Malte Poll
65903459a0
chore: fix unused parameter lint in new golangcilint version
2024-02-21 17:54:07 +01:00
renovate[bot]
cdd80a4f3f
deps: update dependency containernetworking/plugins to v1.4.0 ( #2896 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-02-21 17:42:48 +01:00
miampf
96c5980651
cli: collect debug logs in file ( #2906 )
2024-02-21 15:39:12 +00:00
Malte Poll
59faa2b692
attestation: add hardcoded OpenStack enterprise measurements
2024-02-21 13:31:32 +01:00
katexochen
70ff097e12
image: update measurements and image version
2024-02-21 08:49:20 +01:00
Malte Poll
a4d25646f5
deps: update to bazel 7
2024-02-20 12:50:13 +01:00
Malte Poll
75f16ce87b
image: upload OpenStack images to OpenStack
2024-02-19 18:16:45 +01:00
Malte Poll
6f9020d527
cli: use pre-uploaded image on OpenStack
...
Before, the terraform infrastructure code would upload an image on the fly.
Now, we upload images in advance and specify the image ID instead.
2024-02-19 18:16:45 +01:00
renovate[bot]
3b2da12781
deps: update Constellation containers ( #2919 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-19 16:14:05 +01:00
renovate[bot]
75f1c0b3e1
deps: update registry.k8s.io/autoscaling/cluster-autoscaler Docker tag to v1.27.5 ( #2761 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-16 13:26:59 +01:00
edgelessci
bc4d514fb1
image: update measurements and image version ( #2912 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-02-16 08:49:16 +01:00
Malte Poll
896f68c26d
helm: update edgelesssys cinder-csi-plugin
2024-02-15 12:35:15 +01:00
Malte Poll
92589a80e2
helm: update yawol
2024-02-15 12:35:15 +01:00
Daniel Weiße
f9442cecb1
helm: fix log formatting ( #2905 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-14 08:52:46 +01:00
edgelessci
6829c27178
image: update measurements and image version ( #2908 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-02-14 08:25:10 +01:00
Malte Poll
270497ef62
helm: move yawol into a separate release ( #2904 )
2024-02-12 14:26:22 +01:00
Malte Poll
b5e848a87e
terraform: provide required configuration for yawol on OpenStack
2024-02-12 13:13:48 +01:00
Malte Poll
bab27fbc69
openstack: remove unused code
2024-02-12 13:13:48 +01:00
Malte Poll
5b73d48bdd
helm: insert openstack secret for ccm ( #2897 )
2024-02-09 11:14:44 +01:00
katexochen
a89133ae81
image: update measurements and image version
2024-02-09 08:11:46 +01:00
miampf
54cce77bab
deps: convert zap to slog ( #2825 )
2024-02-08 14:20:01 +00:00
edgelessci
bd3eed8504
image: update measurements and image version ( #2895 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-02-07 08:19:43 +01:00
Moritz Sanft
901edd420b
terraform: remove cloud loggers ( #2892 )
...
* terraform: remove cloud logging apps
* internal/cloud: remove loggers
* bootstrapper: remove logging
* qemu-metadata-api: remove logging endpoint
* docs: add instructions on how to get boot logs
* bazel: tidy
* docs: fix typo
* cloud: remove unused types
* Update go.mod
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* bazel: tidy
* Update docs/docs/workflows/troubleshooting.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/troubleshooting.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/troubleshooting.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* docs: elaborate on how to get boot logs
* bazel: tidy
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2024-02-06 14:27:30 +01:00
Moritz Sanft
dde3430da8
terraform: support AWS marketplace images ( #2888 )
...
* terraform: support AWS marketplace images
* terraform-provider: support AWS marketplace images
* docs: add instructions on AWS marketplace images
* ci: adapt marketplace image test for AWS
* Update internal/config/config.go
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
* docs: update config
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* docs: update license information
* docs: use CSP tabs for marketplace overview
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/getting-started/marketplaces.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
---------
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2024-02-06 12:13:59 +01:00
Markus Rudy
c020f7ac20
cleanup: various minor debugging improvements ( #2889 )
...
* ci: improve constellation_create error message
When we hit a timeout due to nodes not coming up, the actual error
message is hard to make out because it's buried in a group. With the
right formatting, the error message will be highlighted in the UI.
Another improvement is to output the state of nodes, which helps
debugging the cause of nodes not joining or not becoming ready.
* cleanup: use NodeVersionResourceName constant
... instead of literal strings.
