Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,306 Commits 133 Branches 44 Tags 106 MiB
a54b59ab25
Commit Graph

17 Commits

Author SHA1 Message Date
Moritz Sanft
5c3a7a5580
image: update to Fedora 40 (#3104) 
* deps: upgrade OS to Fedora 40

* image: measure uki sections uname and sbat for systemd >= 254

* deps: update mainline kernel for Fedora 40

* image: update kernel to 6.6.30

* image: update upload docs

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
 2024-05-16 09:10:09 +02:00
Malte Poll
18acd0b12a
deps: update go-uefi and use new authenticode package (#2873) 2024-02-05 12:06:48 +01:00
Malte Poll
3a5753045e goleak: ignore rules_go SIGTERM handler 
rules_go added a SIGTERM handler that has a goroutine that survives the scope of the goleak check.
Currently, the best known workaround is to ignore this goroutine.

https://github.com/uber-go/goleak/issues/119
https://github.com/bazelbuild/rules_go/pull/3749
https://github.com/bazelbuild/rules_go/pull/3827#issuecomment-1894002120
 2024-01-22 13:11:58 +01:00
Malte Poll
4fe51cd5f4
image: use dissect from nix (#2558) 2023-11-06 17:50:21 +01:00
Malte Poll
e93de82c0b
image: use systemd-dissect from the host when calculating measurements (#2473) 
* image: use systemd-dissect from the host when calculating measurements

* ci: setup bazel and nix toolchains before merging os image measurements
 2023-10-17 13:26:07 +02:00
Malte Poll
d22f53d7cc bazel: always use nix 2023-10-12 14:42:24 +02:00
Malte Poll
f6d9f91877 image: reimplement and adapt measurement generation in Go 2023-09-27 17:58:19 +02:00
Malte Poll
cb6cc8df22
image: fix pcr 12 calculation (#1706) 
Kernel cmdline embedded in UKIs had no null terminator before. With newer versions of mkosi, it is already null-terminated so we shouldn't null terminate it twice.
 2023-05-02 12:01:30 +02:00
Paul Meyer
7ab23c28b8 Revert "misc: replace sha256sum with shasum -a 256 (#1681)" 
This reverts commit ec1d5e9fb5.

While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
 2023-05-02 11:07:05 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 (#1681) 2023-04-26 13:40:18 +02:00
Malte Poll
67be4016f5 ci: generate signed measurements for QEMU 2023-01-12 13:24:07 +01:00
Malte Poll
29ff6cb786 Move hardcoded all zero PCR[12] to PCR[8] 2022-11-22 11:37:53 +01:00
Malte Poll
74aabe86fa Move PCR[8] -> PCR[12] 2022-11-18 10:37:45 +01:00
Malte Poll
cdaf1fc476
OS Image Build pipeline: prepare lookup tables and additional artifacts (#560) 2022-11-16 15:45:10 +01:00
Paul Meyer
106b738fab ci: format shellscripts 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 15:53:57 +01:00
Paul Meyer
7aa7492474 Fix shellcheck warnings 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2022-11-11 13:40:13 +01:00
Malte Poll
35e2267cf9 Move mkosi folder to old image folder location 2022-10-21 11:04:25 +02:00