Commit Graph

2535 Commits

Author SHA1 Message Date
Daniel Weiße
5eb73706f5
internal: refactor storage credentials (#1071)
* Move storage clients to separate packages

* Allow setting of client credentials for AWS S3

* Use managed identity client secret or default credentials for Azure Blob Storage

* Use credentials file to authorize GCS client

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-03-02 15:08:31 +01:00
Malte Poll
96b4b74a7a
image: set attestation variant on kernel cmdline (#1323) 2023-03-02 12:20:10 +01:00
Malte Poll
ab0b881cbf
oid: add alternative string representations for attestation variants (#1322) 2023-03-02 10:48:16 +01:00
Otto Bittner
a5d4970753
ci: run constellation commands with --debug (#1321) 2023-03-02 09:40:21 +01:00
Nils Hanke
f67594a5ea docs: adjust wording for resource provider troubleshooting 2023-03-01 16:10:06 +01:00
renovate[bot]
21ccd861ae
deps: update K8s dependencies (#1314)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 14:52:19 +01:00
Nils Hanke
b327287577
docs: mention resource provider registration for Azure (#1308)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-01 14:35:46 +01:00
Nils Hanke
c9ddc93d55 cli: allow existing config for IAM creation without --generate-config 2023-03-01 13:53:34 +01:00
Paul Meyer
f9bb7c5f34
ci: frequently build up to date gcp guest-agent (#1315)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 13:52:52 +01:00
Malte Poll
fc33a74c78
constants: make VersionInfo readonly (#1316)
The variable VersionInfo is supposed to be set by `go build -X ...` during link time but should not be modified at runtime.
This change ensures the underlying var is private and can only be accessed by a public getter.
2023-03-01 11:55:12 +01:00
renovate[bot]
0157537852
deps: update Kubernetes versions (#1313)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-03-01 11:41:11 +01:00
Paul Meyer
d0109b833e
disk-mapper: make openstack image bootable (#1312)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-01 10:39:32 +01:00
Malte Poll
4e202fa483
cli: set constellation uid and role as instance metadata of OpenStack instances (#1311) 2023-03-01 08:48:17 +01:00
Paul Meyer
8c171a1b66
ci: pin ko version (#1309)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-28 18:53:28 +01:00
Paul Meyer
060faae528
config: use toPtr func to get pointers (#1287)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-28 18:44:21 +01:00
Paul Meyer
483c0b47fe
docs: update cli reference (#1293)
Co-authored-by: derpsteb <derpsteb@users.noreply.github.com>
2023-02-28 18:40:10 +01:00
renovate[bot]
3d4b37e4ea
deps: update module github.com/imdario/mergo to v0.3.13 (#1299)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:34:16 +01:00
renovate[bot]
33958b2ad7
deps: update module github.com/leodido/go-urn to v1.2.2 (#1301)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:32:53 +01:00
renovate[bot]
2f52091326
deps: update Constellation containers to v2.6.0-pre.0.20230228093604-90ed4701788f (#1288)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:32:02 +01:00
renovate[bot]
f6946cf475
deps: update module github.com/coreos/go-semver to v0.3.1 (#1298)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:30:56 +01:00
renovate[bot]
6ab83a6cc7
deps: update module github.com/kr/pretty to v0.3.1 (#1300)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-28 17:26:50 +01:00
Daniel Weiße
b3486fc32b
intenal: add logging to attestation issuer (#1264)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-28 16:34:18 +01:00
renovate[bot]
af8c6e70ad
deps: update module github.com/sigstore/sigstore to v1.6.0 (#1306)
* deps: update module github.com/sigstore/sigstore to v1.6.0
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
2023-02-28 15:47:08 +01:00
Fabian Kammel
e45312250e
Gather additional information on test failure. (#1282)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-28 15:19:12 +01:00
renovate[bot]
6b37f2049f
deps: update module github.com/zclconf/go-cty to v1.13.0 (#1307)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:18:51 +01:00
renovate[bot]
46672ff039
deps: update module github.com/shopspring/decimal to v1.3.1 (#1305)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 15:17:21 +01:00
renovate[bot]
c61e117b8c
deps: update module github.com/acomagu/bufpipe to v1.0.4 (#1302)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:42:23 +01:00
renovate[bot]
800acdeb3f
deps: update module github.com/rivo/uniseg to v0.4.4 (#1304)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:40:00 +01:00
renovate[bot]
9ee92ba7c8
deps: update module github.com/go-git/go-billy/v5 to v5.4.1 (#1303)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 13:25:47 +01:00
renovate[bot]
0664c83c73
deps: update module github.com/hashicorp/go-retryablehttp to v0.7.2 (#1295)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 12:00:31 +01:00
renovate[bot]
2c6cc2247e
deps: update module github.com/go-playground/validator/v10 to v10.11.2 (#1294)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 11:19:26 +01:00
renovate[bot]
f91575a739
deps: update module github.com/google/trillian to v1.5.1 (#1291)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:51:23 +01:00
Moritz Sanft
a2096c2e33
docs: add docs on general Terraform usage (#1263)
* add docs on general tf usage