* ci: correctly notify on e2e upgrade error
* atls: report cert extension OIDs on mismatch
If the certificate contains an attestation document for SEV-SNP, but the
given validator is for Nitro, verifyEmbeddedReport should not claim that
there is no attestation document, but that there is no _compatible_ one
and what the incompatible ones were.
2024-02-02 16:46:28 +01:00
edgelessci
711b53d5c0
image: update measurements and image version ( #2886 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-02-02 09:10:12 +01:00
Adrian Stobbe
489e07677e
ref: pre v2.15 cleanup ( #2871 )
2024-01-29 21:32:37 +01:00
Moritz Eckert
2413356375
image: replicate to us-east-1 for aws marketplace ( #2870 )
2024-01-29 14:44:33 +01:00
edgelessci
6d4a8d594e
image: update measurements and image version ( #2866 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2024-01-29 11:27:13 +01:00
Malte Poll
e2e3935896
image: use different replication regions for SNP and TDX
2024-01-26 17:58:08 +01:00
Daniel Weiße
ecae1c8f9a
Fix default instanceType generation
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 17:06:28 +01:00
Markus Rudy
597a923a7f
cilium: performance fixes and reproducible images ( #2855 )
...
* helm: bump cilium version
* helm: patch Cilium chart version
2024-01-26 17:03:40 +01:00
Daniel Weiße
78b9b0fc96
terraform-provider: enable Azure TDX ( #2854 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-26 15:46:21 +01:00
edgelessci
49a806a874
image: update measurements and image version ( #2859 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-26 08:15:43 +01:00
Markus Rudy
9fb6c3216e
helm: remove kube-rbac-proxy ( #2849 )
2024-01-25 10:06:40 +01:00
Daniel Weiße
e350ca0f57
attestation: add Azure TDX attestation ( #2827 )
...
* Implement Azure TDX attestation primitives
* Add default measurements and claims for Azure TDX
* Enable Constellation on Azure TDX
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-24 15:10:15 +01:00
edgelessci
6ae59bb986
image: update measurements and image version ( #2848 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-24 08:22:48 +01:00
Malte Poll
c8ffba0366
measurements: update expected PCR[1] on GCP
2024-01-23 21:55:12 +01:00
Malte Poll
a2e2f0387c
measurements: correctly override validation options
2024-01-23 21:55:12 +01:00
3u13r
2a7a9dc2aa
helm: re-enable native routing for gcp ( #2842 )
2024-01-23 14:46:24 +01:00
Malte Poll
3a5753045e
goleak: ignore rules_go SIGTERM handler
...
rules_go added a SIGTERM handler that has a goroutine that survives the scope of the goleak check.
Currently, the best known workaround is to ignore this goroutine.
https://github.com/uber-go/goleak/issues/119
https://github.com/bazelbuild/rules_go/pull/3749
https://github.com/bazelbuild/rules_go/pull/3827#issuecomment-1894002120
2024-01-22 13:11:58 +01:00
edgelessci
3b02edcc48
image: update measurements and image version ( #2833 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-19 09:12:24 +01:00
edgelessci
2acbd10ef7
image: update measurements and image version ( #2831 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2024-01-17 18:55:10 +01:00
Malte Poll
b8933560be
image upload: use unique blob name for AWS images uploaded to S3 ( #2830 )
...
When uploading images to AWS, they need to be uploaded to S3 first.
Since blob names are not unique between attestation variants, there
was a possibility for one S3 upload to be used for the wrong AMI.
2024-01-17 17:09:07 +01:00
edgelessci
6259815869
image: update measurements and image version ( #2828 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-17 08:11:53 +01:00
Malte Poll
9d6321faa3
uplosi: use separate galleries for Azure TDX and TDX
2024-01-16 17:34:44 +01:00
Malte Poll
336ba6bc34
attestation: add Azure TDX variant
...
Only a stub for now.
2024-01-16 17:34:44 +01:00
Malte Poll
5063b815f1
config: allow Azure TDX instance types
2024-01-16 17:34:44 +01:00
Markus Rudy
e29ea77d23
helm: bump Cilium chart version ( #2822 )
...
* helm: bump Cilium chart version
* helm: generate Cilium chart
2024-01-16 14:49:24 +01:00
Malte Poll
b7bab7c3c8
image: replace "upload {aws|azure|gcp}" with uplosi
2024-01-15 13:53:15 +01:00
Malte Poll
fb392c2d50
image: add image uploader that uses uplosi in the background
...
This implementation will replace the custom Go code in
internal/osimage/{aws|azure|gcp} and still conforms to the same interface.
