Otto Bittner
a0ac957227
versions: update join- & keyservice images
2023-01-19 13:14:55 +01:00
Otto Bittner
9a1f52e94e
Refactor init/recovery to use kms URI
...
So far the masterSecret was sent to the initial bootstrapper
on init/recovery. With this commit this information is encoded
in the kmsURI that is sent during init.
For recover, the communication with the recoveryserver is
changed. Before a streaming gRPC call was used to
exchanges UUID for measurementSecret and state disk key.
Now a standard gRPC is made that includes the same kmsURI &
storageURI that are sent during init.
2023-01-19 13:14:55 +01:00
renovate[bot]
90ea35ae35
Update Constellation containers to v2.5.0-pre.0.20230118154955-632090c21b93 ( #1014 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-18 17:28:04 +01:00
renovate[bot]
41eb533d63
Update Constellation containers ( #1003 )
...
https://github.com/edgelesssys/constellation/actions/runs/3943576556/jobs/6748558235
2023-01-18 09:44:36 +01:00
renovate[bot]
bbda3d1ecd
Update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.25.2 ( #979 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:10:26 +01:00
renovate[bot]
a3035167b6
Update Constellation containers ( #965 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:59:49 +01:00
Otto Bittner
89f075d490
versions: rename KmsImage to KeyServiceImage
2023-01-16 15:14:23 +01:00
Paul Meyer
42135dfdd6
versions: update container images to v2.5.0-pre
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:54:41 +01:00
Otto Bittner
90b88e1cf9
kms: rename kms to keyservice
...
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00
Malte Poll
bcd8aa9acc
Use upstream node-maintenance-operator ( #115 )
2023-01-12 16:01:03 +01:00
Paul Meyer
4bc191e434
versions: move hash generator into own package
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:29:32 +01:00
Paul Meyer
c081664d03
versions: repair hash generation
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:29:32 +01:00
renovate[bot]
d24fac00f0
Update Constellation containers ( #884 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-09 13:15:28 +01:00
Leonard Cohnen
3637909a46
internal: move components into their own package
2023-01-09 12:16:54 +01:00
Paul Meyer
49534d463d
deps: update cluster autoscaler ( #835 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 16:47:31 +01:00
renovate[bot]
8b11a18239
Update K8s constrained Azure versions ( #886 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 14:15:16 +01:00
renovate[bot]
f99a3189d8
Update K8s constrained versions ( #799 )
...
* Update K8s constrained versions
* Update azure images to v1.26
* Revert upgrade for k8s v1.23
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 10:40:37 +01:00
Paul Meyer
afbd4a3dc1
deps: upgrade AWS cloud controller manager ( #863 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 16:35:19 +01:00
renovate[bot]
7eae68d4f9
Update Constellation containers
2023-01-05 15:43:11 +01:00
Leonard Cohnen
25c3a8a1f3
init: add cluster version to kubernetes components
2023-01-05 14:52:09 +01:00
renovate[bot]
9c71145862
Update K8s version independent containers to v0.0.35 ( #872 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 13:26:55 +01:00
renovate[bot]
cf3169cf44
Update Constellation containers ( #854 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 08:14:57 +01:00
renovate[bot]
324ef42c42
Update Constellation containers ( #852 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-03 12:30:07 +01:00
Paul Meyer
de6ee412ac
deps: update AWS cloud controller manager
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-03 12:14:16 +01:00
Leonard Cohnen
4b43311fbd
bump microservice versions
2023-01-03 11:51:29 +01:00
renovate[bot]
8ddc8cdb65
Update dependency kubernetes-sigs/cri-tools to v1.26.0
2022-12-16 10:43:33 +01:00
renovate[bot]
7ffbad12be
Update Constellation containers to v2.3.0-pre.0.20221212170906-a77f38efbb31 ( #779 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-14 10:46:15 +01:00
Paul Meyer
c741ccfb4b
kubernetes: use new registry
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Paul Meyer
6862c2587f
kubernetes: add v1.26, default to v1.25
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-13 16:08:19 +01:00
Malte Poll
c3b657de01
Bump version to v2.3.0
2022-12-12 17:45:35 +01:00
renovate[bot]
5eae12778a
Update Constellation containers ( #777 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-09 18:45:09 +01:00
renovate[bot]
012f739c67
Update Constellation containers ( #759 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 16:32:58 +01:00
renovate[bot]
72ba97efcc
Update K8s constrained versions ( #762 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:17:55 +01:00
renovate[bot]
3435ac216f
Update Constellation containers ( #748 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-08 11:38:05 +01:00
renovate[bot]
bb9122f115
Update Constellation containers to v2.3.0-pre.0.20221207104854-286803fb97a0 ( #747 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-07 15:12:04 +01:00
renovate[bot]
be01cf7129
Update Constellation containers to v2.3.0-pre.0.20221206170532-a9ed8c0191ac ( #733 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 10:44:45 +01:00
