Commit Graph

180 Commits

Author SHA1 Message Date
renovate[bot]
c199c6825b
deps: update dependency rules_python to v0.23.1 (#2047)
* deps: update dependency rules_python to v0.23.1

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-07-07 10:54:49 +02:00
renovate[bot]
859dfc309f
deps: update module github.com/siderolabs/talos/pkg/machinery to v1.4.6 (#2053)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:41:04 +02:00
Moritz Sanft
bd64e6950b
mount host's docker config into builder container (#2044) 2023-07-07 08:25:43 +02:00
renovate[bot]
67e3a8240d
deps: update Google SDK (#2050)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:11:47 +02:00
renovate[bot]
4c00339700
deps: update etcd dependencies to v3.5.9 (#2049)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-07 08:09:24 +02:00
renovate[bot]
ed2943c5c8
deps: update module github.com/onsi/ginkgo/v2 to v2.11.0 (#2045)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 18:23:52 +02:00
renovate[bot]
73d7e1ae5c
deps: update module github.com/go-git/go-git/v5 to v5.7.0 (#2040)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 18:23:09 +02:00
renovate[bot]
81b88aa4b2
deps: update module github.com/hashicorp/go-kms-wrapping/v2 to v2.0.10 (#2046)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 17:42:46 +02:00
renovate[bot]
e9f220092f
deps: update module github.com/googleapis/gax-go/v2 to v2.12.0 (#2041)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 17:30:08 +02:00
renovate[bot]
ff729bfc85
deps: update module github.com/hashicorp/terraform-json to v0.17.1 (#2037)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 16:51:48 +02:00
renovate[bot]
95e9b771f1
deps: update module github.com/gophercloud/gophercloud to v1.5.0 (#2036)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 16:44:32 +02:00
renovate[bot]
49cff0aabb
deps: update module github.com/sigstore/rekor to v1.2.2 (#2033)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:41:14 +02:00
renovate[bot]
8c03e7e311
deps: update module libvirt.org/go/libvirt to v1.9004.0 (#2042)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:24:07 +02:00
renovate[bot]
0c53b535ec
deps: update module helm.sh/helm/v3 to v3.12.1 (#2039)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 15:13:01 +02:00
renovate[bot]
be23526023
deps: update module github.com/sigstore/sigstore to v1.7.1 (#2034)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 13:21:29 +02:00
renovate[bot]
c8b1e6fef3
deps: update module golang.org/x/crypto to v0.11.0 (#2014)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 13:20:20 +02:00
renovate[bot]
6f389be103
deps: update module golang.org/x/tools to v0.10.0 (#2017)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-06 11:50:33 +02:00
renovate[bot]
8b11678571
deps: update module k8s.io/kubernetes to v1.27.3 [SECURITY] (#2031)
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-07-06 10:22:30 +02:00
Moritz Sanft
c7457bd942
bazel: fill microservice version on devbuild target (#1994)
* wip: fill microservice version on devbuild

* fill microservice versin on `devbuild`
2023-07-06 08:46:06 +02:00
renovate[bot]
874c9b3ad9
deps: update module golang.org/x/sys to v0.10.0 (#2016)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 15:57:39 +02:00
renovate[bot]
38b7be4b1f
deps: update module github.com/katexochen/sh/v3 to v3.7.0 (#2013)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-07-05 15:23:24 +02:00
renovate[bot]
5943c13006
deps: update module golang.org/x/mod to v0.12.0 (#2015)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 14:47:24 +02:00
Malte Poll
46d69abe10
bazel: rewrite pseudo-version stamping in bash (#2020)
* bazel: simplify workspace_status command to only depend on bash and git
* bazel: remove pseudo-version freshness code
2023-07-05 14:42:18 +02:00
renovate[bot]
53edee098a
deps: update module golang.org/x/vuln to v0.2.0 (#2018)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 08:30:18 +02:00
renovate[bot]
9de8660bd7
deps: update module github.com/stretchr/testify to v1.8.4 (#2008)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 17:23:09 +02:00
renovate[bot]
1dc204f5f1
deps: update katexochen/ghh to v0.3.0 (#2010)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-07-04 16:03:35 +02:00
renovate[bot]
c388ad6806
deps: update bufbuild/buf to v1.23.1 (#2009)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 15:15:59 +02:00
renovate[bot]
d66793df56
deps: update golangci/golangci-lint to v1.53.3 (#2007)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 15:03:35 +02:00
renovate[bot]
e698f4d3e0
deps: update golang.org/x/exp digest to 97b1e66 (#2004)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 14:55:35 +02:00
renovate[bot]
27097b7f80
deps: update AWS SDK (#1996)
* deps: update AWS SDK

