Commit Graph

3732 Commits

Author SHA1 Message Date
Daniel Weiße
90f3336c8e
deps: remove go.mod files from submodules (#2769)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-08 13:19:38 +01:00
Malte Poll
0dae7908a7 bazel: remove stale bash completion file 2024-01-08 10:44:38 +01:00
Malte Poll
362d07fc52 nix: allow dev setup via direnv 2024-01-08 10:44:38 +01:00
edgelessci
a23e838a01
image: update locked rpms (#2802)
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2024-01-08 08:52:52 +01:00
Moritz Eckert
2af34ceaf4
docs: update asciinema videos (#2777) 2024-01-08 07:35:48 +01:00
Moritz Sanft
d525be4a49
terraform: add module deprecation notice (#2739) 2024-01-07 22:44:08 +01:00
Malte Poll
c936ec510d
ci: reproducible builds test on artifacts v2 (#2801)
* ci: test download-artifacts@v4 for reproducible builds test

* ci: reproducible builds test: use unique artifact names and patterns
2024-01-05 16:57:21 +01:00
Markus Rudy
8e8e861d5f
ci: ignore Wireguard pdf in lychee (#2797)
* ci: use a config file for lychee

* ci: don't pass token to lychee action

* ci: ignore wireguard.pdf in lychee
2024-01-05 14:07:33 +01:00
Malte Poll
3a4f6ef9d1
bazel: use prebuilt Go toolchain (go.dev/dl) (#2796)
We had to switch to a Go toolchain from nixpkgs,
since prebuilt Go toolchain versions were not usable on NixOS.
Since Go 1.21, the prebuilt Go toolchain is statically linked
and works out of the box.

Reference: https://github.com/golang/go/issues/57007
2024-01-05 11:52:22 +01:00
Markus Rudy
c23aef344d
ci: don't export e2e metrics to OpenSearch (#2794)
* ci: don't export e2e metrics to OpenSearch
* debugd: don't export metrics
2024-01-05 10:15:53 +01:00
renovate[bot]
136a69e7c8
deps: update actions/setup-python action to v5 (#2755)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-05 09:29:16 +01:00
edgelessci
cbf744a095
image: update measurements and image version (#2795)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-05 09:27:11 +01:00
Adrian Stobbe
f41ce43919
terraform-provider: require kubernetes and microservice version (#2791) 2024-01-04 16:25:24 +01:00
3u13r
26a9639bcf
e2e: dynamically create rg resource group for minicon (#2793) 2024-01-04 16:01:57 +01:00
Adrian Stobbe
8730e72319
ci: e2e test for Terraform provider examples (#2745) 2024-01-04 10:00:21 +01:00
3u13r
15cc7b919b
Add pod disruption budgets so the cluster-autoscaler is able to move kube-admin namespaced resources (#2781)
* helm: refactor cilium helm values

* helm: add pod disruption budgets
2024-01-03 18:00:42 +01:00
3u13r
0167a4a286
helm: remove konnectivity agents (#2790) 2024-01-03 14:09:32 +01:00
edgelessci
3d8e548dcd
image: update measurements and image version (#2789)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-01-03 13:08:45 +01:00
Adrian Stobbe
9826ab2e89
node-operator: fix setting Azure node image (#2788) 2024-01-03 12:12:16 +01:00
3u13r
45479b307e
helm: masq traffic to the mini-qemu-metadata container so that the join-service can retrieve it's metadata (#2782)
* helm: masq traffic to the mini-qemu-metadata container

* ci: fix waiting for nodes in miniconstellation e2e test
2024-01-02 14:33:03 +01:00
edgelessci
4d8f45cff6
image: update locked rpms (#2784)
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-31 13:42:45 +01:00
Thomas Tendyck
2895766d02 docs: mention TF provider more prominently 2023-12-30 15:44:11 +01:00
3u13r
07c884b945
ci: remove artifact encryption for public artifacts (#2776)
* ci: remove artifact encryption for public artifacts

* revert parts of  #2765

* ci: add unused action exception for encrypted artifact download
2023-12-29 11:02:37 +01:00
Adrian Stobbe
539e6eac48
ci: give exec permission to provider binaries (#2779) 2023-12-28 10:19:47 +01:00
Adrian Stobbe
903411edae
fix Terraform release zipping (#2778) 2023-12-27 17:43:57 +01:00
3u13r
2f10223682
terraform-provider: fix parsing api_server_cert_sans (#2758)
* tf: don't double quote cert sans

