miampf
f386dbc95f
move key derivation to joinservice instead of joinclient
2025-01-30 12:21:07 +01:00
miampf
19181af13d
implemented suggestions
2025-01-30 12:21:07 +01:00
miampf
ea94ebd236
check return value of fh.Write in ssh_test.go
2025-01-30 12:21:07 +01:00
miampf
b5fddcd254
wrote test for ssh subcommand
2025-01-30 12:21:07 +01:00
miampf
bee3f6c159
added test for CA generation + use SeedSize constant
...
Previously, I just hard coded 256 as the key length that seeds the key
generation since it worked. Now, it uses ed25519.SeedSize (32) instead.
2025-01-30 12:21:07 +01:00
miampf
0be301fa3a
please CI
2025-01-30 12:21:06 +01:00
miampf
241d0cd88d
refactoring
2025-01-30 12:21:06 +01:00
miampf
d336d06480
also derive the key on the control plane nodes
2025-01-30 12:21:06 +01:00
miampf
6ec18eb7ca
make key path a constant
2025-01-30 12:21:06 +01:00
miampf
5053c4581d
fixed tests
2025-01-30 12:21:05 +01:00
miampf
570b735e09
regenerated protobuf definitions
2025-01-30 12:21:05 +01:00
miampf
23b23d8ed4
adjusted key derivation logic to happen in the join client
2025-01-30 12:21:05 +01:00
miampf
9363206662
use suffix for emergency ssh DEK key
2025-01-30 12:21:05 +01:00
miampf
2a7408bc16
check if directory constellation-terraform exists
2025-01-30 12:21:04 +01:00
miampf
52792e2cde
use existing MasterSecret
type + fix autoformatting
2025-01-30 12:21:04 +01:00
miampf
53b84d8398
add sensible error messages to CLI
2025-01-30 12:21:04 +01:00
miampf
60c3ec4b01
write CA key to file in joinclient
2025-01-30 12:21:04 +01:00
miampf
5a357eb454
added clarifying comment in ssh
command code
2025-01-30 12:21:04 +01:00
miampf
53a9af82e0
adjusted client side key derivation
2025-01-30 12:21:03 +01:00
miampf
a8ace9cd23
implemented keyservice key derivation logic
2025-01-30 12:21:03 +01:00
miampf
15e270e5ca
generated docs
2025-01-30 12:21:03 +01:00
miampf
e9414a13cc
adjusted keyservice proto + regenerated go code
2025-01-30 12:21:02 +01:00
miampf
80aa1d6454
added emergency_ca_key
parameter to IssueJoinTicketResponse
2025-01-30 12:21:02 +01:00
miampf
1850d4b327
add ssh subcommand
2025-01-30 12:21:02 +01:00
renovate[bot]
e6048e093b
deps: update dependency aspect_bazel_lib to v2.13.0 ( #3627 )
...
* deps: update dependency aspect_bazel_lib to v2.13.0
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-30 11:45:03 +01:00
renovate[bot]
1faf2dd1b8
deps: update dependency gazelle to v0.42.0 ( #3626 )
...
* deps: update dependency gazelle to v0.42.0
* deps: tidy all modules
* ci: ignore GO-2025-3408
The vulnerability does not have a patch and is a denial-of-service.
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Markus Rudy <mr@edgeless.systems>
2025-01-30 11:00:18 +01:00
renovate[bot]
bb994d5a01
deps: update Go dependencies ( #3623 )
...
* deps: update Go dependencies
* deps: tidy all modules
* keep cloud.google.com/go/storage at v1.49.0
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2025-01-29 16:31:16 +01:00
edgelessci
7242a1eb74
image: update measurements and image version ( #3625 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-29 16:31:07 +01:00
miampf
8da08bec8d
e2e: downgrade vale version to 3.9.3 ( #3624 )
2025-01-28 13:12:50 +00:00
renovate[bot]
8e8c44e35a
deps: update dependency buildifier_prebuilt to v8.0.1 ( #3621 )
...
