Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-04-10 01:49:04 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,691 Commits 140 Branches 53 Tags
Commit Graph

3691 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
edgelessci
bed48344b0 attestation: hardcode measurements for v2.14.3 v2.14.3 2024-01-03 14:21:57 +00:00
edgelessci
c01e87d4a9 deps: update versions to v2.14.3 2024-01-03 13:32:18 +00:00
edgelessci
fc39d308dd chore: update version.txt to v2.14.3 2024-01-03 13:32:05 +00:00
3u13r
7f21ef8ee6 helm: masq traffic to the mini-qemu-metadata container so that the join-service can retrieve it's metadata (#2782) 
* helm: masq traffic to the mini-qemu-metadata container

* ci: fix waiting for nodes in miniconstellation e2e test
 2024-01-03 13:26:12 +01:00
Adrian Stobbe
b4f0795066 node-operator: fix setting Azure node image (#2788) 2024-01-03 13:25:58 +01:00
Adrian Stobbe
467d2b61a8 terraform-provider: only build as enterprise user (#2770) 
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
 2024-01-03 13:24:06 +01:00
Daniel Weiße
ade48cd2e5 constellation-lib: run license check in Terraform provider and refactor code (#2740) 
* Clean up license checker code

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Create license check depending on init/upgrade actions

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Run license check in Terraform provider

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* fix license integration test action

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Run tests with enterprise tag

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Allow b64 encoding for license ID

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

* Update checker_enterprise.go

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2024-01-03 13:23:49 +01:00
edgelessci
1268738483 attestation: hardcode measurements for v2.14.2 v2.14.2 2023-12-28 10:38:33 +00:00
edgelessci
cc77f0685d deps: update versions to v2.14.2 2023-12-28 09:44:16 +00:00
edgelessci
10d49fb0a7 chore: update version.txt to v2.14.2 2023-12-28 09:44:05 +00:00
Markus Rudy
a95e5d7b4e ci: allow on-release workflow to delete branches 2023-12-28 10:43:08 +01:00
Markus Rudy
33aaddbbca ci: correctly pass branch names in on-release workflow 2023-12-28 10:42:40 +01:00
Markus Rudy
2374ed27d9 ci: fix release branch naming 2023-12-28 10:35:00 +01:00
Adrian Stobbe
e87ff16b9d ci: give exec permission to provider binaries (#2779) 2023-12-28 10:34:28 +01:00
edgelessci
8053ea7164 attestation: hardcode measurements for v2.14.1 v2.14.1 2023-12-27 17:42:04 +00:00
edgelessci
c6229cf45f deps: update versions to v2.14.1 2023-12-27 16:55:00 +00:00
edgelessci
6f6b43c3a8 chore: update version.txt to v2.14.1 2023-12-27 16:54:48 +00:00
Adrian Stobbe
631e2c7501 fix Terraform release zipping (#2778) 2023-12-27 17:51:16 +01:00
3u13r
f75a20e4ba terraform-provider: fix parsing api_server_cert_sans (#2758) 2023-12-27 17:51:06 +01:00
edgelessci
facaa6a3a0 attestation: hardcode measurements for v2.14.0 v2.14.0 2023-12-19 07:37:24 +00:00
edgelessci
ad329286b0 deps: update versions to v2.14.0 2023-12-18 16:59:37 +00:00
edgelessci
9bff9aa09f chore: update version.txt to v2.14.0 2023-12-18 16:59:24 +00:00
Markus Rudy
1d05f438ff ci: remove Windows Terraform provider 2023-12-18 17:57:00 +01:00
Moritz Sanft
9414f29b51
terraform-provider: lock-step microservice version (#2733) 2023-12-18 14:21:19 +01:00
Markus Rudy
615e731855 upgrade-agent: pass patches to kubeadm 2023-12-18 14:17:35 +01:00
Markus Rudy
ce9e25c150 bootstrapper: pass patches to kubeadm 2023-12-18 14:17:35 +01:00
Markus Rudy
070c23f876 operators: pass additional components to upgrade-agent 2023-12-18 14:17:35 +01:00
Markus Rudy
6f1b6b532f upgrade-agent: allow more than one KubernetesComponent 2023-12-18 14:17:35 +01:00
Markus Rudy
4ba483ec0e versions: add Kubernetes image patches to components 2023-12-18 14:17:35 +01:00
Markus Rudy
b740a1a75b versions: designate components for upgrades 2023-12-18 14:17:35 +01:00
Moritz Sanft
7c5b95bbcc
terraform-provider: warn about microservice version changes (#2730) 
* terraform-provider: update data source examples

