Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-22 05:11:23 -05:00
Code Issues Packages Projects Releases Wiki Activity
4,442 Commits 137 Branches 49 Tags 95 MiB
871be80877
Commit Graph

4442 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Weiße
871be80877
ci: update workflows to initialize upgrade tests with v2.19.3 (#3494) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-11-26 08:55:33 +01:00
Thomas Tendyck
b2e99af86c docs: refactor gtag 2024-11-22 17:19:51 +01:00
Daniel Weiße
f06830ec1a
deps: update google/go-sev-guest to v0.11.2-0.20241122022416-97a55186df28 (#3490) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-11-22 11:01:09 +01:00
edgelessci
4d65c7811b
image: update measurements and image version (#3491) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-22 09:18:26 +01:00
3u13r
4026752e89
docs: remove mentioning of Cilium's key rotation for IPSec since it does not apply to WireGuard (#3489) 2024-11-21 09:03:05 +01:00
Daniel Weiße
775ba22ab2
ci: run terraform apply in provider example test with timeout (#3482) 
* Run terraform apply with timeouts
* Ignore lock file when running terraform destroy

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-11-21 08:32:22 +01:00
3u13r
521ff0d14c
Pin crane and npm dependencies (#3477) 
* ci: pin crane dependency

* docs: pin npm dependencies

* deps: bump docusaurus

---------

Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
 2024-11-20 18:34:25 +01:00
Daniel Weiße
d874b5b5f4
deps: use forked google/go-sev-guest to support v3 AMD SEV-SNP attestation reports (#3487) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-11-20 09:39:51 +01:00
Markus Rudy
173ef26f70
ci: pin nix version to 2.25.2 (#3484) 
* ci: pin nix version to 2.25.2

* bazel: update stale lock file
 2024-11-20 09:09:20 +01:00
edgelessci
3b23d080d7
image: update measurements and image version (#3485) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-20 08:09:59 +01:00
Daniel Weiße
e0c95a34bb
ci: update workload identity provider url (#3483) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-11-18 16:36:32 +01:00
edgelessci
7cde5220c5
image: update locked rpms (#3481) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-18 08:16:45 +01:00
edgelessci
98cabeebd5
image: update measurements and image version (#3479) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-15 09:02:24 +01:00
edgelessci
26da32ed95
image: update measurements and image version (#3478) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-14 08:50:09 +01:00
Moritz Eckert
1c5fe3fe24
docs: update azure firmware with openhcl (#3473) 
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2024-11-11 12:50:18 +01:00
Moritz Eckert
36024f20ae
docs: change wording contrast with comparison (#3476) 2024-11-11 12:45:30 +01:00
edgelessci
a8434a2415
image: update locked rpms (#3475) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-11 11:17:09 +01:00
renovate[bot]
d95a1de17f
deps: update ubuntu:22.04 Docker digest to 0e5e4a5 (#3447) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-11 10:11:51 +01:00
edgelessci
000a7627fc
image: update measurements and image version (#3474) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-08 08:27:27 +01:00
Moritz Eckert
887b9c5fae
docs: stackit improve clouds.yaml description (#3470) 2024-11-07 09:30:41 +01:00
edgelessci
273ec733fb
image: update measurements and image version (#3471) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-06 08:28:21 +01:00
edgelessci
f2b919a563
image: update locked rpms (#3468) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-11-05 17:09:26 +01:00
Adrian Stobbe
e39d90ac1e
add migrate instructions to v2.19 docs (#3469) 2024-11-05 09:56:29 +01:00
Markus Rudy
960499a937
image: unset password reset date to ensure reprodicibility (#3466) 
* image: unset password reset date
 2024-11-04 14:53:35 +01:00
Adrian Stobbe
54058eed2a
terraform: fix security rule reconciliation on Azure (#3454) 
* fix security rule reconciliation on azure
* fix simulated patch version upgrade
 2024-11-04 08:59:16 +01:00
edgelessci
aa7d47ed5f
image: update measurements and image version (#3464) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-30 08:07:48 +01:00
Moritz Sanft
7458d0e892
deps: update terraform-provider-stackit (#3462) 2024-10-29 19:03:19 +01:00
Markus Rudy
bff8bce88f
docs: how to reproduce released artifacts (#3451) 
* ci: test reproducability with different dependency installation methods

* nix: mitigate nix store optimisiation

* docs: reproducible builds

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* ci: upgrade ubuntu runners for reproducible builds

---------

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2024-10-29 14:04:59 +01:00
Mauritz Uphoff
9124691743
config: only allow confidential instances on stackit (#3463) 
* cli: only allow confidential instances on stackit

