Compare commits
16 Commits
75111120c0
...
051c43cf04
Author | SHA1 | Date |
---|---|---|
renovate[bot] | 051c43cf04 | |
renovate[bot] | 09857d4636 | |
Malte Poll | 1c0c7d6227 | |
renovate[bot] | adf03ad76c | |
Daniel Weiße | 86c45d1d5f | |
Daniel Weiße | a15cf54477 | |
Daniel Weiße | edc0c7068e | |
Thomas Tendyck | 012937740f | |
3u13r | ecebd607c5 | |
edgelessci | 3241e5a126 | |
miampf | bd26cb592d | |
Daniel Weiße | f6999084c9 | |
Daniel Weiße | 47fbbd42a9 | |
edgelessci | 96b71b0205 | |
Daniel Weiße | 35bd805bec | |
Daniel Weiße | 259e85d9c1 |
|
@ -16,11 +16,11 @@ inputs:
|
|||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Install unzip
|
||||
- name: Install 7zip
|
||||
uses: ./.github/actions/setup_bazel_nix
|
||||
with:
|
||||
nixTools: |
|
||||
unzip
|
||||
_7zz
|
||||
|
||||
- name: Create temporary directory
|
||||
id: tempdir
|
||||
|
@ -28,7 +28,7 @@ runs:
|
|||
run: echo "directory=$(mktemp -d)" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Download the artifact
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
path: ${{ steps.tempdir.outputs.directory }}
|
||||
|
@ -37,4 +37,4 @@ runs:
|
|||
shell: bash
|
||||
run: |
|
||||
mkdir -p ${{ inputs.path }}
|
||||
unzip -P '${{ inputs.encryptionSecret }}' -qq -d ${{ inputs.path }} ${{ steps.tempdir.outputs.directory }}/archive.zip
|
||||
7zz x -p'${{ inputs.encryptionSecret }}' -t7z -o"${{ inputs.path }}" ${{ steps.tempdir.outputs.directory }}/archive.7z
|
||||
|
|
|
@ -22,11 +22,11 @@ inputs:
|
|||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Install zip
|
||||
- name: Install 7zip
|
||||
uses: ./.github/actions/setup_bazel_nix
|
||||
with:
|
||||
nixTools: |
|
||||
zip
|
||||
_7zz
|
||||
|
||||
- name: Create temporary directory
|
||||
id: tempdir
|
||||
|
@ -37,10 +37,8 @@ runs:
|
|||
shell: bash
|
||||
run: |
|
||||
shopt -s extglob
|
||||
|
||||
paths="${{ inputs.path }}"
|
||||
paths=${paths%$'\n'} # Remove trailing newline
|
||||
|
||||
# Check if any file matches the given pattern(s).
|
||||
something_exists=false
|
||||
for pattern in ${paths}
|
||||
|
@ -49,7 +47,6 @@ runs:
|
|||
something_exists=true
|
||||
fi
|
||||
done
|
||||
|
||||
# Create an archive if files exist.
|
||||
# Don't create an archive file if no files are found
|
||||
# and warn.
|
||||
|
@ -58,19 +55,18 @@ runs:
|
|||
echo "::warning:: No files/directories found with the provided path(s): ${paths}. No artifact will be uploaded."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
for target in ${paths}
|
||||
do
|
||||
pushd "$(dirname "${target}")" || exit 1
|
||||
zip -e -P '${{ inputs.encryptionSecret }}' -r "${{ steps.tempdir.outputs.directory }}/archive.zip" "$(basename "${target}")"
|
||||
7zz a -p'${{ inputs.encryptionSecret }}' -t7z -ms=on -mhe=on "${{ steps.tempdir.outputs.directory }}/archive.7z" "$(basename "${target}")"
|
||||
popd || exit 1
|
||||
done
|
||||
|
||||
- name: Upload archive as artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
path: ${{ steps.tempdir.outputs.directory }}/archive.zip
|
||||
path: ${{ steps.tempdir.outputs.directory }}/archive.7z
|
||||
retention-days: ${{ inputs.retention-days }}
|
||||
if-no-files-found: ignore
|
||||
overwrite: ${{ inputs.overwrite }}
|
||||
|
|
|
@ -79,7 +79,7 @@ runs:
|
|||
# once it has the functionality
|
||||
- name: Install Cosign
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Install Rekor
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
|
|
|
@ -62,7 +62,7 @@ runs:
|
|||
|
||||
- name: Build and push container image
|
||||
id: build-micro-service
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: .
|
||||
file: ${{ inputs.dockerfile }}
|
||||
|
|
|
@ -262,7 +262,7 @@ runs:
|
|||
mkdir to-zip
|
||||
cp -r constellation-terraform to-zip
|
||||
cp -r constellation-iam-terraform to-zip
|
||||
rm to-zip/constellation-terraform/plan.zip
|
||||
rm -f to-zip/constellation-terraform/plan.zip
|
||||
rm -rf to-zip/constellation-terraform/.terraform to-zip/constellation-iam-terraform/.terraform
|
||||
|
||||
- name: Upload terraform state
|
||||
|
|
|
@ -17,7 +17,7 @@ runs:
|
|||
steps:
|
||||
- name: Use docker for logging in
|
||||
if: runner.os != 'macOS'
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
|
||||
with:
|
||||
registry: ${{ inputs.registry }}
|
||||
username: ${{ inputs.username }}
|
||||
|
|
|
@ -19,7 +19,7 @@ runs:
|
|||
steps:
|
||||
- name: Install Cosign
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Download Syft & Grype
|
||||
uses: ./.github/actions/install_syft_grype
|
||||
|
|
|
@ -67,7 +67,7 @@ runs:
|
|||
# Make sure that helm is installed
|
||||
# This is not always the case, e.g. on MacOS runners
|
||||
- name: Install Helm
|
||||
uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0
|
||||
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
|
||||
with:
|
||||
version: v3.9.0
|
||||
|
||||
|
|
|
@ -5,51 +5,51 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Download CLI binaries darwin-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-darwin-amd64
|
||||
|
||||
- name: Download CLI binaries darwin-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-darwin-arm64
|
||||
|
||||
- name: Download CLI binaries linux-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-linux-amd64
|
||||
|
||||
- name: Download CLI binaries linux-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-linux-arm64
|
||||
|
||||
- name: Download CLI binaries windows-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-windows-amd64
|
||||
|
||||
- name: Download Terraform module
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-module
|
||||
|
||||
- name: Download Terraform provider binary darwin-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-darwin-amd64
|
||||
|
||||
- name: Download Terraform provider binary darwin-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-darwin-arm64
|
||||
|
||||
- name: Download Terraform provider binary linux-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-linux-amd64
|
||||
|
||||
- name: Download Terraform provider binary linux-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-linux-arm64
|
||||
|
|
|
@ -33,7 +33,7 @@ runs:
|
|||
|
||||
steps:
|
||||
- name: Setup python
|
||||
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
|
||||
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
|
||||
with:
|
||||
python-version: "3.10"
|
||||
|
||||
|
@ -49,7 +49,7 @@ runs:
|
|||
install kubestr /usr/local/bin
|
||||
|
||||
- name: Checkout k8s-bench-suite
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
repository: "edgelesssys/k8s-bench-suite"
|
||||
|
|
|
@ -16,7 +16,7 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Authenticate AWS
|
||||
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
|
||||
with:
|
||||
role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2EDestroy
|
||||
aws-region: eu-central-1
|
||||
|
@ -31,16 +31,14 @@ runs:
|
|||
with:
|
||||
service_account: "destroy-e2e@constellation-e2e.iam.gserviceaccount.com"
|
||||
|
||||
- name: Install unzip
|
||||
- name: Install 7zip
|
||||
uses: ./.github/actions/setup_bazel_nix
|
||||
with:
|
||||
nixTools: |
|
||||
unzip
|
||||
_7zz
|
||||
- name: Run cleanup
|
||||
run: ./.github/actions/e2e_cleanup_timeframe/e2e-cleanup.sh
|
||||
shell: bash
|
||||
env:
|
||||
GH_TOKEN: ${{ inputs.ghToken }}
|
||||
ENCRYPTION_SECRET: ${{ inputs.encryptionSecret }}
|
||||
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# get_e2e_test_ids_on_date gets all workflow IDs of workflows that contain "e2e" on a specific date.
|
||||
function get_e2e_test_ids_on_date {
|
||||
ids="$(gh run list --created "$1" --status failure --json createdAt,workflowName,databaseId --jq '.[] | select(.workflowName | contains("e2e") and (contains("MiniConstellation") | not)) | .databaseId' -L1000 -R edgelesssys/constellation || exit 1)"
|
||||
echo "$ids"
|
||||
echo "${ids}"