2024-01-15 13:53:15 +01:00
Malte Poll
181b8f64d2
image: add static (per-CSP) measurements during "measurement envelope"
...
This logic was previously performed in a GitHub Actions workflow
using yq.
Since every step should now be performed in Bazel, this now needs to happen here.
2024-01-15 13:53:15 +01:00
edgelessci
2fea43a320
image: update measurements and image version ( #2817 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-12 08:20:15 +01:00
Adrian Stobbe
baad7d8310
aws sev snp resolves latest version values on GetAttestationConfig ( #2810 )
2024-01-10 13:32:13 +01:00
edgelessci
c61507f220
image: update measurements and image version ( #2812 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-10 08:13:30 +01:00
Markus Rudy
ef6f63dc48
Fix various small things throughout the codebase ( #2800 )
...
* bootstrapper: remove obsolete log statement
* ci: simplify variable usage
Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>
* cli: add missing formatting directive
* helm: fix rm invocation
* ci: document reproducible-builds workflow
* constants: use variables for measurement files
* constants: use variables for CDN distribution ID
* ci: make Helm version explicit
* api: prettify versionsapi-list output
* ci: remove obsolete docstring
---------
Co-authored-by: Daniel Weiße <daniel-weisse@users.noreply.github.com>
2024-01-09 19:37:56 +01:00
3u13r
badcdcb764
deps: bump cilium to v1.15.0-pre.3-edg.1 ( #2808 )
2024-01-09 16:45:56 +01:00
renovate[bot]
bacb8ff886
deps: update AWS SDK ( #2809 )
...
* deps: update AWS SDK
* deps: fix AWS SDK upgrade breakage
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Markus Rudy <mr@edgeless.systems>
2024-01-09 16:18:33 +01:00
Malte Poll
a8bca88eeb
k8s: add 1.29, remove 1.26, default 1.28 ( #2803 )
...
undefined
2024-01-08 16:53:12 +01:00
Moritz Sanft
e691e26bd3
cli: support for GCP marketplace images ( #2792 )
...
* cli: support GCP marketplace images
* ci: support GCP marketplace images
* docs: support GCP marketplace images
* bazel: generate
* ci: allow GCP for mpi e2e test
* Update docs/docs/overview/license.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* terraform-provider: allow GCP MPIs
* terraform-provider: fix error message
---------
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2024-01-08 15:51:39 +01:00
Daniel Weiße
90f3336c8e
deps: remove go.mod
files from submodules ( #2769 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-01-08 13:19:38 +01:00
edgelessci
cbf744a095
image: update measurements and image version ( #2795 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2024-01-05 09:27:11 +01:00
3u13r
15cc7b919b
Add pod disruption budgets so the cluster-autoscaler is able to move kube-admin namespaced resources ( #2781 )
...
* helm: refactor cilium helm values
* helm: add pod disruption budgets
2024-01-03 18:00:42 +01:00
3u13r
0167a4a286
helm: remove konnectivity agents ( #2790 )
2024-01-03 14:09:32 +01:00
edgelessci
3d8e548dcd
image: update measurements and image version ( #2789 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-01-03 13:08:45 +01:00
3u13r
45479b307e
helm: masq traffic to the mini-qemu-metadata container so that the join-service can retrieve it's metadata ( #2782 )
...
* helm: masq traffic to the mini-qemu-metadata container
* ci: fix waiting for nodes in miniconstellation e2e test
2024-01-02 14:33:03 +01:00
renovate[bot]
c8fc04d991
deps: update Kubernetes versions ( #2762 )
...
* deps: update Kubernetes versions
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-22 14:10:39 +01:00
Adrian Stobbe
436e7c6d3b
terraform-provider: validate image and microservice version ( #2766 )
2023-12-22 10:24:13 +01:00
Daniel Weiße
519efe637d
constellation-lib: run license check in Terraform provider and refactor code ( #2740 )
...
* Clean up license checker code
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Create license check depending on init/upgrade actions
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Run license check in Terraform provider
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* fix license integration test action
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Run tests with enterprise tag
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Allow b64 encoding for license ID
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Update checker_enterprise.go
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-12-22 10:16:36 +01:00
Markus Rudy
837b24bf54
versions: generate k8s image patches (incl etcd) ( #2764 )
...
* versions: generate k8s image patches (incl etcd)
2023-12-21 20:56:55 +01:00
renovate[bot]
37ec431fab
deps: update K8s dependencies ( #2763 )
...