* deps: update dependency buildifier_prebuilt to v8.0.1
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-24 13:36:58 +01:00
renovate[bot]
148b82e32c
deps: update dependency prism-react-renderer to v2.4.1 ( #3619 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-24 08:06:24 +01:00
edgelessci
e44adf85d4
image: update measurements and image version ( #3620 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-24 08:06:12 +01:00
renovate[bot]
3af498fbfe
deps: update dependency numpy to v2.2.2 ( #3618 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-22 12:26:18 +01:00
renovate[bot]
bda3d802dc
deps: update dependency asciinema-player to v3.8.2 ( #3616 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-22 12:21:19 +01:00
renovate[bot]
808631f530
deps: update dependency buildifier_prebuilt to v8 ( #3615 )
...
* deps: update dependency buildifier_prebuilt to v8
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-22 11:53:19 +01:00
renovate[bot]
3f702ecda9
deps: update Terraform google to v6.17.0 ( #3614 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-22 08:49:30 +01:00
renovate[bot]
12cfd7006b
deps: update registry.k8s.io/sig-storage/snapshot-controller Docker tag to v8.2.0 ( #3612 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-22 08:27:02 +01:00
edgelessci
caa80783eb
image: update measurements and image version ( #3613 )
...
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-22 08:13:32 +01:00
renovate[bot]
501d1779ed
deps: update Go dependencies ( #3603 )
...
* deps: update Go dependencies
* hold back cloud.google.com/go/storage dependency
* keep fork replacement at consistent version
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2025-01-21 16:23:10 +01:00
Daniel Weiße
bea2f33efc
renovate: reformat config file for json5 ( #3610 )
...
* renovate: include replace directives in Go deps upgrade
* renovate: replace deprecated regexManagers with customManagers
* renovate: rewrite config in proper json5
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-01-21 13:26:42 +01:00
renovate[bot]
92d7fc5385
deps: update module k8s.io/cri-client to v0.32.1 ( #3608 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-21 11:03:48 +01:00
renovate[bot]
e9a6513346
deps: update actions/setup-go action to v5.3.0 ( #3605 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-21 10:28:03 +01:00
renovate[bot]
ebbe61727c
deps: update dependency DeterminateSystems/nix-installer to v0.34.0 ( #3607 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-21 10:06:09 +01:00
renovate[bot]
44e898e187
deps: update Terraform dependencies ( #3604 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-21 10:05:01 +01:00
renovate[bot]
f048ebb8e8
deps: update rhysd/actionlint to v1.7.7 ( #3602 )
...
* deps: update rhysd/actionlint to v1.7.7
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-21 10:04:32 +01:00
renovate[bot]
f789b8efc7
deps: update bufbuild/buf to v1.50.0 ( #3606 )
...
* deps: update bufbuild/buf to v1.50.0
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-21 10:04:07 +01:00
renovate[bot]
c6db8bd46b
deps: update aquasecurity/tfsec to v1.28.13 ( #3600 )
...
* deps: update aquasecurity/tfsec to v1.28.13
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-21 09:05:04 +01:00
renovate[bot]
2216098a9b
deps: update registry.k8s.io/sig-storage/snapshot-validation-webhook Docker tag to v8.1.1 ( #3601 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-01-21 08:51:04 +01:00
renovate[bot]
679edd79d4
deps: update Go dependencies ( #3586 )
...
* deps: update Go dependencies
* keep cloud.google.com/go/storage at v1.49.0
This is required to avoid issues with a broken
google.golang.org/grpc/stats/opentelemetry import
See https://github.com/googleapis/google-cloud-go/issues/11455
* deps: tidy all modules
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-20 16:15:42 +01:00
renovate[bot]
22d093cc6f
deps: update bazel (core) ( #3581 )
...
* deps: update bazel (core)
* bazel: depset -> list
To comply with some breaking changes in rules_go v0.51, we explicitly
need to type-cast the depsets to lists here.
* bazel: migrate deprecated GoLibrary usage
In rules_go v0.51.0, `GoLibrary` was deprecated and replaced by
`GoInfo`. This adjusts our `protoc-gen-go` rule to use the new `GoInfo`.
* deps: tidy all modules
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2025-01-20 15:17:05 +01:00