Commit Graph

887 Commits

Author SHA1 Message Date
renovate[bot]
841463d11e
deps: update GitHub action dependencies (#2234)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-15 14:38:48 +02:00
Malte Poll
5c1bca5928
ci: set bazlrc options for "common" instead of "build" if they should always apply (#2227)
Most flags set in the bazelrc in CI are always applicable, so we set them with the common prefix.
2023-08-15 10:34:42 +02:00
Malte Poll
b12f2867dd
ci: set bazel build event stream timeout to 600s (#2223) 2023-08-14 14:26:59 +02:00
Daniel Weiße
ef4d789dc8
ci: fix notify trigger in e2e upgrade workflow (#2221)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-08-14 11:45:04 +02:00
Adrian Stobbe
c7bbf90989
ci: add e2e-mini to daily test (#2217) 2023-08-14 08:13:29 +02:00
Paul Meyer
de9e841853 e2e: use Kubernetes 1.26 in daily test
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-11 14:06:35 +02:00
renovate[bot]
d4e8d25636
deps: update golang:1.20.7 Docker digest to 37c7d85 (#2213)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-11 13:44:55 +02:00
Daniel Weiße
066fff951f
ci: correctly default to false for upgrade e2e notifications (#2208)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-08-11 09:05:44 +02:00
Daniel Weiße
154d1cc3cf Make kubernetes version optional in e2e tests
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-08-10 15:46:59 +02:00
Daniel Weiße
0dd62fc59d
ci: allow setting region/zone for e2e tests (#2205)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-08-10 12:53:40 +02:00
Paul Meyer
670c20b18c e2e: cleanup test inputs
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-09 18:42:04 +02:00
Paul Meyer
e466ce2f26 e2e: detect changing idKeyDigests on azure
by setting the Azure SNP enforcement policy to equal in the weekly e2e.
The run should fail when there are unexpected ID Key digests used.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-09 16:45:42 +02:00
3u13r
c43210c90b
ci: fix recover test (#2162)
* ci: fix recover test
Previously the test failed if not all nodes were recovered by the cli.

* ci: refactor recover test
2023-08-09 16:01:43 +02:00
Otto Bittner
d5e88115a0
ci: replace mastersecret flag in recover (#2186) 2023-08-09 13:00:27 +02:00
Paul Meyer
29dcb72bea e2e: remove existingConfig field
The existingConfig field is always set to true during create, as we use
the IAM create step to generate the config in all cases. Accordingly,
secret injection into config isn't needed anymore in create.
This fixes a bug where other parameters like Kubernetes version and
cluster name wouldn't be injected into the config due to existingConfig
being true.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-09 12:36:36 +02:00
Adrian Stobbe
d1febd7276
fix e2e upgrade config migration (#2179) 2023-08-09 10:28:13 +02:00
Paul Meyer
eb2f3c3021 ci: verify all pods in verify e2e
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-08 18:46:13 +02:00
Adrian Stobbe
9dcad0ed16
fix upgrade test by only setting nodeGroup for >v2.9 (#2176) 2023-08-07 11:02:00 +02:00
renovate[bot]
cc10613252
deps: update dependency cryptography to v41.0.3 [SECURITY] (#2150)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-07 09:23:18 +02:00
Adrian Stobbe
3ea7fddb03
fix upgrade test by adding deprecated flags(#2173) 2023-08-07 08:38:14 +02:00
Malte Poll
92b0cd5a21 ci: update actions to use nodeGroups and remove deprecated flags 2023-08-04 12:36:45 +02:00
Moritz Sanft
af05e17f49
ci: keep embedded measurements if stable image is used (#2109)
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-08-04 09:43:32 +02:00
Paul Meyer
dccb1dfde9 ci: remove unused actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-03 16:09:06 +02:00
3u13r
a983b08262
deps: bump go version (#2156) 2023-08-03 12:07:27 +02:00
Daniel Weiße
321474c356
ci: remove old incompatible test option (#2149)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-08-02 08:18:55 +02:00
Otto Bittner
002c3a9a32
ci: upgrade fromVersion for upgrade tests (#2145)
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
2023-08-01 10:34:11 +02:00
Otto Bittner
867f7490a2
ci: clone constellation repo into separate dir (#2143) 2023-08-01 10:13:10 +02:00
renovate[bot]
5fa50c7fcc
deps: update dependency certifi to v2023.7.22 [SECURITY] (#2139)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-31 15:59:28 +02:00
Otto Bittner
583d3021fa
ci: parse ovmf binaries from metadata (#1962)
Subsequently the metadata will be uploaded to the
attestationconfigapi so the CLI can use the data to
precalculate measurements.
2023-07-27 13:29:43 +02:00
Adrian Stobbe
a3184af7a2
cli: add iam upgrade apply (#2132)
* add new iam upgrade apply

