Daniel Weiße
b7425db72a
constellation-lib: add Helm wrapper ( #2680 )
...
* Add Helm wrapper to constellation-lib
* Move helm package to constellation-lib
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-06 10:01:39 +01:00
Daniel Weiße
f5718b6655
docs: add Kubernetes version support list ( #2661 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-12-05 15:13:25 +01:00
Adrian Stobbe
a2de1d23ec
terraform-provider: add attestation data source ( #2640 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2023-11-28 17:30:11 +01:00
Adrian Stobbe
98673b0983
ci: only generate lock files where provider is used ( #2636 )
2023-11-27 12:16:45 +01:00
Moritz Sanft
34bf3ad296
terraform-provider: add image datasource ( #2642 )
...
* terraform-provider: init
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: add basic docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix build steps
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: extend build process and docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* dev-docs: document provider usage
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: upload aspect lib mirror
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: don't try to create lockfiles
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: fix shellcheck issues
* bazel: separate paths to check
* terraform-provider: clean up old files
* terraform-provider: update provider resource
* terraform-provider: add image data source
* dev-docs: remove unnecessary init
* bazel: adhere to Terraform naming expectations
* terraform-provider: fix expected data type
* terraform-provider: generate docs
* terraform-provider: improve errors
* terraform-provider: add acceptance tests for data source
* terraform-provider: fix dependencies
* bazel: quote var reference
* terraform-provider: make region optional
* terraform-provider: bind imagefetcher to data source
* bazel: tidy
* terraform-provider: remove unused parameter
* terraform-provider: remove unused parameter
* terraform-provider: extend acceptance tests
* terraform-provider: allow tests to be ran without Bazel
* dev-docs: document testing
* terraform-provider: set binary path accordingly
* dev-docs: document docgen process for the provider
* bazel: run acceptance test in writable environment
* bazel: try to write to `$TMPDIR`
* terraform-provider: style nits
* terraform-provider: leave TODO
* bazel: tidy
* terraform-provider: regenerate docs
* terraform-provider: fix comment
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-27 09:00:08 +01:00
Moritz Sanft
9a62657b80
terraform-provider: init provider scaffolding ( #2632 )
...
* terraform-provider: init
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: add basic docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix build steps
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: extend build process and docgen
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* dev-docs: document provider usage
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: upload aspect lib mirror
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: add docstring to fix linter
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: don't try to create lockfiles
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: fix shellcheck issues
* bazel: separate paths to check
* bazel: explain what updating lockfiles means
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: fix linter checks
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-24 15:58:21 +01:00
Moritz Sanft
968cdc1a38
cli: move cli/internal
libraries ( #2623 )
...
* cli: move internal packages
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* cli: fix buildfiles
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* bazel: fix exclude dir
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* cli: move back libraries that will not be used by TF provider
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-22 14:52:56 +01:00
Malte Poll
d22f53d7cc
bazel: always use nix
2023-10-12 14:42:24 +02:00
Malte Poll
85b4101dc3
deps: update go to 1.21.1 ( #2389 )
2023-09-28 22:29:14 +02:00
Malte Poll
78300ee5b0
use toolchains from nixpkgs (with fallback)
2023-09-27 17:58:19 +02:00
Malte Poll
fbd75106ef
bazel: never run buildifier in remote execution ( #2261 )
2023-09-12 14:48:06 +02:00
Paul Meyer
11efc8d512
ci: comment Go coverage report on PR
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-28 15:44:07 +02:00
Malte Poll
d3fee12947
bazel: fix use of YQ to be hermetic during "bazel run"
2023-08-18 16:36:13 +02:00
Malte Poll
3352a9e988
bazel: set integration go build tag
2023-08-17 10:46:45 +02:00
Paul Meyer
6352d8005d
bazel: use -C flag in govulncheck ci
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-15 16:29:56 +02:00
Paul Meyer
dccb1dfde9
ci: remove unused actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-03 16:09:06 +02:00
Paul Meyer
9d90ab6df7
ci: check for unused actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-03 16:09:06 +02:00
Paul Meyer
0ab76a2f95
bazel: update bazel container version on //:tidy
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-25 15:41:55 +02:00
Malte Poll
cb22a25144
bazel: add yq to PATH in go generate
2023-07-20 15:47:12 +02:00
Malte Poll
46d69abe10
bazel: rewrite pseudo-version stamping in bash ( #2020 )
...
* bazel: simplify workspace_status command to only depend on bash and git
* bazel: remove pseudo-version freshness code
2023-07-05 14:42:18 +02:00
Adrian Stobbe
c1f9d86cd3
bazel check: silent env for cleaner output ( #1898 )
...
