Commit Graph

4304 Commits

Author SHA1 Message Date
edgelessci
1975a10721
image: update measurements and image version (#3172)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-19 08:26:57 +02:00
Daniel Weiße
9d99d05826
cli: fix unmarshalling of sev-snp attestation documents in constellation verify (#3171)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-17 13:38:59 +02:00
edgelessci
e0f52b4acd
image: update locked rpms (#3170)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-16 11:05:20 +02:00
Markus Rudy
429711bf5d
ci: don't assign 3u13r (#3169) 2024-06-14 13:32:10 +02:00
Markus Rudy
566137e7ab
ci: make cdbg deploy errors easier to spot (#3168)
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-14 13:31:42 +02:00
edgelessci
63dc0c79af
image: update measurements and image version (#3167)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-14 08:14:39 +02:00
Daniel Weiße
daaa7755a7
cli: enable JSON output for constellation verify on Azure TDX (#3164)
* Remove formatter factory
* Enable `constellation verify` with JSON output for Azure TDX

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 13:18:27 +02:00
renovate[bot]
b3fcdc9a22
deps: update module github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.6.0 [SECURITY] (#3163)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-12 08:04:52 +02:00
edgelessci
305bc692e9
image: update measurements and image version (#3162)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-12 08:03:25 +02:00
Daniel Weiße
8b76dd68ca
attetstation: enable Azure TDX CRL checking (#3160)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:02:47 +02:00
Daniel Weiße
c682558940
debugd: return systemd logs if restarting a unit fails (#3159)
* Wait until logcollection containers are ready
* Add systemd unit journal entries to error message

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-12 08:01:54 +02:00
Markus Rudy
08770a69c4
deps: upgrade to tink-go v2.1.0 (#3054)
* deps: leave notes on why forks are used

* deps: use upstream version of tink-go
2024-06-11 20:15:42 +02:00
renovate[bot]
f8e0ca4bb6
deps: update libvirtd_base Docker digest to 99dbf3c (#3157)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-11 17:44:55 +02:00
Markus Rudy
fddad83eb4
helm: upgrade Cilium to v1.15.5-edg.1 (#3149) 2024-06-11 11:53:00 +02:00
Moritz Sanft
3efd50a518
ci: bump origin versions of upgrade tests (#3158) 2024-06-10 14:04:00 +02:00
renovate[bot]
85c4f9be2a
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240528 (#3143)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-09 11:05:02 +02:00
edgelessci
0a3f77e926
image: update locked rpms (#3156)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-09 11:03:17 +02:00
Daniel Weiße
32588339f3
cdbg: better error reporting on deploy failure (#3155)
* Don't report `UPLOAD_FILES_START_FAILED` as unknown error
* Return error to `cdbg` if present

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-07 15:46:37 +02:00
Moritz Sanft
095a66fb83
cli: return a more helpful error message on MAA patch failure (#3153)
* cli: return a more helpful error message on maa patch failure

* Update internal/maa/patch.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2024-06-07 15:18:34 +02:00
Moritz Sanft
7d4e7eff65
docs: adjust MAA updating (#3152)
* docs: adjust MAA updating

* versioned-docs: backport fix
2024-06-07 13:56:10 +02:00
miampf
94cf85c65a
fix: let artifact_upload fail if a bash command errors (#3154) 2024-06-07 13:37:06 +02:00
edgelessci
2c03a16a68
image: update measurements and image version (#3151)
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-07 07:59:55 +02:00
Daniel Weiße
9c2aef88ba
debugd: remove --debug flag from bootstrapper service created by debugd (#3150)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-06 10:25:51 +02:00
Markus Rudy
9a01551f75
ci: don't filter output of govulncheck (#3148) 2024-06-05 16:45:27 +02:00
Markus Rudy
2fbbf02516
bazel: use go_bin_for_host for all scripts (#3147) 2024-06-05 14:35:10 +02:00
Markus Rudy
68035cd90b
rfc: node access (#3051) 2024-06-05 14:07:15 +02:00
Daniel Weiße
d64aba7636
ci: author scheduled PRs using edgelessci account (#3145)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 10:41:19 +02:00
Daniel Weiße
39b01f8dac
deps: bump Go version to v1.22.4 (#3146)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 10:27:39 +02:00
Moritz Sanft
1989bce0a5
bootstrapper: disable gRPC logging (#3134)
* bootstrapper: disable gRPC logging