|
||||
}
|
||||
|
||||
# download_tfstate_artifact downloads all artifacts matching the pattern terraform-state-* from a given workflow ID.
|
||||
|
@ -13,7 +13,7 @@ function download_tfstate_artifact {
|
|||
|
||||
# delete_resources runs terraform destroy on the constellation-terraform subfolder of a given folder.
|
||||
function delete_resources {
|
||||
if [ -d "$1/constellation-terraform" ]; then
|
||||
if [[ -d "$1/constellation-terraform" ]]; then
|
||||
cd "$1/constellation-terraform" || exit 1
|
||||
terraform init > /dev/null || exit 1 # first, install plugins
|
||||
terraform destroy -auto-approve || exit 1
|
||||
|
@ -23,7 +23,7 @@ function delete_resources {
|
|||
|
||||
# delete_iam_config runs terraform destroy on the constellation-iam-terraform subfolder of a given folder.
|
||||
function delete_iam_config {
|
||||
if [ -d "$1/constellation-iam-terraform" ]; then
|
||||
if [[ -d "$1/constellation-iam-terraform" ]]; then
|
||||
cd "$1/constellation-iam-terraform" || exit 1
|
||||
terraform init > /dev/null || exit 1 # first, install plugins
|
||||
terraform destroy -auto-approve || exit 1
|
||||
|
@ -32,12 +32,12 @@ function delete_iam_config {
|
|||
}
|
||||
|
||||
# check if the password for artifact decryption was given
|
||||
if [[ -z $ENCRYPTION_SECRET ]]; then
|
||||
if [[ -z ${ENCRYPTION_SECRET} ]]; then
|
||||
echo "ENCRYPTION_SECRET is not set. Please set an environment variable with that secret."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
artifact_pwd=$ENCRYPTION_SECRET
|
||||
artifact_pwd=${ENCRYPTION_SECRET}
|
||||
|
||||
shopt -s nullglob
|
||||
|
||||
|
@ -46,9 +46,9 @@ end_date=$(date --date "-7 day" "+%Y-%m-%d")
|
|||
dates_to_clean=()
|
||||
|
||||
# get all dates of the last week
|
||||
while [[ $end_date != "$start_date" ]]; do
|
||||
dates_to_clean+=("$end_date")
|
||||
end_date=$(date --date "$end_date +1 day" "+%Y-%m-%d")
|
||||
while [[ ${end_date} != "${start_date}" ]]; do
|
||||
dates_to_clean+=("${end_date}")
|
||||
end_date=$(date --date "${end_date} +1 day" "+%Y-%m-%d")
|
||||
done
|
||||
|
||||
echo "[*] retrieving run IDs for cleanup"
|
||||
|
@ -65,33 +65,33 @@ mapfile -td " " database_ids < <(echo "${database_ids[@]}")
|
|||
|
||||
echo "[*] downloading terraform state artifacts"
|
||||
for id in "${database_ids[@]}"; do
|
||||
if [[ $id == *[^[:space:]]* ]]; then
|
||||
echo " downloading from workflow $id"
|
||||
download_tfstate_artifact "$id"
|
||||
if [[ ${id} == *[^[:space:]]* ]]; then
|
||||
echo " downloading from workflow ${id}"
|
||||
download_tfstate_artifact "${id}"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "[*] extracting artifacts"
|
||||
for directory in ./terraform-state-*; do
|
||||
echo " extracting $directory"
|
||||
echo " extracting ${directory}"
|
||||
|
||||
# extract and decrypt the artifact
|
||||
unzip -d "${directory}" -P "$artifact_pwd" "$directory/archive.zip" > /dev/null || exit 1
|
||||
7zz x -t7z -p"${artifact_pwd}" -o"${directory}" "${directory}/archive.7z" > /dev/null || exit 1
|
||||
done
|
||||
|
||||
# create terraform caching directory
|
||||
mkdir "$HOME/tf_plugin_cache"
|
||||
export TF_PLUGIN_CACHE_DIR="$HOME/tf_plugin_cache"
|
||||
echo "[*] created terraform cache directory $TF_PLUGIN_CACHE_DIR"
|
||||
mkdir "${HOME}/tf_plugin_cache"
|
||||
export TF_PLUGIN_CACHE_DIR="${HOME}/tf_plugin_cache"
|
||||
echo "[*] created terraform cache directory ${TF_PLUGIN_CACHE_DIR}"
|
||||
|
||||
echo "[*] deleting resources"
|
||||
for directory in ./terraform-state-*; do
|
||||
echo " deleting resources in $directory"
|
||||
delete_resources "$directory"
|
||||
echo " deleting IAM configuration in $directory"
|
||||
delete_iam_config "$directory"
|
||||
echo " deleting directory $directory"
|
||||
rm -rf "$directory"
|
||||
echo " deleting resources in ${directory}"
|
||||
delete_resources "${directory}"
|
||||
echo " deleting IAM configuration in ${directory}"
|
||||
delete_iam_config "${directory}"
|
||||
echo " deleting directory ${directory}"
|
||||
rm -rf "${directory}"
|
||||
done
|
||||
|
||||
exit 0
|
||||
|
|
|
@ -25,7 +25,7 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Install terraform
|
||||
uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
|
||||
uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
|
||||
with:
|
||||
terraform_wrapper: false
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ runs:
|
|||
|
||||
- name: Publish test results
|
||||
if: (!env.ACT) && contains(inputs.sonobuoyTestSuiteCmd, '--plugin e2e')
|
||||
uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 # v4.1.0
|
||||
uses: mikepenz/action-junit-report@9379f0ccddcab154835d4e2487555ee79614fe95 # v4.2.1
|
||||
with:
|
||||
report_paths: "**/junit_01.xml"
|
||||
fail_on_failure: true
|
||||
|
|
|
@ -330,7 +330,7 @@ runs:
|
|||
if: (inputs.test == 'nop') || (inputs.test == 'upgrade')
|
||||
shell: bash
|
||||
run: |
|
||||
echo "::warning::This test has a nop payload. It doesn't run any tests."
|
||||
echo "This test has a nop payload. It doesn't run any tests."
|
||||
echo "Sleeping for 30 seconds to allow logs to propagate to the log collection service."
|
||||
sleep 30
|
||||
|
||||
|
|
|
@ -66,12 +66,16 @@ runs:
|
|||
forwarderPID=$!
|
||||
sleep 5
|
||||
|
||||
if [[ ${{ inputs.attestationVariant }} == "azure-sev-snp" ]] || [[ ${{ inputs.attestationVariant }} == "aws-sev-snp" ]]; then
|
||||
echo "Extracting TCB versions for API update"
|
||||
constellation verify --cluster-id "${clusterID}" --node-endpoint localhost:9090 -o json > "snp-report-${node}.json"
|
||||
else
|
||||
constellation verify --cluster-id "${clusterID}" --node-endpoint localhost:9090
|
||||
fi
|
||||
case "${{ inputs.attestationVariant }}"
|
||||
in
|
||||
"azure-sev-snp"|"aws-sev-snp"|"gcp-sev-snp")
|
||||
echo "Extracting TCB versions for API update"
|
||||
constellation verify --cluster-id "${clusterID}" --node-endpoint localhost:9090 -o json > "snp-report-${node}.json"
|
||||
;;
|
||||
*)
|
||||
constellation verify --cluster-id "${clusterID}" --node-endpoint localhost:9090
|
||||
;;
|
||||
esac
|
||||
|
||||
kill $forwarderPID
|
||||
done
|
||||
|
@ -90,11 +94,6 @@ runs:
|
|||
COSIGN_PASSWORD: ${{ inputs.cosignPassword }}
|
||||
COSIGN_PRIVATE_KEY: ${{ inputs.cosignPrivateKey }}
|
||||
run: |
|
||||
if [[ ${{ inputs.attestationVariant }} == "aws-sev-snp" ]] && constellation version | grep -q "v2.13."; then
|
||||
echo "Skipping TCB upload for AWS on CLI v2.13"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
reports=(snp-report-*.json)
|
||||
if [ -z ${#reports[@]} ]; then
|
||||
exit 1
|
||||
|
|
|
@ -26,13 +26,13 @@ runs:
|
|||
steps:
|
||||
- name: Checkout head
|
||||
if: inputs.imageVersion == '' && inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.imageVersion == '' && inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
|
|
@ -10,6 +10,6 @@ runs:
|
|||
# As described at:
|
||||
# https://github.com/Azure/login#configure-deployment-credentials
|
||||
- name: Login to Azure
|
||||
uses: azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1
|
||||
uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0
|
||||
with:
|
||||
creds: ${{ inputs.azure_credentials }}
|
||||
|
|
|
@ -20,7 +20,7 @@ runs:
|
|||
echo "GOOGLE_CLOUD_PROJECT=" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Authorize GCP access
|
||||
uses: google-github-actions/auth@a6e2e39c0a0331da29f7fd2c2a20a427e8d3ad1f # v2.1.1
|
||||
uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
|
||||
with:
|
||||
workload_identity_provider: projects/796962942582/locations/global/workloadIdentityPools/constellation-ci-pool/providers/constellation-ci-provider
|
||||
service_account: ${{ inputs.service_account }}
|
||||
|
|
|
@ -36,12 +36,6 @@ runs:
|
|||
shell: bash
|
||||
run: echo "CURRENT_DATE=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_ENV
|
||||
|
||||
- name: Encode URI component
|
||||
uses: Ablestor/encode-uri-component-action@790ea01bcf2d5ca4d0dbe8c15351a87b47f22f61 # v1.3
|
||||
id: encode-uri-component
|
||||
with:
|
||||
string: ${{ inputs.test }}
|
||||
|
||||
- name: Create body template
|
||||
id: body-template
|
||||
shell: bash
|
||||
|
@ -69,13 +63,15 @@ runs:
|
|||
fi
|
||||
}
|
||||
|
||||
e2eTestPayload=$(echo "${{ inputs.test }}" | jq -R -r @uri)
|
||||
|
||||
q=$(echo "(filters:!(
|
||||
$(queryGen cloud.provider "${{ inputs.provider }}")
|
||||
$(queryGen metadata.github.ref-stream "${{ inputs.refStream }}")
|
||||
$(queryGen metadata.github.kubernetes-version "${{ inputs.kubernetesVersion }}")
|
||||
$(queryGen metadata.github.attestation-variant "${{ inputs.attestationVariant }}")
|
||||
$(queryGen metadata.github.cluster-creation "${{ inputs.clusterCreation }}")
|
||||
$(queryGen metadata.github.e2e-test-payload "${{ steps.encode-uri-component.outputs.string }}")
|
||||
$(queryGen metadata.github.e2e-test-payload "${e2eTestPayload}")
|
||||
(query:(match_phrase:(metadata.github.run-id:${{ github.run_id }})))
|
||||
))" | tr -d "\t\n ")
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: edgelesssys/helm
|
||||
ref: main
|
||||
|
@ -29,7 +29,7 @@ runs:
|
|||
echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
path: helm
|
||||
branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}"
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
name: Update TFState
|
||||
description: "Update the terraform state artifact."
|
||||
description: "Update the terraform state artifact. We use this to either delete an artifact if the e2e test was cleaned up successfully or to update the artifact with the latest terraform state."
|
||||
|
||||
inputs:
|
||||
name:
|
||||
name:
|
||||
description: "The name of the artifact that contains the tfstate."
|
||||
required: true
|
||||
runID:
|
||||
|
@ -11,52 +11,50 @@ inputs:
|
|||
encryptionSecret:
|
||||
description: "The encryption secret for the artifacts."
|
||||
required: true
|
||||
skipDeletion:
|
||||
description: "Don't try to delete the artifact before updating. You should only use this if you know that no artifact exists."
