Compare commits
7 Commits
bb800231c7
...
c8cf2b0726
Author | SHA1 | Date |
---|---|---|
renovate[bot] | c8cf2b0726 | |
renovate[bot] | def5130b41 | |
renovate[bot] | fffc9db2b5 | |
3u13r | 0325483504 | |
Daniel Weiße | 9def35ed06 | |
Malte Poll | 1c0c7d6227 | |
renovate[bot] | adf03ad76c |
|
@ -28,7 +28,7 @@ runs:
|
|||
run: echo "directory=$(mktemp -d)" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Download the artifact
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
path: ${{ steps.tempdir.outputs.directory }}
|
||||
|
|
|
@ -63,7 +63,7 @@ runs:
|
|||
done
|
||||
|
||||
- name: Upload archive as artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: ${{ inputs.name }}
|
||||
path: ${{ steps.tempdir.outputs.directory }}/archive.7z
|
||||
|
|
|
@ -79,7 +79,7 @@ runs:
|
|||
# once it has the functionality
|
||||
- name: Install Cosign
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Install Rekor
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
|
|
|
@ -62,7 +62,7 @@ runs:
|
|||
|
||||
- name: Build and push container image
|
||||
id: build-micro-service
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: .
|
||||
file: ${{ inputs.dockerfile }}
|
||||
|
|
|
@ -17,7 +17,7 @@ runs:
|
|||
steps:
|
||||
- name: Use docker for logging in
|
||||
if: runner.os != 'macOS'
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
|
||||
with:
|
||||
registry: ${{ inputs.registry }}
|
||||
username: ${{ inputs.username }}
|
||||
|
|
|
@ -19,7 +19,7 @@ runs:
|
|||
steps:
|
||||
- name: Install Cosign
|
||||
if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Download Syft & Grype
|
||||
uses: ./.github/actions/install_syft_grype
|
||||
|
|
|
@ -67,7 +67,7 @@ runs:
|
|||
# Make sure that helm is installed
|
||||
# This is not always the case, e.g. on MacOS runners
|
||||
- name: Install Helm
|
||||
uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0
|
||||
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
|
||||
with:
|
||||
version: v3.9.0
|
||||
|
||||
|
|
|
@ -5,51 +5,51 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Download CLI binaries darwin-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-darwin-amd64
|
||||
|
||||
- name: Download CLI binaries darwin-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-darwin-arm64
|
||||
|
||||
- name: Download CLI binaries linux-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-linux-amd64
|
||||
|
||||
- name: Download CLI binaries linux-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-linux-arm64
|
||||
|
||||
- name: Download CLI binaries windows-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-windows-amd64
|
||||
|
||||
- name: Download Terraform module
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-module
|
||||
|
||||
- name: Download Terraform provider binary darwin-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-darwin-amd64
|
||||
|
||||
- name: Download Terraform provider binary darwin-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-darwin-arm64
|
||||
|
||||
- name: Download Terraform provider binary linux-amd64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-linux-amd64
|
||||
|
||||
- name: Download Terraform provider binary linux-arm64
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: terraform-provider-constellation-linux-arm64
|
||||
|
|
|
@ -33,7 +33,7 @@ runs:
|
|||
|
||||
steps:
|
||||
- name: Setup python
|
||||
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
|
||||
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
|
||||
with:
|
||||
python-version: "3.10"
|
||||
|
||||
|
@ -49,7 +49,7 @@ runs:
|
|||
install kubestr /usr/local/bin
|
||||
|
||||
- name: Checkout k8s-bench-suite
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
repository: "edgelesssys/k8s-bench-suite"
|
||||
|
|
|
@ -25,7 +25,7 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Install terraform
|
||||
uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
|
||||
uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
|
||||
with:
|
||||
terraform_wrapper: false
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ runs:
|
|||
|
||||
- name: Publish test results
|
||||
if: (!env.ACT) && contains(inputs.sonobuoyTestSuiteCmd, '--plugin e2e')
|
||||
uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 # v4.1.0
|
||||
uses: mikepenz/action-junit-report@9379f0ccddcab154835d4e2487555ee79614fe95 # v4.2.1
|
||||
with:
|
||||
report_paths: "**/junit_01.xml"
|
||||
fail_on_failure: true
|
||||
|
|
|
@ -26,13 +26,13 @@ runs:
|
|||
steps:
|
||||
- name: Checkout head
|
||||
if: inputs.imageVersion == '' && inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.imageVersion == '' && inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ runs:
|
|||
echo "GOOGLE_CLOUD_PROJECT=" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Authorize GCP access
|
||||
uses: google-github-actions/auth@a6e2e39c0a0331da29f7fd2c2a20a427e8d3ad1f # v2.1.1
|
||||
uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
|
||||
with:
|
||||
workload_identity_provider: projects/796962942582/locations/global/workloadIdentityPools/constellation-ci-pool/providers/constellation-ci-provider
|
||||
service_account: ${{ inputs.service_account }}
|
||||
|
|
|
@ -13,7 +13,7 @@ runs:
|
|||
using: "composite"
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: edgelesssys/helm
|
||||
ref: main
|
||||
|
@ -29,7 +29,7 @@ runs:
|
|||
echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
path: helm
|
||||
branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}"
|
||||
|
|
|
@ -15,7 +15,7 @@ runs:
|
|||
zip -r terraform-module.zip terraform-module
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: terraform-module
|
||||
path: terraform-module.zip
|
||||
|
|
|
@ -12,7 +12,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
if: ${{ github.event.label.name == 'dependencies'}}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
- name: Pick assignee
|
||||
id: pick-assignee
|
||||
uses: ./.github/actions/pick_assignee
|
||||
|
|
|
@ -11,7 +11,7 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
path: constellation
|
||||
|
@ -27,7 +27,7 @@ jobs:
|
|||
|
||||
- name: Download Firmware release
|
||||
id: download-firmware
|
||||
uses: robinraju/release-downloader@368754b9c6f47c345fcfbf42bcb577c2f0f5f395 # v1.9
|
||||
uses: robinraju/release-downloader@c39a3b234af58f0cf85888573d361fb6fa281534 # v1.10
|
||||
with:
|
||||
repository: aws/uefi
|
||||
latest: true
|
||||
|
@ -50,7 +50,7 @@ jobs:
|
|||
echo "ovmfPath=${ovmfPath}" | tee -a "$GITHUB_OUTPUT"
|
||||
popd || exit 1
|
||||
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: virtee/sev-snp-measure-go.git
|
||||
ref: e42b6f8991ed5a671d5d1e02a6b61f6373f9f8d8
|
||||
|
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
runs-on: [arc-runner-set]
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -19,17 +19,17 @@ jobs:
|
|||
latest: ${{ steps.find-latest.outputs.latest }}
|
||||
steps:
|
||||
- name: Checkout Constellation
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Checkout kubernetes/cloud-provider-gcp
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "kubernetes/cloud-provider-gcp"
|
||||
path: "cloud-provider-gcp"
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
@ -65,10 +65,10 @@ jobs:
|
|||
version: ${{ fromJson(needs.find-ccm-versions.outputs.versions) }}
|
||||
steps:
|
||||
- name: Checkout Constellation
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Checkout kubernetes/cloud-provider-gcp
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "kubernetes/cloud-provider-gcp"
|
||||
path: "cloud-provider-gcp"
|
||||
|
@ -113,7 +113,7 @@ jobs:
|
|||
|
||||
- name: Build and push container image
|
||||
id: build
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: ./cloud-provider-gcp
|
||||
push: ${{ github.ref_name == 'main' }}
|
||||
|
|
|
@ -69,7 +69,7 @@ jobs:
|
|||
|
||||
- name: Checkout GoogleCloudPlatform/guest-agent
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: "GoogleCloudPlatform/guest-agent"
|
||||
ref: refs/tags/${{ steps.latest-release.outputs.latest }}
|
||||
|
@ -77,7 +77,7 @@ jobs:
|
|||
|
||||
- name: Checkout Constellation
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
path: "constellation"
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -114,7 +114,7 @@ jobs:
|
|||
- name: Build and push container image
|
||||
if: steps.needs-build.outputs.out == 'true'
|
||||
id: build
|
||||
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
|
||||
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
|
||||
with:
|
||||
context: ./guest-agent
|
||||
file: ./constellation/3rdparty/gcp-guest-agent/Dockerfile
|
||||
|
|
|
@ -19,7 +19,7 @@ jobs:
|
|||
packages: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Setup bazel
|
||||
uses: ./.github/actions/setup_bazel_nix
|
||||
|
|
|
@ -20,7 +20,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -62,12 +62,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
@ -99,7 +99,7 @@ jobs:
|
|||
run: rm -f internal/attestation/measurements/measurement-generator/generate
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: "image/automated/update-measurements-${{ github.run_number }}"
|
||||
base: main
|
||||
|
@ -121,7 +121,7 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
|
|
|
@ -59,7 +59,7 @@ jobs:
|
|||
cliApiBasePath: ${{ steps.image-version.outputs.cliApiBasePath }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -138,7 +138,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -20,12 +20,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Link Checker
|
||||
uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3
|
||||
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0
|
||||
with:
|
||||
args: "--config ./.lychee.toml './**/*.md' './**/*.html'"
|
||||
fail: true
|
||||
|
|
|
@ -34,17 +34,17 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Setup Go environment
