Otto Bittner
c0a62a52d1
config: allow k8s version MAJOR.MINOR for v2.6 ( #1222 )
...
To adhere to our compatibility goal of not breaking
old configs, the kubernetes patch version is automatically
extended for configs in the transistional version v2.6.
2023-02-20 10:50:55 +01:00
Fabian Kammel
b6b353c53e
docs: mention 'needs-backport' label in release process ( #1216 )
...
* Mention 'needs-backport' label in release docs.
* Add missing version prefix.
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-20 10:44:16 +01:00
Otto Bittner
87fdb47caa
cli: upgrade apply uses correct measurements key ( #1223 )
...
Apply still used the obsolete upgrade key's measurements.
The new, desired behavior is to use the Provider's measurements
key
2023-02-20 10:32:33 +01:00
Thomas Tendyck
91c251090f
Fix links and clean lycheeignore ( #1219 )
...
* docs: fix links to cilium docs
* docs: clean lycheeignore
* docs: remove link to no longer existing blog post
2023-02-19 21:45:20 +01:00
stdoutput
013be33143
fix terminate docs filename
2023-02-19 16:23:15 +01:00
Moritz Sanft
782b4ec680
extend docs on terraform iam resource destruction ( #1217 )
2023-02-19 13:17:26 +01:00
renovate[bot]
93f97cb320
deps: update Constellation containers ( #1211 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-17 11:41:48 +01:00
Otto Bittner
68b4b95741
ci: use correct container name to tag joinservice
2023-02-17 11:17:26 +01:00
Fabian Kammel
656e109e17
fix: upload signature of measurements. ( #1213 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-17 10:53:57 +01:00
renovate[bot]
61e0057043
deps: update module helm.sh/helm/v3 to v3.11.1 [SECURITY] ( #1156 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-17 10:42:48 +01:00
edgelessci
70ccaf98a9
deps: update apk package hashes ( #1210 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-17 10:39:39 +01:00
Moritz Sanft
c3347f2eb5
rfc: specify cli version api ( #1175 )
...
* add cli compatibility api rfc
* fix typos
* rewording
2023-02-17 10:32:48 +01:00
Daniel Weiße
f70447bf7d
Allow unset 'name' key but print warning if unset ( #1208 )
...
* Allow unset name key in config but print warning if unset
* Print deprecation warnings for config to os.Stderr
---------
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-17 09:05:42 +01:00
Daniel Weiße
d90828cb3c
Fix incorrect output for single worker/control-plane clusters ( #1209 )
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-17 08:15:17 +01:00
Thomas Tendyck
292f8eef21
attestation: remove VerifyUserData
2023-02-16 16:29:20 +01:00
Thomas Tendyck
dd7d6334ba
attestation: bind user data to PCR state
2023-02-16 16:29:20 +01:00
Fabian Kammel
5e7dc0d7db
Option to disable spinner via environment variable. ( #1207 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2023-02-16 15:43:19 +01:00
renovate[bot]
35a58316f4
deps: update K8s dependencies ( #766 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-16 15:20:36 +01:00
renovate[bot]
0e35649724
deps: update Azure SDK ( #1206 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-16 14:47:24 +01:00
Otto Bittner
9bf9326227
hack: add api module to container during build
2023-02-16 12:25:11 +01:00
derpsteb
d0daf26da7
docs: update cli reference
2023-02-16 08:54:47 +01:00
Otto Bittner
f757b5bf56
hack: add AGPL license to api submodule
...
Also adapt check-licenses script to allow AGPL for api module.
2023-02-15 16:44:47 +01:00
Otto Bittner
50646b2a10
cli: refactor upgrade apply
cmd to match name
...
* `upgrade apply` will try to make the locally configured and
actual version in the cluster match by appling necessary
upgrades.
* Skip image or kubernetes upgrades if one is already
in progress.
* Skip downgrades/equal-as-running versions
* Move NodeVersionResourceName constant from operators
to internal as its needed in the CLI.
2023-02-15 16:44:47 +01:00
Otto Bittner
3cebd68c24
kubernetes: move k8s-components creation to internal
...
The CLI will have to create similar objects for k8s upgrades.
2023-02-15 16:44:47 +01:00
Otto Bittner
7db584a88e
cli: move upgradeApply logic into separate functions
...
