teepot

mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 15:13:56 +02:00

Author	SHA1	Message	Date
Harald Hoyer	d3c17a7ace	Merge branch 'main' into cargo_update	2025-02-25 13:22:35 +01:00
Harald Hoyer	942091d3ae	Merge pull request #277 from matter-labs/rtmr3 feat(tdx): add TDX RTMR extension support with UEFI marker	2025-02-25 13:21:57 +01:00
Harald Hoyer	bd24825ece	Merge branch 'main' into cargo_update	2025-02-21 09:31:25 +01:00
Harald Hoyer	46b9269fc1	Merge branch 'main' into rtmr3	2025-02-21 09:31:18 +01:00
Harald Hoyer	d345c62db7	Merge pull request #278 from matter-labs/metadata-fail feat(tdx_google): add onFailure action to reboot on metadata.service errors	2025-02-21 09:28:28 +01:00
Harald Hoyer	f822c70721	chore: remove unused `rand` dependency and update crates - Removed `rand` dependency from multiple `.toml` files and updated relevant imports to use `rand_core::OsRng`. - Updated OpenTelemetry dependencies to latest versions and refactored SDK initialization to use `SdkLoggerProvider`. - Bumped versions of several dependencies including `clap`, `awc`, `ring`, and `smallvec` for compatibility and features. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-20 15:40:13 +01:00
Harald Hoyer	cf4a6cfb60	feat(tdx_google): add onFailure action to reboot on metadata.service errors - Introduce `onFailure` handler to trigger reboot after 5 minutes. - Enhances system reliability by automating recovery measures. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-20 15:32:51 +01:00
Harald Hoyer	049f1b3de8	feat(tdx): add TDX RTMR extension support with UEFI marker - Added `UEFI_MARKER_DIGEST_BYTES` constant for TDX RTMR extension. - Implemented RTMR3 extension in `tee-key-preexec` for TDX attestation flow. - Updated `rtmr-calc` to use `UEFI_MARKER_DIGEST_BYTES` for RTMR1 extension. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-20 15:15:44 +01:00
Harald Hoyer	a430e2f93b	Merge pull request #276 from matter-labs/sys feat(tdx_google): add support for attestation in container	2025-02-20 12:55:39 +01:00
Harald Hoyer	a5cf220c57	feat(tdx_google): add support for attestation in container - Mount `/sys/kernel/config` to enable attestation for TDX containers. - Ensures compatibility with TDX guest measurements during runtime.	2025-02-20 12:14:10 +01:00
Harald Hoyer	e936f5079d	Merge pull request #272 from matter-labs/refactor refactor(tdx_google): modularize tdx_google configuration	2025-02-20 10:04:11 +01:00
Harald Hoyer	439574f22c	chore(tdx_google): remove unused `teepot` package from system environment Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-19 15:01:02 +01:00
Harald Hoyer	760ff7eff1	refactor(tdx_google): simplify service configurations - Replaced hardcoded metadata-fetching logic with shared metadata service. - Removed custom pre-start scripts and refactored environment handling. - Updated Vector configuration to include custom field transformations. - Streamlined container startup process and ensured proper cleanup. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-19 15:00:43 +01:00
Harald Hoyer	5d2ad57cfd	refactor(tdx_google): modularize tdx_google configuration - Split `tdx_google/configuration.nix` into smaller modules: `vector.nix`, and `container.nix`. - Simplified the main configuration by leveraging modular imports for better readability and maintainability. Signed-off-by: Harald Hoyer <harald@matterlabs.dev> # Conflicts: # packages/tdx_google/configuration.nix	2025-02-19 15:00:42 +01:00
Harald Hoyer	4d273076ee	Merge pull request #271 from matter-labs/Metadata-Flavor fix(teepot): add custom HTTP header for google metadata and update default endpoint	2025-02-19 14:59:09 +01:00
Harald Hoyer	98a71b3e3a	fix(teepot): add custom HTTP header for google metadata and update default endpoint - Replace `reqwest::get` with a configured `reqwest::Client` to support custom headers (e.g., "Metadata-Flavor: Google"). - Update default OTLP endpoint to include the "http://" prefix for clarity.	2025-02-19 13:58:39 +01:00
Harald Hoyer	ee3061b2ec	Merge pull request #270 from matter-labs/serial feat(configuration): update journald and serial settings	2025-02-19 11:30:28 +01:00
Harald Hoyer	bbbce81541	feat(configuration): update journald and serial settings - Set journald console to `/dev/ttyS0` for improved logging. - Disable `serial-getty@ttyS0` service to avoid conflicts.	2025-02-19 11:16:34 +01:00
Harald Hoyer	c4b1431221	Merge pull request #268 from matter-labs/tdx-test feat: rewrite google-metadata test as tdx-test	2025-02-18 08:36:12 +01:00
