Moritz Sanft
b8d991f84c
AB#2577 Implement GCP IAM in terraform ( #567 )
...
* AB#2577 Add GCP TF Config & Documentation
[no ci] wip
AB#2577 Add GCP TF config & Docs
* Download lockfile
* Remove IAM input variables from output
2022-11-21 08:43:13 +01:00
Daniel Weiße
7b3cb5362a
Fix disk-mapper version injection ( #592 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-18 16:43:44 +01:00
Nils Hanke
ade8fa323f
Remove case-sensitive duplicate file
2022-11-18 16:07:29 +01:00
renovate[bot]
b4653152ee
Update libvirt.org/go to v1.8009.0 ( #593 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 15:56:39 +01:00
Daniel Weiße
9aa9c1bb49
AB#2275 Add azuredisk CSI driver ( #548 )
...
* Add azuredisk CSI driver
* Update Changelog
* Update chart using go generate
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-18 15:47:01 +01:00
renovate[bot]
54ef6d21f4
Update Terraform aws to v4.40.0 ( #586 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-18 15:41:02 +01:00
renovate[bot]
86b03bf08e
Update Terraform azurerm to v3.32.0 ( #588 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-18 14:57:34 +01:00
Malte Poll
786264edbc
Add hack script to locate latest debug image
2022-11-18 12:08:34 +01:00
Malte Poll
9d4172002c
Upgrade container images to Fedora 37
2022-11-18 10:37:45 +01:00
Malte Poll
efaa0622a8
Include image version in mkosi builds
2022-11-18 10:37:45 +01:00
Malte Poll
74aabe86fa
Move PCR[8] -> PCR[12]
2022-11-18 10:37:45 +01:00
Malte Poll
239b9f6c26
Upgrade images to Fedora 37
2022-11-18 10:37:45 +01:00
Fabian Kammel
56dccb77b4
Merge back changes from v2.2.2 release ( #580 )
...
* prepare v2.2.2 release and update release.md
* Updated QEMU measurements
* Terraform GCP: Always use the local account for resource creation (#571 )
* CoreOS is no longer used, change docs to OS.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-18 10:24:45 +01:00
Daniel Weiße
b966f57a2f
AB#2554 GCP CSI driver deployment ( #532 )
...
* Allow enabling/disabling of CSI driver through config
* Fix inconsistent namespace parsing
* Deploy GCP CSI driver on init
* Update invalid pod tolerations
* Add generate script for CSI charts
* Update generateCilium script
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-18 10:05:02 +01:00
renovate[bot]
6b7e470983
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.6 ( #582 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 09:20:54 +01:00
renovate[bot]
f5f6be1c56
Update actions/download-artifact action to v3 ( #583 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 08:55:56 +01:00
renovate[bot]
5dc78b677b
Update google.golang.org/genproto digest to 41c2ba7 ( #503 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 18:49:17 +01:00
Paul Meyer
8628b8f880
deps: bundle libvirt dependencies
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 18:10:20 +01:00
Fabian Kammel
1110ccd270
warn about function argument count over 5 ( #558 )
...
* warn about function argument count over 5
* only on new code
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-17 17:31:00 +01:00
Fabian Kammel
feae4a86bc
reserve enough time for stable tests ( #564 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-17 17:30:35 +01:00
renovate[bot]
25c3fcd104
Update module github.com/schollz/progressbar/v3 to v3.12.1 ( #581 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 17:12:04 +01:00
renovate[bot]
b7852665f3
Update Terraform google to v4.43.1 ( #576 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 16:44:33 +01:00
Malte Poll
78481b32e8
Move image artifacts "/v1/" => "/constellation/v1" ( #579 )
2022-11-17 16:14:38 +01:00
Paul Meyer
9c405ceb02
ci: use shfmt fork
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 16:10:13 +01:00
renovate[bot]
ba899060fd
Update module github.com/onsi/gomega to v1.24.1 ( #556 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 15:28:19 +01:00
Nils Hanke
6e5895f200
User-friendlier errors
2022-11-17 13:49:34 +01:00
Nils Hanke
e1d8926395
Terraform: Only rollback after we fully created the workspace
2022-11-17 13:49:34 +01:00
Nils Hanke
19fb6f1233
Make AWS vars passing consistent with other CSPs
2022-11-17 13:49:34 +01:00
Nils Hanke
158dfe0e2b
Remove unused name parameter in CreateCluster
2022-11-17 13:49:34 +01:00
Nils Hanke
b9b618a1f0
Terraform: Try to init before destroy
2022-11-17 13:49:34 +01:00
Nils Hanke
f27af5b588
Terraform: Make variables writing retryable
2022-11-17 13:49:34 +01:00
Nils Hanke
e93527144e
Terraform: Try to use existing files on partially unpacked workspace
2022-11-17 13:49:34 +01:00
Nils Hanke
4a2cba988c
Create separate Terraform workspace directory
2022-11-17 13:49:34 +01:00
Paul Meyer
7f5a1dd901
ci: use /usr/bin/env instead of /bin/env
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 12:01:29 +01:00
renovate[bot]
827b62c2be
Update GitHub action dependencies ( #568 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-17 11:37:00 +01:00
Paul Meyer
cca02597c8
image: remove bash options from sourced scripts
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Paul Meyer
4847b71faa
image: use bash shebang
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Paul Meyer
c61f6211f9
ci: use fixed renovate bot email for commits
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Paul Meyer
3fd678492f
ci: fix shellfmt workflow name
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 11:28:49 +01:00
Malte Poll
df0cd43f92
Terraform GCP: Always use local account for resource creation ( #571 )
...
* Terraform GCP: Always use local account for resource creation
* Update CHANGELOG
2022-11-17 10:33:36 +01:00
renovate[bot]
fe36de8826
Update module golang.org/x/crypto to v0.3.0 ( #569 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 10:18:43 +01:00
renovate[bot]
57c0a09f88
Update golang:1.19.3 Docker digest to d388153 ( #570 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 10:03:00 +01:00
Moritz Sanft
dfe7f855cd
AB#2578 Implement Azure IAM in terraform ( #562 )
...
* AB#2578 Azure IAM init
* AB#2578 Fixed application owner privileges, added docs
* Add all supported providers to TF lockfile
* Using service principal for role assignment in cluster resource group
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Rephrased header for Azure
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Registry -> Registration typo
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Download lockfile
* File name casing
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-16 20:19:10 +01:00
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts ( #560 )
2022-11-16 15:45:10 +01:00
Fabian Kammel
ca4764c466
Merge v2.2.1 changes back to main ( #563 )
...
* Bump version to v2.2.0
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Fix release detection in pipeline
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Update CHANGELOG for 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* bump constellation versions to 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-11-16 11:13:10 +01:00
Leonard Cohnen
2f0b1a0f32
ci: add go generate check
2022-11-15 18:24:07 +01:00
Leonard Cohnen
d86d82d2d4
helm: go generate
2022-11-15 18:24:07 +01:00
Leonard Cohnen
9b89e5cf10
ci: don't check cilium links
2022-11-15 18:24:07 +01:00
renovate[bot]
ee47177029
Update module helm.sh/helm/v3 to v3.10.2 ( #555 )
...
* Update module helm.sh/helm/v3 to v3.10.2
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-15 15:47:53 +01:00
Fabian Kammel
bb76a4e4c8
AB#2512 Config secrets via env var & config refactoring ( #544 )
...
* refactor measurements to use consistent types and less byte pushing
* refactor: only rely on a single multierr dependency
* extend config creation with envar support
* document changes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-15 15:40:49 +01:00