|
||||
default: "false"
|
||||
required: false
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Check if tfstate should be deleted
|
||||
if: always() && ${{ inputs.skipDeletion }} == "false"
|
||||
- name: Check if uploaded tfstate can be deleted
|
||||
if: always()
|
||||
shell: bash
|
||||
run: |
|
||||
if [ ! -d constellation-terraform ] && [ ! -d constellation-iam-terraform ]; then
|
||||
echo "DELETE_TF_STATE=true" >> "$GITHUB_ENV"
|
||||
if [[ ! -d constellation-terraform ]] && [[ ! -d constellation-iam-terraform ]]; then
|
||||
echo "DELETE_TF_STATE=true" >> "$GITHUB_ENV"
|
||||
else
|
||||
echo "DELETE_TF_STATE=false" >> "$GITHUB_ENV"
|
||||
echo "DELETE_TF_STATE=false" >> "$GITHUB_ENV"
|
||||
fi
|
||||
|
||||
- name: Delete tfstate artifact if necessary
|
||||
if: always() && env.DELETE_TF_STATE == 'true' && ${{ inputs.skipDeletion }} == "false"
|
||||
if: always() && env.DELETE_TF_STATE == 'true'
|
||||
uses: ./.github/actions/artifact_delete
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
workflowID: ${{ inputs.runID }}
|
||||
|
||||
- name: Prepare terraform state folders
|
||||
if: always()
|
||||
- name: Prepare left over terraform state folders
|
||||
if: always() && env.DELETE_TF_STATE == 'false'
|
||||
shell: bash
|
||||
run: |
|
||||
rm -rf to-zip/*
|
||||
mkdir -p to-zip
|
||||
|
||||
to_upload=""
|
||||
if [ -d constellation-terraform ]; then
|
||||
cp -r constellation-terraform to-zip
|
||||
rm to-zip/constellation-terraform/plan.zip
|
||||
rm -rf to-zip/constellation-terraform/.terraform
|
||||
to_upload+="to-zip/constellation-terraform"
|
||||
if [[ -d constellation-terraform ]]; then
|
||||
cp -r constellation-terraform to-zip
|
||||
rm -f to-zip/constellation-terraform/plan.zip
|
||||
rm -rf to-zip/constellation-terraform/.terraform
|
||||
to_upload+="to-zip/constellation-terraform"
|
||||
fi
|
||||
if [ -d constellation-iam-terraform ]; then
|
||||
cp -r constellation-iam-terraform to-zip
|
||||
rm -rf to-zip/constellation-iam-terraform/.terraform
|
||||
to_upload+=" to-zip/constellation-iam-terraform"
|
||||
if [[ -d constellation-iam-terraform ]]; then
|
||||
cp -r constellation-iam-terraform to-zip
|
||||
rm -rf to-zip/constellation-iam-terraform/.terraform
|
||||
to_upload+=" to-zip/constellation-iam-terraform"
|
||||
fi
|
||||
echo "TO_UPLOAD=$to_upload" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Update tfstate
|
||||
if: always()
|
||||
if: always() && env.TO_UPLOAD != ''
|
||||
uses: ./.github/actions/artifact_upload
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
|
@ -64,5 +62,3 @@ runs:
|
|||
${{ env.TO_UPLOAD }}
|
||||
encryptionSecret: ${{ inputs.encryptionSecret }}
|
||||
overwrite: true
|
||||
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ runs:
|
|||
zip -r terraform-module.zip terraform-module
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: terraform-module
|
||||
path: terraform-module.zip
|
||||
|
@ -23,4 +23,4 @@ runs:
|
|||
- name: Cleanup Terraform module dir
|
||||
shell: bash
|
||||
run: |
|
||||
rm -r terraform-module terraform-module.zip
|
||||
rm -f terraform-module terraform-module.zip
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM golang:1.22.2@sha256:c4fb952e712efd8f787bcd8e53fd66d1d83b7dc26adabc218e9eac1dbf776bdf as builder
|
||||
FROM golang:1.22.3@sha256:b1e05e2c918f52c59d39ce7d5844f73b2f4511f7734add8bb98c9ecdd4443365 as builder
|
||||
|
||||
# Download project root dependencies
|
||||
WORKDIR /workspace
|
||||
|
|
|
@ -12,7 +12,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
if: ${{ github.event.label.name == 'dependencies'}}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
- name: Pick assignee
|
||||
id: pick-assignee
|
||||
uses: ./.github/actions/pick_assignee
|
||||
|
|
|
@ -11,7 +11,7 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
path: constellation
|
||||
|
@ -27,7 +27,7 @@ jobs:
|
|||
|
||||
- name: Download Firmware release
|
||||
id: download-firmware
|
||||
uses: robinraju/release-downloader@368754b9c6f47c345fcfbf42bcb577c2f0f5f395 # v1.9
|
||||
uses: robinraju/release-downloader@c39a3b234af58f0cf85888573d361fb6fa281534 # v1.10
|
||||
with:
|
||||
repository: aws/uefi
|
||||
latest: true
|
||||
|
@ -50,7 +50,7 @@ jobs:
|
|||
echo "ovmfPath=${ovmfPath}" | tee -a "$GITHUB_OUTPUT"
|
||||
popd || exit 1
|
||||
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: virtee/sev-snp-measure-go.git
|
||||
ref: e42b6f8991ed5a671d5d1e02a6b61f6373f9f8d8
|
||||
|
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
runs-on: [arc-runner-set]
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -19,19 +19,19 @@ jobs:
|
|||
latest: ${{ steps.find-latest.outputs.latest }}
|
||||
steps:
|
||||
- name: Checkout Constellation
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Checkout kubernetes/cloud-provider-gcp
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "kubernetes/cloud-provider-gcp"
|
||||
path: "cloud-provider-gcp"
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.2"
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
||||
- name: Install Crane
|
||||
|
@ -65,10 +65,10 @@ jobs:
|
|||
version: ${{ fromJson(needs.find-ccm-versions.outputs.versions) }}
|
||||
steps:
|
||||
- name: Checkout Constellation
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Checkout kubernetes/cloud-provider-gcp
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "kubernetes/cloud-provider-gcp"
|
||||
path: "cloud-provider-gcp"
|
||||
|
@ -113,7 +113,7 @@ jobs:
|
|||
|
||||
- name: Build and push container image
|
||||
id: build
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: ./cloud-provider-gcp
|
||||
push: ${{ github.ref_name == 'main' }}
|
||||
|
|
|
@ -69,7 +69,7 @@ jobs:
|
|||
|
||||
- name: Checkout GoogleCloudPlatform/guest-agent
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "GoogleCloudPlatform/guest-agent"
|
||||
ref: refs/tags/${{ steps.latest-release.outputs.latest }}
|
||||
|
@ -77,7 +77,7 @@ jobs:
|
|||
|
||||
- name: Checkout Constellation
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
path: "constellation"
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -114,7 +114,7 @@ jobs:
|
|||
- name: Build and push container image
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
id: build
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: ./guest-agent
|
||||
file: ./constellation/3rdparty/gcp-guest-agent/Dockerfile
|
||||
|
|
|
@ -19,7 +19,7 @@ jobs:
|
|||
packages: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Setup bazel
|
||||
uses: ./.github/actions/setup_bazel_nix
|
||||
|
|
|
@ -20,7 +20,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -62,14 +62,14 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.2"
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
||||
- name: Determine version
|
||||
|
@ -99,7 +99,7 @@ jobs:
|
|||
run: rm -f internal/attestation/measurements/measurement-generator/generate
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: "image/automated/update-measurements-${{ github.run_number }}"
|
||||
base: main
|
||||
|
@ -121,7 +121,7 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
|
|
|
@ -59,7 +59,7 @@ jobs:
|
|||
cliApiBasePath: ${{ steps.image-version.outputs.cliApiBasePath }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -138,7 +138,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -20,12 +20,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Link Checker
|
||||
uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3
|
||||
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0
|
||||
with:
|
||||
args: "--config ./.lychee.toml './**/*.md' './**/*.html'"
|
||||
fail: true
|
||||
|
|
|
@ -34,17 +34,17 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Setup Go environment
|
||||
if: matrix.language == 'go'
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.2"
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/init@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
|
||||
|
@ -63,6 +63,6 @@ jobs:
|
|||
echo "::endgroup::"
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/analyze@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
category: "/language:${{ matrix.language }}"
|
||||
|
|
|
@ -16,12 +16,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Vale
|
||||
uses: errata-ai/vale-action@3f7188c866bcb3259339a09f517d7c4a8838303c # tag=reviewdog
|
||||
uses: errata-ai/vale-action@38bf078c328061f59879b347ca344a718a736018 # tag=reviewdog
|
||||
with:
|
||||
files: docs/docs
|
||||
fail_on_error: true
|
||||
|
|
|
@ -72,7 +72,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -92,7 +92,7 @@ jobs:
|
|||
cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Upload CLI as artifact (unix)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os != 'windows' }}
|
||||
with:
|
||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -101,7 +101,7 @@ jobs:
|
|||
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
|
||||
|
||||
- name: Upload CLI as artifact (windows)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os == 'windows' }}
|
||||
with:
|
||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -133,7 +133,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -149,7 +149,7 @@ jobs:
|
|||
targetArch: ${{ matrix.arch }}
|
||||
|
||||
- name: Upload Terraform Provider Binary as artifact (unix)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os != 'windows' }}
|
||||
with:
|
||||
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -157,7 +157,7 @@ jobs:
|
|||
build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
||||
- name: Upload Terraform Provider Binary as artifact (windows)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os == 'windows' }}
|
||||
with:
|
||||
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -169,7 +169,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -187,7 +187,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -219,7 +219,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -227,7 +227,7 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
|
@ -256,12 +256,12 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
- name: Install Cosign
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Download Syft & Grype
|
||||
uses: ./.github/actions/install_syft_grype
|
||||
|
@ -296,13 +296,13 @@ jobs:
|
|||
COSIGN_PASSWORD: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Upload Constellation CLI SBOM
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
path: constellation.spdx.sbom
|
||||
|
||||
- name: Upload Constellation CLI SBOM's signature
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation.spdx.sbom.sig
|
||||
path: constellation.spdx.sbom.sig
|
||||
|
@ -332,7 +332,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -340,7 +340,7 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
|
@ -407,7 +407,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -420,12 +420,12 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
- name: Download Constellation CLI SBOM's signature
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom.sig
|
||||
|
||||
|
|
|
@ -10,11 +10,6 @@ on:
|
|||
- "internal/api/**"
|
||||
- ".github/workflows/e2e-attestationconfigapi.yml"
|
||||
- "go.mod"
|
||||
pull_request:
|
||||
paths:
|
||||
- "internal/api/**"
|
||||
- ".github/workflows/e2e-attestationconfigapi.yml"
|
||||
- "go.mod"
|
||||
|
||||
jobs:
|
||||
e2e-api:
|
||||
|
@ -31,7 +26,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
# Don't trigger in forks, use head on pull requests, use default otherwise.
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || github.event.pull_request.head.sha || '' }}
|
||||
|
|
|
@ -14,7 +14,7 @@ jobs:
|
|||
id-token: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Cleanup
|
||||
uses: ./.github/actions/e2e_cleanup_timeframe
|
||||
|
|
|
@ -29,7 +29,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.event.workflow_run.head_branch || github.head_ref }}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ jobs:
|
|||
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -46,10 +46,15 @@ jobs:
|
|||
max-parallel: 5
|
||||
matrix:
|
||||
kubernetesVersion: ["1.28"] # should be default
|
||||
# TODO(msanft): Enable GCP SEV-SNP once stable GCP SEV-SNP images exist.
|
||||
attestationVariant: ["gcp-sev-es", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
|
||||
attestationVariant: ["gcp-sev-es", "gcp-sev-snp", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
|
||||
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
|
||||
test: ["sonobuoy quick"]
|
||||
exclude:
|
||||
# TODO(v2.18 msanft): Remove exclude rule for GCP SEV-SNP stable once images exist.
|
||||
- kubernetesVersion: "1.28"
|
||||
attestationVariant: "gcp-sev-snp"
|
||||
refStream: "ref/release/stream/stable/?"