* remove iam tf plan from upgrade apply check

* add iam migration warning to upgrade apply

* update release process

* document migration

* Apply suggestions from code review

Co-authored-by: Otto Bittner <cobittner@posteo.net>

* add iam upgrade

* remove upgrade dir check in test

* ask only without --yes

* make iam upgrade provider specific

* test without seperate logins

* remove csi and only add conditionally

* Revert "test without seperate logins"

This reverts commit 05a12e59c9.

* fix msising cred

* support iam migration for all csps

* add iam upgrade label

---------

Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-07-26 17:29:03 +02:00
Paul Meyer
342a71fa36 bazel: fix container versioning
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-26 13:46:27 +02:00
Paul Meyer
c8bc3ea5ee ci: build bazel container
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-25 15:41:55 +02:00
Adrian Stobbe
a87b7894db
aws: use new LB controller to fix SecurityGroup cleanup on K8s service deletion (#2090)
* add current chart

add current helm chart

* disable service controller for aws ccm

* add new iam roles

* doc AWS internet LB + add to LB test

* pass clusterName to helm for AWS LB

* fix update-aws-lb chart to also include .helmignore

* move chart outside services

* working state

* add subnet tags for AWS subnet discovery

* fix .helmignore load rule with file in subdirectory

* upgrade iam profile

* revert new loader impl since cilium is not correctly loaded

* install chart if not already present during `upgrade apply`

* cleanup PR + fix build + add todos

cleanup PR + add todos

* shared helm pkg for cli install and bootstrapper

* add link to eks docs

* refactor iamMigrationCmd

* delete unused helm.symwallk

* move iammigrate to upgrade pkg

* fixup! delete unused helm.symwallk

* add to upgradecheck

* remove nodeSelector from go code (Otto)

* update iam docs and sort permission + remove duplicate roles

* fix bug in `upgrade check`

* better upgrade check output when svc version upgrade not possible

* pr feedback

* remove force flag in upgrade_test

* use upgrader.GetUpgradeID instead of extra type

* remove todos + fix check

* update doc lb (leo)

* remove bootstrapper helm package

* Update cli/internal/cmd/upgradecheck.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* final nits

* add docs for e2e upgrade test setup

* Apply suggestions from code review

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update cli/internal/helm/loader.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update cli/internal/cmd/tfmigrationclient.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* fix daniel review

* link to the iam permissions instead of manually updating them (agreed with leo)

