Daniel Weiße
90f3336c8e
deps: remove go.mod
files from submodules ( #2769 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-08 13:19:38 +01:00
Malte Poll
0dae7908a7
bazel: remove stale bash completion file
2024-01-08 10:44:38 +01:00
Malte Poll
362d07fc52
nix: allow dev setup via direnv
2024-01-08 10:44:38 +01:00
edgelessci
a23e838a01
image: update locked rpms ( #2802 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2024-01-08 08:52:52 +01:00
Moritz Eckert
2af34ceaf4
docs: update asciinema videos ( #2777 )
2024-01-08 07:35:48 +01:00
Moritz Sanft
d525be4a49
terraform: add module deprecation notice ( #2739 )
2024-01-07 22:44:08 +01:00
Malte Poll
c936ec510d
ci: reproducible builds test on artifacts v2 ( #2801 )
...
* ci: test download-artifacts@v4 for reproducible builds test
* ci: reproducible builds test: use unique artifact names and patterns
2024-01-05 16:57:21 +01:00
Markus Rudy
8e8e861d5f
ci: ignore Wireguard pdf in lychee ( #2797 )
...
* ci: use a config file for lychee
* ci: don't pass token to lychee action
* ci: ignore wireguard.pdf in lychee
2024-01-05 14:07:33 +01:00
Malte Poll
3a4f6ef9d1
bazel: use prebuilt Go toolchain (go.dev/dl) ( #2796 )
...
We had to switch to a Go toolchain from nixpkgs,
since prebuilt Go toolchain versions were not usable on NixOS.
Since Go 1.21, the prebuilt Go toolchain is statically linked
and works out of the box.
Reference: https://github.com/golang/go/issues/57007
2024-01-05 11:52:22 +01:00
Markus Rudy
c23aef344d
ci: don't export e2e metrics to OpenSearch ( #2794 )
...
* ci: don't export e2e metrics to OpenSearch
* debugd: don't export metrics
2024-01-05 10:15:53 +01:00
renovate[bot]
136a69e7c8
deps: update actions/setup-python action to v5 ( #2755 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-05 09:29:16 +01:00
edgelessci
cbf744a095
image: update measurements and image version ( #2795 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-05 09:27:11 +01:00
Adrian Stobbe
f41ce43919
terraform-provider: require kubernetes and microservice version ( #2791 )
2024-01-04 16:25:24 +01:00
3u13r
26a9639bcf
e2e: dynamically create rg resource group for minicon ( #2793 )
2024-01-04 16:01:57 +01:00
Adrian Stobbe
8730e72319
ci: e2e test for Terraform provider examples ( #2745 )
2024-01-04 10:00:21 +01:00
3u13r
15cc7b919b
Add pod disruption budgets so the cluster-autoscaler is able to move kube-admin namespaced resources ( #2781 )
...
* helm: refactor cilium helm values
* helm: add pod disruption budgets
2024-01-03 18:00:42 +01:00
3u13r
0167a4a286
helm: remove konnectivity agents ( #2790 )
2024-01-03 14:09:32 +01:00
edgelessci
3d8e548dcd
image: update measurements and image version ( #2789 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-01-03 13:08:45 +01:00
Adrian Stobbe
9826ab2e89
node-operator: fix setting Azure node image ( #2788 )
2024-01-03 12:12:16 +01:00
3u13r
45479b307e
helm: masq traffic to the mini-qemu-metadata container so that the join-service can retrieve it's metadata ( #2782 )
...
* helm: masq traffic to the mini-qemu-metadata container
* ci: fix waiting for nodes in miniconstellation e2e test
2024-01-02 14:33:03 +01:00
edgelessci
4d8f45cff6
image: update locked rpms ( #2784 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-31 13:42:45 +01:00
Thomas Tendyck
2895766d02
docs: mention TF provider more prominently
2023-12-30 15:44:11 +01:00
3u13r
07c884b945
ci: remove artifact encryption for public artifacts ( #2776 )
...
* ci: remove artifact encryption for public artifacts
* revert parts of #2765
* ci: add unused action exception for encrypted artifact download
2023-12-29 11:02:37 +01:00
Adrian Stobbe
539e6eac48
ci: give exec permission to provider binaries ( #2779 )
2023-12-28 10:19:47 +01:00
Adrian Stobbe
903411edae
fix Terraform release zipping ( #2778 )
2023-12-27 17:43:57 +01:00
3u13r
2f10223682
terraform-provider: fix parsing api_server_cert_sans
( #2758 )
...
