constellation

mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00

Author	SHA1	Message	Date
Moritz Sanft	fe0b8c1e5b	remove Terraform targets (#1970 )	2023-06-27 11:27:50 +02:00
Otto Bittner	8f21972aec	attestation: add `awsSEVSNP` as new variant (#1900 ) * variant: move into internal/attestation * attesation: move aws attesation into subfolder nitrotpm * config: add aws-sev-snp variant * cli: add tf option to enable AWS SNP For now the implementations in aws/nitrotpm and aws/snp are identical. They both contain the aws/nitrotpm impl. A separate commit will add the actual attestation logic.	2023-06-09 15:41:02 +02:00
Malte Poll	d0e53cbb59	cli: image info (v2)	2023-05-25 15:01:15 +02:00
Moritz Sanft	c69e6777bd	cli: Terraform migrations on upgrade (#1685 ) * add terraform planning * overwrite terraform files in upgrade workspace * Revert "overwrite terraform files in upgrade workspace" This reverts commit 8bdacfb8bef23ef2cdbdb06bad0855b3bbc42df0. * prepare terraform workspace * test upgrade integration * print upgrade abort * rename plan file * write output to file * add show plan test * add upgrade tf workdir * fix workspace preparing * squash to 1 command * test * bazel build * plan test * register flag manually * bazel tidy * fix linter * remove MAA variable * fix workdir * accept tf variables * variable fetching * fix resource indices * accept Terraform targets * refactor upgrade command * Terraform migration apply unit test * pass down image fetcher to test * use new flags in e2e test * move file name to constant * update buildfiles * fix version constant * conditionally create MAA * move interface down * upgrade dir * update buildfiles * fix interface * fix createMAA check * fix imports * update buildfiles * wip: workspace backup * copy utils * backup upgrade workspace * remove debug print * replace old state after upgrade * check if flag exists * prepare test workspace * remove prefix Co-authored-by: Otto Bittner <cobittner@posteo.net> * respect file permissions * refactor tf upgrader * check workspace before upgrades * remove temp upgrade dir after completion * clean up workspace after abortion * fix upgrade apply test * fix linter --------- Co-authored-by: Otto Bittner <cobittner@posteo.net>	2023-05-22 13:31:20 +02:00
Moritz Sanft	1d0ee796e8	cli: add Terraform log support (#1620 ) * add Terraform logging * add TF logging to CLI * fix path * only create file if logging is enabled * update bazel files * register persistent flags manually * clidocgen * move logging code to separate file * reword yes flag parsing error * update bazel buildfile * factor out log level setting	2023-04-14 14:15:07 +02:00
Paul Meyer	0036b24266	go: remove unused parameters Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>	2023-03-20 08:41:01 -04:00
Moritz Sanft	f2ce9518a3	cli: support custom attestation policies for maa (#1375 ) * create and update maa attestation policy * use interface to allow unit testing * fix test csp * http request for policy patch * go mod tidy * remove hyphen * go mod tidy * wip: adapt to feedback * linting fixes * remove csp from tf call * fix type assertion * Add MAA URL to instance tags (#1409) Signed-off-by: Daniel Weiße <dw@edgeless.systems> * conditionally create maa provider * only set instance tag when maa is created * fix azure unit test * bazel tidy * remove AzureCVM const Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * encode policy at runtime * remove policy arg * fix unit test --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>	2023-03-20 13:33:04 +01:00
miampf	5137e9fa57	cli: iam destroy (#946 )	2023-02-24 11:36:41 +01:00
Moritz Sanft	7410cf8038	cli: fix iam rollback (#1148 ) * AB#2897 rename DestroyCluster * #AB2897 error if terraform dir exists * AB#2897 reword DestroyResources	2023-02-13 08:42:54 +01:00