|
||||
if: matrix.language == 'go'
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.3"
|
||||
cache: false
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/init@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
|
||||
|
@ -63,6 +63,6 @@ jobs:
|
|||
echo "::endgroup::"
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/analyze@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
category: "/language:${{ matrix.language }}"
|
||||
|
|
|
@ -16,12 +16,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Vale
|
||||
uses: errata-ai/vale-action@3f7188c866bcb3259339a09f517d7c4a8838303c # tag=reviewdog
|
||||
uses: errata-ai/vale-action@38bf078c328061f59879b347ca344a718a736018 # tag=reviewdog
|
||||
with:
|
||||
files: docs/docs
|
||||
fail_on_error: true
|
||||
|
|
|
@ -72,7 +72,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -92,7 +92,7 @@ jobs:
|
|||
cosignPassword: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Upload CLI as artifact (unix)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os != 'windows' }}
|
||||
with:
|
||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -101,7 +101,7 @@ jobs:
|
|||
build/constellation-${{ matrix.os }}-${{ matrix.arch }}.sig
|
||||
|
||||
- name: Upload CLI as artifact (windows)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os == 'windows' }}
|
||||
with:
|
||||
name: constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -133,7 +133,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -149,7 +149,7 @@ jobs:
|
|||
targetArch: ${{ matrix.arch }}
|
||||
|
||||
- name: Upload Terraform Provider Binary as artifact (unix)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os != 'windows' }}
|
||||
with:
|
||||
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -157,7 +157,7 @@ jobs:
|
|||
build/terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
||||
- name: Upload Terraform Provider Binary as artifact (windows)
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
if : ${{ matrix.os == 'windows' }}
|
||||
with:
|
||||
name: terraform-provider-constellation-${{ matrix.os }}-${{ matrix.arch }}
|
||||
|
@ -169,7 +169,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -187,7 +187,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -219,7 +219,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -227,7 +227,7 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
|
@ -256,12 +256,12 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
- name: Install Cosign
|
||||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
||||
|
||||
- name: Download Syft & Grype
|
||||
uses: ./.github/actions/install_syft_grype
|
||||
|
@ -296,13 +296,13 @@ jobs:
|
|||
COSIGN_PASSWORD: ${{ inputs.key == 'release' && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Upload Constellation CLI SBOM
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
path: constellation.spdx.sbom
|
||||
|
||||
- name: Upload Constellation CLI SBOM's signature
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation.spdx.sbom.sig
|
||||
path: constellation.spdx.sbom.sig
|
||||
|
@ -332,7 +332,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -340,7 +340,7 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
|
@ -407,7 +407,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
||||
|
@ -420,12 +420,12 @@ jobs:
|
|||
uses: ./.github/actions/download_release_binaries
|
||||
|
||||
- name: Download CLI SBOM
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom
|
||||
|
||||
- name: Download Constellation CLI SBOM's signature
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation.spdx.sbom.sig
|
||||
|
||||
|
|
|
@ -10,11 +10,6 @@ on:
|
|||
- "internal/api/**"
|
||||
- ".github/workflows/e2e-attestationconfigapi.yml"
|
||||
- "go.mod"
|
||||
pull_request:
|
||||
paths:
|
||||
- "internal/api/**"
|
||||
- ".github/workflows/e2e-attestationconfigapi.yml"
|
||||
- "go.mod"
|
||||
|
||||
jobs:
|
||||
e2e-api:
|
||||
|
@ -31,7 +26,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
# Don't trigger in forks, use head on pull requests, use default otherwise.
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || github.event.pull_request.head.sha || '' }}
|
||||
|
|
|
@ -14,7 +14,7 @@ jobs:
|
|||
id-token: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Cleanup
|
||||
uses: ./.github/actions/e2e_cleanup_timeframe
|
||||
|
|
|
@ -29,7 +29,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.ref || github.event.workflow_run.head_branch || github.head_ref }}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ jobs:
|
|||
image-release-stable: ${{ steps.relabel-output.outputs.image-release-stable }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -65,7 +65,7 @@ jobs:
|
|||
needs: [find-latest-image]
|
||||
steps:
|
||||
- name: Check out repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -165,7 +165,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -311,7 +311,7 @@ jobs:
|
|||
run: brew install coreutils kubectl bash
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.ref || github.head_ref }}
|
||||
|
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
image-main-nightly: ${{ steps.relabel-output.outputs.image-main-nightly }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -313,7 +313,7 @@ jobs:
|
|||
needs: [find-latest-image]
|
||||
steps:
|
||||
- name: Check out repository
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
@ -438,7 +438,7 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -174,13 +174,13 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout head
|
||||
if: inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
@ -211,13 +211,13 @@ jobs:
|
|||
|
||||
- name: Checkout head
|
||||
if: inputs.git-ref == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.git-ref != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ inputs.git-ref }}
|
||||
|
||||
|
|
|
@ -135,14 +135,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -173,7 +173,7 @@ jobs:
|
|||
push: true
|
||||
|
||||
- name: Upload CLI binary
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build/constellation
|
||||
|
@ -193,14 +193,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -281,14 +281,14 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
@ -336,7 +336,7 @@ jobs:
|
|||
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
||||
|
||||
- name: Download CLI
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build
|
||||
|
@ -448,20 +448,20 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
if: inputs.gitRef == 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Checkout ref
|
||||
if: inputs.gitRef != 'head'
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ inputs.gitRef }}
|
||||
|
||||
- name: Download CLI
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: constellation-upgrade-${{ inputs.attestationVariant }}
|
||||
path: build
|
||||
|
|
|
@ -21,7 +21,7 @@ jobs:
|
|||
packages: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -48,7 +48,7 @@ jobs:
|
|||
push: true
|
||||
|
||||
- name: Upload CLI artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
path: build/constellation.exe
|
||||
name: "constell-exe"
|
||||
|
@ -59,12 +59,12 @@ jobs:
|
|||
needs: build-cli
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download CLI artifact
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
name: "constell-exe"
|
||||
|
||||
|
@ -189,7 +189,7 @@ jobs:
|
|||
inputs.scheduled
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ jobs:
|
|||
WORKING_BRANCH: ${{ env.WORKING_BRANCH }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
fetch-depth: 0 # fetch all history
|
||||
|
||||
|
@ -49,7 +49,7 @@ jobs:
|
|||
latest: ${{ steps.input-passthrough.outputs.latest }}${{ steps.check-last-release.outputs.latest }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Override latest
|
||||
if: github.event.inputs.latest == 'true'
|
||||
|
@ -123,7 +123,7 @@ jobs:
|
|||
contents: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Remove temporary branch
|
||||
run: git push origin --delete "${{needs.complete-release-branch-transaction.outputs.WORKING_BRANCH}}"
|
||||
|
@ -137,7 +137,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- uses: ./.github/actions/setup_bazel_nix
|
||||
with:
|
||||
|
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ jobs:
|
|||
RELEASE_BRANCH: ${{ steps.version-info.outputs.RELEASE_BRANCH }}
|
||||
WORKING_BRANCH: ${{ steps.version-info.outputs.WORKING_BRANCH }}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Working branch
|
||||
run: echo "WORKING_BRANCH=$(git branch --show-current)" | tee -a "$GITHUB_ENV"
|
||||
|
@ -85,7 +85,7 @@ jobs:
|
|||
MAJOR_MINOR: ${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||
BRANCH: docs/${{ needs.verify-inputs.outputs.MAJOR_MINOR }}
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: main
|
||||
|
||||
|
@ -96,7 +96,7 @@ jobs:
|
|||
npm run docusaurus docs:version "${MAJOR_MINOR}"
|
||||
|
||||
- name: Create docs pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: ${{ env.BRANCH }}
|
||||
base: main
|
||||
|
@ -123,7 +123,7 @@ jobs:
|
|||
WORKING_BRANCH: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
|
@ -161,7 +161,7 @@ jobs:
|
|||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
|
@ -226,12 +226,12 @@ jobs:
|
|||
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ needs.verify-inputs.outputs.WORKING_BRANCH }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.3"
|
||||
cache: true
|
||||
|
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
runs-on: ${{ matrix.runner }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -60,13 +60,13 @@ jobs:
|
|||
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
||||
|
||||
- name: Upload binary artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "binaries-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}"
|
||||
|
||||
- name: Upload hash artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}.sha256"