* disable iam upgrade in upgrade apply

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Malte Poll
2023-07-24 10:30:53 +02:00
Otto Bittner
c58d03a7b8
ci: fix ahead-check for working branch (#2120)
Also list remote branches during on-release
2023-07-19 17:48:29 +02:00
renovate[bot]
dc373971b2
deps: update dependency cryptography to v41.0.2 [SECURITY] (#2106)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-18 15:33:23 +02:00
Daniel Weiße
f52c6752e2
ci: update failure tasks (#2087)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-07-17 13:46:20 +02:00
Daniel Weiße
484b6c5c24
ci: combine node count inputs into one (#2084)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-07-17 13:45:53 +02:00
Otto Bittner
4f1ed669d4
ci: increase autoscaling timeout to 25m (#2103)
During testing on AWS SNP we can sometimes observe the scaling
take longer than 15 mins due to slow setup times of SNP machines.
Eventually the scaling works as expected.
2023-07-17 10:30:14 +02:00
Otto Bittner
c1c48f19bf chore: bump e2e-upgrade fromVersion 2023-07-17 10:29:43 +02:00
Moritz Sanft
43076e96a6
ci: fix resource selection for serial log downloading (#2101)
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-07-13 16:28:33 +02:00
Otto Bittner
6ed8fce6b0
ci: separate PCR0 value for aws-sev-snp variant (#2100)
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-07-13 11:37:47 +02:00
Otto Bittner
ef404b5839
ci: use us-east-2 for e2e tests (#2091)
We have much higher quotas there and thus don't need to wait for
the increase in eu-west-1.
2023-07-12 10:51:52 +02:00
Paul Meyer
01f518f0a4
deps: update to Go v1.20.6 (#2093)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-12 09:51:40 +02:00
renovate[bot]
c1c4e72c61
deps: update golang Docker tag to v1.20.6 (#2092)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-12 08:46:51 +02:00
Otto Bittner
f97edd512d
ci: use 2.8 as fromVersion in release upgrade test (#2086)
The current value (2.7.1) is outdated since the release of 2.8.
2023-07-11 09:56:43 +02:00
Otto Bittner
cfa3bb6276
ci: do not build additional streams (#2085)
Large amounts of uploaded data seem to break the GH Actions cache.
2023-07-10 17:46:08 +02:00
Moritz Sanft
184530a80d
ci: update aws asg resource selector (#1991)
* update resource selector

* tidy

* fix shellcheck

* bazel tidy
2023-07-10 11:13:37 +02:00
Adrian Stobbe
304fbf04e6
ci: fix notify e2e failure (#2078) 2023-07-10 10:44:30 +02:00
Malte Poll
c6230ff8ca
ci: add constellation-windows-amd64.exe to release artifacts uploaded to GitHub (#2075) 2023-07-10 10:21:48 +02:00
Adrian Stobbe
fafafb48d7 pin dependency for aws-snp-launchmeasurement 2023-07-07 16:44:31 +02:00
Malte Poll
6c5ad09a93
ci: build all streams on release (#2058) 2023-07-07 12:09:15 +02:00
Adrian Stobbe
2436b8da34
fix wrong name (#2055) 2023-07-07 11:53:39 +02:00
Adrian Stobbe
4434abbde2
more debug output for e2e notify (#2035) 2023-07-06 15:17:58 +02:00
renovate[bot]
0b892f23e6
deps: update golang:1.20.5 Docker digest to 7f2cf49 (#2022)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-05 15:45:36 +02:00
Adrian Stobbe
3eecb5d7b2
feat: get notified in Teams on E2E test failure ticket (#2021)
* init

* update

* can only include selected entity in request
2023-07-05 15:37:38 +02:00
Malte Poll
46d69abe10
bazel: rewrite pseudo-version stamping in bash (#2020)
* bazel: simplify workspace_status command to only depend on bash and git
* bazel: remove pseudo-version freshness code
2023-07-05 14:42:18 +02:00
Paul Meyer
7968d165c6 ci: use strict semver for gcp guest agent image
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-04 13:23:33 +02:00
Daniel Weiße
90dbeae16b
cli: fix duplicate backup creation during upgrade apply (#1997)
* Use CLI to fetch measurements in e2e test

* Abort helm service upgrade early if user confirmation is missing

* Add container push to CLI build action

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-07-03 15:13:36 +02:00
renovate[bot]
576b48c8b7
deps: update GitHub action dependencies (#1848)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-07-03 08:19:10 +02:00
Adrian Stobbe
00ee11084e
add e2e mini to weekly (#1982) 2023-06-30 10:05:24 +02:00
Daniel Weiße
a241a84770
ci: use generate-config flag for old CLI versions (#1984)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-06-29 15:46:36 +02:00
Malte Poll
6dd8a571ec
ci: fix expected value for PCR7 on AWS (#1979)
This has changed when upgrading to Fedora 38.
It didn't surface as a bug since the PCR is marked as warnOnly.
2023-06-28 15:33:14 +02:00
miampf
77b28cb5e7
cli: change generate-config flag to update-config flag (#1897) 2023-06-28 12:47:44 +00:00
Malte Poll
78fb0066e4
ci: add automated tests for reproducible builds (#1914)
* ci: reproducible builds test
* deps: upgrade actionlint to support macos-13 runners
2023-06-23 12:12:32 +02:00
Otto Bittner
114103c46b
ci: download bootlogs in correct aws region (#1956) 2023-06-22 17:56:05 +02:00
Moritz Sanft
94b21e11ad
ci: Windows cli tests (#1859)
* wip: add windows e2e test

