Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
571 Commits 133 Branches 44 Tags 106 MiB
8d642be204
Commit Graph

94 Commits

Author SHA1 Message Date
Malte Poll
8d642be204 Azure: switch default region to west us and replicate images to multiple regions 2022-08-19 14:39:36 +02:00
Fabian Kammel
4176f038df Generate CLI reference also for sub-commands (#374) 
* include all subcommands
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-17 16:58:36 +02:00
Malte Poll
abb4fb4f0f Build GCP guest agent from github actions in constellation repo 2022-08-16 08:47:58 +02:00
Otto Bittner
aee432ed6f Fix syntax in yq command 
Fixes syntax error in 4db5ea3b164e8e762693035cb06d643f711a3d39
 2022-08-15 11:41:48 +02:00
Fabian Kammel
97c985a7f4 provide commands for all new image schemas (#363) 
* provide commands for all new image schemas
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-08-15 11:09:10 +02:00
Otto Bittner
3018bfa03e Add enforcedMeasurements default value to config 
A previous change started enforcing PCR values.
This makes it necessary to update the respective config
values before running init.
 2022-08-15 09:37:18 +02:00
3u13r
9478303f80 deploy cilium via helmchart (#321) 2022-08-12 10:20:19 +02:00
Otto Bittner
2f925b5955 Add clone3-workaround to bootstrapper build container 
The previously encountered error about misconfigured seccomp
filters is mitigated with the workaround added in this commit.
See the repo in the comment for detailed information on
the bug itself.
 2022-08-10 17:17:23 +02:00
Otto Bittner
919a2165ae Run e2e test container on edgserver with privileged 
The seccomp filter applied by docker presumably
stops curl from working correctly as the glibc changed the
way it creates processes (switch from clone to clone3).
The backwards compatibility layer of glibc does not work
correctly with docker's seccomp filter, making it necessary to
give the container privileged access.
 2022-08-10 09:58:43 +02:00
Otto Bittner
c42e79ecfe AB#2281: Run e2e tests on latest debug image (#354) 
* e2e tests now execute on the latest debug image available by default
* e2e-manual workflow now takes an optional image reference to run on
* isDebugImage is a flag that has to be set in case
you are running a debug image
 2022-08-09 15:29:39 +02:00
Malte Poll
aee3f2afa2 Run tests for different projects in parallel 2022-08-09 10:29:04 +02:00
Malte Poll
1df2a20a36 CI: build and upload node operator 2022-08-09 10:29:04 +02:00
Otto Bittner
1b9600c307 AB#2266: Test all supported version with e2e-tests 
* e2e-test workflows execute two hours earlier.
* Run quick-mode e2e tests for the two older versions we support.
This triggers every night, together with the existing e2e tests.
Idea here is that we know that a cluster can be setup and initialized.
* Run full e2e tests for the two older versions each sunday.
* Do not abort manual e2e runs. This allows for parallel runs.
* Run unprivileged container
 2022-08-09 10:02:15 +02:00
Daniel Weiße
c52bfc79d3 Set default values for e2e-pipeline (#351) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Co-authored-by: Fabian Kammel <fabian@kammel.dev>
 2022-08-09 08:20:23 +02:00
dependabot[bot]
2e71e6c740 Bump docker/build-push-action from 3.1.0 to 3.1.1 (#348) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1cb9d22b93...c84f382811)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-08 15:39:00 +02:00
Otto Bittner
6ef0f5d06b Remove "debug" from gcp image name. 
Debug already is part of the family name.
 2022-08-05 15:50:26 +02:00
Malte Poll
3b0b3f0335 Use local CoreOS assembler image instead of ghcr 2022-08-05 12:37:22 +02:00
dependabot[bot]
9741c0e6b1 Bump docker/build-push-action from 2.10.0 to 3.1.0 (#338) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ac9327eae2...1cb9d22b93)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-05 08:53:01 +02:00
dependabot[bot]
68cea57880 Bump docker/metadata-action from 3.8.0 to 4.0.1 (#337) 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](b2391d37b4...69f6fc9d46)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-05 08:52:51 +02:00
Daniel Weiße
5c00dafe9b Fix CoreOS pipeline (#336) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-08-04 09:24:21 +02:00
Daniel Weiße
5da92d9d8b AB#2249 Rework image build pipeline (#326) 
* Rework image build pipeline

* Dont cancel workflow runs on main

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-08-03 16:01:36 +02:00
Malte Poll
d3435b06a2 AB#2283 Build CCM GCP from github actions in constellation repo (#334) 
* Build CCM GCP from github actions in constellation repo
* Deploy correct version of GCP CCM
 2022-08-03 11:46:11 +02:00
Otto Bittner
1859dc1718 AB#2288: Fix/kernel panic (#328) 
* More debug info & don't use guestfish
* Sync image runner script with deployed code
* Add missing = for --wait in sonobuoy action

