Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
3942cf27f3
constellation/internal
History
Malte Poll 66f1333c31
terraform: use single zone loadbalancer frontend on AWS (#1983) 
This change is required to ensure we have not tls handshake errors when connecting to the kubernetes api.
Currently, the certificates used by kube-apiserver pods contain a SAN field with the (single) public ip of the loadbalancer.
If we would allow multiple loadbalancer frontend ips, we could encounter cases where the certificate is only valid for one public ip,
while we try to connect to a different ip.
To prevent this, we consciously disable support for the multi-zone loadbalancer frontend on AWS for now.
This will be re-enabled in the future.
2023-06-30 16:56:31 +02:00
..
api Use term "attestation variant" consistently 2023-06-26 08:54:11 +02:00
atls attestation: add awsSEVSNP as new variant (#1900) 2023-06-09 15:41:02 +02:00
attestation image: update measurements and image version (#1988) 2023-06-30 08:48:38 +02:00
cloud terraform: use single zone loadbalancer frontend on AWS (#1983) 2023-06-30 16:56:31 +02:00
compatibility helm: fix upgrade command unintentionally skipping all service upgrades (#1992) 2023-06-30 16:46:05 +02:00
config helm: fix upgrade command unintentionally skipping all service upgrades (#1992) 2023-06-30 16:46:05 +02:00
constants Revert "attestation: add SNP-based attestation for aws-sev-snp (#1916)" (#1957) 2023-06-22 17:08:44 +02:00
containerimage cli: use Bazel container images 2023-04-18 15:35:15 +02:00
crypto bazel: add build files for go (#1186) 2023-03-09 15:23:42 +01:00
cryptsetup cryptsetup: Provide implementation without cgo 2023-05-23 13:44:56 +02:00
deploy/helm bootstraper: delete helm chart on installation failure before retrying installation (#1977) 2023-06-30 15:13:29 +02:00
file todo responsibilities and cleanup (#1837) 2023-06-01 12:33:06 +02:00
grpc cdbg: make endpoint deployment failure more transparent (#1883) 2023-06-12 13:45:34 +02:00
imagefetcher attestation: add awsSEVSNP as new variant (#1900) 2023-06-09 15:41:02 +02:00
installer go: remove redefinitions of builtins 2023-03-20 08:41:01 -04:00
kms config: dynamic attestation configuration through S3 backed API (#1808) 2023-05-25 17:43:44 +01:00
kubernetes Correctly deploy the AWS CCM (#1853) 2023-06-13 09:58:39 +02:00
license license: remove check for Azure.ConfidentialVM (#1602) 2023-04-03 19:19:54 +02:00
logger bazel: add build files for go (#1186) 2023-03-09 15:23:42 +01:00
nodestate bazel: add build files for go (#1186) 2023-03-09 15:23:42 +01:00
osimage api: rename /api/versions to versionsapi and /api/attestationcfig to attestationconfigapi (#1876) 2023-06-07 16:16:32 +02:00
retry bazel: add build files for go (#1186) 2023-03-09 15:23:42 +01:00
role terraform: azure node groups (#1955) 2023-06-22 16:53:40 +02:00
semver cli: fail fast when CLI and Constellation versions don't match (#1972) 2023-06-27 18:24:35 +02:00
sigstore config: enable azure snp version fetcher again + minimum age for latest version (#1899) 2023-06-09 12:48:12 +02:00
staticupload helm: fix upgrade command unintentionally skipping all service upgrades (#1992) 2023-06-30 16:46:05 +02:00
versions deps: update K8s constrained Azure versions (#1907) 2023-06-20 12:55:47 +02:00
watcher attestation: add awsSEVSNP as new variant (#1900) 2023-06-09 15:41:02 +02:00