|
||||
test: "sonobuoy quick"
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
id-token: write
|
||||
|
@ -60,7 +65,7 @@ jobs:
|
|||
needs: [find-latest-image]
|
||||
steps:
|
||||
- name: Check out repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -129,7 +134,7 @@ jobs:
|
|||
GH_TOKEN: ${{ github.token }}
|
||||
uses: ./.github/actions/update_tfstate
|
||||
with:
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
runID: ${{ github.run_id }}
|
||||
encryptionSecret: ${{ secrets.ARTIFACT_ENCRYPT_PASSWD }}
|
||||
|
||||
|
@ -160,7 +165,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -156,7 +156,7 @@ jobs:
|
|||
|
||||
- name: Login to AWS (IAM + Cluster role)
|
||||
if: steps.determine.outputs.cloudProvider == 'aws'
|
||||
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
|
||||
with:
|
||||
role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2ETerraform
|
||||
aws-region: eu-central-1
|
||||
|
|
|
@ -311,7 +311,7 @@ jobs:
|
|||
run: brew install coreutils kubectl bash
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
image-main-nightly: ${{ steps.relabel-output.outputs.image-main-nightly }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -313,7 +313,7 @@ jobs:
|
|||
needs: [find-latest-image]
|
||||
steps:
|
||||
- name: Check out repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -385,7 +385,7 @@ jobs:
|
|||
GH_TOKEN: ${{ github.token }}
|
||||
uses: ./.github/actions/update_tfstate
|
||||
with:
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
runID: ${{ github.run_id }}
|
||||
encryptionSecret: ${{ secrets.ARTIFACT_ENCRYPT_PASSWD }}
|
||||
|
||||
|
@ -438,7 +438,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -174,13 +174,13 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout head
|
||||
if: inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
@ -211,13 +211,13 @@ jobs:
|
|||
|
||||
- name: Checkout head
|
||||
if: inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
@ -286,6 +286,6 @@ jobs:
|
|||
GH_TOKEN: ${{ github.token }}
|
||||
uses: ./.github/actions/update_tfstate
|
||||
with:
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
name: terraform-state-${{ steps.e2e_test.outputs.namePrefix }}
|
||||
runID: ${{ github.run_id }}
|
||||
encryptionSecret: ${{ secrets.ARTIFACT_ENCRYPT_PASSWD }}
|
||||
|
|
|
@ -135,14 +135,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -173,7 +173,7 @@ jobs:
|
|||
push: true
|
||||
|
||||
- name: Upload CLI binary
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build/constellation
|
||||
|
@ -193,14 +193,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -281,14 +281,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -336,7 +336,7 @@ jobs:
|
|||
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||
|
||||
- name: Download CLI
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build
|
||||
|
@ -448,20 +448,20 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
||||
- name: Download CLI
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build
|
||||
|
@ -513,7 +513,7 @@ jobs:
|
|||
run: |
|
||||
mkdir -p to-zip
|
||||
cp -r constellation-terraform to-zip
|
||||
rm to-zip/constellation-terraform/plan.zip
|
||||
rm -f to-zip/constellation-terraform/plan.zip
|
||||
rm -rf to-zip/constellation-terraform/.terraform
|
||||
cp -r constellation-iam-terraform to-zip
|
||||
rm -rf to-zip/constellation-iam-terraform/.terraform
|
||||
|
@ -542,7 +542,7 @@ jobs:
|
|||
GH_TOKEN: ${{ github.token }}
|
||||
uses: ./.github/actions/update_tfstate
|
||||
with:
|
||||
name: terraform-state-${{ needs.create-cluster.outputs.e2e-name-prefix }}
|
||||
name: terraform-state-${{ needs.create-cluster.outputs.e2e-name-prefix }}
|
||||
runID: ${{ github.run_id }}
|
||||
encryptionSecret: ${{ secrets.ARTIFACT_ENCRYPT_PASSWD }}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ jobs:
|
|||
packages: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -48,7 +48,7 @@ jobs:
|
|||
push: true
|
||||
|
||||
- name: Upload CLI artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
path: build/constellation.exe
|
||||
name: "constell-exe"
|
||||
|
@ -59,12 +59,12 @@ jobs:
|
|||
needs: build-cli
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download CLI artifact
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: "constell-exe"
|
||||
|
||||
|
@ -80,10 +80,12 @@ jobs:
|
|||
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||
|
||||
- name: Create IAM configuration
|
||||
id: iam-create
|
||||
shell: pwsh
|
||||
run: |
|
||||
$uid = Get-Random -Minimum 1000 -Maximum 9999
|
||||
$rgName = "e2e-win-${{ github.run_id }}-${{ github.run_attempt }}-$uid"
|
||||
"rgName=$($rgName)" | Out-File -FilePath $env:GITHUB_OUTPUT -Append
|
||||
.\constellation.exe config generate azure -t "workflow=${{ github.run_id }}"
|
||||
.\constellation.exe iam create azure --region=westus --resourceGroup=$rgName-rg --servicePrincipal=$rgName-sp --update-config --debug -y
|
||||
|
||||
|
@ -150,6 +152,7 @@ jobs:
|
|||
}
|
||||
|
||||
- name: Terminate cluster
|
||||
id: terminate-cluster
|
||||
if: always()
|
||||
shell: pwsh
|
||||
run: |
|
||||
|
@ -162,11 +165,20 @@ jobs:
|
|||
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||
|
||||
- name: Delete IAM configuration
|
||||
id: delete-iam
|
||||
if: always()
|
||||
shell: pwsh
|
||||
run: |
|
||||
.\constellation.exe iam destroy --debug -y
|
||||
|
||||
- name: Clean up after failure
|
||||
# run on a cleanup failure or if cancelled
|
||||
if: (failure() && (steps.terminate-cluster.conclusion == 'failure' || steps.delete-iam.conclusion == 'failure')) || cancelled()
|
||||
shell: pwsh
|
||||
run: |
|
||||
az group delete --name ${{ steps.iam-create.outputs.rgName }}-rg --yes
|
||||
az group delete --name ${{ steps.iam-create.outputs.rgName }}-rg-identity --yes
|
||||
|
||||
notify-failure:
|
||||
name: Notify about failure
|
||||
runs-on: ubuntu-22.04
|
||||
|
@ -177,7 +189,7 @@ jobs:
|
|||
inputs.scheduled
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -196,25 +208,3 @@ jobs:
|
|||
provider: Azure
|
||||
attestationVariant: "azure-sev-snp"
|
||||
|
||||
upload-tfstate:
|
||||
name: Upload terraform state if it exists
|
||||
runs-on: ubuntu-22.04
|
||||
needs: e2e-test
|
||||
if: always()
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Upload tfstate
|
||||
if: always()
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
uses: ./.github/actions/update_tfstate
|
||||
with:
|
||||
name: terraform-state-${{ github.run_id }}
|
||||
runID: ${{ github.run_id }}
|
||||
encryptionSecret: ${{ secrets.ARTIFACT_ENCRYPT_PASSWD }}
|
||||
skipDeletion: "true"
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ jobs:
|
|||
WORKING_BRANCH: ${{ env.WORKING_BRANCH }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0 # fetch all history
|
||||
|
||||
|
@ -49,7 +49,7 @@ jobs:
|
|||
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Override latest
|
||||
if: github.event.inputs.latest == 'true'
|
||||
|
@ -123,7 +123,7 @@ jobs:
|
|||
contents: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Remove temporary branch
|
||||
run: git push origin --delete "${{needs.complete-release-branch-transaction.outputs.WORKING_BRANCH}}"
|
||||
|
@ -137,7 +137,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- uses: ./.github/actions/setup_bazel_nix
|
||||
with:
|
||||
|
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ jobs:
|
|||
RELEASE_BRANCH: ${{ steps.version-info.outputs.RELEASE_BRANCH }}
|
||||
WORKING_BRANCH: ${{ steps.version-info.outputs.WORKING_BRANCH }}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Working branch
|
||||
run: echo "WORKING_BRANCH=$(git branch --show-current)" | tee -a "$GITHUB_ENV"
|
||||
|
@ -85,7 +85,7 @@ jobs:
|
|||
MAJOR_MINOR: ${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||
BRANCH: docs/${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: main
|
||||
|
||||
|
@ -96,7 +96,7 @@ jobs:
|
|||
npm run docusaurus docs:version "${MAJOR_MINOR}"
|
||||
|
||||
- name: Create docs pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: ${{ env.BRANCH }}
|
||||
base: main
|
||||
|
@ -123,7 +123,7 @@ jobs:
|
|||
WORKING_BRANCH: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
|
@ -161,7 +161,7 @@ jobs:
|
|||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
|
@ -226,14 +226,14 @@ jobs:
|
|||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.2"
|
||||
go-version: "1.22.3"
|
||||
cache: true
|
||||
|
||||
- name: Build generateMeasurements tool
|
||||
|
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
runs-on: ${{ matrix.runner }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -60,13 +60,13 @@ jobs:
|
|||
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
||||
|
||||
- name: Upload binary artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "binaries-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}"
|
||||
|
||||
- name: Upload hash artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}.sha256"
|
||||
|
@ -87,7 +87,7 @@ jobs:
|
|||
runs-on: ${{ matrix.runner }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -116,13 +116,13 @@ jobs:
|
|||
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
||||
|
||||
- name: Upload binary artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "osimages-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}"
|
||||
|
||||
- name: Upload hash artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}.sha256"
|
||||
|
@ -145,7 +145,7 @@ jobs:
|
|||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
pattern: "binaries-${{ matrix.target }}-*"
|
||||
merge-multiple: true
|
||||
|
@ -179,7 +179,7 @@ jobs:
|
|||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download os images
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
pattern: "osimages-${{ matrix.target }}-*"
|
||||
merge-multiple: true
|
||||
|
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -30,13 +30,13 @@ jobs:
|
|||
publish_results: true
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
retention-days: 5
|
||||
|
||||
- name: Upload to code-scanning
|
||||
uses: github/codeql-action/upload-sarif@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/upload-sarif@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
|
|
@ -18,14 +18,14 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout constellation repo
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
fetch-depth: 0
|
||||
path: constellation
|
||||
|
||||
- name: Checkout terraform-provider-constellation repo
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: edgelesssys/terraform-provider-constellation
|
||||
ref: main
|
||||
|
@ -40,7 +40,7 @@ jobs:
|
|||
|
||||
- name: Create pull request
|
||||
id: create-pull-request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
path: terraform-provider-constellation
|
||||
branch: "feat/docs/update"
|
||||
|
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
CTEST_OUTPUT_ON_FAILURE: True
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -21,14 +21,14 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.2"
|
||||
go-version: "1.22.3"
|
||||
cache: true
|
||||
|
||||
- name: Run code generation
|
||||
|
|
|
@ -23,7 +23,7 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
# No token available for forks, so we can't push changes
|
||||
|
|
|
@ -30,7 +30,7 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
fetch-depth: 0
|
||||
|
|
|
@ -13,7 +13,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Assume AWS role to upload Bazel dependencies to S3
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
|
||||
|
@ -40,7 +40,7 @@ jobs:
|
|||
fi
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: "image/automated/update-rpms-${{ github.run_number }}"
|
||||
base: main
|
||||
|
|
|
@ -115,7 +115,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ RUN apt-get update && apt-get install -y \
|
|||
git
|
||||
|
||||
# Install Go
|
||||
ARG GO_VER=1.22.2
|
||||
ARG GO_VER=1.22.3
|
||||
RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \
|
||||
tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \
|
||||
rm go${GO_VER}.linux-amd64.tar.gz
|
||||
|
|
|
@ -170,7 +170,7 @@ load("@io_bazel_rules_go//go:deps.bzl", "go_download_sdk", "go_register_toolchai
|
|||
go_download_sdk(
|
||||
name = "go_sdk",
|
||||
patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],
|
||||
version = "1.22.2",
|
||||
version = "1.22.3",
|
||||
)
|
||||
|
||||
go_rules_dependencies()
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# Bump Go version
|
||||
|
||||
`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.
|
||||
|
||||
## Steps
|
||||
|
@ -6,5 +7,13 @@
|
|||
Replace "1.xx.x" with the new version in [WORKSPACE.bazel](/WORKSPACE.bazel):
|
||||
|
||||
```starlark
|
||||
go_register_toolchains(version = "1.xx.x")
|
||||
load("@io_bazel_rules_go//go:deps.bzl", "go_download_sdk", "go_register_toolchains", "go_rules_dependencies")
|
||||
|
||||
go_download_sdk(
|
||||
name = "go_sdk",
|
||||
patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],
|
||||
version = "1.xx.x", <--- Replace this one
|
||||
~~~~~~~~
|
||||
)
|
||||
|
||||
```
|
||||
|
|
4
go.work
4
go.work
|
@ -1,6 +1,6 @@
|
|||
go 1.22.2
|
||||
go 1.22.3
|
||||
|
||||
toolchain go1.22.2
|
||||
toolchain go1.22.3
|
||||
|
||||
use (
|
||||
.