* deps: update K8s dependencies
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-12-21 12:42:04 +01:00
renovate[bot]
110bf9103d
deps: update Constellation containers ( #2760 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-20 18:03:44 +01:00
renovate[bot]
4f374fbeb2
deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5 ( #2748 )
...
* deps: update module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 to v5
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-12-20 15:58:55 +01:00
Markus Rudy
4ba483ec0e
versions: add Kubernetes image patches to components
2023-12-18 14:17:35 +01:00
Markus Rudy
b740a1a75b
versions: designate components for upgrades
2023-12-18 14:17:35 +01:00
Moritz Sanft
af791bd221
terraform-provider: add usage examples ( #2713 )
...
* terraform-provider: add usage example for Azure
* terraform-provider: add usage example for AWS
* terraform-provider: add usage example for GCP
* terraform-provider: update usage example for Azure
* terraform-provider: update generated documentation
* docs: adjust creation on Azure and link to examples
* terraform-provider: unify image in-/output (#2725 )
* terraform-provider: check for returned error when converting microservices
* terraform-provider: use state values for outputs after creation
* terraform-provider: ignore invalid upgrades (#2728 )
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-12-18 10:15:54 +01:00
Adrian Stobbe
88d626d302
feat: pin cert-manager image to sha256 checksum ( #2721 )
2023-12-18 09:28:50 +01:00
3u13r
183c564483
cilium: enable bpf masquerading ( #2723 )
...
* cilium: enable bpf masquerading
* cilium: also enable ipMasqAgent
* cilium: remove custom Azure masqing
2023-12-15 23:07:03 +01:00
3u13r
0111b6d718
deps: Update cert manager to 1.12.6 ( #2700 )
...
* deps: bump cert manager to 1.13.2
* helm: allow minor jump for cert-manager
2023-12-15 17:44:00 +01:00
Daniel Weiße
a1f67d0884
cli: fix upgrades when using outdated Kubernetes patch version ( #2718 )
...
* Fix missing image for Constellation operators in our Helm charts if the desired Kubernetes patch version is no longer supported (but Kubernetes upgrades are skipped)
* Correctly unmarshal Kubernetes Components list if the list uses an old format
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-15 15:45:52 +01:00
Adrian Stobbe
9667dfff58
terraform: align infrastructure module attributes ( #2703 )
...
* all vars have snail_case
* make iam schema consistent
* infrastructure schema
* terraform: update AWS infrastructure module
* fix ci
* terraform: update AWS infrastructure module
* terraform: update AWS IAM module
* terraform: update Azure Infrastructure module inputs
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: update Azure IAM module
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: update GCP infrastructure module
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: update GCP IAM module
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: update OpenStack Infrastructure module
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: update QEMU Infrastructure module
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-module: fix input name
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: tidy
* cli: ignore whitespace in Terraform variable tests
* terraform-module: fix AWS output names
* terraform-module: fix output references
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: rename `api_server_cert_sans`
* Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* fix self-managed
* terraform: revert AWS modules output file renaming
* terraform: remove duplicate varable declaration
* terraform: rename Azure location field
* ci: adjust output name in self-managed e2e test
* e2e: continuously print output in upgrade test
* e2e: write to output variables
* cli: migrate IAM variable names
* cli: make `location` field optional
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-12-15 10:36:58 +01:00
edgelessci
6f6f28b8cc
image: update measurements and image version ( #2722 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-15 08:18:25 +01:00
edgelessci
2c50abcc91
image: update measurements and image version ( #2720 )
...
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-12-14 19:35:40 +01:00
Markus Rudy
ae00b0a198
installer: add support for data URLs
...
RFC 015 proposes the introduction of data URLs to materialize static
content to files on disk. This commit adds support for data URLs to the
installer. The corresponding content will be added to versions.go in a
subsequent commit.
2023-12-13 09:35:19 +01:00
edgelessci
8d8853ef31
image: update measurements and image version ( #2711 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-13 09:23:38 +01:00
3u13r
53516c105b
Revert "helm: deprioritize Cilium tc filters" ( #2709 )
...
This reverts commit a3de1d95d9
.
2023-12-12 16:56:41 +01:00
Moritz Sanft
367136add2
terraform-provider: support importing Constellation clusters ( #2702 )
...
* terraform-provider: support importing Constellation clusters
* bazel: shfmt exclusion for import script
* ci: fix godot check
* bazel: shellcheck exclusion for import script
* Update dev-docs/workflows/terraform-provider.md
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* ci: fix Terraform lock exclude directories
---------
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2023-12-12 16:00:03 +01:00
Daniel Weiße
d08e75bf9c
constellation-lib: fix incorrect encoding and ordering of Init response ( #2708 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-12 15:01:56 +01:00
Moritz Sanft
60fc73e0e7
terraform-provider: implement constellation_cluster
resource ( #2691 )
...
