5da92d9d8b
* Rework image build pipeline * Dont cancel workflow runs on main Signed-off-by: Daniel Weiße <dw@edgeless.systems> |
||
---|---|---|
.. | ||
bootstrapper | ||
cdbg | ||
debugd | ||
service | ||
README.md |
debug daemon (debugd)
Build cdbg
mkdir -p build
cmake ..
make cdbg
debugd & cdbg usage
With cdbg
and yq
installed in your path:
-
Write the configuration file for cdbg
cdbg-conf.yaml
:cdbg: authorizedKeys: - username: my-username publicKey: ssh-rsa AAAAB…LJuM= bootstrapperPath: "./bootstrapper" systemdUnits: - name: some-custom.service contents: |- [Unit] Description=…
-
Run
constellation config generate
to create a new default configuration -
Modify the
constellation-conf.yaml
to use an image with the debugd already included and add required firewall rules:# Set timestamp from cloud provider image name export TIMESTAMP=01234 yq -i \ "(.provider | select(. | has(\"azure\")).azure.image) = \"/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/CONSTELLATION-IMAGES/providers/Microsoft.Compute/galleries/Constellation/images/constellation-coreos-debugd/versions/0.0.${TIMESTAMP}\"" \ constellation-conf.yaml yq -i \ "(.provider | select(. | has(\"gcp\")).gcp.image) = \"projects/constellation-images/global/images/constellation-coreos-debugd-${TIMESTAMP}\"" \ constellation-conf.yaml yq -i \ ".ingressFirewall += { \"name\": \"debugd\", \"description\": \"debugd default port\", \"protocol\": \"tcp\", \"iprange\": \"0.0.0.0/0\", \"fromport\": 4000, \"toport\": 0 }" \ constellation-conf.yaml
-
Run
constellation create […]
-
Run
./cdbg deploy
-
Run
constellation init […]
as usual
debugd GCP image
For GCP, run the following command to get a list of all constellation debug images, sorted by their creation date:
gcloud compute images list --filter="family~'constellation-debug-v.+'" --sort-by=creationTimestamp --project constellation-images
The images are grouped by the Constellation release they were built for.
Choose the newest debugd image for your release with the naming scheme constellation-<commit-timestamp>
.
debugd Azure Image
Azure debug images are grouped by the Constellation release they were built for. Run the following command to get a list of all constellation debugd images for release v1.5.0, sorted by their creation date:
RELEASE=v1.5.0
az sig image-version list --resource-group constellation-images --gallery-name Constellation_Debug --gallery-image-definition ${RELEASE} --query "sort_by([], &publishingProfile.publishedDate)[].id" -o table
Choose the newest debugd image and copy the full URI.