Moritz Sanft
dfe7f855cd
AB#2578 Implement Azure IAM in terraform ( #562 )
...
* AB#2578 Azure IAM init
* AB#2578 Fixed application owner privileges, added docs
* Add all supported providers to TF lockfile
* Using service principal for role assignment in cluster resource group
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Rephrased header for Azure
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Registry -> Registration typo
Co-authored-by: Malte Poll <mp@edgeless.systems>
* Download lockfile
* File name casing
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-11-16 20:19:10 +01:00
renovate[bot]
ee47177029
Update module helm.sh/helm/v3 to v3.10.2 ( #555 )
...
* Update module helm.sh/helm/v3 to v3.10.2
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-15 15:47:53 +01:00
Fabian Kammel
bb76a4e4c8
AB#2512 Config secrets via env var & config refactoring ( #544 )
...
* refactor measurements to use consistent types and less byte pushing
* refactor: only rely on a single multierr dependency
* extend config creation with envar support
* document changes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-15 15:40:49 +01:00
renovate[bot]
9ef8a0846f
Update module github.com/spf13/afero to v1.9.3 ( #554 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-15 12:18:33 +01:00
renovate[bot]
c71eeffd1e
Update module github.com/sigstore/rekor to v1.0.1 ( #543 )
...
* Update module github.com/sigstore/rekor to v1.0.1
* quotes around string with spaces
* [bot] Tidy all modules
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: datosh <datosh@users.noreply.github.com>
2022-11-15 12:18:01 +01:00
Leonard Cohnen
c51694a51a
kubernetes: add hashes to components
2022-11-15 11:07:46 +01:00
renovate[bot]
83cbc68cb6
Update module github.com/googleapis/gax-go/v2 to v2.7.0 ( #517 )
...
* Update module github.com/googleapis/gax-go/v2 to v2.7.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-14 10:48:28 +01:00
renovate[bot]
5009de823f
Update Terraform aws to v4.39.0 ( #538 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-14 10:35:26 +01:00
Malte Poll
e8f02c0262
go mod tidy
2022-11-14 10:04:04 +01:00
Daniel Weiße
a07cab4b97
Update go-tpm dependency ( #533 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-14 09:02:56 +01:00
Daniel Weiße
fdb7c480e8
Fix license check unbound variable ( #534 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-11 16:16:14 +01:00
Paul Meyer
106b738fab
ci: format shellscripts
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 15:53:57 +01:00
Paul Meyer
7aa7492474
Fix shellcheck warnings
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:40:13 +01:00
renovate[bot]
e887dc7fcd
Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0 ( #515 )
...
* Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:56:45 +01:00
renovate[bot]
0720f95179
Update module cloud.google.com/go/storage to v1.28.0 ( #498 )
...
* Update module cloud.google.com/go/storage to v1.28.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:43:36 +01:00
renovate[bot]
52140ff7e5
Update module golang.org/x/crypto to v0.2.0 ( #507 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 08:01:51 +01:00
renovate[bot]
9af6923756
Update module golang.org/x/mod to v0.7.0 ( #508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 18:44:07 +01:00
Fabian Kammel
0d12e37c96
Document exported funcs,types,interfaces and enable check. ( #475 )
...
* Include EXC0014 and fix issues.
* Include EXC0012 and fix issues.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2022-11-09 15:57:54 +01:00
Malte Poll
97bb0f4a91
Update terraform lock files to include hashes for all platforms ( #499 )
...
- linux_arm64
- linux_amd64
- darwin_arm64
- darwin_amd64
- windows_amd64
2022-11-09 14:23:51 +01:00
renovate[bot]
1c463bf10b
Update Azure SDK ( #493 )
...
* Update Azure SDK
* [bot] Tidy all modules
* fix breaking changes around New function in Azure SDK
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 12:09:22 +01:00
renovate[bot]
cf9693af24
Update Google cloud SDK ( #457 )
...
* Update Google cloud SDK
* [bot] Tidy all modules
* migrate from google.golang.org/genproto/googleapis/cloud/kms/v1 to cloud.google.com/go/kms/apiv1/kmspb
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 11:48:56 +01:00
renovate[bot]
ce0b3a8867
Update module golang.org/x/sys to v0.2.0 ( #491 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 11:09:07 +01:00
renovate[bot]
18439fc69b
Update module github.com/docker/docker to v20.10.21+incompatible ( #322 )
...
