renovate[bot]
bac7e8b4f9
deps: update module helm.sh/helm/v3 to v3.13.1 ( #2521 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 13:31:54 +02:00
renovate[bot]
cd93eb6886
deps: update module google.golang.org/api to v0.148.0 ( #2519 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 09:59:26 +02:00
Moritz Sanft
402a8834ca
ci: add e2e test for self-managed infrastructure ( #2472 )
...
* add self-managed infra e2e test
* self-managed terminatio
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix upgrade test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix indentation
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* use -r when copying dir
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add terraform variable parsing
* copy constellation conf
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove unnecessary line breaks
* add missing value
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add image fetching for CSP
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix quoting
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add missing input to internal lb test
* normalize Azure URLs.. Of course
* tidy
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix expressions
* initsecret to hex
* update hexdump cmd
* add build test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add node / pod cidr outputs
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* explicitly delete the state file
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add missing license header
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* always write all outputs
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix list output
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove state-file and admin-conf on destroy
* dont use test payload
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* [remove] use self managed infra in manual e2e for testing
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* init: always skip infrastructure phase
* patch maa in workflow
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* default to Constellation-created infra in e2e test
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-10-27 09:37:26 +02:00
Daniel Weiße
f4bfbe3564
docs: refer to apply command instead of init
or upgrade apply
( #2487 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-27 08:30:59 +02:00
renovate[bot]
fff35bdb2a
deps: update module google.golang.org/grpc to v1.59.0 ( #2520 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 16:59:11 +02:00
Daniel Weiße
149fedb90f
cli: add constellation apply
command to replace init
and upgrade apply
( #2484 )
...
* Add apply command
* Mark init and upgrade apply as deprecated
* Use apply command in CI
* Add skippable phases for attestation config and cert SANs
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-26 15:59:13 +02:00
Daniel Weiße
a7eb3b119a
cli: retry fetching of JoinConfig during init process ( #2515 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-26 15:55:12 +02:00
renovate[bot]
0030280d1b
deps: update module github.com/fsnotify/fsnotify to v1.7.0 ( #2518 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 15:33:23 +02:00
Adrian Stobbe
278edfa2f9
cli: init should not call terraform ( #2522 )
2023-10-26 14:30:11 +02:00
Daniel Weiße
ec424b260d
cli: refactor terraform code to be update/create agnostic ( #2501 )
...
* Move upgrade specific functions out of Terraform module
* Always allow overwriting Terraform files
* Ensure constellation-terraform dir does not exist on create
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-26 10:55:50 +02:00
renovate[bot]
f9989728f7
deps: update module google.golang.org/grpc to v1.56.3 [SECURITY] ( #2514 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:20:40 +02:00
renovate[bot]
e445dac590
deps: update docker/metadata-action action to v5 ( #2512 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:19:55 +02:00
renovate[bot]
3a8296b2f3
deps: update Terraform docker to v3 ( #2508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:19:08 +02:00
renovate[bot]
0563ce7336
deps: update aws-actions/configure-aws-credentials action to v4 ( #2510 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:18:37 +02:00
renovate[bot]
cb11c8e297
deps: update Terraform google-beta to v5 ( #2507 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:18:07 +02:00
renovate[bot]
37cda7f4f2
deps: update Terraform google to v5 ( #2506 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-26 08:17:32 +02:00
renovate[bot]
0e7462728a
deps: update docker/login-action action to v3 ( #2511 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-25 17:40:25 +02:00
renovate[bot]
936f55f4b0
deps: update module go.uber.org/goleak to v1.3.0 ( #2509 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-25 17:39:41 +02:00
katexochen
5eb6cc6d08
image: update measurements and image version
2023-10-25 10:54:56 +02:00
renovate[bot]
06014c58ba
deps: update Kubernetes versions ( #2491 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-25 10:13:42 +02:00
renovate[bot]
4afe5940b6
deps: update registry.k8s.io/provider-aws/cloud-controller-manager Docker tag to v1.28.1 ( #2492 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-25 09:01:52 +02:00
Daniel Weiße
671cf36f0a
cli: common backend for init
and upgrade apply
commands ( #2449 )
...
* Use common 'apply' backend for init and upgrades
* Move unit tests to new apply backend
* Only perform Terraform migrations if state exists in cwd (#2457 )
* Rework skipPhases logic
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-10-24 15:39:18 +02:00
renovate[bot]
15d249092c
deps: update github.com/gophercloud/utils digest to 80377ec ( #2495 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-24 15:35:59 +02:00
renovate[bot]
ecbf6dcd14
deps: update bufbuild/buf to v1.27.1 ( #2497 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-24 15:34:34 +02:00
Paul Meyer
1261ccb569
Revert "ci: execute unit tests and tidy check against merge of PR branch and main ( #2452 )"
...
