Commit Graph

1905 Commits

Author SHA1 Message Date
Otto Bittner
3b59ebfd53
config: detailed validation errors for k8s version (#1018)
These extended error messages help users in understanding
what is wrong with the current configuration and how to
remediate the issue.
2023-01-23 11:21:06 +01:00
3u13r
03154c6e64
docs: document terraform support (#1037) 2023-01-23 10:37:28 +01:00
Moritz Sanft
2f2e793810
AB#2834 add go package doc to iamid (#1054) 2023-01-23 08:53:25 +01:00
renovate[bot]
9f05631afd
deps: update Constellation containers (#1052)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-21 20:17:07 +01:00
Paul Meyer
c4d68d1c28 versions: update key-service name
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-21 19:55:14 +01:00
Moritz Sanft
b8648261e3
cli: fix Terraform resource group dependencies (#1048) 2023-01-20 18:59:59 +01:00
renovate[bot]
6708aff984
deps: update dependency kubernetes/kubernetes to v1.24.10 (#1043)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 18:54:10 +01:00
Paul Meyer
a8cbfd848f
keyservice: use dash in container name (#1016)
Co-authored-by: Otto Bittner <cobittner@posteo.net>
2023-01-20 18:51:06 +01:00
3u13r
effe797d81
operator: cleanup resources between tests (#1049) 2023-01-20 16:58:13 +01:00
leongross
bb6f35fbf4
docs: update security issue warning to use Github warning banner (#1050) 2023-01-20 16:17:39 +01:00
Fabian Kammel
8482d26eef
deps: update cloud provider gcp image for k8s v1.26 (#1051)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-20 15:54:24 +01:00
renovate[bot]
7b012e72b9
deps: update Azure SDK (#1004)
* deps: update Azure SDK
* deps: tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-20 15:42:06 +01:00
Malte Poll
ac3b2f417f
debugd: adapt README to set global image field in config (#992) 2023-01-20 15:41:33 +01:00
Fabian Kammel
582412d275
Fix GCP CCM build, add v26, and exclude old broken versions until fixed. (#1038)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-01-20 15:17:00 +01:00
Paul Meyer
a31d79e9cb ci: curl flags
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 14:23:32 +01:00
Paul Meyer
a6d35c6fd1 ci: move apko building into separate script
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 09:52:17 +01:00
renovate[bot]
9b4dc9b478
Update Constellation containers to v2.5.0-pre.0.20230119145750-690b50b29de5 (#1039)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 09:51:29 +01:00
Paul Meyer
b5340280f0 ci: update renovate pr title
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 18:47:49 +01:00
Malte Poll
58cc67c736
image: upgrade azure kernel to 6.1.7 (#1027) 2023-01-19 18:03:56 +01:00
renovate[bot]
99496c3c33
Update Kubernetes versions (#1019)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 17:16:00 +01:00
renovate[bot]
d4722b434e
Update Terraform aws to v4.50.0 (#1015)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 17:09:01 +01:00
Paul Meyer
71708a967c ci: run tests on workflow file change
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 16:47:47 +01:00
Daniel Weiße
690b50b29d
dev-docs: Go package docs (#958)
* Remove unused package

* Add Go package docs to most packages

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-01-19 15:57:50 +01:00
Paul Meyer
b7740723ac ko: fix typo
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 15:28:00 +01:00
Paul Meyer
acc3f64dee ci: only build apko base images on change
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 15:18:26 +01:00
Paul Meyer
80e51d59c1 apko: use released alpine version
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 15:18:26 +01:00
Paul Meyer
97ba51455a ko: pin base image
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 15:18:26 +01:00
Otto Bittner
a0ac957227 versions: update join- & keyservice images 2023-01-19 13:14:55 +01:00
Otto Bittner
9a1f52e94e Refactor init/recovery to use kms URI
So far the masterSecret was sent to the initial bootstrapper
on init/recovery. With this commit this information is encoded
in the kmsURI that is sent during init.
For recover, the communication with the recoveryserver is
changed. Before a streaming gRPC call was used to
exchanges UUID for measurementSecret and state disk key.
Now a standard gRPC is made that includes the same kmsURI &
storageURI that are sent during init.
2023-01-19 13:14:55 +01:00
Otto Bittner
0e71322e2e keyservice: move kms code to internal/kms
Recovery (disk-mapper) and init (bootstrapper)
will have to work with multiple external KMSes
in the future.
2023-01-19 13:14:55 +01:00
Thomas Tendyck
59664f7020 Update CODEOWNERS 2023-01-19 12:47:05 +01:00
Paul Meyer
5dc080c3b3 ci: only run CodeQL on main
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 12:16:40 +01:00
renovate[bot]
645e2445d1
Update module golang.org/x/tools to v0.5.0 (#1024)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 11:44:59 +01:00
Moritz Sanft
ae2db08f3a
ci: add e2e test for constellation recover (#845)
* AB#2256 Add recover e2e test

* AB#2256 move test & fix minor objections

* AB#2256 fix path

* AB#2256 rename hacky filename
2023-01-19 10:41:07 +01:00
Paul Meyer
2cee7cb454 ci: run CodeQL only on Go/Python changes
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-19 10:34:36 +01:00
renovate[bot]
076909f645
Update module github.com/medik8s/node-maintenance-operator to v0.14.0 (#1023)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-19 10:27:09 +01:00
Moritz Sanft
88bbfb2065
docs: add docs for automatic config filling of iam values (#1000)
* AB#2821 iam config filling docs

* AB#2821 rephrasing
2023-01-19 10:24:58 +01:00
Moritz Sanft
df0fe7178c
Adapt to new measurements format (#999) 2023-01-19 10:14:10 +01:00
Nils Hanke
2c6a3c398f ci: remove unnecessary checkout 2023-01-18 18:53:29 +01:00
Nils Hanke
b52c917dc6 ci: downgrade Syft to 0.65.0 2023-01-18 18:53:29 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action (#1011) 2023-01-18 17:33:10 +01:00
renovate[bot]
90ea35ae35
Update Constellation containers to v2.5.0-pre.0.20230118154955-632090c21b93 (#1014)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-18 17:28:04 +01:00
renovate[bot]
30b22cd17f
Update GitHub action dependencies (#1007)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:04:46 +01:00
Paul Meyer
8e18c7012c ci: install shellcheck using the action
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 17:02:40 +01:00
3u13r
632090c21b
azure: allow a set of idkeydigest values (#991) 2023-01-18 16:49:55 +01:00
Nils Hanke
a3db3c8424
cli: debug: various improvements (#995) 2023-01-18 13:10:24 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation (#1005) 2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
41690288a1 ci: remove unneeded brackets in if statements
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
renovate[bot]
f5623fee5a
Update module github.com/sigstore/sigstore to v1.5.1 (#1006)
* Update module github.com/sigstore/sigstore to v1.5.1
* deps: tidy all modules
2023-01-18 10:19:31 +01:00