|
||||
|
@ -87,7 +87,7 @@ jobs:
|
|||
runs-on: ${{ matrix.runner }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
@ -116,13 +116,13 @@ jobs:
|
|||
run: shasum -a 256 "${binary}" | tee "${binary}.sha256"
|
||||
|
||||
- name: Upload binary artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "osimages-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}"
|
||||
|
||||
- name: Upload hash artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: "sha256sums-${{ matrix.target }}-${{ matrix.runner }}"
|
||||
path: "${{ env.binary }}.sha256"
|
||||
|
@ -145,7 +145,7 @@ jobs:
|
|||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
pattern: "binaries-${{ matrix.target }}-*"
|
||||
merge-multiple: true
|
||||
|
@ -179,7 +179,7 @@ jobs:
|
|||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Download os images
|
||||
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
||||
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
|
||||
with:
|
||||
pattern: "osimages-${{ matrix.target }}-*"
|
||||
merge-multiple: true
|
||||
|
|
|
@ -18,7 +18,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -30,13 +30,13 @@ jobs:
|
|||
publish_results: true
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
||||
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
retention-days: 5
|
||||
|
||||
- name: Upload to code-scanning
|
||||
uses: github/codeql-action/upload-sarif@cf7e9f23492505046de9a37830c3711dd0f25bb3 # v2.16.2
|
||||
uses: github/codeql-action/upload-sarif@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
|
|
@ -18,14 +18,14 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout constellation repo
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
fetch-depth: 0
|
||||
path: constellation
|
||||
|
||||
- name: Checkout terraform-provider-constellation repo
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
repository: edgelesssys/terraform-provider-constellation
|
||||
ref: main
|
||||
|
@ -40,7 +40,7 @@ jobs:
|
|||
|
||||
- name: Create pull request
|
||||
id: create-pull-request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
path: terraform-provider-constellation
|
||||
branch: "feat/docs/update"
|
||||
|
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
CTEST_OUTPUT_ON_FAILURE: True
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -21,12 +21,12 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Setup Go environment
|
||||
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
|
||||
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
|
||||
with:
|
||||
go-version: "1.22.3"
|
||||
cache: true
|
||||
|
|
|
@ -23,7 +23,7 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
# No token available for forks, so we can't push changes
|
||||
|
|
|
@ -30,7 +30,7 @@ jobs:
|
|||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
fetch-depth: 0
|
||||
|
|
|
@ -13,7 +13,7 @@ jobs:
|
|||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
|
||||
- name: Assume AWS role to upload Bazel dependencies to S3
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
|
||||
|
@ -40,7 +40,7 @@ jobs:
|
|||
fi
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
|
||||
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
||||
with:
|
||||
branch: "image/automated/update-rpms-${{ github.run_number }}"
|
||||
base: main
|
||||
|
|
|
@ -115,7 +115,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: bootstrapper/initproto/init.proto
|
||||
|
||||
|
|
|
@ -7,9 +7,9 @@ go_library(
|
|||
visibility = ["//:__subpackages__"],
|
||||
deps = [
|
||||
"//internal/file",
|
||||
"@com_github_docker_docker//api/types",
|
||||
"@com_github_docker_docker//api/types/container",
|
||||
"@com_github_docker_docker//api/types/filters",
|
||||
"@com_github_docker_docker//api/types/image",
|
||||
"@com_github_docker_docker//client",
|
||||
"@com_github_spf13_afero//:afero",
|
||||
],
|
||||
|
|
|
@ -17,9 +17,9 @@ import (
|
|||
"fmt"
|
||||
"io"
|
||||
|
||||
"github.com/docker/docker/api/types"
|
||||
"github.com/docker/docker/api/types/container"
|
||||
"github.com/docker/docker/api/types/filters"
|
||||
"github.com/docker/docker/api/types/image"
|
||||
docker "github.com/docker/docker/client"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/spf13/afero"
|
||||
|
@ -101,7 +101,7 @@ func (r *Runner) Start(ctx context.Context, name, imageName string) error {
|
|||
func (r *Runner) startNewContainer(ctx context.Context, docker *docker.Client, containerName, imageName string) error {
|
||||
// check if image exists locally, if not pull it
|
||||
// this allows us to use a custom image without having to push it to a registry
|
||||
images, err := docker.ImageList(ctx, types.ImageListOptions{
|
||||
images, err := docker.ImageList(ctx, image.ListOptions{
|
||||
Filters: filters.NewArgs(
|
||||
filters.KeyValuePair{
|
||||
Key: "reference",
|
||||
|
@ -113,7 +113,7 @@ func (r *Runner) startNewContainer(ctx context.Context, docker *docker.Client, c
|
|||
return err
|
||||
}
|
||||
if len(images) == 0 {
|
||||
reader, err := docker.ImagePull(ctx, imageName, types.ImagePullOptions{})
|
||||
reader, err := docker.ImagePull(ctx, imageName, image.PullOptions{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to pull image %q: %w", imageName, err)
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: debugd/service/debugd.proto
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: disk-mapper/recoverproto/recover.proto
|
||||
|
||||
|
|
|
@ -16,6 +16,6 @@ Subsequent Constellation releases drop support for the oldest (and deprecated) K
|
|||
The following Kubernetes versions are currently supported:
|
||||
<!--AUTO_GENERATED_BY_BAZEL-->
|
||||
<!--DO_NOT_EDIT-->
|
||||
* v1.27.9
|
||||
* v1.28.5
|
||||
* v1.29.0
|
||||
* v1.27.13
|
||||
* v1.28.9
|
||||
* v1.29.4
|
||||
|
|
294
go.mod
294
go.mod
|
@ -1,6 +1,6 @@
|
|||
module github.com/edgelesssys/constellation/v2
|
||||
|
||||
go 1.22
|
||||
go 1.22.3
|
||||
|
||||
replace (
|
||||
k8s.io/api v0.0.0 => k8s.io/api v0.29.0
|
||||
|
@ -41,126 +41,132 @@ replace (
|
|||
)
|
||||
|
||||
require (
|
||||
cloud.google.com/go/compute v1.24.0
|
||||
cloud.google.com/go/compute/metadata v0.2.3
|
||||
cloud.google.com/go/kms v1.15.7
|
||||
cloud.google.com/go/secretmanager v1.11.5
|
||||
cloud.google.com/go/storage v1.38.0
|
||||
cloud.google.com/go/compute v1.26.0
|
||||
cloud.google.com/go/compute/metadata v0.3.0
|
||||
cloud.google.com/go/kms v1.15.9
|
||||
cloud.google.com/go/secretmanager v1.13.0
|
||||
cloud.google.com/go/storage v1.40.0
|
||||
dario.cat/mergo v1.0.0
|
||||
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.5.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5 v5.0.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.7.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5 v5.1.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.1.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.0
|
||||
github.com/aws/aws-sdk-go v1.50.22
|
||||
github.com/aws/aws-sdk-go-v2 v1.25.0
|
||||
github.com/aws/aws-sdk-go-v2/config v1.27.1
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.17.1
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.0
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.3
|
||||
github.com/aws/aws-sdk-go-v2/service/autoscaling v1.39.1
|
||||
github.com/aws/aws-sdk-go-v2/service/cloudfront v1.34.1
|
||||
github.com/aws/aws-sdk-go-v2/service/ec2 v1.148.1
|
||||
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.29.1
|
||||
github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.20.2
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.50.2
|
||||
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.27.2
|
||||
github.com/aws/smithy-go v1.20.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.2
|
||||
github.com/BurntSushi/toml v1.3.2
|
||||
github.com/aws/aws-sdk-go v1.52.4
|
||||
github.com/aws/aws-sdk-go-v2 v1.26.1
|
||||
github.com/aws/aws-sdk-go-v2/config v1.27.11
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.17.11
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15
|
||||
github.com/aws/aws-sdk-go-v2/service/autoscaling v1.40.5
|
||||
github.com/aws/aws-sdk-go-v2/service/cloudfront v1.36.0
|
||||
github.com/aws/aws-sdk-go-v2/service/ec2 v1.160.0
|
||||
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.30.5
|
||||
github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.21.4
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1
|
||||
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.6
|
||||
github.com/aws/smithy-go v1.20.2
|
||||
github.com/bazelbuild/buildtools v0.0.0-20230317132445-9c3c1fc0106e
|
||||
github.com/bazelbuild/rules_go v0.42.0
|
||||
github.com/bazelbuild/rules_go v0.47.1
|
||||
github.com/coreos/go-systemd/v22 v22.5.0
|
||||
github.com/docker/docker v25.0.5+incompatible
|
||||
github.com/docker/docker v26.1.1+incompatible
|
||||
github.com/edgelesssys/go-azguestattestation v0.0.0-20230707101700-a683be600fcf
|
||||
github.com/edgelesssys/go-tdx-qpl v0.0.0-20240123150912-dcad3c41ec5f
|
||||
github.com/foxboron/go-uefi v0.0.0-20240128152106-48be911532c2
|
||||
github.com/fsnotify/fsnotify v1.7.0
|
||||
github.com/go-playground/locales v0.14.1
|
||||
github.com/go-playground/universal-translator v0.18.1
|
||||
github.com/go-playground/validator/v10 v10.14.1
|
||||
github.com/golang-jwt/jwt/v5 v5.2.0
|
||||
github.com/go-playground/validator/v10 v10.20.0
|
||||
github.com/golang-jwt/jwt/v5 v5.2.1
|
||||
github.com/google/go-sev-guest v0.9.3
|
||||
github.com/google/go-tdx-guest v0.3.1
|
||||
github.com/google/go-tpm v0.9.0
|
||||
github.com/google/go-tpm-tools v0.4.3-0.20240112165732-912a43636883
|
||||
github.com/google/go-tpm-tools v0.4.4
|
||||
github.com/google/uuid v1.6.0
|
||||
github.com/googleapis/gax-go/v2 v2.12.1
|
||||
github.com/gophercloud/gophercloud v1.9.0
|
||||
github.com/googleapis/gax-go/v2 v2.12.4
|
||||