* bootstrapper: remove debug flag

* upgrade-agent: remove gRPC logging

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-05 09:24:08 +02:00
Moritz Sanft
1b7b80673c
image: update measurements and image version (#3144)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-06-05 09:22:32 +02:00
Daniel Weiße
1514351571
ci: update conditions on when to auto assign reviewer (#3141)
* Use the correct value for `github.event.pull_request.requested_reviewers`
* Run the workflow on more events than just labeling a PR
* Skip workflow if there are already reviewers assigned

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-05 08:42:47 +02:00
Markus Rudy
5a100d1fc9
helm: use Cilium chart from fork (#3130) 2024-06-05 07:56:11 +02:00
renovate[bot]
66a5d6a5d3
deps: update dependency rules_proto to v6.0.0.bcr.1 (#3138)
* deps: update dependency rules_proto to v6.0.0.bcr.1

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2024-06-04 16:54:50 +02:00
Moritz Sanft
5f0ed2b865
flake: pin bazel to 7.1.2 (#3142)
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-04 16:50:52 +02:00
renovate[bot]
72555e9ba1
deps: update GitHub action dependencies (#3140)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-04 14:50:20 +02:00
Daniel Weiße
66aa8a8d52
ci: adjust performance benchmark to run on different attestation variants (#3129)
* Create perf bench artifacts based on attestation variant, not CSP
* Enable perf bench on gcp-sev-snp, azure-tdx and AWS

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-06-04 13:23:07 +02:00
Moritz Sanft
69048e430e
image: fix podman config path (#3139) 2024-06-04 11:02:59 +02:00
renovate[bot]
929a555de5
deps: update bazel (core) (#3136)
* deps: update bazel (core)

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-03 15:35:32 +02:00
renovate[bot]
aa910cfc25
deps: update Kubernetes versions (#3102)
* deps: update Kubernetes versions

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-06-03 15:08:09 +02:00
renovate[bot]
3c3b993c36
deps: update golang:1.22.3 Docker digest to f43c6f0 (#3117)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-03 13:14:52 +02:00
renovate[bot]
93cabbe0b2
deps: update Constellation containers to v2.17.0-pre.0.20240524110423-80917921e3d6 (#3106)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-03 13:13:48 +02:00
edgelessci
ce3b00668b
image: update measurements and image version (#3131)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-06-03 08:53:59 +02:00
edgelessci
26e9f988ff
image: update locked rpms (#3133)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-06-02 20:21:45 +02:00
miampf
fbdc8f6e85
ci: clean up failed miniconstellation e2e tests (#3109) 2024-05-31 13:51:55 +02:00
edgelessci
79d3781f3e
image: update measurements and image version (#3128)
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
2024-05-29 08:18:27 +02:00
Daniel Weiße
3834373fd2
ci: disable perf-bench test for gcp-sev-snp (#3127)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-05-28 16:25:37 +02:00
Felix Schuster
7197a9b719
Rewrite "chain of trust" section (#3066)
Co-authored-by: 3u13r <lc@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2024-05-27 18:21:27 +02:00
Moritz Sanft
d14ee6ba1d
helm: update AWS CSI driver chart (#3121) 2024-05-27 16:22:56 +02:00
edgelessci
a2e417f5bb
image: update locked rpms (#3124)
Co-authored-by: malt3 <1780588+malt3@users.noreply.github.com>
2024-05-27 08:15:52 +02:00
3u13r
21c30ebb76
metadata-api: support dnsmasq (#3115) 2024-05-24 15:14:16 +02:00