* review changes
 2024-10-29 12:35:01 +01:00
renovate[bot]
7dc38d9ff0
deps: update bazel (modules) (#3448) 
* deps: update bazel (modules)

* Dont upgrade rules_python due to incompatibility with rules_pkg

* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-29 09:30:43 +01:00
Daniel Weiße
4b7cd84eaf
e2e-upgrade: guard function return values behind sync.WaitGroup (#3461) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-10-28 11:34:11 +01:00
Daniel Weiße
132218ac1e
ci: report failure in scheduled Terraform provider tests on cancel (#3460) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-10-28 10:46:24 +01:00
edgelessci
46fcbb5ee8
image: update locked rpms (#3459) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-28 09:55:07 +01:00
Adrian Stobbe
53caa86cb8
docs: clarify for Azure TDX with Terraform provider (#3449) 2024-10-25 14:00:44 +02:00
edgelessci
1ed1a627b3
image: update measurements and image version (#3458) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-25 11:08:47 +02:00
3u13r
2cd5b05b51
cli: also log applier debug messages to debug log file (#3457) 
* cli: also log applier debug messages to debug log file

* cli: use debug logger instead of cliLogger
 2024-10-24 15:00:51 +02:00
Markus Rudy
cbd8cc6976
ci: use GOPROXY fallbacks (#3456) 2024-10-23 16:45:22 +02:00
edgelessci
7977746785
image: update measurements and image version (#3455) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-23 09:38:20 +02:00
Markus Rudy
96ac7124e3
terraform: upgrade hashicorp/google to 6.7.0 (#3440) 2024-10-21 10:41:33 +02:00
edgelessci
0997ce2b98
docs: add release v2.19.0 (#3434) 
Co-authored-by: msanft <58110325+msanft@users.noreply.github.com>
 2024-10-21 09:59:30 +02:00
Moritz Sanft
44b2a758dd
chore: v2.19.0 post-release (#3445) 2024-10-21 09:59:04 +02:00
Moritz Sanft
dd385bce1f
helm: allow namespace handling for node-maintenance-operator (#3442) 2024-10-18 11:11:26 +02:00
edgelessci
e9203a2aee
image: update measurements and image version (#3441) 
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-18 08:08:45 +02:00
Moritz Sanft
0453f5b611
e2e: fix malicious join test (#3439) 2024-10-17 14:45:48 +02:00
Moritz Sanft
50df35438e
ci: fix artifact deletion (#3437) 
GitHub seemingly now adds a newline to the output of the gh CLI, so we need to cut it before using it.
 2024-10-17 09:37:59 +02:00
renovate[bot]
24af06b02f
deps: update Go dependencies (#3411) 
* deps: update Go dependencies

* bazel: force Gazelle generation for xDS

xDS has an upstream set of build files that makes Gazelle consider their project a whole new Bazel project, which makes Gazelle not generate any build files, even though the upstream ones aren't valid.

See https://github.com/cncf/xds/issues/104.

* go: update cel.dev/expr for Bazel fixes

cel.dev/expr had some upstream Bazel fixes in v0.16.2 without which Gazelle doesn't work.

* chore: generate

* e2e: remove references to kubeProxyVersion

kubeProxyVersion is deprecated as of KEP-4004. It was never being set to an accurate value before, and we only used it in the e2e test, so removing the additional check should not hurt here.

See https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/4004-deprecate-kube-proxy-version

* constellation-node-operator: use typed rate-limiter

The untyped rate-limiter was deprecated in favor of a generic one that can just be instantiated to `any` to achieve the previous behaviour.

* Advertise ALPN settings in NextProtos required by gRPC

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* atls: add nextProtos

nextProtos (for ALPN) is now required by gRPC, so add it.

* go: add cri-client replace

* deps: tidy all modules

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 17:35:51 +02:00
renovate[bot]
36f8beb3df
deps: update quay.io/medik8s/node-maintenance-operator Docker tag to v0.17.0 (#3425) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 17:07:37 +02:00
renovate[bot]
357e4366ff
deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1 (#3426) 
* deps: update public.ecr.aws/eks/aws-load-balancer-controller Docker tag to v2.9.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
 2024-10-16 17:06:41 +02:00
renovate[bot]
8813a1ab04
deps: update registry.k8s.io/sig-storage/snapshot-validation-webhook Docker tag to v8.1.0 (#3431) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 17:06:06 +02:00
renovate[bot]
2e2dd855b5
deps: update registry.k8s.io/sig-storage/snapshot-controller Docker tag to v8.1.0 (#3430) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-16 16:07:41 +02:00