* terraform: move module to legacy-directory
* constellation-lib: refactor service account marshalling
* terraform-provider: normalize Azure image URIs
* constellation-lib: refactor Kubeconfig endpoint rewriting
* terraform-provider: add conversion functions for AWS and GCP
* terraform-provider: implement `constellation_cluster` resource
* terraform-provider: refactor conversion
* terraform-provider: implement image and k8s upgrades
* terraform-provider: fix linter checks
* terraform-provider: refactor to bundle init & upgrade method
* constellation-lib: rewrite Kubeconfig endpoint in init
* terraform-provider: bind logger and dialer constructors to struct
* terraform-provider: move applier to function pointer
* terraform-provider: gcp conversion fixes
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix Azure UAMI input
* terraform-provider: rename Kubeconfig variable
* terraform-provider: tidy
* terraform-provider: regenerate docs
* constellation-lib: provide Kubeconfig in testing initserver
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-12-11 15:55:44 +01:00
Markus Rudy
767bac4766
installer: fix old-style Components references
2023-12-11 15:13:00 +01:00
Markus Rudy
138057a2ee
installer: make hash checking optional
2023-12-11 14:28:19 +01:00
Markus Rudy
a1dbd13f95
versions: consolidate various types of Components
...
There used to be three definitions of a Component type, and conversion
routines between the three. Since the use case is always the same, and
the Component semantics are defined by versions.go and the installer, it
seems appropriate to define the Component type there and import it in
the necessary places.
2023-12-11 14:26:54 +01:00
Moritz Sanft
6ff321364d
terraform: fix Azure marketplace image defaults ( #2692 )
...
* config: default to false instead of null for Azure marketplace image
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: make Azure marketplace image default to null
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-12-11 08:15:47 +01:00
Daniel Weiße
272584a34c
constellation-lib: move state and featureset packages ( #2682 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-08 16:27:04 +01:00
Moritz Sanft
c15e4efef6
terraform: Azure Marketplace image support ( #2651 )
...
* terraform: add Azure marketplace variable
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* config: add Azure marketplace variable
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* cli: use Terraform variables from config
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: pass down marketplace variable
* image: pad Azure images to 1GiB
* terraform: add version attribute to marketplace image
* semver: allow versions to be exported without prefix
* cli: boolean var to use marketplace images
* config: remove dive key
* dev-docs: add instructions on how to use marketplace images
* terraform: fix unit test
* terraform: only fetch image for non-marketplace images
* mpimage: refactor image selection
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* [remove] increase minor version for image build
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform: ignore changes to source_image_reference on upgrade
* operator: add support for parsing Azure marketplace images
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* upgrade: fix imagefetcher call
* docs: add info about azure marketplace
* image: ensure more than 1GiB in size
* image: test to pad to 2GiB
* version: change back to v2.14.0-pre
* image: GPT-conformant image size padding
* [remove] increase version
* mpimage: inline prefix func
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* ci: add marketplace image e2e test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* [remove] register workflow
* ci: fix workflow name
* ci: only allow azure test
* cli: add marketplace image input to interface
* cli: fix argument passing
* version: roll back to v2.14.0
* ci: add force-flag support
* Update docs/docs/overview/license.md
* Update dev-docs/workflows/marketplace-images.md
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-12-08 14:40:31 +01:00
Malte Poll
a87fd7607f
deps: update Kubernetes versions
2023-12-08 13:59:51 +01:00
edgelessci
b92635a0f0
image: update measurements and image version ( #2687 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-08 11:22:48 +01:00
edgelessci
ac056ae010
image: update measurements and image version ( #2681 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-12-07 09:10:28 +01:00
Daniel Weiße
b7425db72a
constellation-lib: add Helm wrapper ( #2680 )
...
* Add Helm wrapper to constellation-lib
* Move helm package to constellation-lib
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-06 10:01:39 +01:00
Daniel Weiße
3691defce7
constellation-lib: move kubecmd
package usage ( #2673 )
...
* Reduce external dependencies of kubecmd package
* Add kubecmd wrapper to constellation-lib
* Update CLI code to use constellation-lib
* Move kubecmd package to subpackage of constellation-lib
* Initialise helm and kubecmd clients when kubeConfig is set
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-05 16:23:31 +01:00