Otto Bittner
c8c2953d7b
cli: add status cmd
...
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
renovate[bot]
b12858660e
deps: update github.com/gophercloud/utils digest to 05e9e7f ( #1549 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-29 15:42:34 +02:00
renovate[bot]
52e85862b0
deps: update AWS SDK ( #1508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:40:06 +01:00
renovate[bot]
dc52038dbc
deps: update Azure SDK ( #1498 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 09:50:09 +01:00
renovate[bot]
3f35a6c904
deps: update K8s dependencies ( #1496 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:53:06 +01:00
renovate[bot]
be94710f5b
deps: update Google SDK ( #1500 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 08:16:52 +01:00
renovate[bot]
7d899d7aa5
deps: update module github.com/schollz/progressbar/v3 to v3.13.1 ( #1497 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 18:11:50 +01:00
renovate[bot]
e95d79f97e
deps: update github.com/gophercloud/utils digest to e15d7ee ( #1486 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-22 10:33:43 +01:00
Daniel Weiße
5a0234b3f2
attestation: add option for MAA fallback to verify azure's snp-sev id key digest ( #1257 )
...
* Convert enforceIDKeyDigest setting to enum
* Use MAA fallback in Azure SNP attestation
* Only create MAA provider if MAA fallback is enabled
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-21 12:46:49 +01:00
Moritz Sanft
f2ce9518a3
cli: support custom attestation policies for maa ( #1375 )
...
* create and update maa attestation policy
* use interface to allow unit testing
* fix test csp
* http request for policy patch
* go mod tidy
* remove hyphen
* go mod tidy
* wip: adapt to feedback
* linting fixes
* remove csp from tf call
* fix type assertion
* Add MAA URL to instance tags (#1409 )
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* conditionally create maa provider
* only set instance tag when maa is created
* fix azure unit test
* bazel tidy
* remove AzureCVM const
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
* encode policy at runtime
* remove policy arg
* fix unit test
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-20 13:33:04 +01:00
renovate[bot]
a6021be714
deps: update K8s dependencies ( #1401 )
...
* deps: update K8s dependencies
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-03-17 15:55:44 +01:00
renovate[bot]
cb2d2b0b89
deps: update module github.com/spf13/afero to v1.9.5 ( #1396 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-10 18:40:17 +01:00
Paul Meyer
acbd70c741
openstack: implement api client and metadata list
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-08 09:04:57 -05:00
Daniel Weiße
5eb73706f5
internal: refactor storage credentials ( #1071 )
...
* Move storage clients to separate packages
* Allow setting of client credentials for AWS S3
* Use managed identity client secret or default credentials for Azure Blob Storage
* Use credentials file to authorize GCS client
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-02 15:08:31 +01:00
renovate[bot]
21ccd861ae
deps: update K8s dependencies ( #1314 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 14:52:19 +01:00
renovate[bot]
3d4b37e4ea
deps: update module github.com/imdario/mergo to v0.3.13 ( #1299 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:34:16 +01:00
renovate[bot]
33958b2ad7
deps: update module github.com/leodido/go-urn to v1.2.2 ( #1301 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:32:53 +01:00
renovate[bot]
af8c6e70ad
deps: update module github.com/sigstore/sigstore to v1.6.0 ( #1306 )
...
