Commit Graph

3067 Commits

Author SHA1 Message Date
Thomas Tendyck
17c45bc881 Update release.md 2023-05-05 10:57:32 +02:00
Daniel Weiße
c3b13178aa
docs: add short explanation on attestation config options (#1654)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-04 15:00:06 +02:00
Otto Bittner
1f49c815b2
ci: update measurement overwrite for config v3 (#1731) 2023-05-04 11:32:52 +02:00
Paul Meyer
b76583e4a0
ci: fix e2e miniconstellation abort condition (#1728)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-04 08:16:31 +02:00
Malte Poll
56635c3993 cli: deploy yawol as OpenStack loadbalancer 2023-05-03 21:45:59 +02:00
Malte Poll
0ebe6e669d cli: add yawol helm charts 2023-05-03 21:45:59 +02:00
Paul Meyer
ab74958b4a
ci: fix e2e release abort condition (#1726)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-03 18:18:16 +02:00
Otto Bittner
d5fa614df1
cli: remove ambiguity in path for CR backups (#1719)
During upgrade all custom resources are backed up to files on the
local file system. Since old versions are also backed up, we need to
reflect the version in the name.
2023-05-03 14:36:57 +02:00
Malte Poll
d2cbf3dc83
ci: skip e2e tests if caller was not successful (#1714) 2023-05-03 11:40:09 +02:00
Daniel Weiße
d7a2ddd939
config: add separate option for handling attestation parameters (#1623)
* Add attestation options to config

* Add join-config migration path for clusters with old measurement format

* Always create MAA provider for Azure SNP clusters

* Remove confidential VM option from provider in favor of attestation options

* cli: add config migrate command to handle config migration (#1678)

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-05-03 11:11:53 +02:00
Malte Poll
6027b066e5
bazel: don't exit early in workspace_status.sh (#1713) 2023-05-02 16:57:08 +02:00
renovate[bot]
e9103cad0a
deps: update Constellation containers to v2.7.0-pre.0.20230405123345-6bf3c63115a5 (#1563)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-05-02 15:04:31 +02:00
Malte Poll
cb6cc8df22
image: fix pcr 12 calculation (#1706)
Kernel cmdline embedded in UKIs had no null terminator before. With newer versions of mkosi, it is already null-terminated so we shouldn't null terminate it twice.
2023-05-02 12:01:30 +02:00
Otto Bittner
1180b376fa ci: only add tf-log flag if the binary supports it
We sometimes run older CLI versions in the CI. Those versions
may not support the flag.
2023-05-02 11:08:40 +02:00
Otto Bittner
3770cada91 cli: create namespaced folders for upgrade backups
Resource names are only unique per kind+ns. Without this patch it
might happen that there are two resources with the same name
in different namespaces. Upgrade might fail in that case.
2023-05-02 11:08:40 +02:00
Paul Meyer
7ab23c28b8 Revert "misc: replace sha256sum with shasum -a 256 (#1681)"
This reverts commit ec1d5e9fb5.

