224d
ci: set toImage argument in e2e-test-release (#1722) 2023-05-16 08:54:12 +02:00
renovate[bot]
080e0bcaec
deps: update golang:1.20.4 Docker digest to 685a22e (#1761) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-05-12 18:18:13 +02:00
3u13r
4024b9cf71
ci: fix minicon e2e test (#1763) 
* ci: push containers during minicon e2e

* cli: set testing nvram for pre images in minicon
 2023-05-12 17:14:32 +02:00
Daniel Weiße
0e7d50b465
Select attestation variant for verify test (#1755) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-05-12 11:06:49 +02:00
3u13r
dd2ea50a39
deps: bump go version (#1760) 2023-05-11 14:14:15 +02:00
Daniel Weiße
d9bec20c78
Guard measurement removal behind config version check (#1739) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-05-05 16:43:50 +02:00
renovate[bot]
a8101c8c64
deps: update GitHub action dependencies (#1745) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 14:42:20 +02:00
renovate[bot]
a60e22d6d3
deps: update golang Docker tag to v1.20.4 (#1746) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-05-05 14:37:15 +02:00
Paul Meyer
30cd024076
deps: add Kubernetes v1.27, remove Kubernetes v1.24 (#1669) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 13:22:53 +02:00
Paul Meyer
b48866a756
ci: fix measurement generation on scheduled build (#1741) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 13:13:51 +02:00
Malte Poll
2efa3083dc ci: use native go code for os image upload 2023-05-05 12:06:44 +02:00
Otto Bittner
1f49c815b2
ci: update measurement overwrite for config v3 (#1731) 2023-05-04 11:32:52 +02:00
Paul Meyer
b76583e4a0
ci: fix e2e miniconstellation abort condition (#1728) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-04 08:16:31 +02:00
Paul Meyer
ab74958b4a
ci: fix e2e release abort condition (#1726) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-03 18:18:16 +02:00
Malte Poll
d2cbf3dc83
ci: skip e2e tests if caller was not successful (#1714) 2023-05-03 11:40:09 +02:00
Otto Bittner
1180b376fa ci: only add tf-log flag if the binary supports it 
We sometimes run older CLI versions in the CI. Those versions
may not support the flag.
 2023-05-02 11:08:40 +02:00
Paul Meyer
7ab23c28b8 Revert "misc: replace sha256sum with shasum -a 256 (#1681)" 
This reverts commit ec1d5e9fb5.

While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
 2023-05-02 11:07:05 +02:00
Otto Bittner
5deccc3d01 ci: push images in e2e-upgrade 2023-04-28 15:48:12 +02:00
Otto Bittner
481eeeaf3e ci: add simulatedTargetVersion to e2e-upgrade 
This allows us to build a CLI that reports the given version during
an upgrade test. With this we can test patch upgrades.
 2023-04-28 15:48:12 +02:00
Paul Meyer
1d24036f21
ci: fix os image build schedule (#1703) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-28 12:57:11 +02:00
Malte Poll
635b98a34f
ci: rename all usages of bazel push target from //:push to //bazel/release:push (#1701) 2023-04-28 09:26:15 +02:00
renovate[bot]
fa4c6201b0
deps: update golang:1.20.3 Docker digest to 403f486 (#1691) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 17:50:46 +02:00
Moritz Sanft
261fe611a9
ci: add Terraform logging (#1665) 
* enable Terraform logging

* change to debug level

* rename artifact

* add name suffix

* remove blank line
 2023-04-27 14:03:49 +02:00
Paul Meyer
12216ea997
ci: prevent google auth warnings when reauthenticating (#1697) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 10:55:57 +02:00
Malte Poll
0c206e62d0
deps: rename bazel-zig-cc to hermetic_cc_toolchain (#1695) 2023-04-27 10:27:43 +02:00
Paul Meyer
bf051174f6 ci: update measurements and image version 
on scheduled build

