Adrian Stobbe
0a6e5ec02e
config: dynamic attestation configuration through S3 backed API ( #1808 )
2023-05-25 17:43:44 +01:00
Malte Poll
217a744606
image: add go code to upload image info and measurements
2023-05-25 15:01:15 +02:00
Malte Poll
b8751f35f9
image: add intermediate "image" verb to upload tool
2023-05-25 15:01:15 +02:00
Malte Poll
d0e53cbb59
cli: image info (v2)
2023-05-25 15:01:15 +02:00
Malte Poll
2ebc0cf2c8
image: set attestation variant explicitly
2023-05-25 15:01:15 +02:00
3u13r
6e574fd52c
ci: fix os image archive path ( #1809 )
2023-05-22 14:05:34 +02:00
Malte Poll
a2d701f421
image: remove upload scripts
2023-05-05 12:06:44 +02:00
Malte Poll
ee91d8b1cc
image: implement idempotent upload of os images
2023-05-05 12:06:44 +02:00
Malte Poll
cb6cc8df22
image: fix pcr 12 calculation ( #1706 )
...
Kernel cmdline embedded in UKIs had no null terminator before. With newer versions of mkosi, it is already null-terminated so we shouldn't null terminate it twice.
2023-05-02 12:01:30 +02:00
Paul Meyer
7ab23c28b8
Revert "misc: replace sha256sum with shasum -a 256 ( #1681 )"
...
This reverts commit ec1d5e9fb5
.
While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
2023-05-02 11:07:05 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 ( #1681 )
2023-04-26 13:40:18 +02:00
Malte Poll
84dd25600f
image: upgrade mkosi to support repart ( #1684 )
2023-04-25 18:22:40 +02:00
Malte Poll
69de06dd1f
image: OpenStack vTPM ( #1616 )
...
* cli: allow vpc traffic between nodes on OpenStack
* image: enable vTPM on OpenStack
* cli: add create tests for OpenStack
2023-04-05 16:49:03 +02:00
Malte Poll
3e73530b4f
image: use dummy attestation for OpenStack
2023-03-21 10:51:09 +01:00
Nils Hanke
1a35eab765
image: update Azure and GCP to kernel 6.1.18 ( #1406 )
2023-03-13 17:48:31 +01:00
Malte Poll
d34f4d4457
image: increase esp size ( #1393 )
2023-03-10 11:08:40 +01:00
Daniel Weiße
8c87bba755
Add measurement reader ( #1381 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-09 11:22:58 +01:00
Malte Poll
ac94e01642
image: downgrade systemd to 251.11-2 ( #1369 )
2023-03-08 10:45:53 +01:00
Malte Poll
0ba2c1c2bd
image: add systemd-boot as explicit dependency ( #1351 )
2023-03-07 10:19:28 +01:00
Malte Poll
e02183b9d9
Merge pull request from GHSA-6w5f-5wgr-qjg5
2023-03-07 09:26:36 +01:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps ( #1345 )
2023-03-06 13:29:15 +01:00
Malte Poll
96b4b74a7a
image: set attestation variant on kernel cmdline ( #1323 )
2023-03-02 12:20:10 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create
on OpenStack ( #1283 )
...
* image: support OpenStack image build / upload
* cli: add OpenStack terraform template
* config: add OpenStack as CSP
* versionsapi: add OpenStack as CSP
* cli: add OpenStack as provider for `config generate` and `create`
* disk-mapper: add basic support for boot on OpenStack
* debugd: add placeholder for OpenStack
* image: fix config file sourcing for image upload
2023-02-27 18:19:52 +01:00
Nils Hanke
b013a7ab32
image: update to Linux 6.1.14 for Azure
2023-02-27 17:04:24 +01:00
leongross
efc0cec4e1
image: verbose debugging options ( #1159 )
2023-02-24 14:25:39 +01:00
Nils Hanke
109177880e
image: upgrade to Linux 6.1.12 for Azure ( #1184 )
2023-02-15 15:00:05 +01:00
Fabian Kammel
c65b677f58
fix path for qemu/image.raw in S3/CDN ( #1106 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-31 10:44:19 +01:00
Malte Poll
5eb0b88bd7
image: setup debugd as a separate systemd unit
2023-01-25 09:58:56 +01:00
Paul Meyer
a31d79e9cb
ci: curl flags
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 14:23:32 +01:00
Malte Poll
58cc67c736
image: upgrade azure kernel to 6.1.7 ( #1027 )
2023-01-19 18:03:56 +01:00
Nils Hanke
912384a87d
image: fix "ignored null byte in input" warning on AWS
2023-01-17 21:25:04 +01:00
Paul Meyer
f90a13ad86
image: fix shell code format
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Otto Bittner
0b0e0ba46a
image: apply shellfmt suggestions
2023-01-16 12:20:54 +01:00
Malte Poll
938f114086
ci: implement "console" stream for OS images ( #969 )
...
* image: add AUTOLOGIN environment variable to conditionally enable serial console login
* ci: implement "console" stream for OS images
* debugd: remove serial console login access code
2023-01-16 12:20:01 +01:00
Malte Poll
82462fab17
image: enable serial console access for MiniConstellation to simplify troubleshooting ( #964 )
...
- enable serial console access for QEMU / mini Constellation
- print motd if serial console access is enabled
2023-01-13 16:01:45 +01:00
Malte Poll
67be4016f5
ci: generate signed measurements for QEMU
2023-01-12 13:24:07 +01:00
Leonard Cohnen
703f73a761
upgrade-agent: non-interactive mode
2023-01-09 12:16:54 +01:00
Malte Poll
25eaff26ff
Downgrade azure kernel to 5.19.4 ( #862 )
2023-01-04 17:48:27 +01:00
3u13r
473e16feb2
image: add upgrade-agent ( #827 )
2022-12-29 17:50:11 +01:00
Paul Meyer
b9a1a9ae5e
image: set runtime-endpoint in crictl config ( #821 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-22 12:34:28 +01:00
Paul Meyer
c741ccfb4b
kubernetes: use new registry
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Paul Meyer
0150fcc22c
ci: fix new shellcheck v0.9.0 findings ( #795 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 13:24:03 +01:00
Malte Poll
4a8ebfd921
OS images: use "ref", "stream" and "version"
...
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
2022-12-09 13:37:43 +01:00
Malte Poll
53576d63a0
Downgrade GCP kernel to 5.19.17-300 ( #763 )
2022-12-09 13:20:00 +01:00
Paul Meyer
1709da0085
image: fix script for PKI generation
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 18:07:54 +01:00
Paul Meyer
a0a7294546
image: set TERM environmet variable
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
Paul Meyer
b93b24e058
debugd: add logcollector
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
Paul Meyer
8224d4cd1f
image: install podman
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
Daniel Weiße
ad7baa667a
CSI driver fixes ( #668 )
...
* Fix invalid key id for resize operations
* Add udev rule for unlabeled disks
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-30 08:35:38 +01:00
Malte Poll
29ff6cb786
Move hardcoded all zero PCR[12] to PCR[8]
2022-11-22 11:37:53 +01:00