github.com/gophercloud/gophercloud v1.11.0
|
||||
github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56
|
||||
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.1
|
||||
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0
|
||||
github.com/hashicorp/go-kms-wrapping/v2 v2.0.16
|
||||
github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.9
|
||||
github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11
|
||||
github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.11
|
||||
github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12
|
||||
github.com/hashicorp/go-version v1.6.0
|
||||
github.com/hashicorp/hc-install v0.6.3
|
||||
github.com/hashicorp/hcl/v2 v2.19.1
|
||||
github.com/hashicorp/hc-install v0.6.4
|
||||
github.com/hashicorp/hcl/v2 v2.20.1
|
||||
github.com/hashicorp/terraform-exec v0.20.0
|
||||
github.com/hashicorp/terraform-json v0.21.0
|
||||
github.com/hashicorp/terraform-plugin-framework v1.5.0
|
||||
github.com/hashicorp/terraform-plugin-framework v1.8.0
|
||||
github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
|
||||
github.com/hashicorp/terraform-plugin-go v0.21.0
|
||||
github.com/hashicorp/terraform-plugin-go v0.23.0
|
||||
github.com/hashicorp/terraform-plugin-log v0.9.0
|
||||
github.com/hashicorp/terraform-plugin-testing v1.6.0
|
||||
github.com/hashicorp/terraform-plugin-testing v1.7.0
|
||||
github.com/hexops/gotextdiff v1.0.3
|
||||
github.com/martinjungblut/go-cryptsetup v0.0.0-20220520180014-fd0874fd07a6
|
||||
github.com/mattn/go-isatty v0.0.20
|
||||
github.com/onsi/ginkgo/v2 v2.14.0
|
||||
github.com/onsi/gomega v1.30.0
|
||||
github.com/mitchellh/go-homedir v1.1.0
|
||||
github.com/onsi/ginkgo/v2 v2.17.3
|
||||
github.com/onsi/gomega v1.33.1
|
||||
github.com/pkg/errors v0.9.1
|
||||
github.com/regclient/regclient v0.5.7
|
||||
github.com/regclient/regclient v0.6.0
|
||||
github.com/rogpeppe/go-internal v1.12.0
|
||||
github.com/samber/slog-multi v1.0.2
|
||||
github.com/schollz/progressbar/v3 v3.14.1
|
||||
github.com/siderolabs/talos/pkg/machinery v1.6.4
|
||||
github.com/sigstore/rekor v1.3.5
|
||||
github.com/sigstore/sigstore v1.8.1
|
||||
github.com/schollz/progressbar/v3 v3.14.2
|
||||
github.com/secure-systems-lab/go-securesystemslib v0.8.0
|
||||
github.com/siderolabs/talos/pkg/machinery v1.7.1
|
||||
github.com/sigstore/rekor v1.3.6
|
||||
github.com/sigstore/sigstore v1.8.3
|
||||
github.com/spf13/afero v1.11.0
|
||||
github.com/spf13/cobra v1.8.0
|
||||
github.com/spf13/pflag v1.0.5
|
||||
github.com/stretchr/testify v1.8.4
|
||||
github.com/stretchr/testify v1.9.0
|
||||
github.com/tink-crypto/tink-go/v2 v2.0.0
|
||||
github.com/vincent-petithory/dataurl v1.0.0
|
||||
go.etcd.io/etcd/api/v3 v3.5.12
|
||||
go.etcd.io/etcd/client/pkg/v3 v3.5.12
|
||||
go.etcd.io/etcd/client/v3 v3.5.12
|
||||
go.etcd.io/etcd/api/v3 v3.5.13
|
||||
go.etcd.io/etcd/client/pkg/v3 v3.5.13
|
||||
go.etcd.io/etcd/client/v3 v3.5.13
|
||||
go.uber.org/goleak v1.3.0
|
||||
golang.org/x/crypto v0.22.0
|
||||
golang.org/x/exp v0.0.0-20240213143201-ec583247a57a
|
||||
golang.org/x/mod v0.15.0
|
||||
golang.org/x/sys v0.19.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/tools v0.18.0
|
||||
google.golang.org/api v0.165.0
|
||||
google.golang.org/grpc v1.61.1
|
||||
google.golang.org/protobuf v1.33.0
|
||||
golang.org/x/crypto v0.23.0
|
||||
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
|
||||
golang.org/x/mod v0.17.0
|
||||
golang.org/x/sys v0.20.0
|
||||
golang.org/x/text v0.15.0
|
||||
golang.org/x/tools v0.21.0
|
||||
google.golang.org/api v0.178.0
|
||||
google.golang.org/grpc v1.63.2
|
||||
google.golang.org/protobuf v1.34.1
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
helm.sh/helm v2.17.0+incompatible
|
||||
helm.sh/helm/v3 v3.14.2
|
||||
k8s.io/api v0.29.0
|
||||
k8s.io/apiextensions-apiserver v0.29.0
|
||||
k8s.io/apimachinery v0.29.0
|
||||
k8s.io/apiserver v0.29.0
|
||||
k8s.io/client-go v0.29.0
|
||||
helm.sh/helm/v3 v3.14.4
|
||||
k8s.io/api v0.30.0
|
||||
k8s.io/apiextensions-apiserver v0.30.0
|
||||
k8s.io/apimachinery v0.30.0
|
||||
k8s.io/apiserver v0.30.0
|
||||
k8s.io/client-go v0.30.0
|
||||
k8s.io/cluster-bootstrap v0.29.0
|
||||
k8s.io/kubelet v0.29.0
|
||||
k8s.io/kubernetes v1.29.4
|
||||
k8s.io/mount-utils v0.29.0
|
||||
k8s.io/utils v0.0.0-20240102154912-e7106e64919e
|
||||
libvirt.org/go/libvirt v1.10000.0
|
||||
k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0
|
||||
libvirt.org/go/libvirt v1.10003.0
|
||||
sigs.k8s.io/controller-runtime v0.18.2
|
||||
sigs.k8s.io/yaml v1.4.0
|
||||
)
|
||||
|
||||
require (
|
||||
cloud.google.com/go v0.112.0 // indirect
|
||||
cloud.google.com/go/iam v1.1.6 // indirect
|
||||
cloud.google.com/go v0.112.2 // indirect
|
||||
cloud.google.com/go/auth v0.3.0 // indirect
|
||||
cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
|
||||
cloud.google.com/go/iam v1.1.7 // indirect
|
||||
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.6.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 // indirect
|
||||
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
|
||||
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
|
||||
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
|
||||
|
@ -170,7 +176,6 @@ require (
|
|||
github.com/Azure/go-autorest/logger v0.2.1 // indirect
|
||||
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
|
||||
github.com/BurntSushi/toml v1.3.2
|
||||
github.com/MakeNowJust/heredoc v1.0.0 // indirect
|
||||
github.com/Masterminds/goutils v1.1.1 // indirect
|
||||
github.com/Masterminds/semver/v3 v3.2.1 // indirect
|
||||
|
@ -178,68 +183,68 @@ require (
|
|||
github.com/Masterminds/squirrel v1.5.4 // indirect
|
||||
github.com/Microsoft/go-winio v0.6.1 // indirect
|
||||
github.com/Microsoft/hcsshim v0.11.4 // indirect
|
||||
github.com/ProtonMail/go-crypto v1.1.0-alpha.0-proton // indirect
|
||||
github.com/agext/levenshtein v1.2.3 // indirect
|
||||
github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect
|
||||
github.com/agext/levenshtein v1.2.2 // indirect
|
||||
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
|
||||
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.19.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.22.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.27.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.20.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.28.6 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/blang/semver v3.5.1+incompatible // indirect
|
||||
github.com/blang/semver/v4 v4.0.0 // indirect
|
||||
github.com/cespare/xxhash/v2 v2.2.0 // indirect
|
||||
github.com/chai2010/gettext-go v1.0.2 // indirect
|
||||
github.com/cloudflare/circl v1.3.7 // indirect
|
||||
github.com/containerd/containerd v1.7.13 // indirect
|
||||
github.com/containerd/containerd v1.7.12 // indirect
|
||||
github.com/containerd/log v0.1.0 // indirect
|
||||
github.com/coreos/go-semver v0.3.1 // indirect
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
|
||||
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f // indirect
|
||||
github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 // indirect
|
||||
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
||||
github.com/distribution/reference v0.5.0 // indirect
|
||||
github.com/docker/cli v25.0.3+incompatible // indirect
|
||||
github.com/docker/cli v25.0.1+incompatible // indirect
|
||||
github.com/docker/distribution v2.8.3+incompatible // indirect
|
||||
github.com/docker/docker-credential-helpers v0.8.1 // indirect
|
||||
github.com/docker/docker-credential-helpers v0.7.0 // indirect
|
||||
github.com/docker/go-connections v0.5.0 // indirect
|
||||
github.com/docker/go-metrics v0.0.1 // indirect
|
||||
github.com/docker/go-units v0.5.0 // indirect
|
||||
github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect
|
||||
github.com/emicklei/go-restful/v3 v3.11.2 // indirect
|
||||
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
|
||||
github.com/evanphx/json-patch v5.9.0+incompatible // indirect
|
||||
github.com/evanphx/json-patch/v5 v5.9.0 // indirect
|
||||
github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
|
||||
github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
|
||||
github.com/fatih/color v1.16.0 // indirect
|
||||
github.com/felixge/httpsnoop v1.0.4 // indirect
|
||||
github.com/gabriel-vasile/mimetype v1.4.3 // indirect
|
||||
github.com/go-chi/chi v4.1.2+incompatible // indirect
|
||||
github.com/go-errors/errors v1.5.1 // indirect
|
||||
github.com/go-errors/errors v1.4.2 // indirect
|
||||
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
|
||||
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
|
||||
github.com/go-logr/logr v1.4.1 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
github.com/go-logr/zapr v1.3.0 // indirect
|
||||
github.com/go-openapi/analysis v0.22.2 // indirect
|
||||
github.com/go-openapi/errors v0.21.0 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.20.2 // indirect
|
||||
github.com/go-openapi/jsonreference v0.20.4 // indirect
|
||||
github.com/go-openapi/loads v0.21.5 // indirect
|
||||
github.com/go-openapi/runtime v0.27.1 // indirect
|
||||
github.com/go-openapi/spec v0.20.14 // indirect
|
||||
github.com/go-openapi/strfmt v0.22.0 // indirect
|
||||
github.com/go-openapi/swag v0.22.9 // indirect
|
||||
github.com/go-openapi/validate v0.23.0 // indirect
|
||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
|
||||
github.com/go-openapi/analysis v0.23.0 // indirect
|
||||
github.com/go-openapi/errors v0.22.0 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.21.0 // indirect
|
||||
github.com/go-openapi/jsonreference v0.21.0 // indirect
|
||||
github.com/go-openapi/loads v0.22.0 // indirect
|
||||
github.com/go-openapi/runtime v0.28.0 // indirect
|
||||
github.com/go-openapi/spec v0.21.0 // indirect
|
||||
github.com/go-openapi/strfmt v0.23.0 // indirect