* explicitly ignore pkgs for cleaner output
* do not ignore but redirect stderr
* silent env var to silent stderr
* add silent env var to vuln,lint,tf
* fix golangci silent
* Update bazel/ci/terraform.sh.in
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
* Update bazel/ci/golicenses.sh.in
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
* Update bazel/ci/govulncheck.sh.in
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
* Update bazel/ci/golangci_lint.sh.in
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
---------
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-06-14 13:58:21 +02:00
Moritz Sanft
72e168e653
bazel: pseudo version tool freshness check ( #1869 )
...
* switch to darwin compatible shasum
* add bazel rule
* update shellscript for in-place updates
* Revert "update shellscript for in-place updates"
This reverts commit 87d39b06f7
.
* add version tool freshness check
* remove pseudo-version file
* revert to `sha256sum`
* fix workflow indentation
2023-06-09 11:50:51 +02:00
Malte Poll
81c9c5205c
ci: explicitly disable cgo in golangci-lint ( #1822 )
2023-05-24 16:40:15 +02:00
Malte Poll
524718d82c
bazel: disable CGO in govulncheck
2023-05-23 13:44:56 +02:00
Malte Poll
15d51c3a3f
bazel: use hermetic go in PATH for golicenses
2023-05-23 13:44:56 +02:00
Malte Poll
4bffeefd70
bazel: use hermetic go in PATH for golangci-lint
2023-05-23 13:44:56 +02:00
Moritz Sanft
339e750c18
bazel: add Bazel shell completion scripts ( #1804 )
...
* add bazel autocomplete script
* indentation
* shfmt
* shellcheck ignore completion file
* fix shellcheck ignore path
2023-05-22 12:54:38 +02:00
Daniel Weiße
ad924181d9
Allow tdx repo in bazel license check
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-17 11:37:26 +02:00
Moritz Sanft
65e7778955
dont stop check on err ( #1774 )
2023-05-16 14:38:44 +02:00
Malte Poll
eb11e9ac8a
bazel: download pseudo-version tool instead of "go build" ( #1629 )
...
Required for bootstrapping bazel stamping since we cannot use "bazel build" during the workspace_status command.
Adds a small script that builds the pseudo-version tool in bazel (without stamping) and uploads it to the mirror.
On the first bazel build with stamping, the pseudo-version tool is downloaded.
2023-04-12 17:41:13 +02:00
Paul Meyer
dea41bd1ed
ci: refactor e2e test failure notifications ( #1625 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-12 16:06:26 +02:00
Malte Poll
0ece41c146
bazel-deps-mirror: upgrade command ( #1617 )
...
* bazel-deps-mirror: upgrade command
This command can be used to upgrade a dependency.
Users are supposed to replace any upstream URLs and run the upgrade command.
It replaces the expected hash and uploads the new dep to the mirror.
2023-04-05 17:32:51 +02:00
Paul Meyer
00ced1bbc2
ci: run //:check and //:generate concurrently ( #1606 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-04 10:39:57 +02:00
Paul Meyer
e021245660
bazel: add cli doc generation to //:generate
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 12:01:13 -04:00
Paul Meyer
8489516208
bazel: better ci script naming
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 12:01:13 -04:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target ( #1554 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 14:47:29 +02:00
Malte Poll
827c4f548d
bazel: deps mirror ( #1522 )
...
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.
It also normalizes deps rules.
* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
d7fafb92b7
bazel: improve script template resilience
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274
bazel: add go generate to //:generate target
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
81acdecd22
bazle: manage 3rdparty/node-maintainance-operator
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
8bbadecf2f
bazel: add docgen tool
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
3u13r
e934e1cbc8
exclude node modules from shellcheck ( #1514 )
2023-03-28 13:38:20 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target ( #1512 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target ( #1509 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 10:42:30 +02:00
Paul Meyer
e7fc541a57
bazel: add buf as protobuf formatter to //:tidy ( #1511 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:08:49 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target ( #1494 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:27:09 +01:00
Paul Meyer
e92c08be31
bazel: use export_files instead of genrule ( #1506 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:26:48 +01:00
Otto Bittner
cac43a1dd0
ci: add e2e-upgrade test
...
The test is implemented as a go test.
It can be executed as a bazel target.
The general workflow is to setup a cluster,
point the test to the workspace in which to
find the kubeconfig and the constellation config
and specify a target image, k8s and
service version. The test will succeed
if it detects all target versions in the cluster
within the configured timeout.
The CI automates the above steps.
A separate workflow is introduced as there
are multiple input fields to the test.
Adding all of these to the manual e2e test
seemed confusing.
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-03-23 14:57:38 +01:00
Paul Meyer
b65b09fd9f
bazel: add terraform fmt to //:tidy target ( #1501 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:14:35 +01:00
Paul Meyer
0f6e56badf
bazel: get tfsec as binary download
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00