Moritz Sanft	ae2db08f3a	ci: add e2e test for constellation recover (#845 ) * AB#2256 Add recover e2e test * AB#2256 move test & fix minor objections * AB#2256 fix path * AB#2256 rename hacky filename	2023-01-19 10:41:07 +01:00
Moritz Sanft	286803fb97	AB#2579 Add constellation iam create command (#624 )	2022-12-07 11:48:54 +01:00
Leonard Cohnen	3b6bc3b28f	initserver: add client verification	2022-11-28 19:34:02 +01:00
Malte Poll	575b6e93f6	CLI: use global image version field - Restructure config by removing CSP-specific image references - Add global image field - Download image lookup table on create - Download QEMU image on QEMU create	2022-11-23 15:47:46 +01:00
Nils Hanke	e1d8926395	Terraform: Only rollback after we fully created the workspace	2022-11-17 13:49:34 +01:00
Nils Hanke	158dfe0e2b	Remove unused name parameter in CreateCluster	2022-11-17 13:49:34 +01:00
Daniel Weiße	a07cab4b97	Update go-tpm dependency (#533 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2022-11-14 09:02:56 +01:00
Daniel Weiße	79f52e67cb	Update go-tpm-tools to fix AWS PCR selection (#390 ) * Update go-tpm-tools to fix AWS PCR selection Signed-off-by: Daniel Weiße <dw@edgeless.systems> * Ignore leaking glog go routine Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2022-10-28 17:57:24 +02:00
Daniel Weiße	e66cb84d6e	AB#2532 Dont clean up workspace if rollback fails (#360 ) * Dont clean up workspace if rollback fails * Remove dependency on CSP from terminate Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2022-10-26 15:57:00 +02:00
katexochen	1556e239ca	Remove state file	2022-10-13 15:29:29 +02:00
katexochen	f4af9c56f5	Use Terraform for create Azure	2022-10-13 15:29:29 +02:00
Daniel Weiße	2ea695896f	AB#2439 Containerized libvirt (#191 ) Signed-off-by: Daniel Weiße <dw@edgeless.systems>	2022-10-05 09:11:30 +02:00
katexochen	d973740b03	Use Terraform for create on GCP	2022-09-30 16:50:52 +02:00
katexochen	ba6e41ed5c	Upgrade go module to v2	2022-09-22 09:10:19 +02:00
Nils Hanke	72d4456b3f	GCP: Only create debugd loadbalancer when debugCluster is set	2022-09-07 13:27:15 +02:00
Nils Hanke	d74c7a3769	Azure: Only create debugd loadbalancer when debugCluster is set	2022-09-07 13:27:15 +02:00
Thomas Tendyck	bd63aa3c6b	add license headers sed -i '1i/\nCopyright (c) Edgeless Systems GmbH\n\nSPDX-License-Identifier: AGPL-3.0-only\n/\n' `grep -rL --include='*.go' 'DO NOT EDIT'` gofumpt -w .	2022-09-05 09:17:25 +02:00
katexochen	10e5249631	Manual client secrets on azure	2022-08-31 14:10:08 +02:00
katexochen	f15605cb45	Manually manage resource group on Azure	2022-08-31 14:10:08 +02:00
Malte Poll	708c6e057e	Remove azure single instance support (#402 )	2022-08-26 11:45:32 +02:00
katexochen	e761c9bf97	Manually manage GCP service accounts	2022-08-24 11:44:05 +02:00
katexochen	a02a46e454	Use multiple loadbalancers on GCP	2022-08-23 18:11:20 +02:00
katexochen	9f599c3993	Remove checks for GetState/SetState	2022-08-23 18:11:20 +02:00
katexochen	c2faa20d6e	Fix naming in state file	2022-08-23 18:11:20 +02:00
katexochen	916e5d6b55	Rename coordinator to bootstrapper and rename roles	2022-07-14 17:25:18 +02:00
Otto Bittner	7cada2c9e8	Add goleak to all tests (#227 ) * Run goleak as part of all tests We are already using goleak in various tests. This commit adds a TestMain to all remaining tests and calls goleak.VerifyTestMain in them. * Add goleak to debugd/deploy package and fix bug. * Run go mod tidy * Fix integration tests * Move goleak invocation for mount integration test * Ignore leak in state integration tests Co-authored-by: Fabian Kammel <fk@edgelss.systems>	2022-06-30 15:24:36 +02:00
Leonard Cohnen	e13f4d84c3	add gcp loadbalancer	2022-06-23 14:00:20 +02:00
Fabian Kammel	84552ca8f7	AB#2104 Feat/azure logging (#198 ) implementation for azure early boot logging	2022-06-10 13:18:30 +02:00
katexochen	0627b14445	Move cli/cloud/cloudcmd into cli/internal	2022-06-08 11:59:23 +02:00

38 Commits