Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,218 Commits 133 Branches 44 Tags 106 MiB
83cfc86df1
Commit Graph

252 Commits

Author SHA1 Message Date
katexochen
83cfc86df1 image: update measurements and image version 2023-09-15 08:37:08 +02:00
katexochen
9c54ff06e0 image: update measurements and image version 2023-09-14 10:16:45 +02:00
edgelessci
4813296062
image: update measurements and image version (#2320) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-09 15:19:24 +02:00
3u13r
a25c90e9bb
remove deprecated constellation create flags (#2325) 
* chore: clean-up TODOs

* cli: make OpenStack error explicit

* cli: remove deprecated flags

* config: require DeployCSIDriver field
 2023-09-08 21:15:02 +02:00
edgelessci
4b48b5fdef
image: update measurements and image version (#2309) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-06 08:40:59 +02:00
edgelessci
463833433c
image: update measurements and image version (#2295) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-09-01 08:19:37 +02:00
edgelessci
eed2be0aa3
image: update measurements and image version (#2294) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-30 14:03:35 +02:00
edgelessci
0f4bd8296b
image: update measurements and image version (#2284) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-25 08:45:50 +02:00
edgelessci
3d5d291891
image: update measurements and image version (#2274) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-23 09:38:12 +02:00
3u13r
8325f99b09
deps: support Kubernetes 1.28 (#2242) 2023-08-18 11:13:24 +02:00
edgelessci
04ece90172
image: update measurements and image version (#2247) 
Co-authored-by: malt3 <malt3@users.noreply.github.com>
 2023-08-17 08:17:28 +02:00
edgelessci
f270e91724
image: update measurements and image version (#2238) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-16 09:41:01 +02:00
edgelessci
aa787a3ea6
image: update measurements and image version (#2206) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-11 11:19:57 +02:00
Daniel Weiße
c9cae643e2
internal: fix unmarshalling attestation version numbers from JSON (#2187) 
* Fix unmarshalling attestation version numbers from JSON

* Add unit test for UnmarshalJSON

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-08-09 15:11:14 +02:00
Adrian Stobbe
d8db9d0add
strict input validation on attestation version numbers (#2180) 2023-08-09 11:41:04 +02:00
edgelessci
81a13319b7
image: update measurements and image version (#2183) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-09 10:14:39 +02:00
3u13r
4564017b13
config: fix aws instance type validation (#2171) 2023-08-04 18:16:49 +02:00
Malte Poll
15bb9588d7
cli: update config migration to migrate v3 -> v4 (#2166) 2023-08-04 15:57:36 +02:00
Malte Poll
7bfcb0bd5d cli: remove old config migration from v2 to v3 2023-08-04 12:36:45 +02:00
Malte Poll
c0177c565f config: update tests 2023-08-04 12:36:45 +02:00
Malte Poll
b61deb6a03 config: update validation to work with nodeGroups 2023-08-04 12:36:45 +02:00
Malte Poll
2246c31b7b config: define lists of valid disk types 2023-08-04 12:36:45 +02:00
Malte Poll
15bb3b31fd config: add nodeGroups 2023-08-04 12:36:45 +02:00
edgelessci
75c49b6515
image: update measurements and image version (#2163) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-04 09:58:31 +02:00
edgelessci
d71422667e
image: update measurements and image version (#2157) 
Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>
 2023-08-04 08:35:19 +02:00
Daniel Weiße
86c5fb5fab
config: reorder values (#2154) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-08-02 16:01:10 +02:00
edgelessci
da1376cd90
image: update measurements and image version (#2151) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-08-02 10:13:56 +02:00
Otto Bittner
dac690656e
api: add functions to transparently handle signatures upon API interaction (#2142) 2023-08-01 16:48:13 +02:00
Otto Bittner
1d5a8283e0
cli: use Semver type to represent microservice versions (#2125) 
Previously we used strings to pass microservice versions. This invited
bugs due to missing input validation.
 2023-07-25 14:20:25 +02:00
Malte Poll
8da6a23aa5
bootstrapper: add fallback endpoint and custom endpoint to SAN field (#2108) 
terraform: collect apiserver cert SANs and support custom endpoint

constants: add new constants for cluster configuration and custom endpoint

cloud: support apiserver cert sans and prepare for endpoint migration on AWS

config: add customEndpoint field

bootstrapper: use per-CSP apiserver cert SANs

cli: route customEndpoint to terraform and add migration for apiserver cert SANs

bootstrapper: change interface of GetLoadBalancerEndpoint to return host and port separately
 2023-07-21 16:43:51 +02:00
edgelessci
3324a4eba2
image: update measurements and image version (#2124) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-21 16:20:41 +02:00
edgelessci
2660c1aa87
image: update measurements and image version (#2116) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-19 08:35:56 +02:00
Otto Bittner
ff4b5db74c
config: make deployCSIDriver backwards compatible (#2088) 
We added the field in 2.9 but can only require it in 2.10.
 2023-07-12 15:08:37 +02:00
Adrian Stobbe
7e83991154
feat: status shows attestation config (#2056) 
* init