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 10:20:27 +02:00
Paul Meyer
82d0475e2a ci: don't pick from release to main 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 10:20:27 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 (#1681) 2023-04-26 13:40:18 +02:00
Malte Poll
84dd25600f
image: upgrade mkosi to support repart (#1684) 2023-04-25 18:22:40 +02:00
Otto Bittner
c962e1745f
ci: add missing permissions for e2e-upgrade job (#1679) 
Missed a spot..
 2023-04-24 13:49:02 +02:00
Otto Bittner
e6d5c2f116 ci: remove obsolete env variables 
these variables influence the azure cli auth behavior.
we now use OIDC as login mechanism.
 2023-04-24 12:38:08 +02:00
Otto Bittner
840eb401c6 ci: add missing permissions to workflows 
+ packages: write
+ checks: write
 2023-04-24 12:38:08 +02:00
Malte Poll
dc5e6f30a9
ci: login to container registry before pushing containers (#1676) 2023-04-21 11:05:08 +02:00
Malte Poll
5145f806ea bazel: remove apko and Dockerfile where Bazel is used to build container images 2023-04-18 15:35:15 +02:00
Malte Poll
19ff132ee8 ci: upload container images when running e2e tests 2023-04-18 15:35:15 +02:00
Paul Meyer
4b9bce9bb7
ci: fix notification trigger (#1673) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-18 14:50:36 +02:00
Paul Meyer
e335421dd2
ci: trigger notify only in scheduled workflows (#1671) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 17:30:56 +02:00
3u13r
3cb6ab04f1
ci: don't set IAM env for Azure (#1670) 2023-04-17 16:47:12 +02:00
Paul Meyer
c1d3b38a5f ci: replace release[bot] with edgelessci 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
7a1af4937c ci: remove outdated iam code 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
b80d1576f3 ci: use include list to define e2e matrix 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
4020e7840a ci: always use tee -a instead of redirecting 
into GITHUB_OUTPUT

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
0b3190ea8b
ci: fix naming issues (#1662) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-15 19:24:48 +02:00
Paul Meyer
860d72a083
ci: reduce number of steps with continue-on-error (#1593) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 18:50:58 +02:00
Paul Meyer
632b24e7cd
ci: fix version publishing on release (#1658) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 18:04:03 +02:00
Paul Meyer
1cc0ab2614
ci: improve e2e failure reporting and checklist (#1656) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:14:25 +02:00
Paul Meyer
76979136de ci: refactor artifact and resource naming 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Paul Meyer
1f82b4d266 ci: reduce continue-on-error usage in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Paul Meyer
d24ebd660e ci: fix order in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Paul Meyer
677ed052a4 ci: use iam created Azure resource group in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Otto Bittner
d2967fff6b
cli: fix misleading error while applying kubernetes-only upgrade (#1630) 
* The check would previously fail if e.g. `apply` did not upgrade the
image, but a new image was specified in the config. This could
happen if the specified image was too new, but a valid Kuberentes
upgrade was specified.
* ci: fix variable expansion in e2e-upgrade call
* e2e: do not verify measurement signature
 2023-04-13 15:58:37 +02:00
Paul Meyer
dea41bd1ed
ci: refactor e2e test failure notifications (#1625) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-12 16:06:26 +02:00
renovate[bot]
60bacaa587
deps: update golang:1.20.3 Docker digest to 89924bd (#1636) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-04-12 14:35:57 +02:00
Moritz Sanft
6ba294e175
ci: separate e2e permissions (#1555) 
* split e2e test iam create / create perms

* remove global Azure credentials

* remove unnecessary azure actions

* use UUID

* fix e2e upgrade test

* rename create inputs

* remove continue-on-error for resource deletion

* de-exclude verify test

* fix exclude

* fix release e2e test

---------

Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
 2023-04-12 13:24:13 +02:00
Malte Poll
52a1bb0a19
ci: prevent accidental GOOS and GOARCH confusion in host go toolchain (#1632) 2023-04-12 11:05:05 +02:00
Moritz Eckert
0b66119a41 docs: group perf graphics by csp 2023-04-11 14:28:21 +02:00
Moritz Eckert
db32251daa docs: update benchmarks with v2.6.0 
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-04-11 14:28:21 +02:00
Moritz Eckert
a1f5e0e53d ci: Add tooling to create benchmark figures 2023-04-11 14:28:21 +02:00
Malte Poll
2b962598bf
deps: update go to 1.20.3 (#1622) 2023-04-06 16:36:07 +02:00
Malte Poll
0ece41c146
bazel-deps-mirror: upgrade command (#1617) 
* bazel-deps-mirror: upgrade command