Paul Meyer
cb734a2e66
debugd: pin logcollector container digest
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:05:32 +01:00
renovate[bot]
1766f0e4b3
Update Constellation containers to v2.3.0-pre.0.20221205155634-0981ab6fa45b ( #725 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 13:29:54 +01:00
renovate[bot]
0981ab6fa4
Update Constellation containers to v2.3.0-pre.0.20221205121645-176dae317f6c ( #719 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:56:34 +01:00
Paul Meyer
176dae317f
debugd: fix logcollector container image naming
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 13:16:45 +01:00
Paul Meyer
226a6b6626
debugd: let renovate manage logcollector images
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:54:24 +01:00
renovate[bot]
3c62b841ed
Update Constellation containers ( #705 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:48:03 +01:00
Leonard Cohnen
0c71cc77f6
joinservice: use configmap for k8s components
2022-12-02 14:34:38 +01:00
renovate[bot]
de77f1d9be
Update ghcr.io/edgelesssys/constellation/qemu-metadata-api Docker tag to v2.3.0-pre.0.20221201105133-8004edcc144d ( #700 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 18:49:02 +01:00
Malte Poll
e67f65709f
Prepare release checklist for v2.3 ( #690 )
2022-12-01 10:46:04 +01:00
renovate[bot]
da114519ca
Update Constellation containers ( #693 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 08:07:09 +01:00
Leonard Cohnen
7e57944cc0
versions: bump qemu metadata image
2022-11-30 18:58:22 +01:00
renovate[bot]
016f7a67c2
Update Constellation containers to v2.3.0-pre.0.20221130104839-9537fb73c015 ( #684 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:53:58 +01:00
Paul Meyer
b93b24e058
debugd: add logcollector
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
renovate[bot]
8fbc4b9b19
Update ghcr.io/edgelesssys/constellation/node-operator Docker tag to v2.3.0-pre.0.20221129130129-a32f9ae75290 ( #671 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:34:57 +01:00
renovate[bot]
e2673cac29
Update Constellation containers ( #663 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 13:46:13 +01:00
Leonard Cohnen
c978329839
helm: fix expected helm charts
2022-11-27 16:43:50 +01:00
renovate[bot]
a3661d6c07
Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7 ( #652 )
...
* Update Constellation containers to v2.3.0-pre.0.20221125110824-89b25f8ebbd7
* Update node operator and add hashes back for every container image
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-25 15:17:58 +01:00
renovate[bot]
0b85709dd2
Update Constellation containers to v2.3.0-pre.0.20221124095758-f8001efbc0d0
2022-11-24 13:52:44 +01:00
renovate[bot]
8ce954e012
Update Constellation containers to v2.3.0-pre.0.20221123084142-3dc9c6086469 ( #636 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-24 09:22:49 +01:00
Leonard Cohnen
1e98b686b6
kubernetes: verify Kubernetes components
2022-11-23 10:48:03 +01:00
renovate[bot]
bc346805aa
Update Constellation containers to v2.3.0-pre.0.20221121163101-1362e40f53ad ( #615 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 12:39:50 +01:00
renovate[bot]
a5aa820d8c
Update Constellation containers ( #602 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-21 11:23:06 +01:00
Otto Bittner
bdd9dd922b
AB#2589: Deploy operators via Helm ( #575 )
...
* Only deploy operators on GCP/Azure.
* cert-manager is now deployed by default (GCP/Azure)
* remove OLM
2022-11-21 10:35:40 +01:00
Fabian Kammel
56dccb77b4
Merge back changes from v2.2.2 release ( #580 )
...
* prepare v2.2.2 release and update release.md
* Updated QEMU measurements
* Terraform GCP: Always use the local account for resource creation (#571 )
* CoreOS is no longer used, change docs to OS.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-18 10:24:45 +01:00
Fabian Kammel
ca4764c466
Merge v2.2.1 changes back to main ( #563 )
...
* Bump version to v2.2.0
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Fix release detection in pipeline
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Update CHANGELOG for 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* bump constellation versions to 2.2.1
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-11-16 11:13:10 +01:00
Leonard Cohnen
c51694a51a
kubernetes: add hashes to components
2022-11-15 11:07:46 +01:00
renovate[bot]
df0c6159db
Update K8s constrained versions
2022-11-14 09:33:42 +01:00
Fabian Kammel
b92b3772ca
Remove access manager ( #470 )
...
* remove access manager from code base
* document new node ssh workflow
* keep config backwards compatible
* slow down link checking to prevent http 429
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-11 08:44:36 +01:00
renovate[bot]
c6f4b2e1a0
Update Constellation containers to v2.3.0-pre.0.20221109145754-0d12e37c9699 ( #497 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 18:17:31 +01:00
Fabian Kammel
0d12e37c96
Document exported funcs,types,interfaces and enable check. ( #475 )
...
* Include EXC0014 and fix issues.
* Include EXC0012 and fix issues.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-11-09 15:57:54 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ( #479 )
...
