Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,973 Commits 133 Branches 44 Tags 106 MiB
b46e2b1681
Commit Graph

227 Commits

Author SHA1 Message Date
Otto Bittner
74c569cba0 ci: fix yq command for new k8s version format 
The string "1.25" does not need quotes to work in the replace.
"1.25.6" or "v1.25.6", however, do.
 2023-02-13 10:19:59 +01:00
Paul Meyer
278031b066 ci: fix workdir of apko base image build 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-10 11:24:17 -05:00
Daniel Weiße
c29107f5be
init: create kubeconfig file with unique user/cluster name (#1133) 
* Generate kubeconfig with unique name

* Move create name flag to config

* Add name validation to config

* Move name flag in e2e tests to config generation

* Remove name flag from create

* Update ascii cinema flow

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-02-10 13:27:22 +01:00
Fabian Kammel
4c5ab7c5e9
ci: refactor image measurement generation (#1152) 
* Merge measurements.image.json and measurements.json into latter.
* Use static (known) measurement values for the ones we cannot precompute.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-02-09 13:33:17 +01:00
Otto Bittner
c275464634 cli: change upgrade-plan to upgrade-check 
Upgrade check is used to find updates for the current cluster.
Optionally the found upgrades can be persisted to the config
for consumption by the upgrade-execute cmd.
The old `upgrade execute` in this commit does not work with
the new `upgrade plan`.
The current versions are read from the cluster.
Supported versions are read from the cli and the versionsapi.
Adds a new config field MicroserviceVersion that will be used
by `upgrade execute` to update the service versions.
The field is optional until 2.7
A deprecation warning for the upgrade key is printed during
config validation.
Kubernetes versions now specify the patch version to make it
explicit for users if an upgrade changes the k8s version.
 2023-02-08 12:30:01 +01:00
Otto Bittner
f204c24174 cli: add version validation and force flag 
Version validation checks that the configured versions
are not more than one minor version below the CLI's version.
The validation can be disabled using --force.
This is necessary for now during development as the CLI
does not have a prerelease version, as our images do.
 2023-02-08 12:30:01 +01:00
renovate[bot]
a3f8bb30ac
deps: update golang Docker tag to v1.20.0 (#1145) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-03 18:08:03 +01:00
renovate[bot]
bec82c2328
deps: update GitHub action dependencies (#1112) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 17:38:44 +01:00
Paul Meyer
4f1a4ecb9e ci: don't use k-bench install script 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-31 15:06:29 +01:00
Otto Bittner
88e3da750e ci: adjust tags in build_ko 
Currently tags can be empty when building a ko image.
However, --bare may not work in case --tags is empty,
as per ko docs.

Also remove redundant build step in release pipeline.

Co-authored-by: Malte Poll <mp@edgeless.systems>
 2023-01-31 10:16:20 +01:00
leongross
2187aa6cb0
ci: reproducible builds integration (#1108) 
* remove `-ko` suffix from workflows
* integrate into `release.yaml`
* adjust helm charts to use hard coded `ko` binary path
 2023-01-30 16:58:49 +01:00
Fabian Kammel
48c8a66114
Minimal GitHub Action token permissions. (#1104) 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-30 16:11:27 +01:00
Paul Meyer
d095f08cd4 apko: build base image with pinned packages 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 16:05:00 +01:00
Paul Meyer
32a540bff4 ci: tag apko base images 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 16:05:00 +01:00
leongross
bd3ec19aef
update kbench requirements.txt (#1103) 2023-01-30 11:57:48 +01:00
Paul Meyer
617c6f0a8d deps: update sonobuoy version 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-30 10:17:18 +01:00
renovate[bot]
a85ba96ac4
deps: update Terraform azurerm to v3.41.0 (#1097) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-27 16:33:32 +01:00
Moritz Sanft
cb894e5df5
ci: fix Constellation recover e2e test (#1081) 
* AB#2859 wait for cp to recover

