Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 08:15:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,451 Commits 131 Branches 43 Tags 105 MiB
eaec73cca4
Commit Graph

637 Commits

Author SHA1 Message Date
Malte Poll
264b2df902
deps: upgrade to Fedora 38 (#1909) 
* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
 2023-06-15 16:50:35 +02:00
Otto Bittner
c33ab624c1
ci: upgrade fromVersion in e2e-upgrade (#1931) 
We released 2.8 so we need to test that it can upgrade to HEAD.
 2023-06-15 07:49:30 +02:00
Malte Poll
ee77e3922a
ci: explicitly add CLI signature as release artifact (#1917) 2023-06-14 09:56:11 +02:00
Moritz Sanft
72e168e653
bazel: pseudo version tool freshness check (#1869) 
* switch to darwin compatible shasum

* add bazel rule

* update shellscript for in-place updates

* Revert "update shellscript for in-place updates"

This reverts commit 87d39b06f7.

* add version tool freshness check

* remove pseudo-version file

* revert to `sha256sum`

* fix workflow indentation
 2023-06-09 11:50:51 +02:00
Moritz Sanft
892752a1f8
add necessary permissions (#1905) 2023-06-09 11:50:39 +02:00
Otto Bittner
3a54ca91a7
deps: bump go patch version (#1903) 2023-06-09 10:53:17 +02:00
renovate[bot]
25037026e1
deps: update Python dependencies (#1887) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2023-06-07 10:36:52 +02:00
Malte Poll
b3c052e299
operators: cleanup placeholder nodeversion (#1881) 
* operators: cleanup placeholder nodeversion
* e2e: improve upgrade test portability
 2023-06-06 15:22:06 +02:00
Malte Poll
025d34a259
ci: fix docker-login on macOS runner (#1877) 2023-06-06 12:20:09 +02:00
3u13r
7c07e3be18
Add --insecure to config fetch-measurement (#1879) 
* cli: add --insecure to fetch-measurements

* cli: rename fake to stub

* ci: upload measurements for debug images

* fix cli docs
 2023-06-06 10:32:22 +02:00
Malte Poll
900d51d49f
ci: select correct target version for upgrade e2e test in release pipeline (#1874) 2023-06-05 13:56:16 +02:00
Adrian Stobbe
a813760f96
config: automatically upload new Azure SNP versions to API + sign version with release key (#1854) 
* sign version with release key and remove version from fetcher interface
* extend azure-reporter GH action to upload updated version values to the Attestation API
 2023-06-02 12:10:22 +02:00
Malte Poll
289665eb22
ci: remove setup-go action / disable cache where applicable (#1850) 
Runners sometimes fail because they run out of disk space.
One reason this happens is a change in the setup-go action@v4:

> The V4 edition of the action offers: Enabled caching by default

To combat this, we now disable the cache if it was not enabled explicitly before.
Additionally, we remove setup-go where it is no longer needed.
 2023-06-01 15:16:00 +02:00
3u13r
e0285c122e
todo responsibilities and cleanup (#1837) 
* chore: add TODO responsibilities

