Commit Graph

1822 Commits

Author SHA1 Message Date
Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover (#845)
* AB#2256 Add recover e2e test

* AB#2256 move test & fix minor objections

* AB#2256 fix path

* AB#2256 rename hacky filename
2023-01-19 10:41:07 +01:00
Paul Meyer
2cee7cb454 ci: run CodeQL only on Go/Python changes
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 10:34:36 +01:00
renovate[bot]
076909f645
Update module github.com/medik8s/node-maintenance-operator to v0.14.0 (#1023)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-19 10:27:09 +01:00
Moritz Sanft
88bbfb2065
docs: add docs for automatic config filling of iam values (#1000)
* AB#2821 iam config filling docs

* AB#2821 rephrasing
2023-01-19 10:24:58 +01:00
Moritz Sanft
df0fe7178c
Adapt to new measurements format (#999) 2023-01-19 10:14:10 +01:00
Nils Hanke
2c6a3c398f ci: remove unnecessary checkout 2023-01-18 18:53:29 +01:00
Nils Hanke
b52c917dc6 ci: downgrade Syft to 0.65.0 2023-01-18 18:53:29 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action (#1011) 2023-01-18 17:33:10 +01:00
renovate[bot]
90ea35ae35
Update Constellation containers to v2.5.0-pre.0.20230118154955-632090c21b93 (#1014)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-18 17:28:04 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies (#1007)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:04:46 +01:00
Paul Meyer
8e18c7012c ci: install shellcheck using the action
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:02:40 +01:00
3u13r
632090c21b
azure: allow a set of idkeydigest values (#991) 2023-01-18 16:49:55 +01:00
Nils Hanke
a3db3c8424
cli: debug: various improvements (#995) 2023-01-18 13:10:24 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation (#1005) 2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
41690288a1 ci: remove unneeded brackets in if statements
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
renovate[bot]
f5623fee5a
Update module github.com/sigstore/sigstore to v1.5.1 (#1006)
* Update module github.com/sigstore/sigstore to v1.5.1
* deps: tidy all modules
2023-01-18 10:19:31 +01:00
renovate[bot]
41eb533d63
Update Constellation containers (#1003)
https://github.com/edgelesssys/constellation/actions/runs/3943576556/jobs/6748558235
2023-01-18 09:44:36 +01:00
Nils Hanke
912384a87d
image: fix "ignored null byte in input" warning on AWS 2023-01-17 21:25:04 +01:00
Thomas Tendyck
f0f109a1ea verify: use fixed user data 2023-01-17 16:14:00 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings (#967)
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 16:12:23 +01:00
renovate[bot]
bbda3d1ecd
Update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.25.2 (#979)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:10:26 +01:00
renovate[bot]
f534f1f351
Update module github.com/onsi/ginkgo to v2 (#908) 2023-01-17 16:05:50 +01:00
renovate[bot]
4577a5886f
Update Terraform google to v4.48.0 (#929)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:01:02 +01:00
github-actions[bot]
8664e57c36
docs: update cli reference (#951)
* CLI reference was updated by edgelesssys/constellation@64ec0408

* CLI reference was updated by edgelesssys/constellation@e844ceb2

Co-authored-by: stdoutput <stdoutput@users.noreply.github.com>
2023-01-17 14:39:13 +01:00
Moritz Sanft
e844ceb2b1
cli: adopt Cobra cli reference style (#997)
* adapt to Cobra CLI ref style

* linting

* change multi-line reference style

* lowercase short descriptions

* Revert "lowercase short descriptions"

This reverts commit 499dc3577a.

* use 2 newlines on long description and add dots

* mark required flags

* Update cli/internal/cmd/iamcreateaws.go

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

* Update cli/internal/cmd/upgradeexecute.go

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

* Update cli/internal/cmd/upgradeexecute.go

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 14:01:56 +01:00
Fabian Kammel
8f88129cac
Configure CodeQL and scorecard workflow. (#986)
* Configure CodeQL and scorecard workflow.
* Fix CodeQL finding.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 14:01:47 +01:00
3u13r
5ee69d2647
operator: test JoiningNode in correct order (#988) 2023-01-17 11:32:39 +01:00
Moritz Sanft
9023482ce0
Move verify e2e test (#996) 2023-01-17 11:28:28 +01:00
Paul Meyer
ec1df3084b ci: fix versionsapi action
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 18:23:13 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc (#983) 2023-01-16 18:15:17 +01:00
Malte Poll
7902dc470f
cli: use non-authoritative methods to manage iam policy memberships (#989)
- google_project_iam_binding -> google_project_iam_member
2023-01-16 18:08:57 +01:00
Paul Meyer
d39cf1cd6e ci: fix cron tab mismatch
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 17:33:17 +01:00
renovate[bot]
a3035167b6
Update Constellation containers (#965)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:59:49 +01:00
Paul Meyer
25a23475ad renovate: ignore operator manager kustomization
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:21:11 +01:00
Paul Meyer
c9624c75ee ci: fix versionsapi action output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 15:50:53 +01:00
Otto Bittner
89f075d490 versions: rename KmsImage to KeyServiceImage 2023-01-16 15:14:23 +01:00
Paul Meyer
2241e41fcf ci: delete old images of all streams on ref main
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:57:13 +01:00
Paul Meyer
3393e458e0 ci: schedule os image builds
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:55:24 +01:00
Paul Meyer
42135dfdd6 versions: update container images to v2.5.0-pre
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:54:41 +01:00
Paul Meyer
f90a13ad86 image: fix shell code format
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Paul Meyer
98040ff89c ci: run shellfmt and shellcheck on changes in /image
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Paul Meyer
d37bd077d8 ci: delete old images from main ref
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Paul Meyer
4a6c64a02f ci: copy versionsapi binary from container to host
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Paul Meyer
467c3f501c versionsapi: add implementation of json flag
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Otto Bittner
4239191b0d ci: remove residual references to "kms" 2023-01-16 12:43:03 +01:00
Otto Bittner
0b0e0ba46a image: apply shellfmt suggestions 2023-01-16 12:20:54 +01:00
Malte Poll
938f114086
ci: implement "console" stream for OS images (#969)
* image: add AUTOLOGIN environment variable to conditionally enable serial console login
* ci: implement "console" stream for OS images
* debugd: remove serial console login access code
2023-01-16 12:20:01 +01:00
Otto Bittner
90b88e1cf9 kms: rename kms to keyservice
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00
3u13r
67f8336b9d
operator: reliability and simplification (#968)
* operator: make tests more reliable

* operator: simplify RetryOnConflict statements
2023-01-13 16:49:41 +01:00