* reminder to not delete terraform dir

* fix spelling check

* add to sidebar

* reference terraform page

* embed link into natural language

* mention iam folder

* separate hack tools from official tf docs

* assume familiarity with tf
2023-02-28 10:36:20 +01:00
Moritz Sanft
90ed470178
internal: add custom version type (#1256)
* add custom version type

* extend functionality

* adapt to requested changes

* move to own package

* remove duplicate tests, rename package

* not handle err
2023-02-28 10:36:04 +01:00
Otto Bittner
984f0589d2
cli: upgrade errors for microservice (#1259)
Handle invalid upgrade errors similarly as for images and k8s.
2023-02-28 10:23:09 +01:00
renovate[bot]
6b9065b444
deps: update module github.com/google/certificate-transparency-go to v1.1.4 (#1290)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:14:09 +01:00
renovate[bot]
b5879941b3
deps: update module github.com/pborman/uuid to v1.2.1 (#1289)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-28 10:13:22 +01:00
Moritz Sanft
732d15d013
ci: use iam destroy command for resource destruction (#1272)
* replace tf destruction with new command

* move iam destroy cmd

* fix typos

* exit post test on error

* [remove] test failure on iam destroy

* Revert "[remove] test failure on iam destroy"

This reverts commit 99449c0cc0.

* [remove] test failure on terminate

* Revert "[remove] test failure on terminate"

This reverts commit 99c45bbc54.

* gofumpt
2023-02-28 09:52:32 +01:00
Paul Meyer
ca1a594f04
docs: update cli reference (#1292) 2023-02-28 09:31:44 +01:00
Malte Poll
b79f7d0c8c
cli: add basic support for constellation create on OpenStack (#1283)
* image: support OpenStack image build / upload

* cli: add OpenStack terraform template

* config: add OpenStack as CSP

* versionsapi: add OpenStack as CSP

* cli: add OpenStack as provider for `config generate` and `create`

* disk-mapper: add basic support for boot on OpenStack

* debugd: add placeholder for OpenStack

* image: fix config file sourcing for image upload
2023-02-27 18:19:52 +01:00
Nils Hanke
b013a7ab32 image: update to Linux 6.1.14 for Azure 2023-02-27 17:04:24 +01:00
Otto Bittner
6c07a2892e ci: adapt pipeline to use --kubernetes flag 2023-02-27 16:33:47 +01:00
Otto Bittner
d98f86686d versions: let renovate update valid k8s versions
Also update lagging v1_24
2023-02-27 16:33:47 +01:00
Otto Bittner
08ee56911b cli: overwrite chart versions during install/upgrade
* As charts receive information like the container image from
the cli it makes sense to also version the charts based on the cli
version.
* The pseudoversion is recalculated when running cmake.
* When merging changes from release branch to main,
a new commit is introduced to set the PROJECT_VERSION back
to 0.0.0, so that builds include a pseudoversion.
2023-02-27 16:06:35 +01:00
Otto Bittner
948a12461c build: introduce pseudoversion for cli versions
All binaries that receive a version number during build
now receive a pseudoversion from hack/pseudo-version.
This makes any version-dependant behavior more similar
between dev and release versions. And in turn makes testing
easier.
2023-02-27 16:06:35 +01:00
github-actions[bot]
95a6bd8030
docs: update cli reference (#1254)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-27 15:36:45 +01:00
Paul Meyer
4f480db77a
ci: ensure ci prs trigger workflows (#1279)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-27 15:16:07 +01:00
Otto Bittner
05823680f3
ci: fix release pipeline (#1253)
* add pull-request permission to docs job
* readd permission for micro-services step
* run checkout action before building
* allow crane to read packages
2023-02-27 10:49:52 +01:00
renovate[bot]
83bea18a4f
deps: update fedora:37 Docker digest (#1274)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-24 17:46:17 +01:00
renovate[bot]
c9f131467e
deps: update AWS SDK (#1240)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-24 17:27:49 +01:00