* remove elchead from codeowners
* remove left over assignments to 3u13r
* remove leftover assignments to derpsteb
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* helm/gcp: use service account in operator and joinservice
* helm: format operator testdata
* terraform/iam: create additional service account for VMs
This service account is used in the following commits and is attached to the VMs
* config: pass VM service account from iam create to cluster create via config
* cli/iamcreate: limit name prefix length
* docs: add minimal gcp IAM permissions
* k8s: use separate lb for K8s services on azure
* terraform: introduce local revision variable and data resource
* terraform: azure: dont expose full nodeport range
* docs: add Azure load balancer migration
* deps: update Terraform azurerm to v4
* Set Azure subscription ID when applying Terraform files
* Upgrade azurerm to v4.1.0
* Mark subscriptionID flag as not required
* deps: tidy all modules
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
* terraform: enable creation of SEV-SNP VMs on GCP
* variant: add SEV-SNP attestation variant
* config: add SEV-SNP config options for GCP
* measurements: add GCP SEV-SNP measurements
* gcp: separate package for SEV-ES
* attestation: add GCP SEV-SNP attestation logic
* gcp: factor out common logic
* choose: add GCP SEV-SNP
* cli: add TF variable passthrough for GCP SEV-SNP variables
* cli: support GCP SEV-SNP for `constellation verify`
* Adjust usage of GCP SEV-SNP throughout codebase
* ci: add GCP SEV-SNP
* terraform-provider: support GCP SEV-SNP
* docs: add GCP SEV-SNP reference
* linter fixes
* gcp: only run test with TPM simulator
* gcp: remove nonsense test
* Update cli/internal/cmd/verify.go
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update docs/docs/overview/clouds.md
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
* Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* linter fixes
* terraform_provider: correctly pass down CC technology
* config: mark attestationconfigapi as unimplemented
* gcp: fix comments and typos
* snp: use nonce and PK hash in SNP report
* snp: ensure we never use ARK supplied by Issuer (#3025)
* Make sure SNP ARK is always loaded from config, or fetched from AMD KDS
* GCP: Set validator `reportData` correctly
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* attestationconfigapi: add GCP to uploading
* snp: use correct cert
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* terraform-provider: enable fetching of attestation config values for GCP SEV-SNP
* linter fixes
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
