Malte Poll
c23f17de41
openstack: read credentials from clouds.yaml
2024-03-11 15:59:23 +01:00
Malte Poll
d69673fab7
terraform-provider: Add support for STACKIT / OpenStack
2024-03-11 15:59:23 +01:00
Malte Poll
1670d977c6
openstack: vendor clouds.yaml Go type definitions from gophercloud v2 beta
2024-03-11 15:59:23 +01:00
Malte Poll
6ddabd025d
openstack: rename client type
2024-03-11 15:59:23 +01:00
malt3
9c5f231f4a
image: update locked rpms
2024-03-11 09:35:10 +01:00
Daniel Weiße
27330490f3
cli: retry auth handshake deadline exceeded errors in CLI and Terraform ( #2976 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-03-08 13:15:06 +01:00
Malte Poll
52e4e64316
docs: add installation instructions for the Windows CLI variant
2024-03-08 10:45:36 +01:00
edgelessci
483c888a3c
image: update measurements and image version ( #2975 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-08 08:40:29 +01:00
Malte Poll
108784c580
openstack: improve error message on IMDS failures
2024-03-07 11:47:51 +01:00
Malte Poll
7f262d18a8
imagefetcher: allow any marketplace image for OpenStack
2024-03-07 11:47:51 +01:00
Malte Poll
56460f0d63
image: special case OpenStack serial console to include ttyS1
2024-03-07 11:47:51 +01:00
Malte Poll
f94b00fe7c
disk-mapper: write failure message to syslog and sleep before reboot
2024-03-07 11:47:51 +01:00
Malte Poll
5e241bcb45
deps: update Go to v1.22.1
2024-03-06 14:50:01 +01:00
Malte Poll
281c7c320c
deps: update protobuf to v1.33.0
2024-03-06 14:50:01 +01:00
Markus Rudy
03fbcafe68
bootstrapper: bounded retry of k8s join ( #2968 )
2024-03-05 09:14:01 +01:00
Malte Poll
8b41bcaecc
cli: correct measurements in config generate stackit
2024-03-04 18:17:26 +01:00
Malte Poll
f94c6ca0d4
misc: skip message about community license with marketplace image
2024-03-04 18:17:26 +01:00
Malte Poll
1c8a7e4c22
cli: add STACKIT to constellation config instance-types
2024-03-04 18:17:26 +01:00
Daniel Weiße
d5b3d4fd6f
ci: use collision resistant name for Terraform e2e test ( #2967 )
...
* Use collision resistant name for Terraform e2e test
* Remove test suffix from Terraform provider examples
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-03-04 13:48:30 +01:00
malt3
06da526fe0
image: update locked rpms
2024-03-04 10:23:14 +01:00
Malte Poll
fc08e50605
docs: update STACKIT flavors ( #2964 )
2024-03-01 10:59:06 +01:00
edgelessci
d8a8d9b6b9
image: update measurements and image version ( #2963 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-03-01 08:31:34 +01:00
Malte Poll
c513c3f40c
ci: v2.16 post-release cleanup
2024-02-29 18:36:07 +01:00
malt3
c4f27f62ee
docs: add release v2.16.0
2024-02-29 17:22:19 +01:00
Malte Poll
93eb8f0694
release: use cosign sign-blob in non-interative mode ( #2953 )
2024-02-29 09:40:13 +01:00
Malte Poll
0b6eeb3747
ci: match version of actions/download-artifact for slsa provenance ( #2957 )
2024-02-29 09:39:41 +01:00
Malte Poll
f5c5413284
terraform: use volumes instead of ephemeral local disks on STACKIT
...
Ephemeral local disks are discouraged on STACKIT.
Use volumes instead.
This sets an upper bound of 5GB on the boot disk.
If Constellation OS images ever grow beyond that, we will run into
problems.