* introduce handleImageUpgrade & handleServiceUpgrade
* rename cloudUpgrader.Upgrade to UpgradeImage
* remove helm flag
* remove hint about development status
2023-02-15 16:44:47 +01:00
Otto Bittner
91e27ac186
cli: rename upgrade execute
to upgrade apply
2023-02-15 16:44:47 +01:00
Nils Hanke
109177880e
image: upgrade to Linux 6.1.12 for Azure ( #1184 )
2023-02-15 15:00:05 +01:00
renovate[bot]
7500112d37
deps: update GitHub action dependencies ( #1201 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:47:42 +01:00
renovate[bot]
aadd75fffd
deps: update gcr.io/distroless/static:nonroot Docker digest to 116ec02 ( #1200 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:27:48 +01:00
Moritz Sanft
84359063fc
cli: add missing gcp values to config ( #1149 )
...
* improve iam value output
* remove duplicate prints
2023-02-15 14:24:52 +01:00
renovate[bot]
d2bf2f1108
deps: update module go.uber.org/goleak to v1.2.1 ( #1194 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 14:00:02 +01:00
Otto Bittner
33a884d4e4
cli: prefix "v" to cli version in versionCollector
...
No new images will be found unless this is set
2023-02-15 13:36:16 +01:00
Otto Bittner
b4ef4ec370
config: conditionally set default microserviceVersion
2023-02-15 13:36:16 +01:00
Otto Bittner
6f9d76dd6e
compatibility: allow newer patch versions for images
...
Validation incorrectly prevented newer patch versions for images.
2023-02-15 13:36:16 +01:00
Otto Bittner
2a0b56f7b8
config: improve error message for outdated CLIs
2023-02-15 13:36:16 +01:00
renovate[bot]
e600795239
deps: update gcr.io/distroless/static Docker digest to 0511233 ( #1193 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 13:34:27 +01:00
edgelessci
d60eb63671
deps: update apk package hashes ( #1181 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 13:29:41 +01:00
renovate[bot]
1732795345
deps: update fedora:37 Docker digest ( #1192 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 13:28:53 +01:00
renovate[bot]
a7b3a9876b
deps: update Constellation containers to v2.6.0-pre.0.20230215104228-2042e6b3382f ( #1185 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 13:13:54 +01:00
Otto Bittner
2042e6b338
config: only print upgrade deprecation msg if key is set
2023-02-15 11:42:28 +01:00
Otto Bittner
7454b69f13
cli: helm: prepare values for upgrade correctly
...
Previously the chart's values were not set, relying on the
values that are already present in the cluster and reusing
those. This does not work as e.g. the image values
are only set while loading the charts. Also, the templates
are not rendered correctly without all values set.
2023-02-15 11:41:54 +01:00
Otto Bittner
4855b20093
cli: helm: move csp into ChartLoader object
2023-02-15 11:41:54 +01:00
Otto Bittner
1728633646
cli: helm: separate user input from static loading
...
Because values in the charts might change in the future and
some values (like the image) are part of a valid upgrade we
need to load all values for an upgrade.
However, during upgrades we don't want to reapply user
input like the masterSecret. Therefore this patch splits the
application of user input and the static loading of chart values.
2023-02-15 11:41:54 +01:00
Otto Bittner
69a384d978
compatibility: error message wording
...
The new description represents the error condition more accurately.
2023-02-15 11:41:54 +01:00
Otto Bittner
03de71fdd2
ci: do not overwrite warnOnly measurements flag
...
The image-api's measurement.json includes a setting for warnOnly
that should be followed by default. Enforcing all measurments is
currently not possible as some of them are unstable.
2023-02-15 10:35:30 +01:00
Otto Bittner
f97d351ad2
ci: add force flag to remaining constellation cmds
...
In the CI most configs use prerelease images. Config validation
prevents this. Therefore we need to use the force flag for now.
2023-02-15 10:35:30 +01:00
renovate[bot]
449d0e5b7a
deps: update golang Docker tag to v1.20.1 ( #1190 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-15 10:14:38 +01:00
Malte Poll
77216f7492
deps: vendor node-maintenance-operator api ( #1172 )
...
* deps: go generate script to vendor node-maintenance-operator api folder
* deps: vendor node-maintenance-operator api folder
* operators: use vendored node-maintenance-operator api
* ci: ignore 3rdparty dir for license check
2023-02-14 18:46:48 +01:00
renovate[bot]
241d667758
deps: update K8s constrained Azure versions ( #1129 )
...
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-14 15:18:55 +01:00
Paul Meyer
c7465eaf81
apko: remove unused libcrypt base image
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-14 09:16:59 -05:00