|
||||
|
|
|
@ -92,9 +92,9 @@ cd41c94b8c668602f7fb5eae595e5d5c34bd1b91690b5cc06f4c8c199794dfa8 gnupg2-smime-2
|
|||
e0481a0fd263907193fe9f3f080a17e89de1ef1d8a490078a6225062b4eec761 gpgme-1.17.1-5.fc38.x86_64.rpm
|
||||
ad16ec814c4423d007d218a3f45d2e39d3dab00fc8c0d75eef176041594e3970 gpm-libs-1.20.7-42.fc38.x86_64.rpm
|
||||
60ed241ec381a23d03fac733a72132dbdc4ba04c412add78bfc67f1b9f1b4daa grep-3.8-3.fc38.x86_64.rpm
|
||||
8ccdd14f712a6459ff2094fb84a6b2f065040cf5ab0bcb844caaa07bb0ad2cda grub2-common-2.06-116.fc38.noarch.rpm
|
||||
938199770615a3698fb69a32f5274ca36904f4496772f8f538b2b1f332381351 grub2-tools-2.06-116.fc38.x86_64.rpm
|
||||
76f510f88200abe7009807c4630688050fc4eebf206d173e00508cee992e2d5e grub2-tools-minimal-2.06-116.fc38.x86_64.rpm
|
||||
b550e98ee06b72177009627b7dedf470fe662c5b7180180fed14d705788f33a7 grub2-common-2.06-118.fc38.noarch.rpm
|
||||
ad56781d108b910a9f86106cbb653f01201196995150e9e5d84d3de6b90f4851 grub2-tools-2.06-118.fc38.x86_64.rpm
|
||||
2e98885b2a2271f1020804ec2a2912f045fc19c87b65177280d94250ad8e21f5 grub2-tools-minimal-2.06-118.fc38.x86_64.rpm
|
||||
5e95f1f40c3242809a7a047543a57046d16e5df811aa816c4aa2b0cc8b883b8e grubby-8.40-70.fc38.x86_64.rpm
|
||||
cd17ffd09699224216affbbc765dfda04e1b5ccebb8e95af45a56c54ff257e2b gvisor-tap-vsock-0.7.3-1.fc38.x86_64.rpm
|
||||
8ec6f2f11b854734c53b5d43638d08740b3b36f981c495d0ca17bf044b370248 gvisor-tap-vsock-gvforwarder-0.7.3-1.fc38.x86_64.rpm
|
||||
|
@ -131,7 +131,7 @@ d78d7bc485f099bb08c9de55dd12ea6a984b948face1f947de6ec805663a96c5 libattr-2.5.1-
|
|||
dca5cafabf192d1f5abe37fa06425877bf74bb6e8c5ce5cad577274b18169b94 libblkid-2.38.1-4.fc38.i686.rpm
|
||||
21b5a1a024c2d1877d2b7271fd3f82424eb0bd6b95395ad3a3dae5776eec8714 libblkid-2.38.1-4.fc38.x86_64.rpm
|
||||
8079443881e764cece2f8f6789b39ebbe43226cde61675bdfae5a5a18a439b5f libbpf-1.1.0-2.fc38.x86_64.rpm
|
||||
58cc0371663c027c0c369337f303133ccad774b2f474d8ab53bdce7b904dbb0f libbsd-0.12.2-1.fc38.x86_64.rpm
|
||||
d206e2d18ff35ffc2d39a49db20abd3bd24274f54efb2af257f3bff36afe3dcb libbsd-0.12.2-3.fc38.x86_64.rpm
|
||||
04fdf1cee0fc12ff10757a07beb1dd014a0f23def582255ff0dbd8472868f08f libcap-2.48-8.fc38.i686.rpm
|
||||
df1ecff1c2d83b5256a03aaf9bda20cfd86def263645ddd677aaa3facc525561 libcap-2.48-8.fc38.x86_64.rpm
|
||||
5257031cba9a8791a277994e026b0f4c7a1cf2878505f5e1ed463fa670b67f05 libcap-ng-0.8.3-8.fc38.i686.rpm
|
||||
|
@ -276,11 +276,11 @@ fb3fabd657b8f8603c6e19858beb0d506cf957bbca2f3feb827b64c94563b31f popt-1.19-2.fc
|
|||
8b3f681cd05e071d4c7b21eff4684a3ca7674599ee984cccd6a69a685eb8a41c protobuf-c-1.4.1-4.fc38.x86_64.rpm
|
||||
6983318d6b2dfd4eea29448e9853b74b1d009ab37be7add3ff304ff0483714cb psmisc-23.6-2.fc38.x86_64.rpm
|
||||
5d57133d4f5ace3ca45aaa59ae4b8f6e907a51df6503f3747ed0e5316de3b4dc publicsuffix-list-dafsa-20240107-1.fc38.noarch.rpm
|
||||
e59d71a66652002e1bc6331db17a061bd3ceacf1a449be8af9f7cefc50af4ad7 python-pip-wheel-22.3.1-3.fc38.noarch.rpm
|
||||
b6416707be79fb1e9f99d0cb9b06a27fb045f88ec2f698e93117cc95cac7fff2 python-pip-wheel-22.3.1-4.fc38.noarch.rpm
|
||||
7417816bd96d7b49e5a98c85eba313afaa8b8802458d7cd9f5ba72ecc31933e3 python-setuptools-wheel-65.5.1-2.fc38.noarch.rpm
|
||||
5aadde78a824378f6c98385cd2efabbbad183e3eb02333e44f0d4e771a45fafe python-unversioned-command-3.11.8-2.fc38.noarch.rpm
|
||||
addcb7a118134fede26541516a4e53c983b625266ae223f00e07a990ada62938 python3-3.11.8-2.fc38.x86_64.rpm
|
||||
1cbb84f28da01dcb48b6b7dbb7248f7e9875dcb2d182385ef82b2d7d05a84abc python3-libs-3.11.8-2.fc38.x86_64.rpm
|
||||
4abf1cf4a1eacaa8755650704f0c8d4dba0814e648aae82df935a00d53bf46b2 python-unversioned-command-3.11.9-2.fc38.noarch.rpm
|
||||
a537a4e0e298651cf582b9af3ed3d843946837e94fef66de3041729533283d12 python3-3.11.9-2.fc38.x86_64.rpm
|
||||
64c68c1eb659020a6587b1b25e825afafe21effd05a9abdfa1b363f81ed400d8 python3-libs-3.11.9-2.fc38.x86_64.rpm
|
||||
92ff091ca65dbfb27dcbebe3087e55b64bebf204df0ed41c26de59497dbd023b qemu-user-static-7.2.10-1.fc38.x86_64.rpm
|
||||
c6556a55be749a8c81edf22e47cb9c3385aaf69df7950f20312fa7f0818b9488 qemu-user-static-aarch64-7.2.10-1.fc38.x86_64.rpm
|
||||
1fe55e907d9efa0e02f398485859a795dea0fbb01d3a51658dc897874c75f1bc qemu-user-static-alpha-7.2.10-1.fc38.x86_64.rpm
|
||||
|
@ -337,15 +337,15 @@ a0bf879d762443195b4745096d7ee0afef4b71c9008042a3f06d9cd35162d197 systemd-libs-2
|
|||
232da16c546617adde46ecaa1d5367acd05f75d04570fb367123b8dd01abdea4 util-linux-2.38.1-4.fc38.i686.rpm
|
||||
f0f8e33332df97afd911093f28c487bc84cbe4dcc7bb468eac5551d235acee62 util-linux-2.38.1-4.fc38.x86_64.rpm
|
||||
b57dbbbee14301e89df618b398ef39b7fc841eaba6be1b6346cf37ed7695c26a util-linux-core-2.38.1-4.fc38.x86_64.rpm
|
||||
ecf20fb825cac6c1e186fd9034999492e52d5df8114242372866bcebe79e3ad4 vim-common-9.1.309-1.fc38.x86_64.rpm
|
||||
54c84db8b9b86ed2d5a3599f38bb9aef7b8e383d3cd5662afc72cf7812580104 vim-data-9.1.309-1.fc38.noarch.rpm
|
||||
67b4e8a44d30b0c1fd0bedf2ccabf6097b1d1ad5a36b82a0ac66181de63c2dc5 vim-enhanced-9.1.309-1.fc38.x86_64.rpm
|
||||
39fd499ecab55d81bc6051eee9fbc3521640fb45545ff9609397e192a7a3dd15 vim-filesystem-9.1.309-1.fc38.noarch.rpm
|
||||
cb167e73a911cd10edcaf58a911f23e75581c27aadb7d2b48f9988057002a27e vim-common-9.1.354-1.fc38.x86_64.rpm
|
||||
275f7257e70f8c060b088686d6bd22c327f9ffed0eb79d79a6335b41f85a183a vim-data-9.1.354-1.fc38.noarch.rpm
|
||||
0da95855d82ce7249fe402f9251a54edd574ea7329fb1d8ec0f7d0207e21dc23 vim-enhanced-9.1.354-1.fc38.x86_64.rpm
|
||||
273bd9f355aee40d4220ba89e3bcf4bfe5f2a72f3ba84d1c1026f5a36a13398b vim-filesystem-9.1.354-1.fc38.noarch.rpm
|
||||
a4c8b2a90705fed491f6f7f258904637c18773d323d39e97bf9036260b79a0f6 wget-1.21.4-1.fc38.x86_64.rpm
|
||||
2c8b143f3cb83efa5a31c85bea1da3164ca2dde5e2d75d25115f3e21ef98b4e0 which-2.21-39.fc38.x86_64.rpm
|
||||
84f87df3afabe3de8748f172220107e5a5cbb0f0ef954386ecff6b914604aada whois-nls-5.5.18-1.fc38.noarch.rpm
|
||||
59a7a5a775c196961cdc51fb89440a055295c767a632bfa684760e73650aa9a0 xkeyboard-config-2.38-1.fc38.noarch.rpm
|
||||
56b7e00ebf801a10a47a2a09d4409595ab9cabdbbeb772502348066cfd490736 xxd-9.1.309-1.fc38.x86_64.rpm
|
||||
fd60e5a90c7f28e2c9b72aabb17c7fa548330ebfa2e99d72d861e557562ceec0 xxd-9.1.354-1.fc38.x86_64.rpm
|
||||
e911703ffceee37ec1066344820ab0cf9ba8e43d7957395981ba68c4d411a0a4 xz-5.4.1-1.fc38.x86_64.rpm
|
||||
2b3a57c5ccfd4c99ec78d8420394387782a4ac57946d63800a406a4050c3d214 xz-libs-5.4.1-1.fc38.i686.rpm
|
||||
bfce8ac2a2a78a23fb931531fb3d8f530a78f4d5b17f6199bf99b93ca21858c0 xz-libs-5.4.1-1.fc38.x86_64.rpm
|
||||
|
|
|
@ -13,17 +13,20 @@ package measurements
|
|||
// a build tag.
|
||||
// The enterprise build tag is required to validate the measurements using production
|
||||
// sigstore certificates.
|
||||
//
|
||||
// To add measurements for a new variant, add a new entry as `<csp>_<variant> = M{}` and run the generate tool.
|
||||
// Entries defined as `<csp>_<variant> M` are ignored.