While the change enabled shasum calculation on mac, it broke it
on some Linux distros.
2023-05-02 11:07:05 +02:00
Paul Meyer
7d55e67f5c tools: use either sha256sum or shasum
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-05-02 11:07:05 +02:00
Otto Bittner
5deccc3d01 ci: push images in e2e-upgrade 2023-04-28 15:48:12 +02:00
Otto Bittner
caa0732955 hack: fix v-prefixing in pseudo-version tool
pre-release versions and release versions behaved differently.
This lead to a duplicate v prefix in the cli's version.
2023-04-28 15:48:12 +02:00
Otto Bittner
e72fb954f1 ci: e2e-upgrade, case-insensitive string compare 2023-04-28 15:48:12 +02:00
Otto Bittner
481eeeaf3e ci: add simulatedTargetVersion to e2e-upgrade
This allows us to build a CLI that reports the given version during
an upgrade test. With this we can test patch upgrades.
2023-04-28 15:48:12 +02:00
Otto Bittner
4a0d531821 upgrade: fix 2.6 -> 2.7 migration for 2.7.1 patch
Also correctly set microservice version from config.
Previously the key was ignored and microservices were always
tried for an upgrade.
2023-04-28 15:48:12 +02:00
Paul Meyer
1d24036f21
ci: fix os image build schedule (#1703)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-28 12:57:11 +02:00
Malte Poll
635b98a34f
ci: rename all usages of bazel push target from //:push to //bazel/release:push (#1701) 2023-04-28 09:26:15 +02:00
edgelessci
1ea060e873
image: update measurements and image version (#1700)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-28 08:02:19 +02:00
renovate[bot]
84c7550f37
deps: update Kubernetes versions (#1688)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 18:04:01 +02:00
renovate[bot]
4cfa7a0306
deps: update golang.org/x/exp digest to 47ecfdc (#1690)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 17:51:46 +02:00
renovate[bot]
e09243bfb3
deps: update fedora:37 Docker digest to e734322 (#1689)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 17:51:14 +02:00
renovate[bot]
fa4c6201b0
deps: update golang:1.20.3 Docker digest to 403f486 (#1691)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 17:50:46 +02:00
renovate[bot]
686bb4eb0a
deps: update ubuntu:20.04 Docker digest to db8bf6f (#1692)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 17:50:20 +02:00
Moritz Sanft
261fe611a9
ci: add Terraform logging (#1665)
* enable Terraform logging

* change to debug level

* rename artifact

* add name suffix

* remove blank line
2023-04-27 14:03:49 +02:00
Leonard Cohnen
1825c11790 docs: remove second build documentation 2023-04-27 13:04:40 +02:00
Leonard Cohnen
f3dc37293f docs: align container_prefix suggestion 2023-04-27 13:04:40 +02:00
3u13r
074844d0cb
terraform: fix aws worker node permission (#1683) 2023-04-27 11:52:32 +02:00
3u13r
1bdf410b52
bazel: allow custom container_prefix (#1693)
* build: allow custom container registry

* build: fix .bazeloverwriterc import
2023-04-27 11:52:02 +02:00
Paul Meyer
12216ea997
ci: prevent google auth warnings when reauthenticating (#1697)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 10:55:57 +02:00
Malte Poll
0c206e62d0
deps: rename bazel-zig-cc to hermetic_cc_toolchain (#1695) 2023-04-27 10:27:43 +02:00
Paul Meyer
bf051174f6 ci: update measurements and image version
on scheduled build

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 10:20:27 +02:00
Paul Meyer
82d0475e2a ci: don't pick from release to main
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-27 10:20:27 +02:00
Malte Poll
c11a3f4460
cli: configurable state disk type on OpenStack (#1686) 2023-04-27 09:08:43 +02:00
Malte Poll
ec1d5e9fb5
misc: replace sha256sum with shasum -a 256 (#1681) 2023-04-26 13:40:18 +02:00
Moritz Sanft
53d8a2d67e
bazel: fix MacOS builds (#1680)
* allow arm64 arch

* switch to shasum command
2023-04-26 08:54:20 +02:00
Malte Poll
84dd25600f
image: upgrade mkosi to support repart (#1684) 2023-04-25 18:22:40 +02:00
Malte Poll
ded8abeacc
ci: limit prefix length of AWS IAM resources (#1674) 2023-04-25 13:29:07 +02:00
Otto Bittner
c962e1745f
ci: add missing permissions for e2e-upgrade job (#1679)
Missed a spot..
2023-04-24 13:49:02 +02:00
Otto Bittner
e6d5c2f116 ci: remove obsolete env variables
these variables influence the azure cli auth behavior.
we now use OIDC as login mechanism.
2023-04-24 12:38:08 +02:00
Otto Bittner
840eb401c6 ci: add missing permissions to workflows
+ packages: write
+ checks: write
2023-04-24 12:38:08 +02:00
Malte Poll
dc5e6f30a9
ci: login to container registry before pushing containers (#1676) 2023-04-21 11:05:08 +02:00
Daniel Weiße
1ebc553365
kubernetes: update CSI driver versions to v1.2.0 (#1657)
* Update CSI charts

* Update CSI tests

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-04-21 11:03:35 +02:00
Moritz Sanft
478b6ddb72
add terraform debug docs (#1627) 2023-04-21 08:43:27 +02:00