* Bump version to v2.2.0
* Update changelog
* Fix release detection in pipeline
* Fix PKI selection in pipeline
* Set enforced measurements for AWS
* Update default images
* Fix release docs
* Update mini-con defaults
* Fix measurements action
* Fix syft env variable naming
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
renovate[bot]
9ecc92e35f
Update dependency kubernetes-sigs/cri-tools to v1.25.0 ( #458 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-04 17:38:52 +01:00
3u13r
4f4cd4cc67
bump verify image 20221104 ( #459 )
2022-11-04 13:56:19 +01:00
Leonard Cohnen
6fce8f77d3
join-service: bump image for AWS support
2022-11-03 16:44:54 +01:00
renovate[bot]
302303f2ea
Update K8s constrained versions ( #428 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-02 13:28:41 +01:00
Leonard Cohnen
8f8236a491
bump verification service
2022-10-31 17:00:14 +01:00
renovate[bot]
116736a7b9
Update Constellation containers ( #402 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-31 11:00:36 +01:00
renovate[bot]
fd74ef754e
Update K8s version constrained containers (missing v1 prefix) ( #399 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-31 10:34:12 +01:00
Malte Poll
caadd50056
Use renovate to update versions.go ( #388 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 15:01:58 +02:00
Malte Poll
447f0bbf39
Add AWS CCM versions
2022-10-26 15:07:34 +02:00
Malte Poll
c1e3231848
Preinstall kubelet systemd unit in OS images ( #365 )
2022-10-25 16:36:03 +02:00
Daniel Weiße
6fe750f21b
Update operator image
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-25 08:41:42 +02:00
Daniel Weiße
b35b74b772
Use tags for UID and role parsing ( #242 )
...
* Apply tags to all applicable GCP resources
* Move GCP UID and role from VM metadata to labels
* Adjust Azure tags to be in line with GCP and AWS
* Dont rely on resource name to find resources
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-24 16:58:21 +02:00
Malte Poll
8ef1400810
Upgrade libvirt container image ( #348 )
2022-10-24 10:32:37 +02:00
Malte Poll
c16f5a976d
AB#2365 Upgrade k8s base deployments (add full support for k8s 1.25) ( #277 )
...
* Add container image release for CCM GCP v25.2.0
* Upgrade versions of kubernetes base components
2022-10-17 08:58:13 +02:00
katexochen
263c700e73
Update operator version
2022-10-13 16:38:35 +02:00
katexochen
87adf66708
Update qemu image
2022-10-10 13:43:15 +02:00
katexochen
eb340c1e1f
Build microservices on release branch
2022-10-10 13:43:15 +02:00
Daniel Weiße
0edae36e43
AB#2426 Mini Constellation ( #198 )
...
* Mini Constellation commands to quickly deploy a local Constellation cluster
* Download libvirt container image if not present locally
* Fix libvirt KVM permission issues by creating kvm group using host GID inside container
* Remove QEMU specific values from state file
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
2022-10-07 09:38:43 +02:00
katexochen
4ccd96bf64
Pin container image hashes
2022-10-06 19:16:20 +02:00
katexochen
884c46179a
Bump konnectivity version
2022-10-06 19:16:20 +02:00
katexochen
bede530de7
Bump k8s versions
2022-10-06 19:16:20 +02:00
katexochen
9edfc2f6ba
Move k8s version window up
2022-10-06 19:16:20 +02:00
Fabian Kammel
369480a50b
Feat/revive ( #212 )
...
* enable revive as linter
* fix var-naming revive issues
* fix blank-imports revive issues
* fix receiver-naming revive issues
* fix exported revive issues
* fix indent-error-flow revive issues
* fix unexported-return revive issues
* fix indent-error-flow revive issues
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-05 15:02:46 +02:00
Daniel Weiße
acdcb535c0
AB#2444 Verify Azure trusted launch attestation keys ( #203 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-04 16:44:44 +02:00
katexochen
a60e76e91f
Upgrade operator version
2022-09-30 17:51:49 +02:00
katexochen
6401c345f0
Upgrade node operator
2022-09-20 14:41:54 +02:00
Leonard Cohnen
2d8f2af91b
prepare release v2.0.0
2022-09-12 19:03:01 +02:00
Nils Hanke
c51dec6d00
Use distroless images for JoinService & KMS
2022-09-09 18:11:33 +02:00
Malte Poll
b8b169c93d
Bump node-operator ( #114 )
2022-09-09 17:33:55 +02:00
Leonard Cohnen
7163c161b6
Deploy Konnectivity
2022-09-09 17:26:02 +02:00
Malte Poll
50acded80b
Bump join service ( #79 )
2022-09-05 17:23:11 +02:00
Malte Poll
c1185241bb
temporarily upgrade join-service
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-09-05 16:57:28 +02:00
Malte Poll
c38a142d64
Kubernetes 1.25 preview
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-09-05 16:57:28 +02:00