* deps: update module github.com/sigstore/sigstore to v1.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-02-28 15:47:08 +01:00
renovate[bot]
6b37f2049f
deps: update module github.com/zclconf/go-cty to v1.13.0 ( #1307 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:18:51 +01:00
renovate[bot]
46672ff039
deps: update module github.com/shopspring/decimal to v1.3.1 ( #1305 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:17:21 +01:00
renovate[bot]
800acdeb3f
deps: update module github.com/rivo/uniseg to v0.4.4 ( #1304 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:40:00 +01:00
renovate[bot]
0664c83c73
deps: update module github.com/hashicorp/go-retryablehttp to v0.7.2 ( #1295 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 12:00:31 +01:00
renovate[bot]
2c6cc2247e
deps: update module github.com/go-playground/validator/v10 to v10.11.2 ( #1294 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 11:19:26 +01:00
renovate[bot]
f91575a739
deps: update module github.com/google/trillian to v1.5.1 ( #1291 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:51:23 +01:00
renovate[bot]
6b9065b444
deps: update module github.com/google/certificate-transparency-go to v1.1.4 ( #1290 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:14:09 +01:00
renovate[bot]
b5879941b3
deps: update module github.com/pborman/uuid to v1.2.1 ( #1289 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:13:22 +01:00
renovate[bot]
c9f131467e
deps: update AWS SDK ( #1240 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-24 17:27:49 +01:00
renovate[bot]
7c95036d97
deps: update module github.com/spf13/afero to v1.9.4 ( #1269 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Malte Poll <mp@edgeless.systems>
2023-02-24 15:54:01 +01:00
renovate[bot]
7ba90e73a9
deps: update module google.golang.org/api to v0.110.0 ( #1244 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-22 14:45:25 +01:00
renovate[bot]
c91db4e1c4
deps: update module google.golang.org/grpc to v1.53.0 ( #1246 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-22 13:05:21 +01:00
renovate[bot]
4d9e85ee40
deps: update module github.com/fatih/color to v1.14.1 ( #1243 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 15:33:55 +01:00
renovate[bot]
c65655a428
deps: update github.com/hashicorp/go-kms-wrapping ( #1215 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-21 12:51:26 +01:00
renovate[bot]
d89dd0ce18
deps: update module github.com/containerd/containerd to v1.6.18 [SECURITY] ( #1230 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 11:44:04 +01:00
renovate[bot]
3c61a49f6d
deps: update module golang.org/x/net to v0.7.0 [SECURITY] ( #1231 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-21 10:53:28 +01:00
Paul Meyer
12c866bcb9
deps: replace multierr with native errors.Join
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
e011a20c49
deps: update to Go 1.20
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
renovate[bot]
61e0057043
deps: update module helm.sh/helm/v3 to v3.11.1 [SECURITY] ( #1156 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-17 10:42:48 +01:00
renovate[bot]
35a58316f4
deps: update K8s dependencies ( #766 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-16 15:20:36 +01:00
renovate[bot]
0e35649724
deps: update Azure SDK ( #1206 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-16 14:47:24 +01:00
Otto Bittner
50646b2a10
cli: refactor upgrade apply
cmd to match name
...
* `upgrade apply` will try to make the locally configured and
actual version in the cluster match by appling necessary
upgrades.
* Skip image or kubernetes upgrades if one is already
in progress.
* Skip downgrades/equal-as-running versions
* Move NodeVersionResourceName constant from operators
to internal as its needed in the CLI.
2023-02-15 16:44:47 +01:00
renovate[bot]
d2bf2f1108
deps: update module go.uber.org/goleak to v1.2.1 ( #1194 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:00:02 +01:00
renovate[bot]
b8112f3dc2
deps: update module golang.org/x/tools to v0.6.0 ( #1180 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-14 14:33:53 +01:00
renovate[bot]
77bd537fb4
deps: update module golang.org/x/mod to v0.8.0 ( #1167 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 18:33:18 +01:00
renovate[bot]
acf0e27b49
deps: update module golang.org/x/crypto to v0.6.0 ( #1166 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-10 18:12:20 +01:00
Otto Bittner
c275464634
cli: change upgrade-plan to upgrade-check
...
Upgrade check is used to find updates for the current cluster.
Optionally the found upgrades can be persisted to the config
for consumption by the upgrade-execute cmd.
The old `upgrade execute` in this commit does not work with
the new `upgrade plan`.
The current versions are read from the cluster.
Supported versions are read from the cli and the versionsapi.
Adds a new config field MicroserviceVersion that will be used
by `upgrade execute` to update the service versions.
The field is optional until 2.7
A deprecation warning for the upgrade key is printed during
config validation.
Kubernetes versions now specify the patch version to make it
explicit for users if an upgrade changes the k8s version.
2023-02-08 12:30:01 +01:00
Otto Bittner
f204c24174
cli: add version validation and force flag
...
Version validation checks that the configured versions
are not more than one minor version below the CLI's version.
The validation can be disabled using --force.
This is necessary for now during development as the CLI
does not have a prerelease version, as our images do.
2023-02-08 12:30:01 +01:00
Daniel Weiße
3a7b829107
internal: use go-kms-wrapping for KMS backends ( #1012 )
...