* tf: don't double quote cert sans
* tf: improve provider examples
2023-12-27 17:04:35 +01:00
edgelessci
2ce73c19dc
image: update locked rpms ( #2773 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-24 09:53:47 +01:00
Markus Rudy
130bed0eb2
ci: selectively remove artifact encryption
2023-12-22 17:50:40 +01:00
renovate[bot]
c8fc04d991
deps: update Kubernetes versions ( #2762 )
...
* deps: update Kubernetes versions
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-22 14:10:39 +01:00
Moritz Sanft
5871ff5508
ci: adhere to action restriction when uploading scorecard ( #2771 )
2023-12-22 13:13:20 +01:00
Adrian Stobbe
436e7c6d3b
terraform-provider: validate image and microservice version ( #2766 )
2023-12-22 10:24:13 +01:00
Daniel Weiße
519efe637d
constellation-lib: run license check in Terraform provider and refactor code ( #2740 )
...
* Clean up license checker code
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Create license check depending on init/upgrade actions
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Run license check in Terraform provider
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* fix license integration test action
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Run tests with enterprise tag
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Allow b64 encoding for license ID
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Update checker_enterprise.go
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-12-22 10:16:36 +01:00
Adrian Stobbe
ac1f322044
terraform-provider: only build as enterprise user ( #2770 )
...
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-22 08:38:28 +01:00
Markus Rudy
837b24bf54
versions: generate k8s image patches (incl etcd) ( #2764 )
...
* versions: generate k8s image patches (incl etcd)
2023-12-21 20:56:55 +01:00
Daniel Weiße
8c1972c335
ci: fix artifact upload in image build pipeline ( #2765 )
...
* Fix parameter expansion when uploading multiple files
* On download, ensure target directory exists
* Rename encryption-secret -> encryptionSecret
* Remove incorrect secret access from e2e test action
* Add missing checkout action to workflows using our download action
* Fix spacing
* Fix upload action uploading whole directory structure instead of target files
* Explicitly give write permissions to Azure disk image, since permissions are no longer dropped on upload
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-21 19:28:18 +01:00
Malte Poll
66c0b581b2
ci: update bash on darwin to support newer bash features ( #2672 )
2023-12-21 18:12:07 +01:00
Daniel Weiße
6e4c0bd8aa
ci: fix artifacts download/upload for release draft workflow ( #2759 )
...
* Pin upload and download actions by hash
* Dont expect encrypted artifacts in release pipeline
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-21 15:52:58 +01:00
Daniel Weiße
945152d049
Revert "deps: update actions/download-artifact action to v4 ( #2753 )" ( #2767 )
...
This reverts commit b550c92ac9
.
2023-12-21 15:44:40 +01:00
renovate[bot]
8644b958ea
deps: update actions/setup-go action to v5 ( #2754 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 12:54:39 +01:00
renovate[bot]
37ec431fab
deps: update K8s dependencies ( #2763 )
...
* deps: update K8s dependencies
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-21 12:42:04 +01:00
renovate[bot]
b550c92ac9
deps: update actions/download-artifact action to v4 ( #2753 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 08:44:52 +01:00
renovate[bot]
5999f9e3a1
deps: update cachix/install-nix-action action to v24 ( #2757 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-21 08:43:44 +01:00
renovate[bot]
1409d4aa3f
deps: update dependency aspect_bazel_lib to v2.0.3 ( #2751 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:10:49 +01:00
renovate[bot]
ced03202a9
deps: update fedora:38 Docker digest to 3f01c8f ( #2749 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:07:20 +01:00
renovate[bot]
110bf9103d
deps: update Constellation containers ( #2760 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:03:44 +01:00
renovate[bot]
dcf1b88a29
deps: update actions/checkout action to v4 ( #2752 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 16:10:35 +01:00
renovate[bot]
d0cfd5590d
deps: update dependency cryptography to v41.0.6 [SECURITY] ( #2657 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 16:04:15 +01:00
renovate[bot]
ec813b2102
deps: update golang:1.21.5 Docker digest to 1a9d253 ( #2750 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 15:59:39 +01:00
renovate[bot]
4f374fbeb2
deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5 ( #2748 )
...
* deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-20 15:58:55 +01:00
Moritz Sanft
82e2875927
terraform-provider: add input validation ( #2744 )
...
* terraform-provider: add validation for `constellation_image`
* terraform-provider: add validation for `constellation_cluster`
* image: accept short path versions
* terraform-provider: correct error statement
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* terraform-provider: remove superfluous log statements
* terraform-provider: fix error assertion casing
* terraform-provider: remove superfluous semver check
* Update terraform-provider-constellation/internal/provider/shared_attributes.go
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2023-12-20 15:56:48 +01:00