Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover ( #845 )
...
* AB#2256 Add recover e2e test
* AB#2256 move test & fix minor objections
* AB#2256 fix path
* AB#2256 rename hacky filename
2023-01-19 10:41:07 +01:00
Paul Meyer
2cee7cb454
ci: run CodeQL only on Go/Python changes
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 10:34:36 +01:00
renovate[bot]
076909f645
Update module github.com/medik8s/node-maintenance-operator to v0.14.0 ( #1023 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-19 10:27:09 +01:00
Moritz Sanft
88bbfb2065
docs: add docs for automatic config filling of iam values ( #1000 )
...
* AB#2821 iam config filling docs
* AB#2821 rephrasing
2023-01-19 10:24:58 +01:00
Moritz Sanft
df0fe7178c
Adapt to new measurements format ( #999 )
2023-01-19 10:14:10 +01:00
Nils Hanke
2c6a3c398f
ci: remove unnecessary checkout
2023-01-18 18:53:29 +01:00
Nils Hanke
b52c917dc6
ci: downgrade Syft to 0.65.0
2023-01-18 18:53:29 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action ( #1011 )
2023-01-18 17:33:10 +01:00
renovate[bot]
90ea35ae35
Update Constellation containers to v2.5.0-pre.0.20230118154955-632090c21b93 ( #1014 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-18 17:28:04 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies ( #1007 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:04:46 +01:00
Paul Meyer
8e18c7012c
ci: install shellcheck using the action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:02:40 +01:00
3u13r
632090c21b
azure: allow a set of idkeydigest values ( #991 )
2023-01-18 16:49:55 +01:00
Nils Hanke
a3db3c8424
cli: debug: various improvements ( #995 )
2023-01-18 13:10:24 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation ( #1005 )
2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f
ci: unified order and style of workflows/actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
41690288a1
ci: remove unneeded brackets in if statements
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
renovate[bot]
f5623fee5a
Update module github.com/sigstore/sigstore to v1.5.1 ( #1006 )
...
* Update module github.com/sigstore/sigstore to v1.5.1
* deps: tidy all modules
2023-01-18 10:19:31 +01:00
renovate[bot]
41eb533d63
Update Constellation containers ( #1003 )
...
https://github.com/edgelesssys/constellation/actions/runs/3943576556/jobs/6748558235
2023-01-18 09:44:36 +01:00
Nils Hanke
912384a87d
image: fix "ignored null byte in input" warning on AWS
2023-01-17 21:25:04 +01:00
Thomas Tendyck
f0f109a1ea
verify: use fixed user data
2023-01-17 16:14:00 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings ( #967 )
...
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 16:12:23 +01:00
renovate[bot]
bbda3d1ecd
Update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.25.2 ( #979 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:10:26 +01:00
renovate[bot]
f534f1f351
Update module github.com/onsi/ginkgo to v2 ( #908 )
2023-01-17 16:05:50 +01:00
renovate[bot]
4577a5886f
Update Terraform google to v4.48.0 ( #929 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 16:01:02 +01:00
github-actions[bot]
8664e57c36
docs: update cli reference ( #951 )
...
* CLI reference was updated by edgelesssys/constellation@64ec0408
* CLI reference was updated by edgelesssys/constellation@e844ceb2
Co-authored-by: stdoutput <stdoutput@users.noreply.github.com>
2023-01-17 14:39:13 +01:00
Moritz Sanft
e844ceb2b1
cli: adopt Cobra cli reference style ( #997 )
...
* adapt to Cobra CLI ref style
* linting
* change multi-line reference style
* lowercase short descriptions
* Revert "lowercase short descriptions"
This reverts commit 499dc3577a
.
* use 2 newlines on long description and add dots
* mark required flags
* Update cli/internal/cmd/iamcreateaws.go
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
* Update cli/internal/cmd/upgradeexecute.go
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
* Update cli/internal/cmd/upgradeexecute.go
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-17 14:01:56 +01:00
Fabian Kammel
8f88129cac
Configure CodeQL and scorecard workflow. ( #986 )
...
* Configure CodeQL and scorecard workflow.
* Fix CodeQL finding.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-17 14:01:47 +01:00
3u13r
5ee69d2647
operator: test JoiningNode in correct order ( #988 )
2023-01-17 11:32:39 +01:00
Moritz Sanft
9023482ce0
Move verify e2e test ( #996 )
2023-01-17 11:28:28 +01:00
Paul Meyer
ec1df3084b
ci: fix versionsapi action
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 18:23:13 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc ( #983 )
2023-01-16 18:15:17 +01:00
Malte Poll
7902dc470f
cli: use non-authoritative methods to manage iam policy memberships ( #989 )
...
- google_project_iam_binding -> google_project_iam_member
2023-01-16 18:08:57 +01:00
Paul Meyer
d39cf1cd6e
ci: fix cron tab mismatch
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 17:33:17 +01:00
renovate[bot]
a3035167b6
Update Constellation containers ( #965 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:59:49 +01:00
Paul Meyer
25a23475ad
renovate: ignore operator manager kustomization
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 16:21:11 +01:00
Paul Meyer
c9624c75ee
ci: fix versionsapi action output
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 15:50:53 +01:00
Otto Bittner
89f075d490
versions: rename KmsImage to KeyServiceImage
2023-01-16 15:14:23 +01:00
Paul Meyer
2241e41fcf
ci: delete old images of all streams on ref main
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:57:13 +01:00
Paul Meyer
3393e458e0
ci: schedule os image builds
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:55:24 +01:00
Paul Meyer
42135dfdd6
versions: update container images to v2.5.0-pre
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:54:41 +01:00
Paul Meyer
f90a13ad86
image: fix shell code format
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Paul Meyer
98040ff89c
ci: run shellfmt and shellcheck on changes in /image
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 14:49:33 +01:00
Paul Meyer
d37bd077d8
ci: delete old images from main ref
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Paul Meyer
4a6c64a02f
ci: copy versionsapi binary from container to host
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Paul Meyer
467c3f501c
versionsapi: add implementation of json flag
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-16 13:52:11 +01:00
Otto Bittner
4239191b0d
ci: remove residual references to "kms"
2023-01-16 12:43:03 +01:00
Otto Bittner
0b0e0ba46a
image: apply shellfmt suggestions
2023-01-16 12:20:54 +01:00
Malte Poll
938f114086
ci: implement "console" stream for OS images ( #969 )
...
* image: add AUTOLOGIN environment variable to conditionally enable serial console login
* ci: implement "console" stream for OS images
* debugd: remove serial console login access code
2023-01-16 12:20:01 +01:00
Otto Bittner
90b88e1cf9
kms: rename kms to keyservice
...
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00
3u13r
67f8336b9d
operator: reliability and simplification ( #968 )
...
* operator: make tests more reliable
* operator: simplify RetryOnConflict statements
2023-01-13 16:49:41 +01:00