|
||||
github.com/go-openapi/swag v0.23.0 // indirect
|
||||
github.com/go-openapi/validate v0.24.0 // indirect
|
||||
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
|
||||
github.com/gobwas/glob v0.2.3 // indirect
|
||||
github.com/godbus/dbus/v5 v5.1.0 // indirect
|
||||
github.com/gogo/protobuf v1.3.2 // indirect
|
||||
|
@ -247,23 +252,23 @@ require (
|
|||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
github.com/golang/protobuf v1.5.4 // indirect
|
||||
github.com/google/btree v1.1.2 // indirect
|
||||
github.com/google/certificate-transparency-go v1.1.7 // indirect
|
||||
github.com/google/certificate-transparency-go v1.1.6 // indirect
|
||||
github.com/google/gnostic-models v0.6.8 // indirect
|
||||
github.com/google/go-attestation v0.5.1 // indirect
|
||||
github.com/google/go-attestation v0.5.0 // indirect
|
||||
github.com/google/go-cmp v0.6.0 // indirect
|
||||
github.com/google/go-configfs-tsm v0.2.2 // indirect
|
||||
github.com/google/go-containerregistry v0.19.0 // indirect
|
||||
github.com/google/go-tspi v0.3.0 // indirect
|
||||
github.com/google/gofuzz v1.2.0 // indirect
|
||||
github.com/google/logger v1.1.1 // indirect
|
||||
github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b // indirect
|
||||
github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect
|
||||
github.com/google/s2a-go v0.1.7 // indirect
|
||||
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
|
||||
github.com/gorilla/mux v1.8.1 // indirect
|
||||
github.com/gorilla/websocket v1.5.1 // indirect
|
||||
github.com/gorilla/mux v1.8.0 // indirect
|
||||
github.com/gorilla/websocket v1.5.0 // indirect
|
||||
github.com/gosuri/uitable v0.0.4 // indirect
|
||||
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
|
||||
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
|
||||
github.com/hashicorp/errwrap v1.1.0 // indirect
|
||||
github.com/hashicorp/go-checkpoint v0.5.0 // indirect
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
||||
|
@ -272,71 +277,70 @@ require (
|
|||
github.com/hashicorp/go-multierror v1.1.1 // indirect
|
||||
github.com/hashicorp/go-plugin v1.6.0 // indirect
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
|
||||
github.com/hashicorp/go-secure-stdlib/awsutil v0.3.0 // indirect
|
||||
github.com/hashicorp/go-secure-stdlib/awsutil v0.1.6 // indirect
|
||||
github.com/hashicorp/go-uuid v1.0.3 // indirect
|
||||
github.com/hashicorp/logutils v1.0.0 // indirect
|
||||
github.com/hashicorp/terraform-plugin-sdk/v2 v2.30.0 // indirect
|
||||
github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 // indirect
|
||||
github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
|
||||
github.com/hashicorp/terraform-svchost v0.1.1 // indirect
|
||||
github.com/hashicorp/yamux v0.1.1 // indirect
|
||||
github.com/huandu/xstrings v1.4.0 // indirect
|
||||
github.com/imdario/mergo v0.3.16 // indirect
|
||||
github.com/imdario/mergo v0.3.15 // indirect
|
||||
github.com/inconshreveable/mousetrap v1.1.0 // indirect
|
||||
github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267 // indirect
|
||||
github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b // indirect
|
||||
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
||||
github.com/jmoiron/sqlx v1.3.5 // indirect
|
||||
github.com/josharian/intern v1.0.0 // indirect
|
||||
github.com/json-iterator/go v1.1.12 // indirect
|
||||
github.com/klauspost/compress v1.17.6 // indirect
|
||||
github.com/klauspost/compress v1.17.4 // indirect
|
||||
github.com/kylelemons/godebug v1.1.0 // indirect
|
||||
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
|
||||
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
|
||||
github.com/leodido/go-urn v1.4.0 // indirect
|
||||
github.com/letsencrypt/boulder v0.0.0-20240216200101-4eb5e3caa228 // indirect
|
||||
github.com/letsencrypt/boulder v0.0.0-20230907030200-6d76a0f91e1e // indirect
|
||||
github.com/lib/pq v1.10.9 // indirect
|
||||
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.15 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.13 // indirect
|
||||
github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
|
||||
github.com/mitchellh/copystructure v1.2.0 // indirect
|
||||
github.com/mitchellh/go-homedir v1.1.0
|
||||
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
|
||||
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
|
||||
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
||||
github.com/mitchellh/reflectwalk v1.0.2 // indirect
|
||||
github.com/moby/docker-image-spec v1.3.1 // indirect
|
||||
github.com/moby/locker v1.0.1 // indirect
|
||||
github.com/moby/spdystream v0.2.0 // indirect
|
||||
github.com/moby/sys/mountinfo v0.7.1 // indirect
|
||||
github.com/moby/sys/mountinfo v0.6.2 // indirect
|
||||
github.com/moby/term v0.5.0 // indirect
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
||||
github.com/modern-go/reflect2 v1.0.2 // indirect
|
||||
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
|
||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
||||
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
|
||||
github.com/oklog/run v1.1.0 // indirect
|
||||
github.com/oklog/run v1.0.0 // indirect
|
||||
github.com/oklog/ulid v1.3.1 // indirect
|
||||
github.com/opencontainers/go-digest v1.0.0 // indirect
|
||||
github.com/opencontainers/image-spec v1.1.0 // indirect
|
||||
github.com/opencontainers/image-spec v1.1.0-rc6 // indirect
|
||||
github.com/opentracing/opentracing-go v1.2.0 // indirect
|
||||
github.com/pborman/uuid v1.2.1 // indirect
|
||||
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
|
||||
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
github.com/prometheus/client_golang v1.18.0 // indirect
|
||||
github.com/prometheus/client_model v0.6.0 // indirect
|
||||
github.com/prometheus/common v0.47.0 // indirect
|
||||
github.com/prometheus/client_golang v1.19.0 // indirect
|
||||
github.com/prometheus/client_model v0.5.0 // indirect
|
||||
github.com/prometheus/common v0.48.0 // indirect
|
||||
github.com/prometheus/procfs v0.12.0 // indirect
|
||||
github.com/rivo/uniseg v0.4.7 // indirect
|
||||
github.com/rubenv/sql-migrate v1.6.1 // indirect
|
||||
github.com/rubenv/sql-migrate v1.5.2 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/samber/lo v1.38.1 // indirect
|
||||
github.com/sassoftware/relic v7.2.1+incompatible // indirect
|
||||
github.com/secure-systems-lab/go-securesystemslib v0.8.0
|
||||
github.com/shopspring/decimal v1.3.1 // indirect
|
||||
github.com/sirupsen/logrus v1.9.3 // indirect
|
||||
github.com/spf13/cast v1.6.0 // indirect
|
||||
github.com/stretchr/objx v0.5.0 // indirect
|
||||
github.com/stretchr/objx v0.5.2 // indirect
|
||||
github.com/theupdateframework/go-tuf v0.7.0 // indirect
|
||||
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
|
||||
github.com/transparency-dev/merkle v0.0.2 // indirect
|
||||
|
@ -349,40 +353,38 @@ require (
|
|||
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
|
||||
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
|
||||
github.com/xlab/treeprint v1.2.0 // indirect
|
||||
github.com/zclconf/go-cty v1.14.2 // indirect
|
||||
github.com/zclconf/go-cty v1.14.3 // indirect
|
||||
go.mongodb.org/mongo-driver v1.14.0 // indirect
|
||||
go.opencensus.io v0.24.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.48.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 // indirect
|
||||
go.opentelemetry.io/otel v1.23.1 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.23.1 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.23.1 // indirect
|
||||
go.starlark.net v0.0.0-20240123142251-f86470692795 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
|
||||
go.opentelemetry.io/otel v1.24.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.24.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.24.0 // indirect
|
||||
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
go.uber.org/zap v1.27.0 // indirect
|
||||
golang.org/x/net v0.23.0 // indirect
|
||||
golang.org/x/oauth2 v0.17.0 // indirect
|
||||
golang.org/x/sync v0.6.0 // indirect
|
||||
golang.org/x/term v0.19.0 // indirect
|
||||
golang.org/x/net v0.25.0 // indirect
|
||||
golang.org/x/oauth2 v0.20.0 // indirect
|
||||
golang.org/x/sync v0.7.0 // indirect
|
||||
golang.org/x/term v0.20.0 // indirect
|
||||
golang.org/x/time v0.5.0 // indirect
|
||||
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
|
||||
google.golang.org/appengine v1.6.8 // indirect
|
||||
google.golang.org/genproto v0.0.0-20240221002015-b0ce06bbee7c // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240221002015-b0ce06bbee7c // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c // indirect
|
||||
gopkg.in/evanphx/json-patch.v5 v5.9.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6 // indirect
|
||||
gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
|
||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
k8s.io/cli-runtime v0.29.0 // indirect
|
||||
k8s.io/component-base v0.29.0 // indirect
|
||||
k8s.io/component-base v0.30.0 // indirect
|
||||
k8s.io/klog/v2 v2.120.1 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20240220201932-37d671a357a5 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
|
||||
k8s.io/kubectl v0.29.0 // indirect
|
||||
oras.land/oras-go v1.2.5 // indirect
|
||||
sigs.k8s.io/controller-runtime v0.17.2
|
||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
|
||||
sigs.k8s.io/kustomize/api v0.16.0 // indirect
|
||||
sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect
|
||||
sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
|
||||
sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
|
||||
)
|
||||
|
|
|
@ -93,13 +93,13 @@ type Config struct {
|
|||
Tags cloudprovider.Tags `yaml:"tags" validate:"omitempty"`
|
||||
// description: |
|
||||
// Supported cloud providers and their specific configurations.