|
||||
|
||||
// revive:disable:var-naming
|
||||
var (
|
||||
aws_AWSNitroTPM = M{0: {Expected: []byte{0x73, 0x7f, 0x76, 0x7a, 0x12, 0xf5, 0x4e, 0x70, 0xee, 0xcb, 0xc8, 0x68, 0x40, 0x11, 0x32, 0x3a, 0xe2, 0xfe, 0x2d, 0xd9, 0xf9, 0x07, 0x85, 0x57, 0x79, 0x69, 0xd7, 0xa2, 0x01, 0x3e, 0x8c, 0x12}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x38, 0xfe, 0xae, 0x07, 0x2f, 0xa3, 0xf8, 0x46, 0xc0, 0x3f, 0xb9, 0x35, 0x25, 0x8e, 0xc9, 0xa4, 0x9a, 0x18, 0xed, 0x7c, 0xeb, 0x97, 0xc0, 0x5a, 0xea, 0x56, 0x0a, 0x8b, 0xc2, 0x36, 0x15, 0xf3}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x2a, 0x81, 0xb5, 0xac, 0x60, 0xc8, 0x71, 0xc3, 0x87, 0xc4, 0xf9, 0x17, 0x2c, 0xb0, 0x24, 0xdc, 0xcb, 0xa3, 0x10, 0x2e, 0x1f, 0x23, 0x2d, 0x75, 0xa8, 0x00, 0x71, 0x01, 0x24, 0xe0, 0xcf, 0x1a}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x58, 0xbf, 0xc2, 0x58, 0x5d, 0x62, 0xe6, 0xb3, 0x63, 0x76, 0x9d, 0x05, 0x8d, 0x5f, 0xce, 0x4f, 0x7e, 0xda, 0x11, 0x9a, 0x90, 0xf1, 0x06, 0xe4, 0x72, 0xe8, 0xd6, 0xa9, 0x5d, 0x30, 0x72, 0xae}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
aws_AWSSEVSNP = M{0: {Expected: []byte{0x7b, 0x06, 0x8c, 0x0c, 0x3a, 0xc2, 0x9a, 0xfe, 0x26, 0x41, 0x34, 0x53, 0x6b, 0x9b, 0xe2, 0x6f, 0x1d, 0x4c, 0xcd, 0x57, 0x5b, 0x88, 0xd3, 0xc3, 0xce, 0xab, 0xf3, 0x6a, 0xc9, 0x9c, 0x02, 0x78}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x08, 0xbd, 0xc4, 0xa2, 0x08, 0x67, 0x09, 0x62, 0xd4, 0x89, 0xae, 0x6c, 0x35, 0x10, 0x63, 0x81, 0x00, 0x1f, 0x11, 0xc4, 0x88, 0xc8, 0x89, 0x7b, 0xe2, 0xc9, 0x39, 0xbb, 0x2d, 0xe5, 0x21, 0x73}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0xdd, 0x33, 0xf0, 0x7c, 0xea, 0x6d, 0xfd, 0xbf, 0x88, 0xe7, 0xc2, 0xda, 0x9c, 0x71, 0xa2, 0xdb, 0xc8, 0x19, 0xa2, 0x19, 0x65, 0xb1, 0x06, 0x52, 0xee, 0xdc, 0x90, 0xda, 0x71, 0xd2, 0xfe, 0xdd}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x33, 0x0d, 0xd9, 0x4f, 0xec, 0x04, 0xd8, 0x45, 0xf3, 0x5e, 0xa2, 0x28, 0xb2, 0x25, 0x13, 0x68, 0x3a, 0xc0, 0xa6, 0x29, 0xd8, 0xbc, 0xe1, 0x1f, 0xb9, 0x70, 0xfb, 0x6e, 0x47, 0xa1, 0xed, 0x1e}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
azure_AzureSEVSNP = M{1: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x7a, 0xcd, 0x2d, 0x1d, 0xce, 0x75, 0x7b, 0x32, 0x97, 0xde, 0x67, 0x86, 0x99, 0xec, 0xc0, 0x35, 0xdf, 0x37, 0x46, 0x86, 0x47, 0xc9, 0x01, 0x49, 0xce, 0xd9, 0x38, 0x15, 0x2e, 0xef, 0x46, 0xd8}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x29, 0x03, 0x3a, 0xe6, 0x14, 0x85, 0x13, 0x1e, 0x87, 0xd2, 0xe8, 0x9f, 0xa8, 0xbe, 0xa6, 0xb6, 0x17, 0x1d, 0x8c, 0xb1, 0x35, 0x53, 0x1e, 0xa2, 0x61, 0xc9, 0x7f, 0xe5, 0x79, 0xef, 0xb3, 0x26}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x09, 0xbc, 0x25, 0x0c, 0x6d, 0x3b, 0x0e, 0x34, 0x30, 0xe7, 0x0a, 0xdd, 0x37, 0x8b, 0xb4, 0xb7, 0x10, 0x40, 0x22, 0x5f, 0xac, 0xc6, 0x50, 0xe4, 0x6f, 0xa1, 0x91, 0x6d, 0xfa, 0x56, 0x3a, 0xf7}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
azure_AzureTDX = M{1: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x69, 0xd0, 0x81, 0x0f, 0xb9, 0x68, 0x78, 0x43, 0xcb, 0x0a, 0x1a, 0x10, 0x34, 0x3a, 0x5e, 0x0f, 0x0f, 0x30, 0x2e, 0xb6, 0xf7, 0xf9, 0x67, 0xd2, 0xc2, 0x32, 0x8b, 0x65, 0x9b, 0xa5, 0x66, 0xc7}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0xe4, 0x75, 0x8a, 0xb1, 0xbd, 0x35, 0xbb, 0x26, 0xdd, 0x8a, 0xcb, 0x45, 0x10, 0xab, 0x1c, 0x04, 0x38, 0x5c, 0x63, 0x6b, 0xb3, 0x94, 0x75, 0xd7, 0x5f, 0xf6, 0xad, 0x11, 0xfd, 0x1c, 0x11, 0xdb}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x6d, 0x26, 0xda, 0x91, 0xde, 0x7d, 0xac, 0xab, 0xe9, 0xa0, 0x42, 0xc6, 0x46, 0x9e, 0xdb, 0xe3, 0x2a, 0x3b, 0xe9, 0xcf, 0xb2, 0x0f, 0xf0, 0x77, 0x4c, 0x5d, 0x60, 0x74, 0xd1, 0x96, 0x85, 0xa3}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
aws_AWSNitroTPM = M{0: {Expected: []byte{0x73, 0x7f, 0x76, 0x7a, 0x12, 0xf5, 0x4e, 0x70, 0xee, 0xcb, 0xc8, 0x68, 0x40, 0x11, 0x32, 0x3a, 0xe2, 0xfe, 0x2d, 0xd9, 0xf9, 0x07, 0x85, 0x57, 0x79, 0x69, 0xd7, 0xa2, 0x01, 0x3e, 0x8c, 0x12}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x56, 0x59, 0x34, 0x21, 0x02, 0x90, 0x44, 0x09, 0x1e, 0xa3, 0xf4, 0xee, 0x2d, 0x37, 0x81, 0x0d, 0x7c, 0x61, 0xb0, 0xe0, 0x2f, 0x02, 0xc3, 0xb1, 0x62, 0x03, 0xcf, 0xcb, 0x6e, 0xe2, 0xc4, 0x16}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x23, 0x41, 0x35, 0x4c, 0xe6, 0xd4, 0xc2, 0x22, 0xac, 0x29, 0x22, 0x81, 0x0b, 0x7d, 0x47, 0x05, 0xff, 0xa2, 0x53, 0x7e, 0x2d, 0x70, 0xe4, 0x1c, 0x1d, 0x24, 0x9d, 0x76, 0x14, 0xd3, 0x44, 0x6e}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x27, 0xb6, 0x56, 0xaf, 0xf7, 0xa1, 0x42, 0x72, 0xcb, 0x2d, 0x73, 0xa7, 0xe8, 0x91, 0xb7, 0x65, 0xe5, 0x1d, 0x6c, 0xd5, 0x96, 0xa8, 0xf1, 0x3d, 0x0a, 0xd2, 0x98, 0x0a, 0x82, 0x28, 0xd9, 0x18}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
aws_AWSSEVSNP = M{0: {Expected: []byte{0x7b, 0x06, 0x8c, 0x0c, 0x3a, 0xc2, 0x9a, 0xfe, 0x26, 0x41, 0x34, 0x53, 0x6b, 0x9b, 0xe2, 0x6f, 0x1d, 0x4c, 0xcd, 0x57, 0x5b, 0x88, 0xd3, 0xc3, 0xce, 0xab, 0xf3, 0x6a, 0xc9, 0x9c, 0x02, 0x78}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x20, 0xad, 0x2d, 0x6d, 0xa9, 0xf8, 0xe2, 0x0d, 0x29, 0x5a, 0x04, 0xa0, 0x3a, 0x12, 0xd2, 0x56, 0x23, 0x96, 0x92, 0x56, 0x4c, 0x6f, 0x84, 0xc8, 0x23, 0x62, 0x32, 0x0e, 0x0e, 0x10, 0x6e, 0xe0}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x43, 0x61, 0xcc, 0x73, 0x35, 0xbf, 0xf7, 0x9c, 0xad, 0x9b, 0xb2, 0x79, 0xd8, 0x79, 0xb3, 0x11, 0xba, 0x25, 0x86, 0x05, 0xcd, 0x42, 0x61, 0x2c, 0x83, 0x52, 0xfe, 0x94, 0x1a, 0x20, 0x88, 0x32}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x47, 0x32, 0xad, 0xc8, 0x09, 0x1c, 0xb4, 0x48, 0xc3, 0x02, 0x5b, 0xfc, 0x25, 0x1b, 0xa3, 0x4f, 0x08, 0x87, 0x96, 0xa6, 0x35, 0x5f, 0xfe, 0x0f, 0x25, 0x12, 0xdc, 0xb4, 0x51, 0x82, 0x63, 0x4d}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
azure_AzureSEVSNP = M{1: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0xfc, 0xe3, 0xcc, 0xa7, 0xbc, 0x7b, 0xb6, 0xad, 0x5c, 0x9f, 0xcb, 0x9a, 0x2c, 0x29, 0xda, 0xe6, 0x92, 0x47, 0x6f, 0x1e, 0x22, 0xfc, 0xb0, 0xe0, 0x1c, 0x97, 0x53, 0x8c, 0x94, 0x20, 0x29, 0xbf}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0xbb, 0x02, 0x30, 0x52, 0x12, 0x53, 0x7f, 0x41, 0x45, 0x9d, 0x90, 0xea, 0xf5, 0xd1, 0x45, 0xf2, 0xd5, 0x7b, 0x40, 0x4b, 0x2d, 0xbd, 0xdd, 0x36, 0x35, 0xa4, 0x0f, 0xc0, 0xc9, 0x24, 0x3e, 0x3d}, ValidationOpt: Enforce}, 11: {Expected: []byte{0xff, 0x83, 0xa5, 0x18, 0x84, 0xaa, 0x4f, 0x94, 0x3a, 0x34, 0x2a, 0xf8, 0x65, 0x3d, 0x4c, 0xab, 0xe6, 0x50, 0xf5, 0xce, 0xba, 0x38, 0x81, 0xcc, 0xd4, 0x57, 0xb4, 0xcd, 0x52, 0x27, 0xa5, 0x6d}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
azure_AzureTDX = M{1: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0xc9, 0xf5, 0x25, 0x37, 0xb1, 0x53, 0xac, 0x42, 0xc1, 0xea, 0xba, 0x12, 0x02, 0xc4, 0xe8, 0xfc, 0xb1, 0x02, 0x4d, 0x25, 0x64, 0x84, 0xb0, 0x26, 0x2f, 0x9f, 0x20, 0x66, 0x3b, 0x6a, 0xa3, 0xdf}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x75, 0x85, 0xdc, 0xff, 0x32, 0x29, 0x12, 0xc0, 0x78, 0x25, 0xb3, 0x9b, 0x91, 0x17, 0xb4, 0x1b, 0x76, 0xad, 0xe5, 0x97, 0x07, 0x08, 0xd5, 0xbe, 0x26, 0x26, 0x67, 0x37, 0x6d, 0x9f, 0x9a, 0x00}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x9d, 0xe2, 0x2b, 0x92, 0xf8, 0xba, 0xb8, 0xe2, 0x4f, 0x4d, 0xf1, 0xc3, 0x10, 0x42, 0x2d, 0xe1, 0x4b, 0x77, 0x43, 0x46, 0x2e, 0x02, 0x5e, 0xa1, 0xb7, 0x0e, 0x69, 0x85, 0x53, 0x49, 0x80, 0xd4}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