* chore: remove not needed TODOs

* chore: remove outdated migrations

* chore: remove resolved goleak exception

* chore: remove not needed cosign env

* config: add link to our Azure snp docs
 2023-06-01 12:33:06 +02:00
Otto Bittner
0c13f3ed8d image: add aws_aws-sev-snp variant 
This needs no changes to the existing AWS image.
The images have worked without modification so far.
 2023-06-01 11:25:31 +02:00
Malte Poll
8a51ae1ec3
ci: do not sign & upload debug image measurements (#1849) 2023-06-01 10:58:34 +02:00
Malte Poll
a1ec899171 ci: use enterprise cli for e2e tests 2023-05-31 14:00:00 +02:00
Adrian Stobbe
0a6e5ec02e
config: dynamic attestation configuration through S3 backed API (#1808) 2023-05-25 17:43:44 +01:00
3u13r
25211dc154
ci: codeql disable autobuild for go (#1828) 2023-05-25 18:20:44 +02:00
Malte Poll
76bf5e8e28 ci: upload image info v2 and measurements v2 in image build pipeline 2023-05-25 15:01:15 +02:00
Otto Bittner
c010a4d742 ci: fix aws-snp-launchmeasurement pipeline 
Misspelled variable name.
 2023-05-25 14:00:45 +02:00
Malte Poll
7cff47f30f
ci: run release workflow on temporary branch (#1628) 2023-05-25 10:14:42 +02:00
Otto Bittner
06a32a85a7 ci: add pipeline to precalc launchmeasurements 
This is for SNP on AWS.
 2023-05-24 12:58:39 +02:00
Malte Poll
050fccc591 ci: do not run unit tests on macOS 2023-05-23 15:11:10 +02:00
Malte Poll
c4ad246910 wip: cached unit tests 2023-05-23 15:11:10 +02:00
Leonard Cohnen
c98644df2b ci: use bazel for unittests 2023-05-23 15:11:10 +02:00
Malte Poll
660781d35e misc: bazelisk -> bazel 2023-05-23 15:11:10 +02:00
Malte Poll
a0ac230298 ci: remove bazel repo cache hosted in github actions cache 2023-05-23 15:11:10 +02:00
Malte Poll
41cc759b44 ci: use self hosted (cached) runners 2023-05-23 15:11:10 +02:00
3u13r
6062b10035
cli: split image into oss and enterprise (#1788) 2023-05-23 10:49:47 +02:00
Malte Poll
dc9b3c1937
ci: run e2e tests as last step of release pipeline (#1793) 2023-05-22 09:22:00 +02:00
3u13r
964775c4c2
Add autoscaling and cluster upgrade support for AWS (#1758) 
* aws: autoscaling and upgrades

* docs: update scaling and upgrades for AWS

* deps: pin vuln check against release
 2023-05-19 13:57:31 +02:00
Otto Bittner
2dc105224d
ci: set toImage argument in e2e-test-release (#1722) 2023-05-16 08:54:12 +02:00
3u13r
4024b9cf71
ci: fix minicon e2e test (#1763) 
* ci: push containers during minicon e2e

* cli: set testing nvram for pre images in minicon
 2023-05-12 17:14:32 +02:00
3u13r
dd2ea50a39
deps: bump go version (#1760) 2023-05-11 14:14:15 +02:00
renovate[bot]
a8101c8c64
deps: update GitHub action dependencies (#1745) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 14:42:20 +02:00
Paul Meyer
30cd024076
deps: add Kubernetes v1.27, remove Kubernetes v1.24 (#1669) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 13:22:53 +02:00
Paul Meyer
b48866a756
ci: fix measurement generation on scheduled build (#1741) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-05 13:13:51 +02:00
Malte Poll
2efa3083dc ci: use native go code for os image upload 2023-05-05 12:06:44 +02:00
Paul Meyer
b76583e4a0
ci: fix e2e miniconstellation abort condition (#1728) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-04 08:16:31 +02:00
Paul Meyer
ab74958b4a
ci: fix e2e release abort condition (#1726) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-05-03 18:18:16 +02:00
Malte Poll
d2cbf3dc83
ci: skip e2e tests if caller was not successful (#1714) 2023-05-03 11:40:09 +02:00
Paul Meyer
7ab23c28b8 Revert "misc: replace sha256sum with shasum -a 256 (#1681)" 
This reverts commit ec1d5e9fb5.

While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
 2023-05-02 11:07:05 +02:00
Otto Bittner
5deccc3d01 ci: push images in e2e-upgrade 2023-04-28 15:48:12 +02:00
Otto Bittner
481eeeaf3e ci: add simulatedTargetVersion to e2e-upgrade 
This allows us to build a CLI that reports the given version during
an upgrade test. With this we can test patch upgrades.
 2023-04-28 15:48:12 +02:00
Paul Meyer
1d24036f21
ci: fix os image build schedule (#1703) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-28 12:57:11 +02:00
Malte Poll
635b98a34f
ci: rename all usages of bazel push target from //:push to //bazel/release:push (#1701) 2023-04-28 09:26:15 +02:00
Moritz Sanft
261fe611a9
ci: add Terraform logging (#1665) 
* enable Terraform logging

* change to debug level

* rename artifact

* add name suffix

* remove blank line
 2023-04-27 14:03:49 +02:00
Malte Poll
0c206e62d0
deps: rename bazel-zig-cc to hermetic_cc_toolchain (#1695) 2023-04-27 10:27:43 +02:00
Paul Meyer
bf051174f6 ci: update measurements and image version 
on scheduled build