* terraform-provider: warn about destructive microservice changes

* terraform-provider: use `name` variable

* terraform-provider: only perform pre-apply checks on upgrades

* terraform-provider: fix conditional

* terraform-provider: remove obsolete version checks
 2023-12-18 13:55:44 +01:00
Daniel Weiße
f2c1bdbf82
ci: remove conditional from AWS login in e2e verify test (#2727) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-12-18 11:51:50 +01:00
edgelessci
086b42b08f
image: update locked rpms (#2726) 
Co-authored-by: malt3 <malt3@users.noreply.github.com>
 2023-12-18 11:02:42 +01:00
Moritz Sanft
af791bd221
terraform-provider: add usage examples (#2713) 
* terraform-provider: add usage example for Azure

* terraform-provider: add usage example for AWS

* terraform-provider: add usage example for GCP

* terraform-provider: update usage example for Azure

* terraform-provider: update generated documentation

* docs: adjust creation on Azure and link to examples

* terraform-provider: unify image in-/output (#2725)

* terraform-provider: check for returned error when converting microservices

* terraform-provider: use state values for outputs after creation

* terraform-provider: ignore invalid upgrades (#2728)

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
 2023-12-18 10:15:54 +01:00
Adrian Stobbe
88d626d302
feat: pin cert-manager image to sha256 checksum (#2721) 2023-12-18 09:28:50 +01:00
3u13r
183c564483
cilium: enable bpf masquerading (#2723) 
* cilium: enable bpf masquerading

* cilium: also enable ipMasqAgent

* cilium: remove custom Azure masqing
 2023-12-15 23:07:03 +01:00
3u13r
0111b6d718
deps: Update cert manager to 1.12.6 (#2700) 
* deps: bump cert manager to 1.13.2

* helm: allow minor jump for cert-manager
 2023-12-15 17:44:00 +01:00
Daniel Weiße
a1f67d0884
cli: fix upgrades when using outdated Kubernetes patch version (#2718) 
* Fix missing image for Constellation operators in our Helm charts if the desired Kubernetes patch version is no longer supported (but Kubernetes upgrades are skipped)
* Correctly unmarshal Kubernetes Components list if the list uses an old format

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-12-15 15:45:52 +01:00
Daniel Weiße
724ee44466
ci: Terraform provider e2e tests (#2712) 
* Refactor selfManagedInfra input to clusterCreation in e2e tests
* Run e2e test using terraform provider
* Allow insecure measurement fetching in Terraform provider
* Run Terraform provider test instead of module test in weekly runs

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-12-15 10:37:29 +01:00
Adrian Stobbe
9667dfff58
terraform: align infrastructure module attributes (#2703) 
* all vars have snail_case

* make iam schema consistent

* infrastructure schema

* terraform: update AWS infrastructure module

* fix ci

* terraform: update AWS infrastructure module

* terraform: update AWS IAM module

* terraform: update Azure Infrastructure module inputs

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update Azure IAM module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update GCP infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update GCP IAM module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update OpenStack Infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update QEMU Infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-module: fix input name

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: tidy

* cli: ignore whitespace in Terraform variable tests

* terraform-module: fix AWS output names

* terraform-module: fix output references

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: rename `api_server_cert_sans`

* Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* fix self-managed

* terraform: revert AWS modules output file renaming

* terraform: remove duplicate varable declaration

* terraform: rename Azure location field

* ci: adjust output name in self-managed e2e test

* e2e: continuously print output in upgrade test

* e2e: write to output variables

* cli: migrate IAM variable names

* cli: make `location` field optional

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
 2023-12-15 10:36:58 +01:00
edgelessci
6f6f28b8cc
image: update measurements and image version (#2722) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-12-15 08:18:25 +01:00
edgelessci
2c50abcc91
image: update measurements and image version (#2720) 
Co-authored-by: malt3 <malt3@users.noreply.github.com>
 2023-12-14 19:35:40 +01:00
Malte Poll
b3601fcf32 nix: update mkosi to work around tar unpacking issue 2023-12-14 18:18:07 +01:00
Malte Poll
f487c2a6d0 image: update Linux to 6.1.68 
Changelogs:

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.65
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.66
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.67
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.68
 2023-12-14 18:18:07 +01:00
Adrian Stobbe
37580009fe
terraform-provider: cleanup and improve docs (#2685) 
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
 2023-12-14 15:47:55 +01:00
Daniel Weiße
9a4e96905f
bazel: place Terraform provider binaries in local registry path on devbuild (#2714) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-12-14 08:18:48 +01:00
Malte Poll
fecb1f3e6c ci: reproducibility test for OS images 2023-12-13 18:19:59 +01:00
Malte Poll
58e7af5364 image: create package manifest in chroot 
rpm doesn't work properly when run on the host.
 2023-12-13 18:19:59 +01:00
Malte Poll
23e456a265 nix: update flake and use mkosi with sorted cpio 2023-12-13 18:19:59 +01:00
Malte Poll
1209d597d8 ci: test reproducible builds on different Linux systems 
macOS is not working reliably at the moment.
 2023-12-13 18:19:59 +01:00