* wip: register windows e2e tests

* remove registration

* wip: change CLI artifact name

* basic windows test

* checkout repo

* use correct iam create command

* remove trademarked name

* enable debug logs

* add pwsh liveliness check script

* delimiters

* set kubeconfig env var

* test

* use setx to set env var

* set envvar before liveness probe

* explicitly set kubeconfig
2023-06-21 12:05:04 +02:00
Daniel Weiße
eb1e1502c1
ci: run cdbg with debug verbosity (#1953)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-06-21 10:26:22 +02:00
Moritz Sanft
f3c2198a9a
ci: improve pr template (#1946)
* improve PR template

* Update .github/pull_request_template.md

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>

---------

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-06-21 08:59:29 +02:00
renovate[bot]
d2c4cd1785
deps: update aws-actions/configure-aws-credentials action to v2 (#1950)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-20 18:59:07 +02:00
renovate[bot]
3f714f538b
deps: update peter-evans/create-pull-request action to v5 (#1949)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-20 16:37:01 +02:00
renovate[bot]
684b61ac2b
deps: update docker/build-push-action action to v4 (#1948)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-20 13:39:32 +02:00
renovate[bot]
5bf59808e1
deps: update cachix/install-nix-action action to v22 (#1947)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-20 13:08:52 +02:00
renovate[bot]
de2c21b555
deps: update Python dependencies (#1888)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-20 11:04:48 +02:00
Adrian Stobbe
7dcd8c3dab
dev-docs: refactor and add information for newbies (#1912)
* refactor dev-docs structure and add information

* improve doc

* Update dev-docs/workflows/create-debug-cluster.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update dev-docs/workflows/create-debug-cluster.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* pr feedback daniel

* Update dev-docs/README.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* move to howto again

* split up dev-setup and pull-request into sep files

* fix backticks

* add writing style convention + testing repo

* remove OSS cluster + reduce plugins vs code

* update bazel pre-pr doc

* ghcr img private hint

* add fetch measurement + provider sub-directory hint

* add label doc + pr title check in template

* add OSS build comment

* Update CONTRIBUTING.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update CONTRIBUTING.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update dev-docs/README.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* Update dev-docs/workflows/dev-setup.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* thomas feedback

* add go proverb mention

---------

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-06-19 17:39:43 +02:00
Paul Meyer
103a757557
deps: upgrade sonobuoy to v0.56.17 (#1937)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-06-15 16:54:38 +02:00
Malte Poll
264b2df902
deps: upgrade to Fedora 38 (#1909)
* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
2023-06-15 16:50:35 +02:00
Adrian Stobbe
159d28a2c7
doc: add context to PR template (#1932)
* add context to PR template

* Update pull_request_template.md
2023-06-15 09:13:47 +02:00
Otto Bittner
c33ab624c1
ci: upgrade fromVersion in e2e-upgrade (#1931)
We released 2.8 so we need to test that it can upgrade to HEAD.
2023-06-15 07:49:30 +02:00
Adrian Stobbe
07de6482b2
config: drop support for deprecated Azure's service principal authentication (#1906)
* invalidate app client id field for azure and provide info

* remove TestNewWithDefaultOptions case

* fix test

* remove appClientID field

* remove client secret + rename err

* remove from docs

* otto feedback

* update docs

* delete env test in cfg since no envs set anymore

* Update dev-docs/workflows/github-actions.md

Co-authored-by: Otto Bittner <cobittner@posteo.net>

* WARNING to stderr

* fix check

---------

Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-06-14 17:50:57 +02:00
Otto Bittner
7a1c70d7e5
ci: replace katexochen with elchead in assignee list (#1928)
katexochen is currently working on CoCo and not
involved in active development.
2023-06-14 11:44:45 +02:00
Malte Poll
ee77e3922a
ci: explicitly add CLI signature as release artifact (#1917) 2023-06-14 09:56:11 +02:00
3u13r
b71b5103ae
ci: migrate e2e lb test to bazel (#1892)
* ci: migrate lb e2e test to bazel
* ci: disable shared bazel cache on github runners
2023-06-09 16:59:19 +02:00
Otto Bittner
8f21972aec
attestation: add awsSEVSNP as new variant (#1900)
* variant: move into internal/attestation
* attesation: move aws attesation into subfolder nitrotpm
* config: add aws-sev-snp variant
* cli: add tf option to enable AWS SNP