azure_AzureTrustedLaunch M
|
||||
gcp_GCPSEVES = M{1: {Expected: []byte{0x36, 0x95, 0xdc, 0xc5, 0x5e, 0x3a, 0xa3, 0x40, 0x27, 0xc2, 0x77, 0x93, 0xc8, 0x5c, 0x72, 0x3c, 0x69, 0x7d, 0x70, 0x8c, 0x42, 0xd1, 0xf7, 0x3b, 0xd6, 0xfa, 0x4f, 0x26, 0x60, 0x8a, 0x5b, 0x24}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0xd5, 0xd7, 0x7b, 0xd1, 0x96, 0x90, 0x61, 0xff, 0x48, 0x11, 0x18, 0xf6, 0x32, 0xf1, 0xc8, 0x05, 0xc1, 0x93, 0x8a, 0xbd, 0x61, 0x10, 0xc4, 0x18, 0xd1, 0x7a, 0x9d, 0xef, 0x7c, 0xe6, 0x78, 0x15}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x98, 0xa9, 0xe5, 0xae, 0x8b, 0x28, 0xae, 0x7f, 0x9a, 0x1f, 0xe4, 0xbd, 0x1a, 0x20, 0x1d, 0x76, 0xec, 0xea, 0xac, 0xc8, 0x0d, 0x20, 0x35, 0x77, 0xb9, 0x57, 0x98, 0x21, 0xa1, 0xef, 0x73, 0x20}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x86, 0x30, 0xed, 0x3f, 0xc4, 0x18, 0xaf, 0x1f, 0x94, 0x65, 0xbf, 0x2e, 0x08, 0xa2, 0x5d, 0x76, 0xb7, 0x67, 0x42, 0xbf, 0xd6, 0xda, 0x14, 0x4c, 0x3e, 0x6c, 0x7d, 0x84, 0x24, 0xbe, 0x1f, 0xb7}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
gcp_GCPSEVSNP M
|
||||
openstack_QEMUVTPM = M{4: {Expected: []byte{0x58, 0xd8, 0x7e, 0x0f, 0x4d, 0x30, 0x76, 0xaf, 0x37, 0xdb, 0xb3, 0xb3, 0x4e, 0x4e, 0xfa, 0xb9, 0xb5, 0xce, 0x78, 0xf5, 0x2f, 0x48, 0x9c, 0x58, 0x20, 0x2a, 0x56, 0x1b, 0xbd, 0x4a, 0xd4, 0xb4}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x1f, 0x6c, 0x9d, 0x3e, 0x3b, 0xc3, 0x4d, 0xbe, 0xc9, 0xc7, 0x27, 0x0b, 0xc3, 0x62, 0xad, 0x30, 0x26, 0xd2, 0x68, 0xf3, 0xb5, 0x2f, 0x68, 0x3a, 0x98, 0x47, 0x26, 0xb0, 0xc2, 0x3c, 0xc4, 0x68}, ValidationOpt: Enforce}, 11: {Expected: []byte{0xba, 0xa7, 0xa9, 0xc7, 0x6c, 0xdb, 0xce, 0xf9, 0x02, 0x89, 0xb4, 0x81, 0xdd, 0xe7, 0xc8, 0x2b, 0x5a, 0x83, 0xd8, 0xbb, 0x34, 0xb1, 0xb5, 0xaf, 0xae, 0x08, 0x1d, 0x9c, 0x7b, 0x60, 0x57, 0x19}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
gcp_GCPSEVES = M{1: {Expected: []byte{0x36, 0x95, 0xdc, 0xc5, 0x5e, 0x3a, 0xa3, 0x40, 0x27, 0xc2, 0x77, 0x93, 0xc8, 0x5c, 0x72, 0x3c, 0x69, 0x7d, 0x70, 0x8c, 0x42, 0xd1, 0xf7, 0x3b, 0xd6, 0xfa, 0x4f, 0x26, 0x60, 0x8a, 0x5b, 0x24}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0x4f, 0x5d, 0x48, 0xaf, 0xc1, 0x07, 0xc3, 0x27, 0x3d, 0xd2, 0xec, 0x79, 0x59, 0x43, 0x4a, 0x04, 0x1d, 0x52, 0xd9, 0x4f, 0x8e, 0xbc, 0x04, 0x67, 0x9a, 0x7a, 0xf3, 0x69, 0xd6, 0x29, 0xb8, 0xe7}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x52, 0x46, 0xa7, 0xd7, 0x8d, 0xfd, 0x26, 0xcf, 0xb1, 0x44, 0xb3, 0x91, 0x27, 0xb4, 0x78, 0xc4, 0x75, 0xd0, 0xa0, 0x2f, 0xda, 0x30, 0x51, 0xb9, 0xa5, 0xae, 0x22, 0x80, 0x12, 0xd3, 0x05, 0x85}, ValidationOpt: Enforce}, 11: {Expected: []byte{0xd7, 0x58, 0x0b, 0x42, 0xf5, 0xc7, 0x76, 0xc5, 0x40, 0x0f, 0x11, 0xc9, 0x5c, 0xa0, 0xb1, 0xed, 0xa8, 0x36, 0x32, 0xd8, 0x73, 0x69, 0x33, 0xf7, 0x12, 0xfc, 0x04, 0xc4, 0x63, 0x61, 0x66, 0x53}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
gcp_GCPSEVSNP = M{1: {Expected: []byte{0x36, 0x95, 0xdc, 0xc5, 0x5e, 0x3a, 0xa3, 0x40, 0x27, 0xc2, 0x77, 0x93, 0xc8, 0x5c, 0x72, 0x3c, 0x69, 0x7d, 0x70, 0x8c, 0x42, 0xd1, 0xf7, 0x3b, 0xd6, 0xfa, 0x4f, 0x26, 0x60, 0x8a, 0x5b, 0x24}, ValidationOpt: WarnOnly}, 2: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 3: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 4: {Expected: []byte{0xf0, 0xa7, 0x42, 0xe7, 0x1a, 0x57, 0xdc, 0x54, 0xac, 0x51, 0xb8, 0x22, 0xd4, 0x15, 0xf8, 0xdc, 0x24, 0xa0, 0x0b, 0xe4, 0x73, 0xc0, 0x73, 0x57, 0x98, 0x95, 0x75, 0x87, 0x8d, 0x2f, 0xbd, 0x56}, ValidationOpt: Enforce}, 6: {Expected: []byte{0x3d, 0x45, 0x8c, 0xfe, 0x55, 0xcc, 0x03, 0xea, 0x1f, 0x44, 0x3f, 0x15, 0x62, 0xbe, 0xec, 0x8d, 0xf5, 0x1c, 0x75, 0xe1, 0x4a, 0x9f, 0xcf, 0x9a, 0x72, 0x34, 0xa1, 0x3f, 0x19, 0x8e, 0x79, 0x69}, ValidationOpt: WarnOnly}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x8b, 0x20, 0x17, 0x19, 0x06, 0x1f, 0x92, 0x73, 0x60, 0x1a, 0x74, 0x39, 0x72, 0xd7, 0x48, 0xca, 0x88, 0xd0, 0x59, 0x32, 0xba, 0x6c, 0x36, 0x23, 0xce, 0xf1, 0xd9, 0xe8, 0xbc, 0xf2, 0xe6, 0x2c}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x59, 0x6b, 0x0e, 0xd5, 0x58, 0xf7, 0x2d, 0x2e, 0x5c, 0xb3, 0x1a, 0x9f, 0x41, 0xe8, 0x17, 0x07, 0x30, 0xcd, 0x76, 0x0d, 0x63, 0xb8, 0x13, 0x2e, 0xe6, 0xcb, 0x40, 0xf0, 0xd6, 0x73, 0xef, 0x40}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
openstack_QEMUVTPM = M{4: {Expected: []byte{0xaa, 0x36, 0x58, 0xb8, 0xe2, 0x8e, 0x07, 0x86, 0x65, 0x5a, 0xdf, 0x04, 0x3a, 0x04, 0x02, 0x81, 0x3d, 0x07, 0xb8, 0x91, 0x83, 0x5a, 0xd2, 0x38, 0x75, 0x8a, 0x30, 0x36, 0xee, 0x52, 0xce, 0x5e}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x2c, 0x92, 0x4d, 0x3b, 0x70, 0x10, 0xff, 0x4c, 0x8f, 0xf2, 0x8a, 0x55, 0x59, 0x8b, 0x26, 0x97, 0xf8, 0x21, 0x24, 0xce, 0x55, 0x0a, 0x35, 0xef, 0xc7, 0x8d, 0x9c, 0x7b, 0x89, 0xbb, 0xbc, 0x23}, ValidationOpt: Enforce}, 11: {Expected: []byte{0xe1, 0x56, 0x6d, 0xbc, 0x19, 0x27, 0x29, 0xd1, 0x80, 0xa9, 0xaa, 0x18, 0x6c, 0xa0, 0x5c, 0x3a, 0xb1, 0xd6, 0xb2, 0x52, 0xe3, 0x78, 0x47, 0x74, 0xe6, 0x91, 0x98, 0x8b, 0x1f, 0xd3, 0x54, 0xad}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 14: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: WarnOnly}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
qemu_QEMUTDX M
|
||||
qemu_QEMUVTPM = M{4: {Expected: []byte{0x45, 0x90, 0x64, 0xa1, 0x67, 0x60, 0xd8, 0xfb, 0x96, 0x6e, 0xfc, 0x04, 0x31, 0x14, 0x79, 0x74, 0xfc, 0x17, 0x44, 0x13, 0x25, 0x85, 0x02, 0x85, 0x1c, 0x8c, 0x6e, 0xad, 0x33, 0x93, 0xe7, 0x65}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x18, 0x74, 0x0c, 0xf0, 0x66, 0x10, 0xe4, 0x5a, 0x21, 0xa6, 0x11, 0xfe, 0xe3, 0x28, 0x5a, 0x7f, 0x9c, 0xd4, 0xf8, 0x0b, 0x26, 0xe0, 0x0a, 0xf3, 0x46, 0x45, 0x4a, 0x61, 0x9b, 0x9a, 0xba, 0x72}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x10, 0x0f, 0x69, 0x40, 0x8d, 0x7b, 0x56, 0x4a, 0x01, 0xc9, 0x91, 0x65, 0x41, 0x84, 0xc0, 0x3c, 0x6c, 0x66, 0x72, 0x65, 0x83, 0x74, 0xaa, 0x2a, 0xd2, 0x17, 0x47, 0x23, 0x98, 0xc7, 0xd5, 0xac}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
qemu_QEMUVTPM = M{4: {Expected: []byte{0xfc, 0x2c, 0xd1, 0x14, 0x27, 0xe6, 0x0c, 0xb0, 0x69, 0x96, 0xa9, 0x1d, 0x60, 0x07, 0x38, 0x97, 0x49, 0xcf, 0xd0, 0xb8, 0xea, 0x80, 0xdf, 0x38, 0x3b, 0x46, 0xb2, 0x12, 0xba, 0x85, 0x88, 0xe2}, ValidationOpt: Enforce}, 8: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 9: {Expected: []byte{0x3c, 0xc6, 0xd0, 0xb9, 0xe5, 0x7a, 0x15, 0x22, 0x97, 0xaa, 0xf3, 0xc8, 0xbe, 0x02, 0x1d, 0x70, 0xed, 0xcc, 0xd1, 0x18, 0x8f, 0xd8, 0x02, 0x44, 0x9b, 0x82, 0x84, 0x17, 0xe7, 0x66, 0xd2, 0x3a}, ValidationOpt: Enforce}, 11: {Expected: []byte{0x35, 0xed, 0x01, 0x1d, 0x52, 0xf6, 0x5e, 0xa8, 0x89, 0xe4, 0xf5, 0x05, 0xb9, 0x1e, 0xd9, 0x2d, 0x85, 0x57, 0x85, 0x87, 0x72, 0xba, 0x5c, 0xf8, 0x19, 0x4a, 0x5b, 0x2c, 0x3c, 0x09, 0xca, 0x84}, ValidationOpt: Enforce}, 12: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 13: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}, 15: {Expected: []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, ValidationOpt: Enforce}}
|
||||
)
|
||||
|
|
|
@ -10,5 +10,5 @@ package config
|
|||
|
||||
const (
|
||||
// defaultImage is the default image to use.