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 10:20:27 +02:00
Paul Meyer
82d0475e2a ci: don't pick from release to main 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-27 10:20:27 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 (#1681) 2023-04-26 13:40:18 +02:00
Malte Poll
84dd25600f
image: upgrade mkosi to support repart (#1684) 2023-04-25 18:22:40 +02:00
Otto Bittner
c962e1745f
ci: add missing permissions for e2e-upgrade job (#1679) 
Missed a spot..
 2023-04-24 13:49:02 +02:00
Otto Bittner
e6d5c2f116 ci: remove obsolete env variables 
these variables influence the azure cli auth behavior.
we now use OIDC as login mechanism.
 2023-04-24 12:38:08 +02:00
Otto Bittner
840eb401c6 ci: add missing permissions to workflows 
+ packages: write
+ checks: write
 2023-04-24 12:38:08 +02:00
Malte Poll
5145f806ea bazel: remove apko and Dockerfile where Bazel is used to build container images 2023-04-18 15:35:15 +02:00
Malte Poll
19ff132ee8 ci: upload container images when running e2e tests 2023-04-18 15:35:15 +02:00
Paul Meyer
4b9bce9bb7
ci: fix notification trigger (#1673) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-18 14:50:36 +02:00
Paul Meyer
e335421dd2
ci: trigger notify only in scheduled workflows (#1671) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 17:30:56 +02:00
3u13r
3cb6ab04f1
ci: don't set IAM env for Azure (#1670) 2023-04-17 16:47:12 +02:00
Paul Meyer
c1d3b38a5f ci: replace release[bot] with edgelessci 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
7a1af4937c ci: remove outdated iam code 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
b80d1576f3 ci: use include list to define e2e matrix 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
4020e7840a ci: always use tee -a instead of redirecting 
into GITHUB_OUTPUT

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-17 12:08:42 +02:00
Paul Meyer
860d72a083
ci: reduce number of steps with continue-on-error (#1593) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 18:50:58 +02:00
Paul Meyer
632b24e7cd
ci: fix version publishing on release (#1658) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 18:04:03 +02:00
Paul Meyer
1f82b4d266 ci: reduce continue-on-error usage in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Paul Meyer
d24ebd660e ci: fix order in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Paul Meyer
677ed052a4 ci: use iam created Azure resource group in e2e upgrade 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-14 13:12:39 +02:00
Otto Bittner
d2967fff6b
cli: fix misleading error while applying kubernetes-only upgrade (#1630) 
* The check would previously fail if e.g. `apply` did not upgrade the
image, but a new image was specified in the config. This could
happen if the specified image was too new, but a valid Kuberentes
upgrade was specified.
* ci: fix variable expansion in e2e-upgrade call
* e2e: do not verify measurement signature
 2023-04-13 15:58:37 +02:00
Paul Meyer
dea41bd1ed
ci: refactor e2e test failure notifications (#1625) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-12 16:06:26 +02:00
Moritz Sanft
6ba294e175
ci: separate e2e permissions (#1555) 
* split e2e test iam create / create perms

* remove global Azure credentials

* remove unnecessary azure actions

* use UUID

* fix e2e upgrade test

* rename create inputs

* remove continue-on-error for resource deletion

* de-exclude verify test

* fix exclude

* fix release e2e test

---------

Co-authored-by: Nils Hanke <nils.hanke@outlook.com>
 2023-04-12 13:24:13 +02:00
Malte Poll
2b962598bf
deps: update go to 1.20.3 (#1622) 2023-04-06 16:36:07 +02:00
Malte Poll
0ece41c146
bazel-deps-mirror: upgrade command (#1617) 
* bazel-deps-mirror: upgrade command

This command can be used to upgrade a dependency.
Users are supposed to replace any upstream URLs and run the upgrade command.
It replaces the expected hash and uploads the new dep to the mirror.
 2023-04-05 17:32:51 +02:00
Paul Meyer
b6778ab3e8
ci: always release cli on release-cli workflow (#1611) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-04 18:07:48 +02:00
renovate[bot]
8f17e4b9df
deps: update actions/setup-go action to v4 (#1605) 
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
 2023-04-04 11:06:30 +02:00
Paul Meyer
00efc30e24
ci: fix empty image input of verify e2e on release (#1604) 
* ci: fix empty image input of verify e2e on release
* ci: increase parallelism of e2e release workflow