For now the implementations in aws/nitrotpm and aws/snp
are identical. They both contain the aws/nitrotpm impl.
A separate commit will add the actual attestation logic.
2023-06-09 15:41:02 +02:00
Moritz Sanft
72e168e653
bazel: pseudo version tool freshness check (#1869)
* switch to darwin compatible shasum

* add bazel rule

* update shellscript for in-place updates

* Revert "update shellscript for in-place updates"

This reverts commit 87d39b06f7.

* add version tool freshness check

* remove pseudo-version file

* revert to `sha256sum`

* fix workflow indentation
2023-06-09 11:50:51 +02:00
Moritz Sanft
892752a1f8
add necessary permissions (#1905) 2023-06-09 11:50:39 +02:00
Otto Bittner
3a54ca91a7
deps: bump go patch version (#1903) 2023-06-09 10:53:17 +02:00
Malte Poll
8c3617faf0
ci: do not manually clear measurements on verify e2e (#1889) 2023-06-09 09:25:30 +02:00
Adrian Stobbe
e9f9337cb9
Revert "ci: fix versionsapi cli container Dockerfile (#1856)" (#1896)
This reverts commit 0fac6a03cc.
2023-06-07 17:18:59 +02:00
renovate[bot]
25037026e1
deps: update Python dependencies (#1887)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-07 10:36:52 +02:00
renovate[bot]
6f7c8999f3
deps: update dependency cryptography to v41 [SECURITY] (#1875)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
2023-06-06 18:15:26 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion (#1881)
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
2023-06-06 15:22:06 +02:00
Malte Poll
025d34a259
ci: fix docker-login on macOS runner (#1877) 2023-06-06 12:20:09 +02:00
3u13r
7c07e3be18
Add --insecure to config fetch-measurement (#1879)
* cli: add --insecure to fetch-measurements

* cli: rename fake to stub

* ci: upload measurements for debug images

* fix cli docs
2023-06-06 10:32:22 +02:00
Malte Poll
900d51d49f
ci: select correct target version for upgrade e2e test in release pipeline (#1874) 2023-06-05 13:56:16 +02:00
Adrian Stobbe
a813760f96
config: automatically upload new Azure SNP versions to API + sign version with release key (#1854)
* sign version with release key and remove version from fetcher interface
* extend azure-reporter GH action to upload updated version values to the Attestation API
2023-06-02 12:10:22 +02:00
Otto Bittner
0fac6a03cc
ci: fix versionsapi cli container Dockerfile (#1856)
paths were not updated during refactoring
2023-06-02 11:29:46 +02:00
Malte Poll
289665eb22
ci: remove setup-go action / disable cache where applicable (#1850)
Runners sometimes fail because they run out of disk space.
One reason this happens is a change in the setup-go action@v4:

> The V4 edition of the action offers: Enabled caching by default

To combat this, we now disable the cache if it was not enabled explicitly before.
Additionally, we remove setup-go where it is no longer needed.
2023-06-01 15:16:00 +02:00
3u13r
e0285c122e
todo responsibilities and cleanup (#1837)
* chore: add TODO responsibilities

* chore: remove not needed TODOs

* chore: remove outdated migrations

* chore: remove resolved goleak exception

* chore: remove not needed cosign env

* config: add link to our Azure snp docs
2023-06-01 12:33:06 +02:00
Otto Bittner
0c13f3ed8d image: add aws_aws-sev-snp variant
This needs no changes to the existing AWS image.
The images have worked without modification so far.
2023-06-01 11:25:31 +02:00
Malte Poll
8a51ae1ec3
ci: do not sign & upload debug image measurements (#1849) 2023-06-01 10:58:34 +02:00