This reverts commit 43f7d9f736
.
2023-10-24 14:43:09 +02:00
Moritz Sanft
a104936bc6
validation: add generic validation framework ( #2480 )
...
* [wip] validation framework
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* [wip] wip
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* working for shallow structs!!!
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix needle pointer deref
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add comment
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix nested structs
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix nested struct pointers
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add tests
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix slices / arrays
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix struct parsing
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* extend tests
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* expose API
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* extend in-package documentation
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* linter fixes
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix naming
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add missing license headers
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* align with review
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-10-24 11:38:05 +02:00
Etel Sverdlov
2f745a2edb
Update README.md
...
Updated some links to go to the main website now, updated the blog link, and "Getting started with Constellation" playlist link. Replace twitter with LInkedIn link.
2023-10-24 10:20:16 +02:00
Daniel Weiße
d218f296ad
cli: increase kubecmd retry limit ( #2500 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-24 08:10:43 +02:00
3u13r
a1b4db4175
remove gcp internal LB from hack folder ( #2502 )
2023-10-23 16:26:07 +02:00
3u13r
e053d1fa71
terraform: always output node cidr ( #2481 )
...
* terraform: always output node cidr
2023-10-23 15:06:48 +02:00
Adrian Stobbe
5d640ff4f9
ci: fix win build ( #2499 )
2023-10-23 14:39:45 +02:00
Moritz Sanft
19ca4e6ec9
docs: document self-managed infrastructure ( #2458 )
...
* add minimal docs for self-managed infrastructure
* Update docs/docs/getting-started/first-steps.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* default to yq
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* don't tie self-managed infrastructure to Terraform
* silence the review-dog
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/create.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* [broken] add docs for filling tfvars file
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix docs
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove unnecessary linebreaks
* add missing value
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix quoting
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* document endpoint separation
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-10-23 11:53:08 +02:00
renovate[bot]
5b70654489
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20231016 ( #2490 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-23 10:37:37 +02:00
Daniel Weiße
d154703c9a
cli: remove unnecessary check from QEMU rollbacker ( #2489 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-23 10:20:25 +02:00
edgelessci
9c89b75a53
image: update locked rpms ( #2498 )
2023-10-22 10:10:48 +02:00
renovate[bot]
e5ead09801
deps: update ubuntu:22.04 Docker digest to 2b7412e ( #2496 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-20 18:22:34 +02:00
Malte Poll
5d4af05e79
nix: flake update ( #2488 )
2023-10-20 17:17:59 +02:00
renovate[bot]
0d27a2add2
deps: update Constellation containers to v2.13.0-pre.0.20231017104710-b2f3f72488db ( #2444 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-20 16:55:24 +02:00
Adrian Stobbe
9c1c876830
pick random azure region ( #2483 )
2023-10-20 13:38:08 +02:00
Daniel Weiße
37e5cbeaf6
Update link to our blog
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-20 12:13:18 +02:00
Malte Poll
c3a0a7e156
cli: set image version in tests to stamped binary version ( #2485 )
2023-10-20 11:41:56 +02:00
edgelessci
5cd70ac58a
image: update measurements and image version ( #2482 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-10-20 08:10:51 +02:00
Daniel Weiße
eeaba28d02
ci: remove force flag from CLI commands ( #2479 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-20 08:10:26 +02:00
3u13r
6c0a3b8efa
fix joining over lb ( #2478 )
2023-10-19 16:28:07 +02:00
edgelessci
43ee0791c6
image: update measurements and image version ( #2477 )
...
Co-authored-by: 3u13r <3u13r@users.noreply.github.com>
2023-10-19 14:50:52 +02:00
3u13r
498b5d68f6
helm: add gcp ccm permissions for internal LBs ( #2474 )
...
* helm: add gcp ccm permissions
2023-10-19 10:57:59 +02:00
3u13r
0bfb4f7e11
align tf output vars with CLI parsing ( #2475 )
2023-10-19 10:03:22 +02:00
Malte Poll
ee54b71a9e
ci: build rpmdb explicitly ( #2476 )
2023-10-19 08:34:17 +02:00
Adrian Stobbe
5819a11d25
api: for Azure attestationconfigapi use TCB values from SNP report instead of MAA token ( #2429 )
2023-10-17 17:36:50 +02:00
3u13r
0c89f57ac5
Support internal load balancers ( #2388 )
...
* arch: support internal lb on Azure
* arch: support internal lb on GCP
* helm: remove lb svc from verify deployment
* arch: support internal lb on AWS
* terraform: add jump hosts for internal lb
* cli: expose internalLoadBalancer in config
* ci: add e2e-manual-internal
* add in-cluster endpoint to terraform output
2023-10-17 15:46:15 +02:00