|
||||
Provider ProviderConfig `yaml:"provider" validate:"dive"`
|
||||
Provider ProviderConfig `yaml:"provider"`
|
||||
// description: |
|
||||
// Node groups to be created in the cluster.
|
||||
NodeGroups map[string]NodeGroup `yaml:"nodeGroups" validate:"required,dive"`
|
||||
// description: |
|
||||
// Configuration for attestation validation. This configuration provides sensible defaults for the Constellation version it was created for.\nSee the docs for an overview on attestation: https://docs.edgeless.systems/constellation/architecture/attestation
|
||||
Attestation AttestationConfig `yaml:"attestation" validate:"dive"`
|
||||
Attestation AttestationConfig `yaml:"attestation"`
|
||||
}
|
||||
|
||||
// ProviderConfig are cloud-provider specific configuration values used by the CLI.
|
||||
|
@ -108,19 +108,19 @@ type Config struct {
|
|||
type ProviderConfig struct {
|
||||
// description: |
|
||||
// Configuration for AWS as provider.
|
||||
AWS *AWSConfig `yaml:"aws,omitempty" validate:"omitempty,dive"`
|
||||
AWS *AWSConfig `yaml:"aws,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Configuration for Azure as provider.
|
||||
Azure *AzureConfig `yaml:"azure,omitempty" validate:"omitempty,dive"`
|
||||
Azure *AzureConfig `yaml:"azure,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Configuration for Google Cloud as provider.
|
||||
GCP *GCPConfig `yaml:"gcp,omitempty" validate:"omitempty,dive"`
|
||||
GCP *GCPConfig `yaml:"gcp,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Configuration for OpenStack as provider.
|
||||
OpenStack *OpenStackConfig `yaml:"openstack,omitempty" validate:"omitempty,dive"`
|
||||
OpenStack *OpenStackConfig `yaml:"openstack,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Configuration for QEMU as provider.
|
||||
QEMU *QEMUConfig `yaml:"qemu,omitempty" validate:"omitempty,dive"`
|
||||
QEMU *QEMUConfig `yaml:"qemu,omitempty" validate:"omitempty"`
|
||||
}
|
||||
|
||||
// AWSConfig are AWS specific configuration values used by the CLI.
|
||||
|
@ -264,31 +264,31 @@ type QEMUConfig struct {
|
|||
type AttestationConfig struct {
|
||||
// description: |
|
||||
// AWS SEV-SNP attestation.
|
||||
AWSSEVSNP *AWSSEVSNP `yaml:"awsSEVSNP,omitempty" validate:"omitempty,dive"`
|
||||
AWSSEVSNP *AWSSEVSNP `yaml:"awsSEVSNP,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// AWS Nitro TPM attestation.
|
||||
AWSNitroTPM *AWSNitroTPM `yaml:"awsNitroTPM,omitempty" validate:"omitempty,dive"`
|
||||
AWSNitroTPM *AWSNitroTPM `yaml:"awsNitroTPM,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Azure SEV-SNP attestation.\nFor details see: https://docs.edgeless.systems/constellation/architecture/attestation#cvm-verification
|
||||
AzureSEVSNP *AzureSEVSNP `yaml:"azureSEVSNP,omitempty" validate:"omitempty,dive"`
|
||||
AzureSEVSNP *AzureSEVSNP `yaml:"azureSEVSNP,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Azure TDX attestation.
|
||||
AzureTDX *AzureTDX `yaml:"azureTDX,omitempty" validate:"omitempty,dive"`
|
||||
AzureTDX *AzureTDX `yaml:"azureTDX,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// Azure TPM attestation (Trusted Launch).
|
||||
AzureTrustedLaunch *AzureTrustedLaunch `yaml:"azureTrustedLaunch,omitempty" validate:"omitempty,dive"`
|
||||
AzureTrustedLaunch *AzureTrustedLaunch `yaml:"azureTrustedLaunch,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// GCP SEV-ES attestation.
|
||||
GCPSEVES *GCPSEVES `yaml:"gcpSEVES,omitempty" validate:"omitempty,dive"`
|
||||
GCPSEVES *GCPSEVES `yaml:"gcpSEVES,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// GCP SEV-SNP attestation.
|
||||
GCPSEVSNP *GCPSEVSNP `yaml:"gcpSEVSNP,omitempty" validate:"omitempty,dive"`
|
||||
GCPSEVSNP *GCPSEVSNP `yaml:"gcpSEVSNP,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// QEMU tdx attestation.
|
||||
QEMUTDX *QEMUTDX `yaml:"qemuTDX,omitempty" validate:"omitempty,dive"`
|
||||
QEMUTDX *QEMUTDX `yaml:"qemuTDX,omitempty" validate:"omitempty"`
|
||||
// description: |
|
||||
// QEMU vTPM attestation.
|
||||
QEMUVTPM *QEMUVTPM `yaml:"qemuVTPM,omitempty" validate:"omitempty,dive"`
|
||||
QEMUVTPM *QEMUVTPM `yaml:"qemuVTPM,omitempty" validate:"omitempty"`
|
||||
}
|
||||
|
||||
// NodeGroup defines a group of nodes with the same role and configuration.
|
||||
|
@ -1130,7 +1130,7 @@ type AzureSEVSNP struct {
|
|||
AMDRootKey Certificate `json:"amdRootKey" yaml:"amdRootKey"`
|
||||
// description: |
|
||||
// AMD Signing Key certificate used to verify the SEV-SNP VCEK / VLEK certificate.
|
||||
AMDSigningKey Certificate `json:"amdSigningKey,omitempty" yaml:"amdSigningKey,omitempty" validate:"len=0"`
|
||||
AMDSigningKey Certificate `json:"amdSigningKey,omitempty" yaml:"amdSigningKey,omitempty"`
|
||||
}
|
||||
|
||||
// AzureTrustedLaunch is the configuration for Azure Trusted Launch attestation.
|
||||
|
|
|
@ -33,14 +33,6 @@ import (
|
|||
// Also, the charts are not rendered correctly without all of these values.
|
||||
func extraCiliumValues(provider cloudprovider.Provider, conformanceMode bool, output state.Infrastructure) map[string]any {
|
||||
extraVals := map[string]any{}
|
||||
if conformanceMode {
|
||||
extraVals["kubeProxyReplacementHealthzBindAddr"] = ""
|
||||
extraVals["kubeProxyReplacement"] = "partial"
|
||||
extraVals["sessionAffinity"] = true
|
||||
extraVals["cni"] = map[string]any{
|
||||
"chainingMode": "portmap",
|
||||
}
|
||||
}
|
||||
|
||||
strictMode := map[string]any{}
|
||||
// TODO(@3u13r): Once we are able to set the subnet of the load balancer VMs
|
||||
|
@ -75,6 +67,28 @@ func extraCiliumValues(provider cloudprovider.Provider, conformanceMode bool, ou
|
|||
},
|
||||
}
|
||||
|
||||
// When --conformance is set, we try to mitigate https://github.com/cilium/cilium/issues/9207
|
||||
// Users are discouraged of ever using this mode, except if they truly
|
||||
// require protocol differentiation to work and cannot mitigate that any other way.