2024-02-28 15:48:53 +01:00
Malte Poll
5e40f49ca4
docs: update STACKIT instance types
2024-02-28 15:48:53 +01:00
Malte Poll
3ce10eb00f
terraform: allow STACKIT / OpenStack instance type to be UUID or name
2024-02-28 15:48:53 +01:00
edgelessci
79aaa77b6b
image: update measurements and image version ( #2950 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-02-28 10:02:33 +01:00
Daniel Weiße
80518379c4
ci: fix artifact naming problems in e2e test ( #2948 )
...
* Fix potentially artifact naming in weekly tests
* Use e2e prefix for artifact naming in e2e-benchmark
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-02-27 08:59:22 +01:00
Malte Poll
6f60cee6f9
deps: update Linux LTS and mainline kernel ( #2947 )
...
LTS: 6.1.79
Mainline: 6.7.6
2024-02-26 16:59:34 +01:00
Malte Poll
7bc4ad5728
deps: update all terraform providers
2024-02-26 13:38:33 +01:00
edgelessci
0336cd4faa
image: update locked rpms ( #2946 )
...
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-02-25 09:54:09 +01:00
Malte Poll
4b3d9e15a5
docs: add STACKIT
2024-02-23 13:32:22 +01:00
edgelessci
b2ab5869b3
image: update measurements and image version ( #2943 )
...
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-02-23 09:33:12 +01:00
renovate[bot]
ae0e00383b
deps: update module helm.sh/helm/v3 to v3.14.2 [SECURITY] ( #2944 )
...
* deps: update module helm.sh/helm/v3 to v3.14.2 [SECURITY]
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-02-23 09:26:36 +01:00
Malte Poll
ae4b2a9182
docs: point to new URL for rocket chat blog post
2024-02-23 08:57:57 +01:00
Thomas Tendyck
31baba2d4b
docs: remove broken links and publish removal of cloud logging
2024-02-23 08:57:57 +01:00
3u13r
2a61861a1c
stackit: add k8s api load balancer ( #2925 )
2024-02-22 17:39:34 +01:00
renovate[bot]
62acec17f6
deps: update Constellation containers ( #2921 )
...
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2024-02-22 14:04:42 +01:00
Malte Poll
00d39ff7fa
helm: update edgelesssys cinder-csi-plugin
2024-02-22 12:43:04 +01:00
Malte Poll
31f65fb486
openstack: find node CIDR with multiple subnets
2024-02-22 12:43:04 +01:00
Malte Poll
d8185fdafb
helm: use patched yawol with support for subnet choice
...
Constellation requires a CIDR that only Kubernetes nodes live in.
This is needed for cilium encryption.
To make yawol LBs work, they need to be placed in a different subnet
with their own CIDR.
This patched version supports that.
2024-02-22 12:43:04 +01:00
Malte Poll
1e987f6a85
terraform: add subnet for OpenStack LBs
2024-02-22 12:43:04 +01:00
Malte Poll
9d164de18b
helm: avoid waiting for non-essential services ( #2939 )
...
In our e2e tests, we see a lot of "etcd-leader changed" errors
while deploying non-essential helm charts.
If this transient error occurs, helm gets into a broken state
where it cannot uninstall cleanly and thus any retry attempts fail.
By not waiting for the installation of helm charts to succeed,
we can avoid making most of the kubernetes API calls while
control-plane nodes are joining.
This makes "constellation apply" faster and more resilient.
2024-02-22 12:18:55 +01:00
renovate[bot]
5674d9742a
deps: update Constellation containers ( #2936 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-22 09:12:18 +01:00
Malte Poll
522f2858c6
proto: update generated protobuf sources
2024-02-21 18:40:16 +01:00
Malte Poll
71c8a27539
deps: replace use of deprecated module azsecrets
...
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets -> github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets
2024-02-21 18:40:16 +01:00
Malte Poll
8541365341
sigstore: replace use of deprecated module go-tuf
2024-02-21 18:40:16 +01:00