renovate[bot]
b49ca67add
deps: update alpine Docker tag to v3.17.3 ( #1558 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 15:36:57 +02:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target ( #1554 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 14:47:29 +02:00
Moritz Sanft
1f7acf8dfb
docs: list minimal permissions for Constellation setup ( #1442 )
...
* add required Azure perms
* add minimal aws permissions
* add minimal gcp permissions
* [wip] split Azure perms by iam create/create step
* Update docs/docs/getting-started/install.md
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* Update docs/docs/getting-started/install.md
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* minimal gcp permissions for iam create/create step
* escape footnote bracket
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* active voice
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* link to config step
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* add predefined roles for Azure
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* add AWS and GCP predefined min roles
* add Azure attestationprovider perm
* footnote for attestation mode
* Update docs/docs/getting-started/install.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* accept superset
* fix negation
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
* update footnote
---------
Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-30 10:16:57 +02:00
Otto Bittner
ef5d64b170
ci: set correct fromVersion in upgrade test ( #1535 )
2023-03-30 09:46:41 +02:00
Malte Poll
827c4f548d
bazel: deps mirror ( #1522 )
...
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.
It also normalizes deps rules.
* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
d3e2f30f7b
ci: fix diff check in tidy workflow
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
d7fafb92b7
bazel: improve script template resilience
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274
bazel: add go generate to //:generate target
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
130112688c
bazel: add stringer
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
81acdecd22
bazle: manage 3rdparty/node-maintainance-operator
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
8bbadecf2f
bazel: add docgen tool
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Nils Hanke
eaa5949e31
versionsapi: Split GCP image URI to extract the image name
2023-03-29 17:26:03 +02:00
renovate[bot]
b99816cc66
deps: update alpine Docker tag to v3.17.2 ( #1552 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:43:50 +02:00
renovate[bot]
f0fc655365
deps: update golang.org/x/vuln digest to 9550759 ( #1550 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:43:24 +02:00
renovate[bot]
b12858660e
deps: update github.com/gophercloud/utils digest to 05e9e7f ( #1549 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:42:34 +02:00
Daniel Weiße
eed533932e
rfc: attestation config options ( #1436 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-03-29 14:58:57 +02:00
renovate[bot]
96cdf108e4
deps: update golang:1.20.2 Docker digest to 2101aa9 ( #1551 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 14:56:55 +02:00
renovate[bot]
c8625f4672
deps: update gcr.io/distroless/static:nonroot Docker digest to 149531e ( #1548 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 14:56:29 +02:00
renovate[bot]
6013665de1
deps: update gcr.io/distroless/static Docker digest to 8d4cc4a ( #1547 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 14:56:07 +02:00
miampf
c1dbf0561a
feat: added journald collection package to bootstrapper internal packages
2023-03-29 14:45:13 +02:00
Malte Poll
2a8169dd3b
ci: use bazel repository cache for tidy checks ( #1525 )
2023-03-29 14:13:51 +02:00
Daniel Weiße
fc0efb6309
config: deprecate confidentialVM option for Azure clusters in favor of using attestationVariant option ( #1539 )
...
* Remove confidentialVM option from azure provider config
* Fix cloudcmd creator test
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-29 14:04:37 +02:00
Nils Hanke
1b832ac959
atls: fix link in README.md ( #1545 )
...
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-03-29 13:33:19 +02:00
Thomas Tendyck
091fe3e2d7
measurements: compare to constants for clarity
2023-03-29 12:03:29 +02:00
renovate[bot]
83e6b4d64d
deps: update Constellation containers ( #1504 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 11:31:26 +02:00
edgelessci
8f21e1d85c
deps: update apk package hashes ( #1528 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 11:29:20 +02:00
Daniel Weiße
b57413cfa7
cli: set cluster's initial measurements from user's config using Helm ( #1540 )
...
* Remove using measurements from the initial control-plane node for the cluster's initial measurements
* Add using measurements from the user's config for the cluster's initial measurements to align behavior with upgrade command
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-29 11:16:56 +02:00
Thomas Tendyck
6fabb2a84b
docs: rearrange troubleshooting
2023-03-29 10:57:17 +02:00
Otto Bittner
7520d31467
docs: update govulncheck badge to new workflow ( #1531 )
...
govulncheck was integrated into the bazel check target
2023-03-29 10:26:45 +02:00
Daniel Weiße
99b12e4035
internal: refactor oid package to variant package ( #1538 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-29 09:30:13 +02:00
Daniel Weiße
db5660e3d6
attestation: add context to Issue and Validate methods ( #1532 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-29 09:06:10 +02:00
Paul Meyer
7c27d67953
go: clean work file ( #1537 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-28 18:15:42 +02:00
Nils Hanke
8e8124345b
bootstrapper: return error on context cancel in WaitForCilium ( #1534 )
2023-03-28 14:41:17 +02:00
Otto Bittner
ccb31c9570
docs: add CDN cache invalidation to release docs ( #1536 )
2023-03-28 13:50:27 +02:00
3u13r
e934e1cbc8
exclude node modules from shellcheck ( #1514 )
2023-03-28 13:38:20 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target ( #1512 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target ( #1509 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 10:42:30 +02:00
Otto Bittner
da4e2521a9
ci: don't statically set PCR 5 ( #1521 )
...
This value can't be statically precomputed and leads to
warnings during runtime.
2023-03-24 17:08:39 +01:00
Otto Bittner
861bc84f94
cli: only apply upgrades on gcp/azure ( #1518 )
...
The constellation-operator currently doesn't support the
necessary operations for AWS, OpenStack and QEMU.
2023-03-24 17:07:14 +01:00
derpsteb
870182987c
docs: update cli reference
2023-03-24 08:47:53 +01:00
renovate[bot]
52e85862b0
deps: update AWS SDK ( #1508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:40:06 +01:00
renovate[bot]
9b0ffa2737
deps: update io_bazel_rules_go digest to ea3cc4f ( #1488 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-23 18:33:55 +01:00
Paul Meyer
e7fc541a57
bazel: add buf as protobuf formatter to //:tidy ( #1511 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:08:49 +01:00
Otto Bittner
55067b12cd
docs: explain how to change cluster measurements
...
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-23 18:08:18 +01:00
Otto Bittner
bb2b5e1bd1
cli: allow users to only upgrade measurements
...
In case only measurements are upgrades a confirmation is required.
Alternatively, the `yes` flag can be used.
2023-03-23 18:08:18 +01:00
3u13r
c21b32d440
fix measurement generator ( #1510 )
2023-03-23 17:44:30 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target ( #1494 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:27:09 +01:00
Paul Meyer
e92c08be31
bazel: use export_files instead of genrule ( #1506 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:26:48 +01:00
Paul Meyer
41b966156b
deps: update bazel to v6.1.0
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 12:20:36 -04:00
Moritz Eckert
feb23ea3da
ci: add unittests for the benchmark actions ( #1466 )
...
Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
2023-03-23 17:04:55 +01:00