* add current chart
add current helm chart
* disable service controller for aws ccm
* add new iam roles
* doc AWS internet LB + add to LB test
* pass clusterName to helm for AWS LB
* fix update-aws-lb chart to also include .helmignore
* move chart outside services
* working state
* add subnet tags for AWS subnet discovery
* fix .helmignore load rule with file in subdirectory
* upgrade iam profile
* revert new loader impl since cilium is not correctly loaded
* install chart if not already present during `upgrade apply`
* cleanup PR + fix build + add todos
cleanup PR + add todos
* shared helm pkg for cli install and bootstrapper
* add link to eks docs
* refactor iamMigrationCmd
* delete unused helm.symwallk
* move iammigrate to upgrade pkg
* fixup! delete unused helm.symwallk
* add to upgradecheck
* remove nodeSelector from go code (Otto)
* update iam docs and sort permission + remove duplicate roles
* fix bug in `upgrade check`
* better upgrade check output when svc version upgrade not possible
* pr feedback
* remove force flag in upgrade_test
* use upgrader.GetUpgradeID instead of extra type
* remove todos + fix check
* update doc lb (leo)
* remove bootstrapper helm package
* Update cli/internal/cmd/upgradecheck.go
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* final nits
* add docs for e2e upgrade test setup
* Apply suggestions from code review
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update cli/internal/helm/loader.go
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update cli/internal/cmd/tfmigrationclient.go
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* fix daniel review
* link to the iam permissions instead of manually updating them (agreed with leo)
* disable iam upgrade in upgrade apply
---------
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Malte Poll
* add docs on general tf usage
* reminder to not delete terraform dir
* fix spelling check
* add to sidebar
* reference terraform page
* embed link into natural language
* mention iam folder
* separate hack tools from official tf docs
* assume familiarity with tf
* Document SLSA adoption and current level
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Quick pass over create.md
* pass over verify.md
* Re-arrange workflows
* Quick polish of scale.md and upgrade.md
* Quick polish of terminate.md
* Cut recovery.md down
* Brush over ssh
* storage
* Brush over trusted launch VMs
* Update docs/docs/workflows/verify-cluster.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/verify-cluster.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Update docs/docs/workflows/verify-cluster.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* Add Azure back to title
* Update docs/docs/workflows/verify-cluster.md
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* fix lint errors
* publish to 2.0
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
* Document trusted launch usage for Azure
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* there is no valid link because there is no valid release yet
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* fix link
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* fix linter issues
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
* improve
* importAzure.sh: print final image ID
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