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-04 10:47:26 +02:00
Otto Bittner
b5ce95a7a1
ci: do not run tests on macOS (#1595) 
only run two tests on macOS as a simple smoketest
 2023-04-03 17:47:21 +02:00
renovate[bot]
5dad9bfad7
deps: update GitHub action dependencies (#1591) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-03 16:36:43 +02:00
Paul Meyer
cbdaec65da
ci: purge images on main (#1583) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-04-03 13:44:46 +02:00
Otto Bittner
1dd5eae594
ci: do not skip e2e-weekly if trigger is successful (#1584) 2023-04-03 13:40:42 +02:00
Otto Bittner
180ef931fd ci: do not create branch during release workflow 
This seems to bother the create-pull-request action.
See: https://github.com/peter-evans/create-pull-request/issues/1203
 2023-04-03 11:35:39 +02:00
Otto Bittner
cc2bde9a3e ci: only commit version.txt if a change happened 2023-04-03 11:35:39 +02:00
Otto Bittner
4df33b93fe ci: add e2e-test-release workflow 
This workflow is used to run e2e tests in
preparation to a release.
It is triggered by the successful completion of
the release workflow.
Also trigger e2e-mini through the release
workflow completion.
This makes restarting the tests easier if
they fail during release preparation.

Co-authored-by: stdoutput <moritz.sanft@outlook.de>
 2023-04-03 11:35:39 +02:00
3u13r
efe4681214
add version.txt step to release pipeline (#1493) 
* add version.txt step to release pipeline

* refresh git status

* make minicon e2e test less flaky
 2023-03-31 12:41:32 +02:00
Paul Meyer
e021245660 bazel: add cli doc generation to //:generate 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 12:01:13 -04:00
Paul Meyer
399b052f9e
bazel: add protoc codegen to //:generate target (#1554) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 14:47:29 +02:00
Otto Bittner
ef5d64b170
ci: set correct fromVersion in upgrade test (#1535) 2023-03-30 09:46:41 +02:00
Malte Poll
827c4f548d
bazel: deps mirror (#1522) 
bazel-deps-mirror is an internal tools used to upload external dependencies
that are referenced in the Bazel WORKSPACE to the Edgeless Systems' mirror.

It also normalizes deps rules.

* hack: add tool to mirror Bazel dependencies
* hack: bazel-deps-mirror tests
* bazel: add deps mirror commands
* ci: upload Bazel dependencies on renovate PRs
* update go mod
* run deps_mirror_upload


Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-30 09:41:56 +02:00
Paul Meyer
d3e2f30f7b ci: fix diff check in tidy workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-29 12:51:40 -04:00
Paul Meyer
909bfb9274 bazel: add go generate to //:generate target 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-29 12:51:40 -04:00
Malte Poll
2a8169dd3b
ci: use bazel repository cache for tidy checks (#1525) 2023-03-29 14:13:51 +02:00
Paul Meyer
f108ff8539
bazel: add govulncheck to //:check target (#1512) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-27 13:35:51 +02:00
Paul Meyer
00c7611245
bazel: add license checks to //:check target (#1509) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-27 10:42:30 +02:00
Otto Bittner
da4e2521a9
ci: don't statically set PCR 5 (#1521) 
This value can't be statically precomputed and leads to
warnings during runtime.
 2023-03-24 17:08:39 +01:00
Paul Meyer
f7713df833
bazel: add golangci-lint to //:check target (#1494) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 17:27:09 +01:00
Paul Meyer
01d6724bae ci: run e2e test daily on last release 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00
Paul Meyer
4628222780 ci: always use tee -a when writing output 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00
Paul Meyer
332c78da60 ci: run e2e test weekly on last release 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00
Paul Meyer
24f974de66 ci: run e2e test manual on last release 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-23 10:54:59 -04:00
Otto Bittner
cac43a1dd0 ci: add e2e-upgrade test 
The test is implemented as a go test.
It can be executed as a bazel target.
The general workflow is to setup a cluster,
point the test to the workspace in which to
find the kubeconfig and the constellation config
and specify a target image, k8s and
service version. The test will succeed
if it detects all target versions in the cluster
within the configured timeout.
The CI automates the above steps.
A separate workflow is introduced as there
are multiple input fields to the test.
Adding all of these to the manual e2e test
seemed confusing.