|
||||
// Since there should always be workarounds, we only support this mode to
|
||||
// pass the K8s conformance tests. It is not supported to switch to or from
|
||||
// this mode after Constellation has been initialized.
|
||||
// This only works for the K8s conformance tests up to K8s 1.28.
|
||||
if conformanceMode {
|
||||
extraVals["kubeProxyReplacementHealthzBindAddr"] = ""
|
||||
extraVals["kubeProxyReplacement"] = "false"
|
||||
extraVals["sessionAffinity"] = true
|
||||
extraVals["cni"] = map[string]any{
|
||||
"chainingMode": "portmap",
|
||||
}
|
||||
extraVals["ipMasqAgent"] = map[string]any{
|
||||
"enabled": false,
|
||||
}
|
||||
extraVals["bpf"] = map[string]any{
|
||||
"masquerade": false,
|
||||
}
|
||||
}
|
||||
|
||||
return extraVals
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: internal/versions/components/components.proto
|
||||
|
||||
|
|
|
@ -181,11 +181,11 @@ const (
|
|||
|
||||
// currently supported versions.
|
||||
//nolint:revive
|
||||
V1_27 ValidK8sVersion = "v1.27.9" // renovate:kubernetes-release
|
||||
V1_27 ValidK8sVersion = "v1.27.13" // renovate:kubernetes-release
|
||||
//nolint:revive
|
||||
V1_28 ValidK8sVersion = "v1.28.5" // renovate:kubernetes-release
|
||||
V1_28 ValidK8sVersion = "v1.28.9" // renovate:kubernetes-release
|
||||
//nolint:revive
|
||||
V1_29 ValidK8sVersion = "v1.29.0" // renovate:kubernetes-release
|
||||
V1_29 ValidK8sVersion = "v1.29.4" // renovate:kubernetes-release
|
||||
|
||||
// Default k8s version deployed by Constellation.
|
||||
Default ValidK8sVersion = V1_28
|
||||
|
@ -198,7 +198,7 @@ const (
|
|||
// VersionConfigs holds download URLs for all required kubernetes components for every supported version.
|
||||
var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
||||
V1_27: {
|
||||
ClusterVersion: "v1.27.9", // renovate:kubernetes-release
|
||||
ClusterVersion: "v1.27.13", // renovate:kubernetes-release
|
||||
KubernetesComponents: components.Components{
|
||||
{
|
||||
Url: "https://github.com/containernetworking/plugins/releases/download/v1.4.0/cni-plugins-linux-amd64-v1.4.0.tgz", // renovate:cni-plugins-release
|
||||
|
@ -213,33 +213,33 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
Extract: true,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.9/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:ede60eea3acbac3f35dbb23d7b148f45cf169ebbb20af102d3ce141fc0bac60c",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.13/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:ed68df2a77f3057ab47f57eacb6e9310e91731e4f43c58a3c3b5c857d78d0080",
|
||||
InstallPath: constants.KubeletPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.9/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:78dddac376fa2f04116022cb44ed39ccb9cb0104e05c5b21b220d5151e5c0f86",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.13/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:b88c30b7067f095b7fa02c5560cc50d6e69a5a9fecc606ef477dc7efc86453b9",
|
||||
InstallPath: constants.KubeadmPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.9/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:d0caae91072297b2915dd65f6ef3055d27646dce821ec67d18da35ba9a8dc85b",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.27.13/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:e991f163197cbd85bbff22f656a74d48b69db5addfa43cc04cca0cf5328f57f1",
|
||||
InstallPath: constants.KubectlPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI3LjlAc2hhMjU2OjkyMjc0ZTgyZTI0NTJkYzA0ZmVkOTMzY2U2ZTQyMWM2NGUzMGQxNGQ4NjhkMDdiZmIwNzY5N2E5NjE0YTFkYjgifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI3LjEzQHNoYTI1Njo3YTM0YmZlYjcxOWMyNmEwOWJmMjZiZjUxYjhiZjM0N2Q0MWY0ZWQ1ZTMwZTkzNGY2Y2E3M2FjMTk3MjA3NGE3In1d",
|
||||
InstallPath: patchFilePath("kube-apiserver"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI3LjlAc2hhMjU2OjczNWFlZmY1YTJlNjI4MmUwZWI3MjQ1YmUyNGIzZGEwNzYyOTdmOWU0ZmJhMmIzMjA5NGNjZjYxYTA4Y2NjYzIifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI3LjEzQHNoYTI1Njo5NGVmNzdkZDQxNzYzZjMwZDNkOGViNWNhNWZhNzIwZjI4OWMyNGZlNTc5NGE3YTYyZTJkYTEwODJiOTVkMjhlIn1d",
|
||||
InstallPath: patchFilePath("kube-controller-manager"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI3LjlAc2hhMjU2OmYzOTc1OTU2YWQyMzY2N2NhOGY1NTdkNzY0MDQyNTNjYjdlODE1Y2E3Zjc3YWVkOTBlMWFlN2Q2NWU4OGYyYjEifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI3LjEzQHNoYTI1NjpkMTA4NDI0NTk5ZmI3NjI1NDQxNmIwYTU2MDlkYjUzMGE4YmQzNzJhNzg4N2ZiNTYzNjc1MzI4ODU5YmRmZWIyIn1d",
|
||||
InstallPath: patchFilePath("kube-scheduler"),
|
||||
},
|
||||
{
|
||||
|
@ -262,10 +262,10 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
CloudControllerManagerImageOpenStack: "docker.io/k8scloudprovider/openstack-cloud-controller-manager:v1.26.4@sha256:05e846fb13481b6dbe4a1e50491feb219e8f5101af6cf662a086115735624db0", // renovate:container
|
||||
// External service image. Depends on k8s version.
|
||||
// Check for new versions at https://github.com/kubernetes/autoscaler/releases.
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.27.5@sha256:410ffc3f7307b6173c630de8de6e40175376c8c170d64b6c8b6e4baadda020df", // renovate:container
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.27.7@sha256:dd36aa710e59cd2355ae8face010a87b6d3ca1706c510f2143440789fceef32f", // renovate:container
|
||||
},
|
||||
V1_28: {
|
||||
ClusterVersion: "v1.28.5", // renovate:kubernetes-release
|
||||
ClusterVersion: "v1.28.9", // renovate:kubernetes-release
|
||||
KubernetesComponents: components.Components{
|
||||
{
|
||||
Url: "https://github.com/containernetworking/plugins/releases/download/v1.4.0/cni-plugins-linux-amd64-v1.4.0.tgz", // renovate:cni-plugins-release
|
||||
|
@ -280,33 +280,33 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
Extract: true,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.5/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:bf37335da58182783a8c63866ec1f895b4c436e3ed96bdd87fe3f8ae8004ba1d",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.9/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:f3af46cff11c675a80d91ebb38ebc4e85a9f813ce93e56ee131e7fea1491b786",
|
||||
InstallPath: constants.KubeletPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.5/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:2b54078c5ea9e85b27f162f508e0bf834a2753e52a57e896812ec3dca92fe9cd",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.9/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:a4d8acf0a74cb1d07d96a1a34148f54c6420874221af16d8ec902d9bffc7ef89",
|
||||
InstallPath: constants.KubeadmPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.5/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:2a44c0841b794d85b7819b505da2ff3acd5950bd1bcd956863714acc80653574",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.28.9/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:b4693d0b22f509250694b10c7727c42b427d570af04f2065fe23a55d6c0051f1",
|
||||
InstallPath: constants.KubectlPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI4LjVAc2hhMjU2OjRiYjZmNDZiYWE5ODA1MjM5OWVlMjI3MGQ1OTEyZWRiOTdkNGY4NjAyZWEyZTI3MDBmMDUyN2E4ODcyMjgxMTIifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI4LjlAc2hhMjU2OjdkMTFjNjJiMjRjZjVkM2ViMWZmZDZhYzMxNWU2MzI4ZmExYWUyMzk2ZDQ1NzJkNDY3NDA0M2U5YTdkZDRlYzIifV0=",
|
||||
InstallPath: patchFilePath("kube-apiserver"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI4LjVAc2hhMjU2OjZlOGM5MTcxZjc0YTRlM2ZhZGVkY2U4Zjg2NWY1ODA5MmE1OTc2NTBhNzA5NzAyZjJiMTIyZjZjYTNiNmNkMzIifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI4LjlAc2hhMjU2OmZmNmRhMTYxNGIyMTJjNGNiMDI3ZGI2NjQwYzJmMDAyYTA3MjNiMzg1N2JlOWE2OWUzZWM2YWQ0ZWE4YTVlMWMifV0=",
|
||||
InstallPath: patchFilePath("kube-controller-manager"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI4LjVAc2hhMjU2OjlhNDhlMzNlNDU0YzkwNGNmNTNjMTQ0YThkMGFlM2Y1YTRjMmM1YmQwODZiODk1M2FkN2Q1YTYzN2I5YWEwMDcifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI4LjlAc2hhMjU2OmMyZDJmOTcyM2M0MjU0MDEwYjE4Y2YzODcwYjdmMTZkNzE3MTlkNTlhOWMxNGY5NWNjNWZhMmU1MjRkODU4NjkifV0=",
|
||||
InstallPath: patchFilePath("kube-scheduler"),
|
||||
},
|
||||
{
|
||||
|
@ -329,10 +329,10 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
CloudControllerManagerImageOpenStack: "docker.io/k8scloudprovider/openstack-cloud-controller-manager:v1.26.4@sha256:05e846fb13481b6dbe4a1e50491feb219e8f5101af6cf662a086115735624db0", // renovate:container
|
||||
// External service image. Depends on k8s version.
|
||||
// Check for new versions at https://github.com/kubernetes/autoscaler/releases.
