Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-21 04:41:02 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,258 Commits 136 Branches 49 Tags 95 MiB
b03ead589f
Commit Graph

82 Commits

Author SHA1 Message Date
Nils Hanke
c1112addff bootstrapper: calculate duration for all Helm charts 2023-03-15 18:36:32 +01:00
Nils Hanke
4bf2498793 bootstrapper: use zap.Duration to log durations 2023-03-15 18:36:32 +01:00
Nils Hanke
13b15368d7 bootstrapper: more logging 2023-03-15 18:36:32 +01:00
Nils Hanke
97d95bd48c bootstrapper: move fixing & waiting for Cilium to earlier stage 2023-03-15 18:36:32 +01:00
Daniel Weiße
6ea5588bdc
config: add attestation variant (#1413) 
* Add attestation type to config (optional for now)

* Get attestation variant from config in CLI

* Set attestation variant for Constellation services in helm deployments

* Remove AzureCVM variable from helm deployments

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-03-14 11:46:27 +01:00
Otto Bittner
3cebd68c24 kubernetes: move k8s-components creation to internal 
The CLI will have to create similar objects for k8s upgrades.
 2023-02-15 16:44:47 +01:00
Daniel Weiße
c29107f5be
init: create kubeconfig file with unique user/cluster name (#1133) 
* Generate kubeconfig with unique name

* Move create name flag to config

* Add name validation to config

* Move name flag in e2e tests to config generation

* Remove name flag from create

* Update ascii cinema flow

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-02-10 13:27:22 +01:00
Daniel Weiße
690b50b29d
dev-docs: Go package docs (#958) 
* Remove unused package

* Add Go package docs to most packages

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-19 15:57:50 +01:00
3u13r
632090c21b
azure: allow a set of idkeydigest values (#991) 2023-01-18 16:49:55 +01:00
Leonard Cohnen
8c5e41b865 constants: rename components annotation key 2023-01-09 12:16:54 +01:00
Leonard Cohnen
3637909a46 internal: move components into their own package 2023-01-09 12:16:54 +01:00
Leonard Cohnen
25c3a8a1f3 init: add cluster version to kubernetes components 2023-01-05 14:52:09 +01:00
3u13r
f14af0c3eb
upgrade: support Kubernetes components (#839) 
* upgrade: add Kubernetes components to NodeVersion

* update rfc
 2023-01-03 12:09:53 +01:00
3u13r
0297aed1ea
join: deprecate components migration fallback (#833) 2022-12-29 14:51:26 +01:00
3u13r
d1195d1d5f
join: make Azure instance names k8s compliant (#807) 
join: make Azure instance names k8s compliant
 2022-12-23 18:59:15 +01:00
3u13r
c993cd6800
join: synchronize control plane joining (#776) 
* join: synchronize control plane joining
 2022-12-09 18:30:20 +01:00
Leonard Cohnen
a1161ae05d k8supdates: label nodes with k8s component hash 2022-12-08 11:19:22 +01:00
Leonard Cohnen
0c71cc77f6 joinservice: use configmap for k8s components 2022-12-02 14:34:38 +01:00
Otto Bittner
6af54142f2
Remove client pkg from kubectl pkg (#638) 
The nested client pkg was necessary to implement a generator pattern.
The generator was necessary as the Kubewrapper type
expects a k8sapi.Client object during instantiation.
However, the required kubeconfig is not ready during Kubewrapper creation.
This patch relies on an Initialize function to set the Kubeconfig
and hands over an empty struct during Kubewrapper creation.
This allows us to remove the extra Client abstraction.
 2022-11-25 11:19:22 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs (#553) 
* Merge enforced and expected measurements