* tf: improve provider examples
2023-12-27 17:04:35 +01:00
edgelessci
2ce73c19dc
image: update locked rpms (#2773)
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-24 09:53:47 +01:00
Markus Rudy
130bed0eb2 ci: selectively remove artifact encryption 2023-12-22 17:50:40 +01:00
renovate[bot]
c8fc04d991
deps: update Kubernetes versions (#2762)
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-22 14:10:39 +01:00
Moritz Sanft
5871ff5508
ci: adhere to action restriction when uploading scorecard (#2771) 2023-12-22 13:13:20 +01:00
Adrian Stobbe
436e7c6d3b
terraform-provider: validate image and microservice version (#2766) 2023-12-22 10:24:13 +01:00
Daniel Weiße
519efe637d
constellation-lib: run license check in Terraform provider and refactor code (#2740)
* Clean up license checker code

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Create license check depending on init/upgrade actions

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Run license check in Terraform provider

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* fix license integration test action

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Run tests with enterprise tag

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Allow b64 encoding for license ID

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Update checker_enterprise.go

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-12-22 10:16:36 +01:00
Adrian Stobbe
ac1f322044
terraform-provider: only build as enterprise user (#2770)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-22 08:38:28 +01:00
Markus Rudy
837b24bf54
versions: generate k8s image patches (incl etcd) (#2764)
* versions: generate k8s image patches (incl etcd)
2023-12-21 20:56:55 +01:00
Daniel Weiße
8c1972c335
ci: fix artifact upload in image build pipeline (#2765)
* Fix parameter expansion when uploading multiple files
* On download, ensure target directory exists
* Rename encryption-secret -> encryptionSecret
* Remove incorrect secret access from e2e test action
* Add missing checkout action to workflows using our download action
* Fix spacing
* Fix upload action uploading whole directory structure instead of target files
* Explicitly give write permissions to Azure disk image, since permissions are no longer dropped on upload

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-21 19:28:18 +01:00
Malte Poll
66c0b581b2
ci: update bash on darwin to support newer bash features (#2672) 2023-12-21 18:12:07 +01:00
Daniel Weiße
6e4c0bd8aa
ci: fix artifacts download/upload for release draft workflow (#2759)
* Pin upload and download actions by hash
* Dont expect encrypted artifacts in release pipeline

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-21 15:52:58 +01:00
Daniel Weiße
945152d049
Revert "deps: update actions/download-artifact action to v4 (#2753)" (#2767)
This reverts commit b550c92ac9.
2023-12-21 15:44:40 +01:00
renovate[bot]
8644b958ea
deps: update actions/setup-go action to v5 (#2754)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 12:54:39 +01:00
renovate[bot]
37ec431fab
deps: update K8s dependencies (#2763)
* deps: update K8s dependencies

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-21 12:42:04 +01:00
renovate[bot]
b550c92ac9
deps: update actions/download-artifact action to v4 (#2753)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 08:44:52 +01:00
renovate[bot]
5999f9e3a1
deps: update cachix/install-nix-action action to v24 (#2757)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 08:43:44 +01:00
renovate[bot]
1409d4aa3f
deps: update dependency aspect_bazel_lib to v2.0.3 (#2751)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:10:49 +01:00
renovate[bot]
ced03202a9
deps: update fedora:38 Docker digest to 3f01c8f (#2749)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:07:20 +01:00
renovate[bot]
110bf9103d
deps: update Constellation containers (#2760)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:03:44 +01:00
renovate[bot]
dcf1b88a29
deps: update actions/checkout action to v4 (#2752)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 16:10:35 +01:00
renovate[bot]
d0cfd5590d
deps: update dependency cryptography to v41.0.6 [SECURITY] (#2657)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 16:04:15 +01:00
renovate[bot]
ec813b2102
deps: update golang:1.21.5 Docker digest to 1a9d253 (#2750)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 15:59:39 +01:00
renovate[bot]
4f374fbeb2
deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5 (#2748)
* deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-20 15:58:55 +01:00
Moritz Sanft
82e2875927
terraform-provider: add input validation (#2744)
* terraform-provider: add validation for `constellation_image`

* terraform-provider: add validation for `constellation_cluster`

* image: accept short path versions

* terraform-provider: correct error statement

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* terraform-provider: remove superfluous log statements

* terraform-provider: fix error assertion casing

* terraform-provider: remove superfluous semver check

* Update terraform-provider-constellation/internal/provider/shared_attributes.go

Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2023-12-20 15:56:48 +01:00