* Replace external KMS backend logic for AWS, Azure, and GCP with go-kms-wrapping
* Move kms client setup config into its own package for easier parsing
* Update kms integration flag naming
* Error if nil storage is passed to external KMS
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-08 12:03:54 +01:00
renovate[bot]
b3495685fb
deps: update AWS SDK ( #1100 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-01 14:02:58 +01:00
renovate[bot]
7b012e72b9
deps: update Azure SDK ( #1004 )
...
* deps: update Azure SDK
* deps: tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-20 15:42:06 +01:00
renovate[bot]
645e2445d1
Update module golang.org/x/tools to v0.5.0 ( #1024 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 11:44:59 +01:00
renovate[bot]
f5623fee5a
Update module github.com/sigstore/sigstore to v1.5.1 ( #1006 )
...
* Update module github.com/sigstore/sigstore to v1.5.1
* deps: tidy all modules
2023-01-18 10:19:31 +01:00
renovate[bot]
6311b45708
Update module github.com/siderolabs/talos/pkg/machinery to v1.3.2 ( #953 )
...
* Update module github.com/siderolabs/talos/pkg/machinery to v1.3.2
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-13 11:27:52 +01:00
Paul Meyer
4bc191e434
versions: move hash generator into own package
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-11 14:29:32 +01:00
renovate[bot]
efd99975a4
Update Google SDK ( #928 )
2023-01-11 14:28:45 +01:00
Otto Bittner
c19e894d43
Revert "Update Google SDK ( #907 )"
...
This reverts commit e54b2ec95f
.
2023-01-10 11:41:43 +01:00
renovate[bot]
e54b2ec95f
Update Google SDK ( #907 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 18:30:19 +01:00
renovate[bot]
1d34c140da
Update module github.com/go-playground/locales to v0.14.1 ( #904 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 18:49:45 +01:00
Paul Meyer
f4df4067bd
deps: upgrade Azure sdk ( #887 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 16:26:30 +01:00
renovate[bot]
992e318c1c
Update AWS SDK ( #893 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 15:45:38 +01:00
renovate[bot]
15873d4959
Update module google.golang.org/api to v0.106.0 ( #896 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 15:39:44 +01:00
renovate[bot]
b8a6ab7c70
Update module github.com/schollz/progressbar/v3 to v3.13.0 ( #882 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 17:48:15 +01:00
Otto Bittner
e7c7e35f51
cli: create backups for CRDs and their resources
...
These backups could be used in case an upgrade
misbehaves after helm declared it as successful.
The manual backups are required as helm-rollback
won't touch custom resources and changes to CRDs
delete resources of the old version.
2023-01-05 16:52:06 +01:00
renovate[bot]
4803edd4a0
Update module github.com/google/go-tpm-tools to v0.3.10 ( #836 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-05 14:42:09 +01:00
renovate[bot]
b09f1ba62a
Update module golang.org/x/crypto to v0.5.0 ( #869 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 10:54:07 +01:00
Paul Meyer
053f4552d9
versionsapi: fix semver dependency
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 16:00:14 +01:00
Paul Meyer
0011d960f7
versionsapi: implement rm cmd in cli
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-04 11:39:19 +01:00
renovate[bot]
806f6b70dd
Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1 ( #844 )
...
* Update module github.com/talos-systems/talos/pkg/machinery to v1.3.1
* Rename talos-systems/talos to siderolabs/talos
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-02 13:33:56 +01:00
renovate[bot]
0e529c91e4
Update module github.com/mattn/go-isatty to v0.0.17 ( #841 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-30 14:00:19 +01:00
renovate[bot]
3daa0af9d3
Update module github.com/docker/docker to v20.10.22+incompatible ( #834 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 18:41:37 +01:00
renovate[bot]
dc5f9bf9ae
Update module cloud.google.com/go/compute/metadata to v0.2.3 ( #832 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 18:10:38 +01:00
renovate[bot]
1595f83ac6
Update AWS SDK ( #789 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-28 14:55:08 +01:00
renovate[bot]
030d2e9bb2
Update module google.golang.org/api to v0.105.0 ( #756 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-23 13:46:04 +01:00
renovate[bot]
365da19ddf
Update module helm.sh/helm/v3 to v3.10.3 [SECURITY] ( #802 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-15 09:11:10 +01:00
renovate[bot]
122a7339d1
Update module go.uber.org/multierr to v1.9.0 ( #801 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-15 08:03:15 +01:00
renovate[bot]
b267fc8f1a
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.6.1 ( #772 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-12 10:27:29 +01:00
renovate[bot]
0655c05d79
Update module github.com/sigstore/sigstore to v1.5.0 ( #773 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 15:49:50 +01:00
renovate[bot]
1daae77189
Update AWS SDK ( #769 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 15:28:27 +01:00
Paul Meyer
4c2ffe7905
Update Google SDK ( #760 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 10:59:18 +01:00
Paul Meyer
9b1551e76a
dependencies: migrate go-genproto to google-cloud-go
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
Paul Meyer
eff3dd8aea
dependencies: upgrade containerd module
...