Co-authored-by: Fabian Kammel <fk@edgeless.systems>
 2023-03-23 14:57:38 +01:00
renovate[bot]
0a190c2bf6
deps: update GitHub action dependencies (#1499) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-22 17:57:47 +01:00
Nils Hanke
1ab40b7ca6 e2e: install Terraform for macOS runner for boot log collection 2023-03-22 10:36:28 +01:00
Nils Hanke
093f0f0e28 ci: rename scheduled OS image build action 2023-03-21 14:32:56 +01:00
renovate[bot]
9a9688583d
deps: update aws-actions/configure-aws-credentials action to v2 (#1445) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-21 10:56:30 +01:00
Malte Poll
6f16e0b6fd
ci: use github actions cache to speedup bazel builds (#1444) 
* ci: use github actions cache to speedup bazel builds
* ci: warm bazel repo cache daily
 2023-03-21 10:06:32 +01:00
Paul Meyer
a3b328360d ci: always run bazel tidy/check/generate workflow 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-20 11:17:16 -04:00
Paul Meyer
8d3fe6f477 bazel: add terrafrom to //:check and //:generate 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-20 11:17:16 -04:00
Nils Hanke
33cb3e8653 e2e: add "checks: write" permission for junit reports 2023-03-20 16:16:08 +01:00
Malte Poll
c3c0940adb
bazel: use remote caching (#1456) 
* bazel: add configuration for remote caching
* ci: enable bazel remote caching for building binaries
* ci: use bazel directly when building go binaries
* ci: enable cache for most build steps
* dev-docs: document remote caching
 2023-03-20 16:05:08 +01:00
Nils Hanke
914eacb4a3
e2e: use macOS for building Linux artifacts and remove caching steps (#1446) 2023-03-20 11:04:44 +01:00
Malte Poll
3fd9a34025
ci: disable upload of Azure TrustedLaunch image (#1440) 2023-03-17 10:51:44 +01:00
Paul Meyer
3a04786412 bazel: add actionlint to //:check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 13:02:11 -04:00
Paul Meyer
0fc15b2393 bazel: add shellcheck to //:check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 11:13:14 -04:00
Paul Meyer
e3f37e9a38 bazel: add shfmt to tidy target 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-16 04:39:45 -04:00
Nils Hanke
6bb6f1c288 ci: remove Go setup where Bazel is used for building 2023-03-14 15:28:36 +01:00
3u13r
fe767ba78e
introduce version.txt (#1412) 2023-03-14 14:53:33 +01:00
Paul Meyer
8679988b6c fixup! bazel: add tidy and check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-14 03:43:51 -04:00
Paul Meyer
02c97fac03 bazel: add tidy and check 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-14 03:43:51 -04:00
Paul Meyer
e1f0ea50a7 ci: only build GCP guest agent if necessary 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 12:19:46 -05:00
Paul Meyer
72530d45ae ci: tag GCP guest agent with semver 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 12:19:46 -05:00
Paul Meyer
cc60de312e ci: adopt tidy workflow for bazel 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-10 10:02:28 -05:00
Moritz Sanft
01705feb51
ci: upload cli version list (#1377) 
* upload cli version list

* fix flag

* name

* allow cli kind for listing

* [remove] update vapi cli

* allow cli kind

* use latest versionsapi image version

* fix kind parsing

* use workflow calls in on_release action

* [remove] update container tag

* change back to latest tag
 2023-03-10 10:21:58 +01:00
Malte Poll
bdba9d8ba6
bazel: add build files for go (#1186) 
* build: correct toolchain order
* build: gazelle-update-repos
* build: use pregenerated proto for dependencies
* update bazeldnf
* deps: tpm simulator
* Update Google trillian module
* cli: add stamping as alternative build info source
* bazel: add go_test wrappers, mark special tests and select testing deps
* deps: add libvirt deps
* deps: go-libvirt patches
* deps: cloudflare circl patches
* bazel: add go_test wrappers, mark special tests and select testing deps
* bazel: keep gazelle overrides
* bazel: cleanup bazelrc
* bazel: switch CMakeLists.txt to use bazel
* bazel: fix injection of version information via stamping
* bazel: commit all build files
* dev-docs: document bazel usage
* deps: upgrade zig-cc for go 1.20
* bazel: update Perl for macOS arm64 & Linux arm64 support
* bazel: use static perl toolchain for OpenSSL
* bazel: use static protobuf (protoc) toolchain
* deps: add git and go to nix deps