Co-authored-by: <mp@edgeless.systems>
 2022-08-02 15:34:17 +02:00
Fabian Kammel
a705fabf43 wait at most 5 hours (#322) 2022-08-01 21:44:12 +02:00
Otto Bittner
5a2809aca2 Disable automatic image builds (#310) 
We only need new images for bootstrapper changes
for each release. Between releases we can use debug images.
For releases we have to build images manually anyway.
Therefore, let's not build these images unnecessarily.
 2022-07-28 09:56:49 +02:00
Thomas Tendyck
244426305d fix integration test workflow 2022-07-26 15:59:04 +02:00
Thomas Tendyck
aa0a07592b check licenses (#297) 
* AB#2222 check licenses of dependencies

* AB#2222 check-licenses: use setup-go
 2022-07-26 11:49:13 +02:00
dependabot[bot]
f57a7e3ed0 Bump docker/setup-buildx-action from 1.7.0 to 2 (#285) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.7.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f211e3e9de...dc7b9719a9)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-25 12:14:17 +02:00
Fabian Kammel
3a52bcabeb First suggestion for issue and pr templates. (#289) 
* First suggestion for issue and pr templates.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-25 12:13:02 +02:00
Fabian Kammel
ae13163fb7 kubectl wait is not supported for daemonset (#296) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-25 11:07:21 +02:00
dependabot[bot]
b57e9cf92a Bump docker/login-action from 1.14.1 to 2 (#284) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](dd4fa0671b...49ed152c8e)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-21 09:45:54 +02:00
Fabian Kammel
085f548333 GitHub action pin-by-hash & dependabot (#283) 
* remove Sunday and Monday morning runs, little value
* run test lint on main, as we do for all linters
* fixup outdated instructions
* use version hash instead of tags
* use dependabot for github actions
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-20 10:48:01 +02:00
Fabian Kammel
3842e50c49 use common boostrapperhost field and wait before reading pcr values (#281) 
* use common boostrapperhost field and wait before reading pcr values
* use wait to be more explicit about goal
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2022-07-20 10:47:22 +02:00
Fabian Kammel
193a91d911 fix reference for statefile field and unwrap errors (#278) 
* fix reference for statefile field
* unwrap errors before checking status
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-18 14:00:57 +02:00
Fabian Kammel
a931f6692f Fix/bootstrapper regressions (#274) 
* remove wireguard from e2e tests, conformance docs & config
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-15 11:53:14 +02:00
Fabian Kammel
e315a3b5d8 AB#2070 automatic cli ref update (#272) 
* automatically update cli reference branch in docs repository
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-15 10:23:52 +02:00
Malte Poll
cce2611e2a Simplify node lock and various small changes 
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2022-07-14 17:25:18 +02:00
Malte Poll
260d2571c1 Only upload kubeadm certs if key is rotated 
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
 2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
1af18e990d Rename all activation 2022-07-14 17:25:18 +02:00
katexochen
916e5d6b55 Rename coordinator to bootstrapper and rename roles 2022-07-14 17:25:18 +02:00
Fabian Kammel
00dfff6840 AB#2158 publish measurements (#268) 
* cleaned up actions and new measure action to generate, sign and upload measurements
* improve constellation ip fetching to support multiple control nodes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-07-13 14:04:46 +02:00
Fabian Kammel
9d3ab0042c Ref/prepare changelog for v1.3.1 (#263) 
* prepare changelog.
* document lb fix
* set release version for cli
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: 3u13r <lc@edgeless.systems>
 2022-07-11 15:19:56 +02:00
Fabian Kammel
be989851d7 Use supported image and start pipeline one hour earlier for less waiting in gcp e2e (#264) 2022-07-11 12:52:10 +02:00
Fabian Kammel
8a299b54a3 Temporarily ignore failing e2e tests (#260) 
* ignore failing e2e tests on gcp
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
 2022-07-08 18:18:48 +02:00
Malte Poll
c4646191e2 Allow downgrade of azure cli package 2022-07-07 16:16:48 +02:00
Malte Poll
7411d04bcf Pin azure cli to version 2.37.0 2022-07-07 16:16:48 +02:00
Malte Poll
adcd00c8e2 Install azure CLI from apt repo (bug was fixed) 2022-07-07 16:16:48 +02:00
Fabian Kammel
c279bb7a38 make signing keys optional in build step, since e2e test does not require signing (#254) 
* make signing keys optional in build step, since e2e test does not require signing
 2022-07-07 12:18:41 +02:00
Daniel Weiße
67c45f3d5b CoreOS build pipeline fix (#256) 
* Remove invalid build step

* Only upload Coordinator on main branch

Signed-off-by: daniel-weisse <dw@edgeless.systems>
 2022-07-07 11:28:12 +02:00