Fixes CVE-2022-23471.
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
renovate[bot]
953381848b
Update module golang.org/x/crypto to v0.4.0 ( #751 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 17:36:27 +01:00
renovate[bot]
e17db4b428
Update module github.com/schollz/progressbar/v3 to v3.12.2 ( #739 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-07 09:33:57 +01:00
renovate[bot]
63f74f0d65
Update module github.com/go-git/go-git/v5 to v5.5.0 ( #735 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:51:06 +01:00
renovate[bot]
64c6c6b005
Update module github.com/aws/smithy-go to v1.13.5 ( #728 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 16:27:15 +01:00
renovate[bot]
8bf92bb6e5
Update module golang.org/x/sys to v0.3.0 ( #721 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:56:08 +01:00
renovate[bot]
6e84958b84
Update AWS SDK ( #679 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 11:10:56 +01:00
renovate[bot]
3e343ed185
Update module go.uber.org/zap to v1.24.0 ( #703 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:53:27 +01:00
renovate[bot]
b20e9b3cd4
Update google.golang.org/genproto digest to e3fa12d ( #704 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:35:32 +01:00
Paul Meyer
b93b24e058
debugd: add logcollector
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
renovate[bot]
5b23a071ac
Update module github.com/sigstore/sigstore to v1.4.6 ( #667 )
...
* Update module github.com/sigstore/sigstore to v1.4.6
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:32:59 +01:00
renovate[bot]
a32f9ae752
Update k8s.io/utils digest to 99ec85e ( #664 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:01:29 +01:00
renovate[bot]
6ba9c32f55
Update AWS SDK ( #530 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 13:45:06 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs ( #553 )
...
* Merge enforced and expected measurements
* Update measurement generation to new format
* Write expected measurements hex encoded by default
* Allow hex or base64 encoded expected measurements
* Allow hex or base64 encoded clusterID
* Allow security upgrades to warnOnly flag
* Upload signed measurements in JSON format
* Fetch measurements either from JSON or YAML
* Use yaml.v3 instead of yaml.v2
* Error on invalid enforced selection
* Add placeholder measurements to config
* Update e2e test to new measurement format
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 10:57:58 +01:00
renovate[bot]
22f9e2ed4b
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7 ( #619 )
...
* Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-22 14:18:13 +01:00
renovate[bot]
928fdcff76
Update google.golang.org/genproto digest to 1645502 ( #585 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 13:32:23 +01:00
renovate[bot]
fad198aa2e
Update module google.golang.org/api to v0.103.0 ( #595 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 14:45:48 +01:00
renovate[bot]
d7ace99a66
Update module google.golang.org/grpc to v1.51.0 ( #598 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 12:15:02 +01:00
Otto Bittner
bdd9dd922b
AB#2589: Deploy operators via Helm ( #575 )
...
* Only deploy operators on GCP/Azure.
* cert-manager is now deployed by default (GCP/Azure)
* remove OLM
2022-11-21 10:35:40 +01:00
renovate[bot]
6b7e470983
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.6 ( #582 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 09:20:54 +01:00
renovate[bot]
5dc78b677b
Update google.golang.org/genproto digest to 41c2ba7 ( #503 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 18:49:17 +01:00
renovate[bot]
25c3fcd104
Update module github.com/schollz/progressbar/v3 to v3.12.1 ( #581 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 17:12:04 +01:00
renovate[bot]
fe36de8826
Update module golang.org/x/crypto to v0.3.0 ( #569 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-17 10:18:43 +01:00
renovate[bot]
ee47177029
Update module helm.sh/helm/v3 to v3.10.2 ( #555 )
...