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.27.5@sha256:410ffc3f7307b6173c630de8de6e40175376c8c170d64b6c8b6e4baadda020df", // renovate:container
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.27.7@sha256:dd36aa710e59cd2355ae8face010a87b6d3ca1706c510f2143440789fceef32f", // renovate:container
|
||||
},
|
||||
V1_29: {
|
||||
ClusterVersion: "v1.29.0", // renovate:kubernetes-release
|
||||
ClusterVersion: "v1.29.4", // renovate:kubernetes-release
|
||||
KubernetesComponents: components.Components{
|
||||
{
|
||||
Url: "https://github.com/containernetworking/plugins/releases/download/v1.4.0/cni-plugins-linux-amd64-v1.4.0.tgz", // renovate:cni-plugins-release
|
||||
|
@ -347,33 +347,33 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
Extract: true,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.0/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:e1c38137db8d8777eed8813646b59bf4d22d19b9011ab11dc28e2e34f6b80a05",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.4/bin/linux/amd64/kubelet", // renovate:kubernetes-release
|
||||
Hash: "sha256:58571f0ed62543a9bbac541e52c15d8385083113a463e23aec1341d0b5043939",
|
||||
InstallPath: constants.KubeletPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.0/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:629d4630657caace9c819fd3797f4a70c397fbd41a2a7e464a0507dad675d52c",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.4/bin/linux/amd64/kubeadm", // renovate:kubernetes-release
|
||||
Hash: "sha256:ea20ab064f716ab7f69a36d72df340257b31c9721ea86e1cf9d70b35999ddeea",
|
||||
InstallPath: constants.KubeadmPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.0/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:0e03ab096163f61ab610b33f37f55709d3af8e16e4dcc1eb682882ef80f96fd5",
|
||||
Url: "https://storage.googleapis.com/kubernetes-release/release/v1.29.4/bin/linux/amd64/kubectl", // renovate:kubernetes-release
|
||||
Hash: "sha256:10e343861c3cb0010161e703307ba907add2aeeeaffc6444779ad915f9889c88",
|
||||
InstallPath: constants.KubectlPath,
|
||||
Extract: false,
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI5LjBAc2hhMjU2OjkyMWQ5ZDRjZGE0MGJkNDgxMjgzMzc1ZDM5ZDEyYjI0ZjUxMjgxNjgyYWU0MWY2ZGE0N2Y2OWNiMDcyNjQzYmMifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtYXBpc2VydmVyOnYxLjI5LjRAc2hhMjU2OjgwYmVmODIwZTk1NzdmMTQ5ZTUyMTkxOTZmNGRlZjQ5MTJhZWQ1ZmFiYmYwN2Q3YzQxNWQyNDEwNWY5ZWMwNTkifV0=",
|
||||
InstallPath: patchFilePath("kube-apiserver"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI5LjBAc2hhMjU2OmQxZTM4ZWEyNWIyN2U1N2I0MTk5NWVmNTlhZDc2ZGQzMzQ4MTg1M2E1YjhkMWE5MWFiYjdhOGJlMzJiN2U3ZGEifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtY29udHJvbGxlci1tYW5hZ2VyOnYxLjI5LjRAc2hhMjU2OjM4YTgzMjZkZjk3ZDI4NDY4MjQ5MTcwYWE2MzI1MGI4Y2U3Yjg3OTMxNTVmZjczZTI0ZDcwOTQyNGQ1YzlmMDkifV0=",
|
||||
InstallPath: patchFilePath("kube-controller-manager"),
|
||||
},
|
||||
{
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI5LjBAc2hhMjU2OjVkZjMxMDIzNGU0Zjk0NjNiMTVkMTY2Nzc4ZDY5NzgzMGE1MWMwMDM3ZmYyOGExNzU5ZGFhYWQyZDNjZGU5OTEifV0=",
|
||||
Url: "data:application/json;base64,W3sib3AiOiJyZXBsYWNlIiwicGF0aCI6Ii9zcGVjL2NvbnRhaW5lcnMvMC9pbWFnZSIsInZhbHVlIjoicmVnaXN0cnkuazhzLmlvL2t1YmUtc2NoZWR1bGVyOnYxLjI5LjRAc2hhMjU2OjhkYzZhODY1MzE2NDA0YWM3ODVmYmU4OWQ3MTY3ZmVkOThlNjljYTk4MDgyMDZiNTU2YWRmYTZkZDZkNDk3ZDAifV0=",
|
||||
InstallPath: patchFilePath("kube-scheduler"),
|
||||
},
|
||||
{
|
||||
|
@ -396,7 +396,7 @@ var VersionConfigs = map[ValidK8sVersion]KubernetesVersion{
|
|||
CloudControllerManagerImageOpenStack: "docker.io/k8scloudprovider/openstack-cloud-controller-manager:v1.26.4@sha256:05e846fb13481b6dbe4a1e50491feb219e8f5101af6cf662a086115735624db0", // renovate:container
|
||||
// External service image. Depends on k8s version.
|
||||
// Check for new versions at https://github.com/kubernetes/autoscaler/releases.
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.29.0@sha256:808185c1090107f06ea69b0a5e507e387ad2ee3a3b12b7cd08ea0dac730cf58b", // renovate:container
|
||||
ClusterAutoscalerImage: "registry.k8s.io/autoscaling/cluster-autoscaler:v1.29.2@sha256:e909737822ff8b822d04b427fa730603fb22ff8ae6005788b1354f8f95cc74db", // renovate:container
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: joinservice/joinproto/join.proto
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: keyservice/keyserviceproto/keyservice.proto
|
||||
|
||||
|
|
|
@ -42,40 +42,20 @@
|
|||
"prPriority": -30,
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^k8s.io", "^sigs.k8s.io"],
|
||||
"groupName": "K8s dependencies",
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^go.etcd.io/etcd"],
|
||||
"groupName": "etcd dependencies",
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^github.com/hashicorp/go-kms-wrapping"],
|
||||
"groupName": "github.com/hashicorp/go-kms-wrapping",
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^github.com/aws/aws-sdk-go-v2"],
|
||||
"groupName": "AWS SDK",
|
||||
"prPriority": -10,
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": [
|
||||
"^github.com/Azure/",
|
||||
"^github.com/AzureAD/microsoft-authentication-library-for-go",
|
||||
// Group update of direct Go dependencies.
|
||||
"groupName": "Go dependencies",
|
||||
"matchManagers": ["gomod"],
|
||||
"matchDepTypes": ["require"],
|
||||
"matchUpdateTypes": [
|
||||
"bump",
|
||||
"digest",
|
||||
"lockFileMaintenance",
|
||||
"minor",
|
||||
"patch",
|
||||
"pin",
|
||||
"pinDigest",
|
||||
"rollback",
|
||||
],
|
||||
"groupName": "Azure SDK",
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^cloud.google.com/go"],
|
||||
"groupName": "Google SDK",
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^google.golang.org/genproto"],
|
||||
"prPriority": -10,
|
||||
},
|
||||
{
|
||||
"matchDepPatterns": ["^libvirt.org/go"],
|
||||
"groupName": "libvirt.org/go",
|
||||
},
|
||||
{
|
||||
"matchManagers": ["bazelisk", "bazel", "bazel-module"],
|
||||
|
@ -84,7 +64,7 @@
|
|||
},
|
||||
{
|
||||
"matchDatasources": ["golang-version"],
|
||||
"allowedVersions": "1.19",
|
||||
"allowedVersions": "1.22",
|
||||
},
|
||||
{
|
||||
"matchManagers": ["pip_requirements"],
|
||||
|
|
|
@ -69,7 +69,7 @@ resource "constellation_cluster" "azure_example" {
|
|||
See the [full list of CSPs](https://docs.edgeless.systems/constellation/overview/clouds) that Constellation supports.
|
||||
- `image` (Attributes) Constellation OS Image to use on the nodes. (see [below for nested schema](#nestedatt--image))
|
||||
- `init_secret` (String) Secret used for initialization of the cluster.
|
||||
- `kubernetes_version` (String) The Kubernetes version to use for the cluster. The supported versions are [v1.27.9 v1.28.5 v1.29.0].
|
||||
- `kubernetes_version` (String) The Kubernetes version to use for the cluster. The supported versions are [v1.27.13 v1.28.9 v1.29.4].
|
||||
- `master_secret` (String) Hex-encoded 32-byte master secret for the cluster.
|
||||
- `master_secret_salt` (String) Hex-encoded 32-byte master secret salt for the cluster.
|
||||
- `measurement_salt` (String) Hex-encoded 32-byte measurement salt for the cluster.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: upgrade-agent/upgradeproto/upgrade.proto
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.33.0
|
||||
// protoc-gen-go v1.34.1
|
||||
// protoc v4.22.1
|
||||
// source: verify/verifyproto/verify.proto
|
||||
|
||||
|
|
Loading…
Reference in New Issue