* Update module github.com/docker/docker to v20.10.21+incompatible
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:07:15 +01:00
renovate[bot]
cb7b53a9c9
Update AWS SDK ( #490 )
...
* Update AWS SDK
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:03:06 +01:00
renovate[bot]
5f170709d6
Update k8s.io/utils digest to 8e77b1f ( #489 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 10:46:47 +01:00
Thomas Tendyck
d3150a80ac
add brief instructions to AWS IAM Terraform script ( #478 )
...
* add brief instructions to AWS IAM Terraform script
* Update README.md
2022-11-08 18:40:30 +01:00
renovate[bot]
34435e4396
Update k8s.io/utils digest to 1a15be2 ( #483 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 18:39:51 +01:00
renovate[bot]
b8acb5e448
Update Terraform aws to v4.38.0 ( #464 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 18:34:45 +01:00
Fabian Kammel
cf36b85ff9
extend permissions to allow logging ( #461 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-04 14:56:13 +01:00
Fabian Kammel
668b4d000b
document usage of iamlive ( #443 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-04 14:01:23 +01:00
renovate[bot]
934d173650
Update AWS SDK ( #412 )
...
* Update AWS SDK
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 13:17:27 +01:00
renovate[bot]
8e44eb7ea5
Update module github.com/sigstore/rekor to v1 ( #453 )
...
* Update module github.com/sigstore/rekor to v1
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 12:45:45 +01:00
renovate[bot]
44b1a92d6b
Update fedora Docker digest to 455fec9 ( #447 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Nirusu <Nirusu@users.noreply.github.com>
2022-11-04 11:49:41 +01:00
Leonard Cohnen
f7a5f299a0
aws: add needed IAM permission for join service
2022-11-03 16:44:54 +01:00
Leonard Cohnen
0430336fdf
metadata: implement GetLoadBalancerEndpoint for AWS
2022-11-02 23:29:04 +01:00
Leonard Cohnen
d979aeea2d
terraform: add necessary IAM permissions for AWS
2022-11-02 23:29:04 +01:00
Nils Hanke
7ca4a6d0e1
Adjust CI scripts to avoid termination prompt
2022-11-02 18:18:30 +01:00
renovate[bot]
4b257616e4
Update k8s.io/utils digest to 61b03e2 ( #427 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 16:04:19 +01:00
Daniel Weiße
55cfff034a
Remove PublicIP from QEMU metadata ( #396 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-02 12:56:16 +01:00
Nils Hanke
6d2ec109d0
Update to Go 1.19.3
2022-11-02 11:53:52 +01:00
renovate[bot]
67a99434e9
Update module github.com/sigstore/sigstore to v1.4.5 ( #383 )
...
* Update module github.com/sigstore/sigstore to v1.4.5
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-01 12:14:55 +01:00
Otto Bittner
30bdbd9b85
Add helm unittests ( #380 )
2022-10-31 19:25:02 +01:00
Daniel Weiße
79f52e67cb
Update go-tpm-tools to fix AWS PCR selection ( #390 )
...
* Update go-tpm-tools to fix AWS PCR selection
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Ignore leaking glog go routine
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-28 17:57:24 +02:00
Paul Meyer
256f0e64b3
Upgrade Go version to 1.19
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 16:06:53 +02:00
renovate[bot]
4ef94834ed
Update module github.com/googleapis/gax-go/v2 to v2.6.0 ( #330 )
...
* Update module github.com/googleapis/gax-go/v2 to v2.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-28 09:33:29 +02:00
leongross
d457620941
AB#2458 AWS NitroTPM attestation ( #339 )
...
* add aws tpm attestation
* fix typos
* Fix return value issue
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-10-27 11:04:23 +02:00
renovate[bot]
8d82d8c0fa
Update module github.com/stretchr/testify to v1.8.1 ( #385 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:39:45 +02:00
renovate[bot]
8c01a6647f
Update module github.com/spf13/cobra to v1.6.1 ( #384 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:25:21 +02:00
renovate[bot]
9210ae5d04
Update google.golang.org/genproto digest to 527a21c ( #320 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:47:16 +02:00
Malte Poll
2d121d9243
Replace interface{} -> any ( #370 )
2022-10-25 15:51:23 +02:00