* Update module helm.sh/helm/v3 to v3.10.2
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-15 15:47:53 +01:00
Fabian Kammel
bb76a4e4c8
AB#2512 Config secrets via env var & config refactoring ( #544 )
...
* refactor measurements to use consistent types and less byte pushing
* refactor: only rely on a single multierr dependency
* extend config creation with envar support
* document changes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-15 15:40:49 +01:00
renovate[bot]
9ef8a0846f
Update module github.com/spf13/afero to v1.9.3 ( #554 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-15 12:18:33 +01:00
renovate[bot]
c71eeffd1e
Update module github.com/sigstore/rekor to v1.0.1 ( #543 )
...
* Update module github.com/sigstore/rekor to v1.0.1
* quotes around string with spaces
* [bot] Tidy all modules
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: datosh <datosh@users.noreply.github.com>
2022-11-15 12:18:01 +01:00
Leonard Cohnen
c51694a51a
kubernetes: add hashes to components
2022-11-15 11:07:46 +01:00
Daniel Weiße
5efe05d933
AB#2525 clean up unused code ( #504 )
...
* Rename Metadata->Cloud
* Remove unused methods, functions, and variables
* More privacy for testing stubs
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-15 10:31:55 +01:00
Daniel Weiße
f41c54e837
AB#2524 Refactor Azure metadata/cloud API ( #477 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-15 09:08:18 +01:00
renovate[bot]
83cbc68cb6
Update module github.com/googleapis/gax-go/v2 to v2.7.0 ( #517 )
...
* Update module github.com/googleapis/gax-go/v2 to v2.7.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-14 10:48:28 +01:00
renovate[bot]
5a29172474
Update K8s dependencies
2022-11-14 10:04:04 +01:00
Daniel Weiße
a07cab4b97
Update go-tpm dependency ( #533 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-14 09:02:56 +01:00
Paul Meyer
d025fe1e98
Remove transformers from k8sutil downloader
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 17:53:44 +01:00
renovate[bot]
e887dc7fcd
Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0 ( #515 )
...
* Update module github.com/aws/aws-sdk-go-v2/service/ec2 to v1.69.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:56:45 +01:00
renovate[bot]
0720f95179
Update module cloud.google.com/go/storage to v1.28.0 ( #498 )
...
* Update module cloud.google.com/go/storage to v1.28.0
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-10 11:43:36 +01:00
renovate[bot]
0c1637c700
Update module github.com/coreos/go-systemd/v22 to v22.5.0 ( #506 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-10 11:38:27 +01:00
renovate[bot]
52140ff7e5
Update module golang.org/x/crypto to v0.2.0 ( #507 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-10 08:01:51 +01:00
renovate[bot]
9af6923756
Update module golang.org/x/mod to v0.7.0 ( #508 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 18:44:07 +01:00
renovate[bot]
1c463bf10b
Update Azure SDK ( #493 )
...
* Update Azure SDK
* [bot] Tidy all modules
* fix breaking changes around New function in Azure SDK
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 12:09:22 +01:00
renovate[bot]
cf9693af24
Update Google cloud SDK ( #457 )
...
* Update Google cloud SDK
* [bot] Tidy all modules
* migrate from google.golang.org/genproto/googleapis/cloud/kms/v1 to cloud.google.com/go/kms/apiv1/kmspb
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2022-11-09 11:48:56 +01:00
renovate[bot]
ce0b3a8867
Update module golang.org/x/sys to v0.2.0 ( #491 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 11:09:07 +01:00
renovate[bot]
18439fc69b
Update module github.com/docker/docker to v20.10.21+incompatible ( #322 )
...
* Update module github.com/docker/docker to v20.10.21+incompatible
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:07:15 +01:00
renovate[bot]
cb7b53a9c9
Update AWS SDK ( #490 )
...
* Update AWS SDK
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-09 11:03:06 +01:00
renovate[bot]
5f170709d6
Update k8s.io/utils digest to 8e77b1f ( #489 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-09 10:46:47 +01:00
renovate[bot]
34435e4396
Update k8s.io/utils digest to 1a15be2 ( #483 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-08 18:39:51 +01:00
renovate[bot]
934d173650
Update AWS SDK ( #412 )
...
