Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
345 Commits 133 Branches 44 Tags 106 MiB
f9a581f329
Commit Graph

17 Commits

Author SHA1 Message Date
Daniel Weiße
f9a581f329 Add aTLS endpoint to KMS (#236) 
* Move file watcher and validator to internal

* Add aTLS endpoint to KMS for Kubernetes external requests

* Update Go version in Dockerfiles

* Move most KMS packages to internal

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-06-29 16:13:01 +02:00
Daniel Weiße
042f668d20 AB#2190 Verification service (#232) 
* Add verification service

* Update verify command to use new Constellation verification service

* Deploy verification service on cluster init

* Update pcr-reader to use verification service

* Add verification service build workflow

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-06-28 17:03:28 +02:00
Christoph Meyer
9441e46e4b AB#2033 Remove redundant "failed" in error wrapping 
Remove "failed" from wrapped errors
Where appropriate rephrase "unable to/could not" to "failed" in root
errors
Start error log messages with "Failed"
 2022-06-22 12:02:10 +01:00
Daniel Weiße
e6b1156849 AB#2169 Implement control-plane activation in activation service (#217) 
* Implement Control Plane activation flow

* Rename Activation RPCs

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-06-21 11:10:32 +02:00
Daniel Weiße
4842d29aff AB#2111 Deploy activation service on cluster init (#205) 
* Deploy activation service on cluster init

* Use base image with CA certificates for activation service

* Improve KMS server 

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-06-15 16:00:48 +02:00
Nils Hanke
f0b8412ef8 constellation-access-manager: Persistent SSH as ConfigMap (#184) 2022-06-13 16:23:19 +02:00
Leonard Cohnen
791d5564ba replace flannel with cilium 2022-06-02 13:08:25 +02:00
Christoph Meyer
db5468a886 Deploy KMS server image in Constellation 
Add image pull secret for ghcr.io
 2022-05-31 11:13:26 +02:00
Moritz Eckert
6dc97590fe Enable and configure k8s audit-log (#160) 
* Enable and configure k8s audit-log

* Update coordinator/kubernetes/k8sapi/kubeadm_config.go

Co-authored-by: Malte Poll <mp@edgeless.systems>

* add mount point for audit log dir in kubeadm conf

* Mount audit policy into kube-apiserver static pod

* Write default auditpolicy on cluster init / cluster join

Co-authored-by: Malte Poll <mp@edgeless.systems>
 2022-05-20 17:30:37 +02:00
Daniel Weiße
29206ac845 Use any instead of interface 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2022-05-04 08:48:31 +02:00
datosh
51068abc27 Ref/want err from err expected (#82) 
consistent naming for test values using 'want' instead of 'expect/ed'
 2022-04-26 16:54:05 +02:00
Malte Poll
1e7794b4c2 Add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment 2022-03-29 15:13:30 +02:00
Malte Poll
f5eddf8af0 Cloud providers: Add CloudNodeManager 2022-03-28 13:35:21 +02:00
Malte Poll
2158377f9f Cloud providers: Extend CCM with ExtraArgs / ConfigMaps / Secrets / Volumes / VolumeMounts and provide CloudServiceAccountURI 2022-03-28 13:35:21 +02:00
Malte Poll
bf726ebd87 k8s resource marshaler tests 2022-03-28 13:35:21 +02:00
Malte Poll
2ab846dd1a Extend k8s resource marshaling to slices 2022-03-28 13:35:21 +02:00
Leonard Cohnen
2d8fcd9bf4 monorepo 
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
 2022-03-22 16:09:39 +01:00