* update doc

* fix tests

* unmarshal typed attestation config for consistent yaml formatting

* fix comments

* marshal numerical attestation values in join-config

* GetAttestationConfig marshals numerical value
 2023-07-07 17:02:01 +02:00
edgelessci
b71d5cdc17
image: update measurements and image version (#2054) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-07 08:13:54 +02:00
Thomas Tendyck
274fed0990 cli: fix/improve some user-facing strings 2023-07-06 09:05:17 +02:00
edgelessci
37288deacf
image: update measurements and image version (#2019) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-07-05 08:32:25 +02:00
Adrian Stobbe
e72ec60d13
config: iam create aws check zone contains availability zone (#1913) 
* init

* make zone flag mandatory again

* add info about zone update + refactor

* add comment in docs about zone update

* Update cli/internal/cmd/iamcreate_test.go

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas feedback

* add format check to config validation

* remove TODO

* Update docs/docs/workflows/config.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas nit

---------

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-07-04 13:55:52 +02:00
Daniel Weiße
d95ddd01d3
helm: fix upgrade command unintentionally skipping all service upgrades (#1992) 
* Fix usage of errors.As in upgrade command implementation

* Use struct pointers when working with custom errors

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-30 16:46:05 +02:00
edgelessci
05c43137e4
image: update measurements and image version (#1988) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-06-30 08:48:38 +02:00
Moritz Sanft
7ad284d672
cli: deploy aws csi driver per default (#1981) 
* add aws csi driver helm chart

* update chart

* add CSI driver to Constellation default deployment

* generate config doc

* update buildfiles

* use upstream chart

* update buildfile

* set `DeployCSIDriver` in default config

* fix helm test

* whitespace
 2023-06-30 08:46:32 +02:00
Adrian Stobbe
161bb37cba
config: improve usage and meaning of validate (#1975) 
* discuss miniup config.Default() usage + discourage usage for Default() in comment

* Update internal/config/config_test.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* add enterprise version check for config.Default

* split config comment lines

* daniel feedback

* featureset.CanUseEmbeddedMeasurmentsAndImage

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2023-06-28 10:28:48 +02:00
Otto Bittner
0a36ce6171
config: validate instance type for aws SNP based on attestation variant (#1963) 
* config: validate instance type for aws SNP

* apply suggestions
 2023-06-26 17:05:12 +02:00
Daniel Weiße
e139eff552
fix: small formating/spelling issues (#1965) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-06-26 08:34:37 +02:00
Otto Bittner
3a7bb52560
attestation: docs and config changes for SNP attestation (#1959) 
* docs: describe SEV-SNP support on AWS
* config: remove launchMeasurement

awsSEVSNP attestation config should not have this value.
It doesn't have a function yet.
 2023-06-23 15:38:24 +02:00
Otto Bittner
7388240943
Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916)" (#1957) 
This reverts commit c7d12055d1.
 2023-06-22 17:08:44 +02:00
Otto Bittner
c7d12055d1
attestation: add SNP-based attestation for aws-sev-snp (#1916) 
* config: move AMD root key to global constant
* attestation: add SNP based attestation for aws
* Always enable SNP, regardless of attestation type.
* Make AWSNitroTPM default again

There exists a bug in AWS SNP implementation where sometimes
a host might not be able to produce valid SNP reports.
Since we have to wait for AWS to fix this we are merging SNP
attestation as opt-in feature.
 2023-06-21 14:19:55 +02:00
Adrian Stobbe
be4a636361
cli: improve user warning / information (#1933) 
* print success

* warn when debug img but !debugCluster

* malte feedback

* rename to IsNamedLikeDebugImage
 2023-06-19 16:51:39 +02:00
edgelessci
a717cefc26
image: update measurements and image version (#1939) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-06-16 08:27:45 +02:00
Adrian Stobbe
07de6482b2
config: drop support for deprecated Azure's service principal authentication (#1906) 
* invalidate app client id field for azure and provide info

* remove TestNewWithDefaultOptions case

* fix test

* remove appClientID field

* remove client secret + rename err

* remove from docs

* otto feedback

* update docs

* delete env test in cfg since no envs set anymore

* Update dev-docs/workflows/github-actions.md

Co-authored-by: Otto Bittner <cobittner@posteo.net>

* WARNING to stderr

* fix check

---------

Co-authored-by: Otto Bittner <cobittner@posteo.net>
 2023-06-14 17:50:57 +02:00