This command can be used to upgrade a dependency.
Users are supposed to replace any upstream URLs and run the upgrade command.
It replaces the expected hash and uploads the new dep to the mirror.
 2023-04-05 17:32:51 +02:00
Paul Meyer
b6778ab3e8
ci: always release cli on release-cli workflow (#1611) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-04 18:07:48 +02:00
renovate[bot]
8f17e4b9df
deps: update actions/setup-go action to v4 (#1605) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-04-04 11:06:30 +02:00
Paul Meyer
00efc30e24
ci: fix empty image input of verify e2e on release (#1604) 
* ci: fix empty image input of verify e2e on release
* ci: increase parallelism of e2e release workflow

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-04 10:47:26 +02:00
Otto Bittner
b5ce95a7a1
ci: do not run tests on macOS (#1595) 
only run two tests on macOS as a simple smoketest
 2023-04-03 17:47:21 +02:00
renovate[bot]
5dad9bfad7
deps: update GitHub action dependencies (#1591) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-03 16:36:43 +02:00
Paul Meyer
cbdaec65da
ci: purge images on main (#1583) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-03 13:44:46 +02:00
Otto Bittner
1dd5eae594
ci: do not skip e2e-weekly if trigger is successful (#1584) 2023-04-03 13:40:42 +02:00
Otto Bittner
180ef931fd ci: do not create branch during release workflow 
This seems to bother the create-pull-request action.
See: https://github.com/peter-evans/create-pull-request/issues/1203
 2023-04-03 11:35:39 +02:00
Otto Bittner
cc2bde9a3e ci: only commit version.txt if a change happened 2023-04-03 11:35:39 +02:00
Malte Poll
5e07efbb07 ci: fix cli path for cli signatures 2023-04-03 11:35:39 +02:00
Otto Bittner
4df33b93fe ci: add e2e-test-release workflow 
This workflow is used to run e2e tests in
preparation to a release.
It is triggered by the successful completion of
the release workflow.
Also trigger e2e-mini through the release
workflow completion.
This makes restarting the tests easier if
they fail during release preparation.

Co-authored-by: stdoutput <moritz.sanft@outlook.de>
 2023-04-03 11:35:39 +02:00
3u13r
efe4681214
add version.txt step to release pipeline (#1493) 
* add version.txt step to release pipeline

* refresh git status

* make minicon e2e test less flaky
 2023-03-31 12:41:32 +02:00
Paul Meyer
e021245660 bazel: add cli doc generation to //:generate 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 12:01:13 -04:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target (#1554) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 14:47:29 +02:00
Otto Bittner
ef5d64b170
ci: set correct fromVersion in upgrade test (#1535) 2023-03-30 09:46:41 +02:00
Malte Poll
827c4f548d
bazel: deps mirror (#1522) 
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.

It also normalizes deps rules.

* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload


Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 09:41:56 +02:00
Paul Meyer
d3e2f30f7b ci: fix diff check in tidy workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274 bazel: add go generate to //:generate target 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-29 12:51:40 -04:00
renovate[bot]
96cdf108e4
deps: update golang:1.20.2 Docker digest to 2101aa9 (#1551) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-29 14:56:55 +02:00
Malte Poll
2a8169dd3b
ci: use bazel repository cache for tidy checks (#1525) 2023-03-29 14:13:51 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target (#1512) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target (#1509) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-27 10:42:30 +02:00
Otto Bittner
da4e2521a9
ci: don't statically set PCR 5 (#1521) 
This value can't be statically precomputed and leads to
warnings during runtime.
 2023-03-24 17:08:39 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target (#1494) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 17:27:09 +01:00
Moritz Eckert
feb23ea3da
ci: add unittests for the benchmark actions (#1466) 
Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
 2023-03-23 17:04:55 +01:00
Paul Meyer
01d6724bae ci: run e2e test daily on last release 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00
Paul Meyer
4628222780 ci: always use tee -a when writing output 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00