|
||||
defaultImage = "ref/main/stream/nightly/v2.17.0-pre.0.20240430160156-7d46d0f7d621"
|
||||
defaultImage = "ref/main/stream/nightly/v2.17.0-pre.0.20240502082051-3d2a023ccf5d"
|
||||
)
|
||||
|
|
|
@ -173,11 +173,11 @@ const (
|
|||
// NodeMaintenanceOperatorImage is the image for the node maintenance operator.
|
||||
NodeMaintenanceOperatorImage = "quay.io/medik8s/node-maintenance-operator:v0.15.0@sha256:8cb8dad93283268282c30e75c68f4bd76b28def4b68b563d2f9db9c74225d634" // renovate:container
|
||||
// LogstashImage is the container image of logstash, used for log collection by debugd.
|
||||
LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debugd:v2.15.0-pre.0.20231220180720-ced03202a944@sha256:54e0beb2fad83509c1d79c866652bdd94125ce5a4c9947be8c63cd74a2079e70" // renovate:container
|
||||
LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debugd:v2.17.0-pre.0.20240508143335-adf03ad76c53@sha256:6cc2902900fe3cae483f332a7e61911e7d671a8cdfc1c01ca5b719920a035ecc" // renovate:container
|
||||
// FilebeatImage is the container image of filebeat, used for log collection by debugd.
|
||||
FilebeatImage = "ghcr.io/edgelesssys/constellation/filebeat-debugd:v2.15.0-pre.0.20231220180720-ced03202a944@sha256:1a57ad12dd0d1a7514f2360f37108925e103e7d0e5b8f24b12e8f266b78d570e" // renovate:container
|
||||
FilebeatImage = "ghcr.io/edgelesssys/constellation/filebeat-debugd:v2.17.0-pre.0.20240508143335-adf03ad76c53@sha256:d0e2aaba7d6e6d2d78d49c040dfcbb7ea992c24f99f105dc3801d5906dd841c1" // renovate:container
|
||||
// MetricbeatImage is the container image of filebeat, used for log collection by debugd.
|
||||
MetricbeatImage = "ghcr.io/edgelesssys/constellation/metricbeat-debugd:v2.15.0-pre.0.20231220180720-ced03202a944@sha256:60bdd7cd868841385da230d4eab4600235b22fe1b3e0e865dda3f9720534ea7e" // renovate:container
|
||||
MetricbeatImage = "ghcr.io/edgelesssys/constellation/metricbeat-debugd:v2.17.0-pre.0.20240508143335-adf03ad76c53@sha256:8f24e96c4b94bed4d72295930ad443c5151836be7ece0e29c6f208f184b497aa" // renovate:container
|
||||
|
||||
// currently supported versions.
|
||||
//nolint:revive
|
||||
|
|
|
@ -42,44 +42,44 @@
|
|||
"prPriority": -30,
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^k8s.io", "^sigs.k8s.io"],
|
||||
"matchDepPatterns": ["^k8s.io", "^sigs.k8s.io"],
|
||||
"groupName": "K8s dependencies",
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^go.etcd.io/etcd"],
|
||||
"matchDepPatterns": ["^go.etcd.io/etcd"],
|
||||
"groupName": "etcd dependencies",
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^github.com/hashicorp/go-kms-wrapping"],
|
||||
"matchDepPatterns": ["^github.com/hashicorp/go-kms-wrapping"],
|
||||
"groupName": "github.com/hashicorp/go-kms-wrapping",
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^github.com/aws/aws-sdk-go-v2"],
|
||||
"matchDepPatterns": ["^github.com/aws/aws-sdk-go-v2"],
|
||||
"groupName": "AWS SDK",
|
||||
"prPriority": -10,
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": [
|
||||
"matchDepPatterns": [
|
||||
"^github.com/Azure/",
|
||||
"^github.com/AzureAD/microsoft-authentication-library-for-go",
|
||||
],
|
||||
"groupName": "Azure SDK",
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^cloud.google.com/go"],
|
||||
"matchDepPatterns": ["^cloud.google.com/go"],
|
||||
"groupName": "Google SDK",
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^google.golang.org/genproto"],
|
||||
"matchDepPatterns": ["^google.golang.org/genproto"],
|
||||
"prPriority": -10,
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["^libvirt.org/go"],
|
||||
"matchDepPatterns": ["^libvirt.org/go"],
|
||||
"groupName": "libvirt.org/go",
|
||||
},
|
||||
{
|
||||
"matchManagers": ["bazelisk", "bazel", "bazel-module"],
|
||||
"matchPackageNames": ["bazel", "io_bazel_rules_go", "bazel_gazelle"],
|
||||
"matchDepNames": ["bazel", "io_bazel_rules_go", "bazel_gazelle"],
|
||||
"groupName": "bazel (core)",
|
||||
},
|
||||
{
|
||||
|
@ -105,14 +105,14 @@
|
|||
],
|
||||
},
|
||||
{
|
||||
"matchPackageNames": ["kubernetes/kubernetes"],
|
||||
"matchDepNames": ["kubernetes/kubernetes"],
|
||||
// example match: v1.2.3 (1.2 -> compatibility, 3 -> patch)
|
||||
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
||||
"groupName": "Kubernetes versions",
|
||||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": [
|
||||
"matchDepNames": [
|
||||
"registry.k8s.io/provider-aws/cloud-controller-manager",
|
||||
],
|
||||
// example match: v1.2.3 (1.2 -> compatibility, 3 -> patch)
|
||||
|
@ -121,7 +121,7 @@
|
|||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": [
|
||||
"matchDepNames": [
|
||||
"mcr.microsoft.com/oss/kubernetes/azure-cloud-controller-manager",
|
||||
"mcr.microsoft.com/oss/kubernetes/azure-cloud-node-manager",
|
||||
],
|
||||
|
@ -131,7 +131,7 @@
|
|||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": [
|
||||
"matchDepNames": [
|
||||
"docker.io/k8scloudprovider/openstack-cloud-controller-manager",
|
||||
],
|
||||
// example match: v1.2.3 (1.2 -> compatibility, 3 -> patch)
|
||||
|
@ -140,14 +140,14 @@
|
|||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": ["registry.k8s.io/autoscaling/cluster-autoscaler"],
|
||||
"matchDepNames": ["registry.k8s.io/autoscaling/cluster-autoscaler"],
|
||||
// example match: v1.2.3 (1.2 -> compatibility, 3 -> patch)
|
||||
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
||||
"groupName": "K8s constrained GCP versions",
|
||||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": ["ghcr.io/edgelesssys/cloud-provider-gcp"],
|
||||
"matchDepNames": ["ghcr.io/edgelesssys/cloud-provider-gcp"],
|
||||
// example match: v1.2.3 (1. -> compatibility, 2 -> minor, 3 -> patch)
|
||||
"versioning": "regex:^(?<compatibility>v\\d+\\.)(?<minor>\\d+)\\.(?<patch>\\d+)$",
|
||||
"groupName": "cloud-provider-gcp (K8s version constrained)",
|
||||
|
@ -166,7 +166,7 @@
|
|||
"prPriority": 20,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": [
|
||||
"matchDepNames": [
|
||||
"registry.k8s.io/kas-network-proxy/proxy-agent",
|
||||
"registry.k8s.io/kas-network-proxy/proxy-server",
|
||||
],
|
||||
|
@ -175,7 +175,7 @@
|
|||
"prPriority": 15,
|
||||
},
|
||||
{
|
||||
"matchPackageNames": ["^k8s.io/client-go"],
|
||||
"matchDepNames": ["^k8s.io/client-go"],
|
||||
"matchUpdateTypes": ["major"],
|
||||
"enabled": false,
|
||||
},
|
||||
|
@ -185,11 +185,11 @@
|
|||
},
|
||||
{
|
||||
"matchManagers": ["github-actions"],
|
||||
"matchPackageNames": ["slsa-framework/slsa-github-generator"],
|
||||
"matchDepNames": ["slsa-framework/slsa-github-generator"],
|
||||
"pinDigests": false,
|
||||
},
|
||||
{
|
||||
"matchPackagePatterns": ["_(darwin|linux)_(arm64|amd64)$"],
|
||||
"matchDepPatterns": ["_(darwin|linux)_(arm64|amd64)$"],
|
||||
"additionalBranchPrefix": "{{packageName}}-",
|
||||
"groupName": "{{packageName}}",
|
||||
},
|
||||
|
|
|
@ -3,7 +3,7 @@ awsAccessKeyID: "replaceme"
|
|||
awsSecretAccessKey: "replaceme"
|
||||
|
||||
# Pod image to deploy.
|
||||
image: "ghcr.io/edgelesssys/constellation/s3proxy:v2.16.0-pre.0.20240221184016-522f2858c6ef"
|
||||
image: "ghcr.io/edgelesssys/constellation/s3proxy:v2.17.0"
|
||||
|
||||
# Control if multipart uploads are blocked.
|
||||
allowMultipart: false
|
||||
|
|
|
@ -213,5 +213,5 @@ module "jump_host" {
|
|||
ports = [for port in local.load_balancer_ports : port.port]
|
||||
security_groups = [aws_security_group.security_group.id]
|
||||
iam_instance_profile = var.iam_instance_profile_name_worker_nodes
|
||||
additional_tags = local.tags
|
||||
additional_tags = var.additional_tags
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ resource "aws_instance" "jump_host" {
|
|||
vpc_security_group_ids = var.security_groups
|
||||
|
||||
tags = merge(var.additional_tags, {
|
||||
"Name" = "${var.base_name}-jump-host"
|
||||
"Name" = "${var.base_name}-jump-host",
|
||||
})
|
||||
|
||||
user_data = <<EOF
|
||||
|
|
|
@ -82,5 +82,6 @@ variable "enable_snp" {
|
|||
|
||||
variable "additional_tags" {
|
||||
type = map(any)
|
||||
default = {}
|
||||
description = "Additional tags that should be applied to created resources."
|
||||
}
|
||||
|
|
|
@ -276,7 +276,7 @@ module "jump_host" {
|
|||
subnet_id = azurerm_subnet.loadbalancer_subnet[0].id
|
||||
ports = [for port in local.ports : port.port]
|
||||
lb_internal_ip = azurerm_lb.loadbalancer.frontend_ip_configuration[0].private_ip_address
|
||||
tags = local.tags
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
data "azurerm_subscription" "current" {
|
||||
|
|
|
@ -92,5 +92,6 @@ variable "marketplace_image" {
|
|||
|
||||
variable "additional_tags" {
|
||||
type = map(any)
|
||||
default = {}
|
||||
description = "Additional tags that should be applied to created resources."
|
||||
}
|
||||
|
|
|
@ -240,7 +240,7 @@ module "jump_host" {
|
|||
base_name = local.name
|
||||
zone = var.zone
|
||||
subnetwork = google_compute_subnetwork.vpc_subnetwork.id
|
||||
labels = local.labels
|
||||
labels = var.additional_labels
|
||||
lb_internal_ip = google_compute_address.loadbalancer_ip_internal[0].address
|
||||
ports = [for port in local.control_plane_named_ports : port.port]
|
||||
}
|
||||
|
|
|
@ -72,5 +72,6 @@ variable "cc_technology" {
|
|||
|
||||
variable "additional_labels" {
|
||||
type = map(any)
|
||||
default = {}
|
||||
description = "Additional labels that should be given to created recources."
|
||||
}
|
||||
|
|
|
@ -61,6 +61,7 @@ variable "floating_ip_pool_id" {
|
|||
|
||||
variable "additional_tags" {
|
||||
type = list(any)
|
||||
default = []
|
||||
description = "Additional tags that should be applied to created resources."
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue