Commit Graph

728 Commits

Author SHA1 Message Date
Paul Meyer
b80d1576f3 ci: use include list to define e2e matrix
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-17 12:08:42 +02:00
Paul Meyer
4020e7840a ci: always use tee -a instead of redirecting
into GITHUB_OUTPUT

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-17 12:08:42 +02:00
Paul Meyer
0b3190ea8b
ci: fix naming issues (#1662)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-15 19:24:48 +02:00
Paul Meyer
860d72a083
ci: reduce number of steps with continue-on-error (#1593)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 18:50:58 +02:00
Paul Meyer
632b24e7cd
ci: fix version publishing on release (#1658)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 18:04:03 +02:00
Paul Meyer
1cc0ab2614
ci: improve e2e failure reporting and checklist (#1656)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 13:14:25 +02:00
Paul Meyer
76979136de ci: refactor artifact and resource naming
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 13:12:39 +02:00
Paul Meyer
1f82b4d266 ci: reduce continue-on-error usage in e2e upgrade
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 13:12:39 +02:00
Paul Meyer
d24ebd660e ci: fix order in e2e upgrade
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 13:12:39 +02:00
Paul Meyer
677ed052a4 ci: use iam created Azure resource group in e2e upgrade
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-14 13:12:39 +02:00
Otto Bittner
d2967fff6b
cli: fix misleading error while applying kubernetes-only upgrade (#1630)
* The check would previously fail if e.g. `apply` did not upgrade the
image, but a new image was specified in the config. This could
happen if the specified image was too new, but a valid Kuberentes
upgrade was specified.
* ci: fix variable expansion in e2e-upgrade call
* e2e: do not verify measurement signature
2023-04-13 15:58:37 +02:00
Paul Meyer
dea41bd1ed
ci: refactor e2e test failure notifications (#1625)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-12 16:06:26 +02:00
renovate[bot]
60bacaa587
deps: update golang:1.20.3 Docker digest to 89924bd (#1636)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-12 14:35:57 +02:00
Moritz Sanft
6ba294e175
ci: separate e2e permissions (#1555)
* split e2e test iam create / create perms

* remove global Azure credentials

* remove unnecessary azure actions

* use UUID

* fix e2e upgrade test

* rename create inputs

* remove continue-on-error for resource deletion

* de-exclude verify test

* fix exclude

* fix release e2e test

---------

Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
2023-04-12 13:24:13 +02:00
Malte Poll
52a1bb0a19
ci: prevent accidental GOOS and GOARCH confusion in host go toolchain (#1632) 2023-04-12 11:05:05 +02:00
Moritz Eckert
0b66119a41 docs: group perf graphics by csp 2023-04-11 14:28:21 +02:00
Moritz Eckert
db32251daa docs: update benchmarks with v2.6.0
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-04-11 14:28:21 +02:00
Moritz Eckert
a1f5e0e53d ci: Add tooling to create benchmark figures 2023-04-11 14:28:21 +02:00
Malte Poll
2b962598bf
deps: update go to 1.20.3 (#1622) 2023-04-06 16:36:07 +02:00
Malte Poll
0ece41c146
bazel-deps-mirror: upgrade command (#1617)
* bazel-deps-mirror: upgrade command

This command can be used to upgrade a dependency.
Users are supposed to replace any upstream URLs and run the upgrade command.
It replaces the expected hash and uploads the new dep to the mirror.
2023-04-05 17:32:51 +02:00
Paul Meyer
b6778ab3e8
ci: always release cli on release-cli workflow (#1611)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-04 18:07:48 +02:00
renovate[bot]
8f17e4b9df
deps: update actions/setup-go action to v4 (#1605)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-04 11:06:30 +02:00
Paul Meyer
00efc30e24
ci: fix empty image input of verify e2e on release (#1604)
* ci: fix empty image input of verify e2e on release
* ci: increase parallelism of e2e release workflow

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-04 10:47:26 +02:00
Otto Bittner
b5ce95a7a1
ci: do not run tests on macOS (#1595)
only run two tests on macOS as a simple smoketest
2023-04-03 17:47:21 +02:00
renovate[bot]
5dad9bfad7
deps: update GitHub action dependencies (#1591)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 16:36:43 +02:00
Paul Meyer
cbdaec65da
ci: purge images on main (#1583)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 13:44:46 +02:00
Otto Bittner
1dd5eae594
ci: do not skip e2e-weekly if trigger is successful (#1584) 2023-04-03 13:40:42 +02:00
Otto Bittner
180ef931fd ci: do not create branch during release workflow
This seems to bother the create-pull-request action.
See: https://github.com/peter-evans/create-pull-request/issues/1203
2023-04-03 11:35:39 +02:00
Otto Bittner
cc2bde9a3e ci: only commit version.txt if a change happened 2023-04-03 11:35:39 +02:00
Malte Poll
5e07efbb07 ci: fix cli path for cli signatures 2023-04-03 11:35:39 +02:00
Otto Bittner
4df33b93fe ci: add e2e-test-release workflow
This workflow is used to run e2e tests in
preparation to a release.
It is triggered by the successful completion of
the release workflow.
Also trigger e2e-mini through the release
workflow completion.
This makes restarting the tests easier if
they fail during release preparation.

Co-authored-by: stdoutput <moritz.sanft@outlook.de>
2023-04-03 11:35:39 +02:00
3u13r
efe4681214
add version.txt step to release pipeline (#1493)
* add version.txt step to release pipeline

* refresh git status

* make minicon e2e test less flaky
2023-03-31 12:41:32 +02:00
Paul Meyer
e021245660 bazel: add cli doc generation to //:generate
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 12:01:13 -04:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target (#1554)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 14:47:29 +02:00
Otto Bittner
ef5d64b170
ci: set correct fromVersion in upgrade test (#1535) 2023-03-30 09:46:41 +02:00
Malte Poll
827c4f548d
bazel: deps mirror (#1522)
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.

It also normalizes deps rules.

* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload


Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-30 09:41:56 +02:00
Paul Meyer
d3e2f30f7b ci: fix diff check in tidy workflow
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274 bazel: add go generate to //:generate target
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 12:51:40 -04:00
renovate[bot]
96cdf108e4
deps: update golang:1.20.2 Docker digest to 2101aa9 (#1551)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 14:56:55 +02:00
Malte Poll
2a8169dd3b
ci: use bazel repository cache for tidy checks (#1525) 2023-03-29 14:13:51 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target (#1512)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target (#1509)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-27 10:42:30 +02:00
Otto Bittner
da4e2521a9
ci: don't statically set PCR 5 (#1521)
This value can't be statically precomputed and leads to
warnings during runtime.
2023-03-24 17:08:39 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target (#1494)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 17:27:09 +01:00
Moritz Eckert
feb23ea3da
ci: add unittests for the benchmark actions (#1466)
Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
2023-03-23 17:04:55 +01:00
Paul Meyer
01d6724bae ci: run e2e test daily on last release
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
Paul Meyer
4628222780 ci: always use tee -a when writing output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
Paul Meyer
332c78da60 ci: run e2e test weekly on last release
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
Paul Meyer
24f974de66 ci: run e2e test manual on last release
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
Paul Meyer
b33098346f ci: add missing version expansion to verify test
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 10:54:59 -04:00
Otto Bittner
cac43a1dd0 ci: add e2e-upgrade test
The test is implemented as a go test.
It can be executed as a bazel target.
The general workflow is to setup a cluster,
point the test to the workspace in which to
find the kubeconfig and the constellation config
and specify a target image, k8s and
service version. The test will succeed
if it detects all target versions in the cluster
within the configured timeout.
The CI automates the above steps.
A separate workflow is introduced as there
are multiple input fields to the test.
Adding all of these to the manual e2e test
seemed confusing.

Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-03-23 14:57:38 +01:00
Leonard Cohnen
18661ced48 miniconstellation e2e test as bazel target 2023-03-23 14:55:29 +01:00
Leonard Cohnen
740d28f41d update snp repoter 2023-03-23 14:55:29 +01:00
renovate[bot]
0a190c2bf6
deps: update GitHub action dependencies (#1499)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 17:57:47 +01:00
Nils Hanke
1ab40b7ca6 e2e: install Terraform for macOS runner for boot log collection 2023-03-22 10:36:28 +01:00
Nils Hanke
093f0f0e28 ci: rename scheduled OS image build action 2023-03-21 14:32:56 +01:00
renovate[bot]
9a9688583d
deps: update aws-actions/configure-aws-credentials action to v2 (#1445)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-21 10:56:30 +01:00
Malte Poll
6f16e0b6fd
ci: use github actions cache to speedup bazel builds (#1444)
* ci: use github actions cache to speedup bazel builds
* ci: warm bazel repo cache daily
2023-03-21 10:06:32 +01:00
Paul Meyer
a3b328360d ci: always run bazel tidy/check/generate workflow
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Paul Meyer
8d3fe6f477 bazel: add terrafrom to //:check and //:generate
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-20 11:17:16 -04:00
Nils Hanke
cdcc549d68 e2e: extract sonobuoy results to access junit results 2023-03-20 16:16:08 +01:00
Nils Hanke
af91ce2a3c e2e: only use junit for full tests 2023-03-20 16:16:08 +01:00
Nils Hanke
33cb3e8653 e2e: add "checks: write" permission for junit reports 2023-03-20 16:16:08 +01:00
Malte Poll
c3c0940adb
bazel: use remote caching (#1456)
* bazel: add configuration for remote caching
* ci: enable bazel remote caching for building binaries
* ci: use bazel directly when building go binaries
* ci: enable cache for most build steps
* dev-docs: document remote caching
2023-03-20 16:05:08 +01:00
Nils Hanke
914eacb4a3
e2e: use macOS for building Linux artifacts and remove caching steps (#1446) 2023-03-20 11:04:44 +01:00
Malte Poll
3fd9a34025
ci: disable upload of Azure TrustedLaunch image (#1440) 2023-03-17 10:51:44 +01:00
Paul Meyer
3a04786412 bazel: add actionlint to //:check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 13:02:11 -04:00
Paul Meyer
0fc15b2393 bazel: add shellcheck to //:check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 11:13:14 -04:00
renovate[bot]
f8f3f00595
deps: update Terraform azurerm to v3.47.0 (#1422)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 13:45:08 +01:00
Paul Meyer
e3f37e9a38 bazel: add shfmt to tidy target
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-16 04:39:45 -04:00
Nils Hanke
70ca69f6bc e2e: print K8s Pods and Events when kubectl wait fails 2023-03-15 18:36:32 +01:00
Nils Hanke
de86bb025f e2e: Temporarily bump kubectl wait timeout from 10 mins to 20 mins 2023-03-15 18:36:32 +01:00
Nils Hanke
6bb6f1c288 ci: remove Go setup where Bazel is used for building 2023-03-14 15:28:36 +01:00
3u13r
fe767ba78e
introduce version.txt (#1412) 2023-03-14 14:53:33 +01:00
Paul Meyer
8679988b6c fixup! bazel: add tidy and check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
02c97fac03 bazel: add tidy and check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 03:43:51 -04:00
Paul Meyer
e1f0ea50a7 ci: only build GCP guest agent if necessary
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 12:19:46 -05:00
Paul Meyer
72530d45ae ci: tag GCP guest agent with semver
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 12:19:46 -05:00
Paul Meyer
cc60de312e ci: adopt tidy workflow for bazel
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 10:02:28 -05:00
Moritz Sanft
01705feb51
ci: upload cli version list (#1377)
* upload cli version list

* fix flag

* name

* allow cli kind for listing

* [remove] update vapi cli

* allow cli kind

* use latest versionsapi image version

* fix kind parsing

* use workflow calls in on_release action

* [remove] update container tag

* change back to latest tag
2023-03-10 10:21:58 +01:00
Malte Poll
bdba9d8ba6
bazel: add build files for go (#1186)
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-09 15:23:42 +01:00
Daniel Weiße
e07be3d6f8
fix: add measurement-reader to build pipeline (#1386)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-09 15:01:09 +01:00
renovate[bot]
262e5674a2
deps: update golang Docker tag to v1.20.2 (#1370)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:41:52 +01:00
renovate[bot]
fede4ec6d2
deps: update GitHub action dependencies (#1365)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:06:42 +01:00
Paul Meyer
74fc6239b2
deps: update to Go 1.20.2 (#1366)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 10:05:36 +01:00
renovate[bot]
38d80f9608
deps: update golang:1.20.1 Docker digest to b03e750 (#1362)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 18:18:15 +01:00
Paul Meyer
cc6006c6ea ci: fix labeling when building on other branches
than github.head_ref, e.g., during release

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 11:32:41 -05:00
Paul Meyer
e4b5655646 ci: group output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 11:32:41 -05:00
Paul Meyer
f4a4a044fe ci: tee GitHub output
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 11:32:41 -05:00
Paul Meyer
53bc875e59 ci: use latest ver of versionsapi cli container
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-07 04:39:17 -05:00
Malte Poll
3d0ad0b8e1
ci: move aws iam create test to less utilized zone (#1350) 2023-03-07 09:32:26 +01:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps (#1345) 2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Moritz Eckert
5397ce4509
ci: fix typo in benchmark actions (#1344) 2023-03-06 08:49:15 +01:00
Moritz Eckert
62c437246b
ci: store additional data in bench results (#1341) 2023-03-06 08:12:08 +01:00
Moritz Eckert
ac127db79e
ci: set timestamp format correctly for opensearch (#1335) 2023-03-03 13:47:25 +01:00
Paul Meyer
2e73e0aa18
deps: update sonobuoy (#1330)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-03 12:02:49 +01:00
Moritz Eckert
29664fc481 ci: upload benchmark results to opensearch
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-03 09:43:49 +01:00
Moritz Eckert
bfca2638d0 ci: remove k-bench action 2023-03-03 09:43:49 +01:00
Moritz Eckert
12ba11ceee ci: replace k-bench in e2e-test-weekly 2023-03-03 09:43:49 +01:00