* deps: tidy all modules

---------

Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-07-03 16:23:51 +02:00
Malte Poll
78fb0066e4
ci: add automated tests for reproducible builds (#1914)
* ci: reproducible builds test
* deps: upgrade actionlint to support macos-13 runners
2023-06-23 12:12:32 +02:00
Otto Bittner
7388240943
Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916)" (#1957)
This reverts commit c7d12055d1.
2023-06-22 17:08:44 +02:00
Otto Bittner
c7d12055d1
attestation: add SNP-based attestation for aws-sev-snp (#1916)
* config: move AMD root key to global constant
* attestation: add SNP based attestation for aws
* Always enable SNP, regardless of attestation type.
* Make AWSNitroTPM default again

There exists a bug in AWS SNP implementation where sometimes
a host might not be able to produce valid SNP reports.
Since we have to wait for AWS to fix this we are merging SNP
attestation as opt-in feature.
2023-06-21 14:19:55 +02:00
Malte Poll
2808012c9c
terraform: gcp node groups (#1941)
* terraform: GCP node groups

* cli: marshal GCP node groups to terraform variables

This does not have any side effects for users.
We still strictly create one control-plane and one worker group.
This is a preparation for enabling customizable node groups in the future.
2023-06-19 13:02:01 +02:00
Malte Poll
9b142f9a25 bazel: upgrade rules_go to a pre-release version to get stripped binaries 2023-06-16 16:30:47 +02:00
Malte Poll
18e7bffc67 bazel: upgrade bazeldnf to produce deterministic rpm2tar artifacts 2023-06-16 16:30:47 +02:00
Malte Poll
bd82071dd5 bazel: add test for containers being equal regardless of the target platform 2023-06-16 16:30:47 +02:00
renovate[bot]
4908b5f63c
deps: update golangci/golangci-lint to v1.53.2 (#1924)
* deps: update golangci/golangci-lint to v1.53.2
* deps: tidy all modules
* attestation: silence linter warning


---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-06-16 09:40:08 +02:00
Malte Poll
264b2df902
deps: upgrade to Fedora 38 (#1909)
* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
2023-06-15 16:50:35 +02:00
renovate[bot]
d964c74cbb
deps: update dependency io_bazel_rules_go to v0.39.1 (#1921)
* deps: update dependency io_bazel_rules_go to v0.39.1
* deps: tidy all modules
* deps: remove duplicate urls

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-06-14 16:35:52 +02:00
Adrian Stobbe
c1f9d86cd3
bazel check: silent env for cleaner output (#1898)
* explicitly ignore pkgs for cleaner output

* do not ignore but redirect stderr

* silent env var to silent stderr

* add silent env var to vuln,lint,tf

* fix golangci silent

* Update bazel/ci/terraform.sh.in

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

* Update bazel/ci/golicenses.sh.in

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

* Update bazel/ci/govulncheck.sh.in

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

* Update bazel/ci/golangci_lint.sh.in

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-06-14 13:58:21 +02:00
renovate[bot]
520571c3d1
deps: update dependency com_github_bazelbuild_buildtools to v6 (#1925)
* deps: update dependency com_github_bazelbuild_buildtools to v6
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-13 18:33:49 +02:00
renovate[bot]
16621b5d15
deps: update dependency rules_pkg to v0.9.1 (#1923)
* deps: update dependency rules_pkg to v0.9.1
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-13 18:31:19 +02:00
renovate[bot]
42735ae1b1
deps: update bufbuild/buf to v1.21.0 (#1922)
* deps: update bufbuild/buf to v1.21.0
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-13 18:20:44 +02:00
renovate[bot]
5442e86150
deps: update dependency bazel_gazelle to v0.31.1 (#1919)
* deps: update dependency bazel_gazelle to v0.31.1
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-13 18:18:50 +02:00
renovate[bot]
053b371e93
deps: update dependency bazel_skylib to v1.4.2 (#1920)
* deps: update dependency bazel_skylib to v1.4.2
* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: malt3 <mp@edgeless.systems>
2023-06-13 18:03:40 +02:00
Daniel Weiße
ab74730fd7
Update go-tpm-tools fork (#1910)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-06-12 15:59:40 +02:00
renovate[bot]
167052d443
deps: update dependency hermetic_cc_toolchain to v2.0.0 (#1860)
* deps: update dependency hermetic_cc_toolchain to v2.0.0
* deps: tidy all modules
* bazel: target glibc 2.23 to enable rbe

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-06-09 17:39:30 +02:00
Moritz Sanft
72e168e653
bazel: pseudo version tool freshness check (#1869)
* switch to darwin compatible shasum

* add bazel rule

* update shellscript for in-place updates

* Revert "update shellscript for in-place updates"

This reverts commit 87d39b06f7.

* add version tool freshness check

* remove pseudo-version file

* revert to `sha256sum`

* fix workflow indentation
2023-06-09 11:50:51 +02:00
Adrian Stobbe
e0fe8e6ca0
local: fix mac issues in bazel (#1893) 2023-06-09 10:35:52 +02:00