* Don't report `UPLOAD_FILES_START_FAILED` as unknown error
* Return error to `cdbg` if present
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* [wip] use state file in CLI
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
tidy
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* use state file in CLI
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
take clusterConfig from IDFile for compat
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
various fixes
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
wip
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add GCP-specific values in Helm loader test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove unnecessary pointer
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* write ClusterValues in one step
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* move stub to test file
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove mention of id-file
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* move output to `migrateTerraform`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* unconditional assignments converting from idFile
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* move require block in go modules file
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fall back to id file on upgrade
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* tidy
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* fix linter check
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add notice to remove Terraform state check on manual migration
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add `name` field
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
fix name tests
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* return early if no Terraform diff
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* tidy
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* return infrastructure state even if no diff exists
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add TODO to remove comment
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* use state-file in miniconstellation
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* cli: remove id-file (#2402)
* remove id-file from `constellation create`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add file renaming to handler
* rename id-file after upgrade
* use idFile on `constellation init`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove id-file from `constellation verify`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* linter fixes
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove id-file from `constellation mini`
* remove id-file from `constellation recover`
* linter fixes
* remove id-file from `constellation terminate`
* fix initSecret type
* fix recover argument precedence
* fix terminate test
* generate
* add TODO to remove id-file removal
* Update cli/internal/cmd/init.go
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* fix verify arg parse logic
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* add version test
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove id-file from docs
* add file not found log
* use state-file in miniconstellation
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove id-file from `constellation iam destroy`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* remove id-file from `cdbg deploy`
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* use state-file in CI
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
* update orchestration docs
---------
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* refactor `debugd` file structure
* create `hack`-tool to deploy logcollection to non-debug clusters
* integrate changes into CI
* update fields
* update workflow input names
* use `working-directory`
* add opensearch creds to upgrade workflow
* make template func generic
* make templating func generic
* linebreaks
* remove magic defaults
* move `os.Exit` to main package
* make logging index configurable
* make templating generic
* remove excess brace
* update fields
* copy fields
* fix flag name
* fix linter warnings
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
* remove unused workflow inputs
* remove makefiles
* fix command
* bazel: fix output paths of container
This fixes the output paths of builds within the container by mounting
directories to paths that exist on the host. We also explicitly set the
output path in a .bazelrc to the user specific path. The rc file is
mounted into the container and overrides the host rc.
Also adding automatic stop in case start is called and a containers
is already running.
Sym links like bazel-out and paths bazel outputs should generally work
with this change.
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
* tabs -> spaces
---------
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
* Remove `--config` and `--master-secret` falgs
* Add `--workspace` flag
* In CLI, only work on files with paths created from `cli/internal/cmd`
* Properly print values for GCP on IAM create when not directly updating the config
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* rename to attestationconfigapi + put client and fetcher inside pkg
* rename api/version to versionsapi and put fetcher + client inside pkg
* rename AttestationConfigAPIFetcher to Fetcher
* api: rename AttestationVersionRepo to Client
* api: move client into separate subpkg for
clearer import paths.
* api: rename configapi -> attestationconfig
* api: rename versionsapi -> versions
* api: rename sut to client
* api: split versionsapi client and make it public
* api: split versionapi fetcher and make it public
* config: move attestationversion type to config
* api: fix attestationconfig client test
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
* add SignContent() + integrate into configAPI
* use static client for upload versions tool; fix staticupload calleeReference bug
* use version to get proper cosign pub key.
* mock fetcher in CLI tests
* only provide config.New constructor with fetcher
Co-authored-by: Otto Bittner <cobittner@posteo.net>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Version validation checks that the configured versions
are not more than one minor version below the CLI's version.
The validation can be disabled using --force.
This is necessary for now during development as the CLI
does not have a prerelease version, as our images do.