* Update measurement generation to new format

* Write expected measurements hex encoded by default

* Allow hex or base64 encoded expected measurements

* Allow hex or base64 encoded clusterID

* Allow security upgrades to warnOnly flag

* Upload signed measurements in JSON format

* Fetch measurements either from JSON or YAML

* Use yaml.v3 instead of yaml.v2

* Error on invalid enforced selection

* Add placeholder measurements to config

* Update e2e test to new measurement format

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-24 10:57:58 +01:00
Otto Bittner
3e71459898 AB#2635: Deploy Konnectivity via Helm 2022-11-23 12:21:08 +01:00
Otto Bittner
7283eeb798 AB#2636: Deploy gcp-guest-agent via Helm 2022-11-23 12:21:08 +01:00
Leonard Cohnen
1e98b686b6 kubernetes: verify Kubernetes components 2022-11-23 10:48:03 +01:00
Otto Bittner
6b2d9d16f8 Remove obsolote revive comments 2022-11-23 08:35:12 +01:00
Otto Bittner
1362e40f53
Surpress argument-limit errors and add TODO. (#603) 2022-11-21 17:31:01 +01:00
Otto Bittner
adc09a1ad1
AB#2593: Deploy verification service via Helm (#594) 2022-11-21 17:06:41 +01:00
Otto Bittner
bdd9dd922b
AB#2589: Deploy operators via Helm (#575) 
* Only deploy operators on GCP/Azure.
* cert-manager is now deployed by default (GCP/Azure)
* remove OLM
 2022-11-21 10:35:40 +01:00
Fabian Kammel
b92b3772ca
Remove access manager (#470) 
* remove access manager from code base
* document new node ssh workflow
* keep config backwards compatible
* slow down link checking to prevent http 429
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-11-11 08:44:36 +01:00
Daniel Weiße
c9873f2bfb
AB#2523 Refactor GCP metadata/cloud API (#387) 
* Refactor GCP metadata/cloud API

* Remove cloud controller manager from metadata package

* Remove PublicIP

* Move shared cloud packages

* Remove dead code

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-09 14:43:48 +01:00
3u13r
9ad377284d
Wait for kube api during init (#440) 
* kubernetes: wait for KubeAPI to be reachable
 2022-11-04 12:36:26 +01:00
Otto Bittner
f164af29cf
AB#2583: deploy autoscaler via helm (#438) 2022-11-03 16:42:19 +01:00
Leonard Cohnen
b69d19c3d6 metadata: clarify networking variables 2022-11-02 23:29:04 +01:00
Leonard Cohnen
dd007f4772 metadata: move subnetCIDR to InstanceMetadata 2022-11-02 23:29:04 +01:00
Leonard Cohnen
0cdc7886ee metadata: don't use podCIDR for Azure CCM setup 2022-11-02 23:29:04 +01:00
Otto Bittner
e363f03240
AB#2582: deploy CNM via Helm (#423) 2022-11-02 17:47:10 +01:00
Daniel Weiße
55cfff034a
Remove PublicIP from QEMU metadata (#396) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-11-02 12:56:16 +01:00
Otto Bittner
091e3b2b2b AB#2538: deploy CCM via Helm 
Also move helmloader interface/stubs
 2022-10-27 18:12:47 +02:00
Malte Poll
2d121d9243
Replace interface{} -> any (#370) 2022-10-25 15:51:23 +02:00
Daniel Weiße
b35b74b772
Use tags for UID and role parsing (#242) 
* Apply tags to all applicable GCP resources

* Move GCP UID and role from VM metadata to labels

* Adjust Azure tags to be in line with GCP and AWS

* Dont rely on resource name to find resources

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-10-24 16:58:21 +02:00
Otto Bittner
c2814aeddb
AB#2504: Deploy join-service via helm (#358) 2022-10-24 12:23:18 +02:00
Otto Bittner
07f02a442c
Refactor Helm deployments (#341) 
* Wrap KMS deployment in one main chart that
deploys all other services. Other services will follow.
* Use .tgz via helm-package as serialization format
* Change Release type to carry chart as byte slice
* Remove KMSConfig
* Use json-schema to validate values
* Extend release.md to mention updating helm charts
 2022-10-21 12:01:28 +02:00
Malte Poll
981796574c Disable access manager 2022-10-21 11:04:25 +02:00
Otto Bittner
c6ccee1250 AB#2490: deploy KMS via Helm 
* Bundle helm-install related code in speparate package
* Move cilium installation to new helm package
 2022-10-18 13:33:37 +02:00
Fabian Kammel
369480a50b
Feat/revive (#212) 
* enable revive as linter
* fix var-naming revive issues
* fix blank-imports revive issues
* fix receiver-naming revive issues
* fix exported revive issues
* fix indent-error-flow revive issues
* fix unexported-return revive issues
* fix indent-error-flow revive issues
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2022-10-05 15:02:46 +02:00
katexochen
42f273611a Use uid from metadata instead of name 2022-09-30 16:50:52 +02:00
katexochen
ba6e41ed5c Upgrade go module to v2 2022-09-22 09:10:19 +02:00
katexochen
88d200232a Remove autoscaling from CLI and bootstrapper 2022-09-20 13:41:23 +02:00
3u13r
774e300a32
Constellation conformance mode (#161) 
* add conformance mode
 2022-09-20 10:07:55 +02:00
Leonard Cohnen
7163c161b6 Deploy Konnectivity 2022-09-09 17:26:02 +02:00
Daniel Weiße
8cb155d5c5
AB#2260 Refactor disk-mapper recovery (#82) 
* Refactor disk-mapper recovery

* Adapt constellation recover command to use new disk-mapper recovery API

* Fix Cilium connectivity on rebooting nodes (#89)

* Lower CoreDNS reschedule timeout to 10 seconds (#93)

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-09-08 14:45:27 +02:00