* AB#2859 remove unnecessary inputs & echo
 2023-01-27 15:53:53 +01:00
renovate[bot]
5eecd1345d
deps: update golang Docker tag to v1.19.5 (#1086) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-26 15:19:23 +01:00
Malte Poll
ee869eaf9c ci: prepare upgrade-agent for upload in e2e tests 2023-01-25 09:58:56 +01:00
Paul Meyer
9a70a81b7c ci: rename os images on GCP to contain stream 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-23 14:15:05 +01:00
Paul Meyer
a8cbfd848f
keyservice: use dash in container name (#1016) 
Co-authored-by: Otto Bittner <cobittner@posteo.net>
 2023-01-20 18:51:06 +01:00
Paul Meyer
a31d79e9cb ci: curl flags 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-20 14:23:32 +01:00
Paul Meyer
a6d35c6fd1 ci: move apko building into separate script 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-20 09:52:17 +01:00
Paul Meyer
acc3f64dee ci: only build apko base images on change 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-19 15:18:26 +01:00
Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover (#845) 
* AB#2256 Add recover e2e test

* AB#2256 move test & fix minor objections

* AB#2256 fix path

* AB#2256 rename hacky filename
 2023-01-19 10:41:07 +01:00
Moritz Sanft
df0fe7178c
Adapt to new measurements format (#999) 2023-01-19 10:14:10 +01:00
Nils Hanke
2c6a3c398f ci: remove unnecessary checkout 2023-01-18 18:53:29 +01:00
Nils Hanke
b52c917dc6 ci: downgrade Syft to 0.65.0 2023-01-18 18:53:29 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action (#1011) 2023-01-18 17:33:10 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies (#1007) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 17:04:46 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 10:57:42 +01:00
Paul Meyer
41690288a1 ci: remove unneeded brackets in if statements 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-18 10:57:42 +01:00
Fabian Kammel
85f33b2140
ci: fix scorecard/pinned-dependencies findings (#967) 
* fix scorecard/pinned-dependencies findings
* make renovate update go install
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
 2023-01-17 16:12:23 +01:00
Moritz Sanft
9023482ce0
Move verify e2e test (#996) 2023-01-17 11:28:28 +01:00
Paul Meyer
ec1df3084b ci: fix versionsapi action 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-16 18:23:13 +01:00
Malte Poll
fa7bac3868
ci: switch gcp accounts to oidc (#983) 2023-01-16 18:15:17 +01:00
Paul Meyer
c9624c75ee ci: fix versionsapi action output 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-16 15:50:53 +01:00
Paul Meyer
4a6c64a02f ci: copy versionsapi binary from container to host 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-16 13:52:11 +01:00
Otto Bittner
90b88e1cf9 kms: rename kms to keyservice 
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
 2023-01-16 11:56:34 +01:00
leongross
c36a009188
ci: reproducible builds ko (no gcp) (#871) 
* add ko build actions and worklflows
* add apko build actions and worklflows
* add .ko.yaml file
* add apko image definitions
* add signing container, add signing sboms, add uploading sboms
 2023-01-13 16:38:31 +01:00
Paul Meyer
5dcaf84e23 ci: increase Go test timeout in e2e lb 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-13 12:03:27 +01:00
Paul Meyer
5cb10aef45 ci: find latest image with versionsapi action 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-13 10:23:43 +01:00
Paul Meyer
6d6ef99f11 ci: run versionsapi as docker action 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-13 10:23:43 +01:00
Nils Hanke
b3c3c2fa8c
qemu: remove registry_auth for Docker Terraform module (#957) 2023-01-12 15:47:50 +01:00
Paul Meyer
d0e9f427d1
deps: update Go to v1.19.5 (#949) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-12 13:36:17 +01:00
Malte Poll
77d921824e ci: switch default AWS zone to eu-central-1c 2023-01-12 13:24:07 +01:00
Malte Poll
3077dd4f27 ci: implement first half of release checklist 2023-01-12 13:24:07 +01:00
Malte Poll
8e87a40708 ci: remove unused PPA 2023-01-12 13:24:07 +01:00
renovate[bot]
9fbf298565
Update actions/cache action to v3.2.3 (#909) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-01-09 18:30:41 +01:00