Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
858 Commits 133 Branches 44 Tags 106 MiB
88d200232a
Commit Graph

32 Commits

Author SHA1 Message Date
katexochen
88d200232a Remove autoscaling from CLI and bootstrapper 2022-09-20 13:41:23 +02:00
Thomas Tendyck
ab45d5fbfe tidy config 2022-09-12 08:49:51 +02:00
Thomas Tendyck
a85777fd02 enforce pcr4 2022-09-08 17:34:12 +02:00
Nils Hanke
ce0edc8c80 Purge provider argument from constellation create and verify 2022-09-08 13:38:24 +02:00
Thomas Tendyck
bd63aa3c6b add license headers 
sed -i '1i/*\nCopyright (c) Edgeless Systems GmbH\n\nSPDX-License-Identifier: AGPL-3.0-only\n*/\n' `grep -rL --include='*.go' 'DO NOT EDIT'`
gofumpt -w .
 2022-09-05 09:17:25 +02:00
Leonard Cohnen
cce2575d68 remove broken test: create azure service account 2022-09-01 17:06:01 +02:00
Leonard Cohnen
00e72db5d8 write master secret after config verification 2022-09-01 16:43:54 +02:00
Otto Bittner
4adc19b7f5 AB#2350: Configurably enforce idkeydigest on Azure 
* Add join-config entry for "enforceIdKeyDigest" bool
* Add join-config entry for "idkeydigest"
* Initially filled with TPM value from bootstrapper
* Add config entries for idkeydigest and enforceIdKeyDigest
* Extend azure attestation validator to check idkeydigest,
if configured.
* Update unittests
* Add logger to NewValidator for all CSPs
* Add csp to Updateable type

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
 2022-08-31 15:26:04 +02:00
katexochen
10e5249631 Manual client secrets on azure 2022-08-31 14:10:08 +02:00
katexochen
f15605cb45 Manually manage resource group on Azure 2022-08-31 14:10:08 +02:00
Fabian Kammel
45beec15f5 AB#2360 enterprise build tag (#397) 
* enterprise build switch to disable license checking in default (OSS) version
* remove community license quota
* empty image references on OSS build in config
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-25 14:06:29 +02:00
katexochen
e761c9bf97 Manually manage GCP service accounts 2022-08-24 11:44:05 +02:00
katexochen
a859accf1f Use id file for init ip 2022-08-23 18:11:20 +02:00
katexochen
7bbcc564bb Refactor id file interaction 
* Use IP instead of endpoint in clusterIDsFile
* Move and rename validateEnpoint to addPortIfMissing
* Refactor clusterIDsFile handling in verify cmd
 2022-08-23 18:11:20 +02:00
katexochen
c2faa20d6e Fix naming in state file 2022-08-23 18:11:20 +02:00
Fabian Kammel
82eb9f4544 AB#2299 License check in CLI during init (#366) 
* license server interaction
* logic to read from license file
* print license information during init
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
 2022-08-16 16:06:38 +02:00
Daniel Weiße
ba4471a228 AB#2316 Configurable enforced PCRs (#361) 
* Add warnings for non enforced, untrusted PCRs

* Fix global state in Config PCR map

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-08-12 15:59:45 +02:00
3u13r
9478303f80 deploy cilium via helmchart (#321) 2022-08-12 10:20:19 +02:00
Daniel Weiße
8f5f84deb5 AB#2305 Fix missing atls verifier in init call (#352) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-08-09 14:04:40 +02:00
Daniel Weiße
9a3bd38912 Generate random salt for key derivation on init (#309) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-07-29 09:52:47 +02:00
Daniel Weiße
db79784045 AB#2200 Merge Owner and Cluster ID (#282) 
* Merge Owner and Cluster ID into single value

* Remove aTLS from KMS, as it is no longer used for cluster external communication

* Update verify command to use cluster-id instead of unique-id flag

* Remove owner ID from init output

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-07-26 10:58:39 +02:00
Malte Poll
260d2571c1 Only upload kubeadm certs if key is rotated 
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
 2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
dea23604fb Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
916e5d6b55 Rename coordinator to bootstrapper and rename roles 2022-07-14 17:25:18 +02:00
katexochen
32f1f5fd3e Delete Coordinator core and apis 2022-07-14 17:25:18 +02:00
Nils Hanke
259c88fa1a IDsFilename -> ClusterIDsFilename 2022-07-05 14:41:58 +02:00
cm
3177b2fdb7 AB#2032 Write IDs to disk and read when verifying (#212) 
* AB#2032 Write IDs to disk and read when verifying

* Update CHANGELOG.md

* update changelog

* update changelog

* cli verify: prefer flag values

* Rename fid file

Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
 2022-07-01 10:57:29 +02:00
Nils Hanke
e3f78a5bff Remove passing context seperately to initialize 2022-06-28 13:55:50 +02:00
Christoph Meyer
1e11188dac AB#2033 User-friendly wrap and reword errors 
fix: readOrGenerated function signature
 2022-06-22 12:02:10 +01:00
katexochen
b308db03fe Move cli/cloud/cloudtypes into /internal 2022-06-08 11:59:23 +02:00
katexochen
c3ebd3d3cd Move cli/cmd into cli/internal 2022-06-08 11:59:23 +02:00