* Update AWS SDK
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 13:17:27 +01:00
renovate[bot]
8e44eb7ea5
Update module github.com/sigstore/rekor to v1 ( #453 )
...
* Update module github.com/sigstore/rekor to v1
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-04 12:45:45 +01:00
Leonard Cohnen
0430336fdf
metadata: implement GetLoadBalancerEndpoint for AWS
2022-11-02 23:29:04 +01:00
renovate[bot]
4b257616e4
Update k8s.io/utils digest to 61b03e2 ( #427 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-02 16:04:19 +01:00
renovate[bot]
67a99434e9
Update module github.com/sigstore/sigstore to v1.4.5 ( #383 )
...
* Update module github.com/sigstore/sigstore to v1.4.5
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-11-01 12:14:55 +01:00
Daniel Weiße
79f52e67cb
Update go-tpm-tools to fix AWS PCR selection ( #390 )
...
* Update go-tpm-tools to fix AWS PCR selection
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
* Ignore leaking glog go routine
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-28 17:57:24 +02:00
Paul Meyer
256f0e64b3
Upgrade Go version to 1.19
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-28 16:06:53 +02:00
renovate[bot]
4ef94834ed
Update module github.com/googleapis/gax-go/v2 to v2.6.0 ( #330 )
...
* Update module github.com/googleapis/gax-go/v2 to v2.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-28 09:33:29 +02:00
leongross
d457620941
AB#2458 AWS NitroTPM attestation ( #339 )
...
* add aws tpm attestation
* fix typos
* Fix return value issue
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-10-27 11:04:23 +02:00
renovate[bot]
8d82d8c0fa
Update module github.com/stretchr/testify to v1.8.1 ( #385 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:39:45 +02:00
renovate[bot]
8c01a6647f
Update module github.com/spf13/cobra to v1.6.1 ( #384 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-27 08:25:21 +02:00
renovate[bot]
9210ae5d04
Update google.golang.org/genproto digest to 527a21c ( #320 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-26 15:47:16 +02:00
renovate[bot]
c452f17ca2
Update module golang.org/x/mod to v0.6.0 ( #335 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-24 18:44:03 +02:00
Daniel Weiße
c82d5ccba9
Hide cursor and fix dots ( #217 )
...
* Hide cursor and fix dots spinner
* Allow restarting of spinner
* Don't spin on non TTY output
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-10-21 14:26:42 +02:00
renovate[bot]
56981a709e
Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13 ( #346 )
...
* Update module github.com/aws/aws-sdk-go-v2/service/kms to v1.18.13
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-21 14:08:36 +02:00
renovate[bot]
02f1f5109a
Update module google.golang.org/grpc to v1.50.1
2022-10-21 13:28:03 +02:00
renovate[bot]
8cf6189cf0
Update module github.com/fsnotify/fsnotify to v1.6.0 ( #325 )
...
* Update module github.com/fsnotify/fsnotify to v1.6.0
* [bot] Tidy all modules
* Use event.Has function
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <renovate[bot]@users.noreply.github.com>
2022-10-20 10:16:20 +02:00
renovate[bot]
1d417029bf
Update module github.com/google/tink/go to v1.7.0
2022-10-19 13:37:16 +02:00
renovate[bot]
38ff8b70c7
Update module github.com/spf13/cobra to v1.6.0 ( #326 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 11:07:00 +02:00
renovate[bot]
37a9dbfad2
Update k8s dependencies ( #308 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-19 10:37:40 +02:00
renovate[bot]
f05bccb670
Update module github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v0.5.1 ( #269 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:57:09 +02:00
renovate[bot]
3e209b9456
Update module github.com/coreos/go-systemd/v22 to v22.4.0 ( #321 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:51:58 +02:00
renovate[bot]
9a1d795597
Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault ( #267 )
...
* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys to v0.8.1
* Update module github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets to v0.10.1
* Adjust Azure KMS opts struct
* Update kms readme formatting
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-18 12:08:59 +02:00
renovate[bot]
ecdf5d5165
Update module golang.org/x/text to v0.3.8 ( #297 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 18:12:19 +02:00
renovate[bot]
71d4aac3f2
Update module github.com/docker/docker to v20.10.19+incompatible ( #271 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-17 15:40:59 +02:00