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-09 15:23:42 +01:00
Daniel Weiße
e07be3d6f8
fix: add measurement-reader to build pipeline (#1386) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2023-03-09 15:01:09 +01:00
renovate[bot]
fede4ec6d2
deps: update GitHub action dependencies (#1365) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-08 10:06:42 +01:00
Paul Meyer
74fc6239b2
deps: update to Go 1.20.2 (#1366) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-08 10:05:36 +01:00
Paul Meyer
f4a4a044fe ci: tee GitHub output 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-07 11:32:41 -05:00
Malte Poll
1624af0cc7
image: pin aws uefivars version and install new deps (#1345) 2023-03-06 13:29:15 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Moritz Eckert
29664fc481 ci: upload benchmark results to opensearch 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-03 09:43:49 +01:00
Moritz Eckert
12ba11ceee ci: replace k-bench in e2e-test-weekly 2023-03-03 09:43:49 +01:00
Moritz Eckert
6fbca2818f ci: replace k-bench in e2e-test-manual 2023-03-03 09:43:49 +01:00
Paul Meyer
6cb93d66df ci: change push/pr token 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-03 02:55:17 -05:00
Paul Meyer
f9bb7c5f34
ci: frequently build up to date gcp guest-agent (#1315) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-03-01 13:52:52 +01:00
Paul Meyer
8c171a1b66
ci: pin ko version (#1309) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-28 18:53:28 +01:00
Moritz Sanft
732d15d013
ci: use iam destroy command for resource destruction (#1272) 
* replace tf destruction with new command

* move iam destroy cmd

* fix typos

* exit post test on error

* [remove] test failure on iam destroy

* Revert "[remove] test failure on iam destroy"

This reverts commit 99449c0cc0.

* [remove] test failure on terminate

* Revert "[remove] test failure on terminate"

This reverts commit 99c45bbc54.

* gofumpt
 2023-02-28 09:52:32 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create on OpenStack (#1283) 
* image: support OpenStack image build / upload

* cli: add OpenStack terraform template

* config: add OpenStack as CSP

* versionsapi: add OpenStack as CSP

* cli: add OpenStack as provider for `config generate` and `create`

* disk-mapper: add basic support for boot on OpenStack

* debugd: add placeholder for OpenStack

* image: fix config file sourcing for image upload
 2023-02-27 18:19:52 +01:00
Otto Bittner
6c07a2892e ci: adapt pipeline to use --kubernetes flag 2023-02-27 16:33:47 +01:00
Otto Bittner
08ee56911b cli: overwrite chart versions during install/upgrade 
* As charts receive information like the container image from
the cli it makes sense to also version the charts based on the cli
version.
* The pseudoversion is recalculated when running cmake.
* When merging changes from release branch to main,
a new commit is introduced to set the PROJECT_VERSION back
to 0.0.0, so that builds include a pseudoversion.
 2023-02-27 16:06:35 +01:00
Otto Bittner
948a12461c build: introduce pseudoversion for cli versions 
All binaries that receive a version number during build
now receive a pseudoversion from hack/pseudo-version.
This makes any version-dependant behavior more similar
between dev and release versions. And in turn makes testing
easier.
 2023-02-27 16:06:35 +01:00
Paul Meyer
4f480db77a
ci: ensure ci prs trigger workflows (#1279) 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-27 15:16:07 +01:00
Otto Bittner
05823680f3
ci: fix release pipeline (#1253) 
* add pull-request permission to docs job
* readd permission for micro-services step
* run checkout action before building
* allow crane to read packages
 2023-02-27 10:49:52 +01:00
Moritz Sanft
a274ac8a7c
ci: add cli k8s compatibility table artifact upload to ci (#1218) 
* add cli k8s compatibility api to ci

* extend versionsapi package

* rework cli info upload via ci

* join errors natively

* fix semver

* upload from hack file

* fix ci checks

* add distributionid

* setup go before running hack file

* setup go after repo checkout

* use logger instead of panic, invalidate cache

* use provided ctx

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

---------

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-24 12:00:04 +01:00
Nils Hanke
f13f80b8af
ci: update Syft to 0.72.0 and Grype to 0.57.1 (#1120) 
* ci: update Syft to 0.72.0 and Grype to 0.57.1
* ci: install Cosign before Syft
* ci: directly read private key from environment for Cosign
* ci: add --add-cpes-if-none to Grype
* ci: use cosign attest directly instead of syft attest
 2023-02-22 14:17:02 +01:00
Paul Meyer
f580f8216a ci: add missing Go setup 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 08:50:11 -05:00
renovate[bot]
30f53f78d0
deps: update GitHub action dependencies (#1239) 
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 13:49:47 +01:00
Moritz Sanft
0ba810240f
ci: integrate automatic iam creation in e2e test (#1158) 
* integrate automatic iam creation in e2e test

* fix typo

* break long line comments

* fix semvers

* correct bracing
 2023-02-21 12:47:14 +01:00
Paul Meyer
df30197607 ci: fix self trigger paths of workflows 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-02-21 05:21:59 -05:00