Harald Hoyer	daf375836b	chore: remove unused deps Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-14 16:47:45 +01:00
Harald Hoyer	fbbb37ca5a	tests(tdxtest): ramp up the testing Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-14 16:47:44 +01:00
Harald Hoyer	a41460b7f0	feat(tdx-google): enhance container service setup - Add `vector.service` and `chronyd.service` dependencies to `docker_start_container` service. - Use `EnvironmentFile` and a pre-start script to dynamically generate environment variables for container setup. - Improve error handling and clarity in container initialization.	2025-02-14 16:47:43 +01:00
Harald Hoyer	908579cd60	feat: rewrite google-metadata test as tdx-test Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-14 16:47:42 +01:00
Harald Hoyer	3325312c0d	Merge pull request #255 from matter-labs/vector_kafka feat(google-tdx): add vector pushing to kafka for logging	2025-02-13 10:00:59 +01:00
Harald Hoyer	9266a9f072	feat(google-tdx): add Vector service integration - Enable Vector service and configure OpenTelemetry source. - Add sinks for logs output to console and Kafka. - Configure environment setup for Kafka using GCP metadata API. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-12 08:34:18 +01:00
Harald Hoyer	ff22db6054	chore(google-tdx): removed commented-out ssh debugging Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-11 08:29:34 +01:00
Harald Hoyer	c5cdc1e4ab	feat(google-tdx): disable LLMNR and MulticastDNS - Configured resolved service, disabling LLMNR and MulticastDNS for improved resolution settings. - Removed commented-out Prometheus Node config Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-11 08:29:29 +01:00
Harald Hoyer	fae9ad7f58	Merge pull request #264 from matter-labs/renovate/trufflesecurity-trufflehog-3.x chore(deps): update trufflesecurity/trufflehog action to v3.88.6	2025-02-11 08:28:54 +01:00
renovate[bot]	f3f5147bb1	chore(deps): update trufflesecurity/trufflehog action to v3.88.6	2025-02-10 18:59:21 +00:00
Harald Hoyer	a65e25742c	Merge pull request #263 from matter-labs/cargo_update chore: cargo deps update	2025-02-10 19:58:55 +01:00
Harald Hoyer	45309e58f4	chore: cargo deps update with code fixes for the new versions. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-10 15:44:16 +01:00
Harald Hoyer	99ab2f2b76	Merge pull request #231 from matter-labs/renovate/enarx-spdx-digest chore(deps): update enarx/spdx digest to b5bfdd4	2025-02-10 15:37:47 +01:00
renovate[bot]	49faaa984b	chore(deps): update enarx/spdx digest to b5bfdd4	2025-02-10 13:49:56 +00:00
Harald Hoyer	584a07defa	Merge pull request #243 from matter-labs/renovate/reqwest-0.x-lockfile chore(deps): update rust crate reqwest to v0.12.12	2025-02-10 14:49:30 +01:00
renovate[bot]	7d01a240d4	chore(deps): update rust crate reqwest to v0.12.12	2025-02-10 13:37:44 +00:00
Harald Hoyer	7a33be4a68	Merge pull request #230 from matter-labs/renovate/actions-checkout-digest chore(deps): update actions/checkout digest to 11bd719	2025-02-10 14:36:18 +01:00
renovate[bot]	01eac64182	chore(deps): update actions/checkout digest to 11bd719	2025-02-10 12:56:55 +00:00
Harald Hoyer	129afe25e6	Merge pull request #256 from matter-labs/renovate/rustls-0.x-lockfile chore(deps): update rust crate rustls to v0.23.22	2025-02-10 13:56:28 +01:00
renovate[bot]	87dd281437	chore(deps): update rust crate rustls to v0.23.22	2025-02-10 12:23:22 +00:00
Harald Hoyer	f95b6c52d6	Merge pull request #257 from matter-labs/renovate/serde-monorepo chore(deps): update rust crate serde to v1.0.217	2025-02-10 13:20:52 +01:00
renovate[bot]	decdc55a89	chore(deps): update rust crate serde to v1.0.217	2025-02-10 11:38:07 +00:00
Harald Hoyer	3bad44d38f	Merge pull request #200 from matter-labs/renovate/trufflesecurity-trufflehog-3.x chore(deps): update trufflesecurity/trufflehog action to v3.88.5	2025-02-10 12:36:25 +01:00
renovate[bot]	129c3c1333	chore(deps): update trufflesecurity/trufflehog action to v3.88.5	2025-02-10 11:23:00 +00:00
Harald Hoyer	c5273f2cc9	Merge pull request #254 from matter-labs/renovate/clap-4.x-lockfile chore(deps): update rust crate clap to v4.5.28	2025-02-10 12:20:53 +01:00
renovate[bot]	6b9984f4d6	chore(deps): update rust crate clap to v4.5.28	2025-02-04 03:12:07 +00:00
Patrick	c6e236cf46	Merge pull request #252 from matter-labs/tdx-test feat: add Google Metadata support and TDX container test	2025-02-03 17:17:20 +01:00
Harald Hoyer	11a22c9e67	feat: add Google Metadata support and TDX container test - Introduced `google-metadata` binary for reading GCP instance attributes. - Added TDX container test with new `container-test-tdx` package. - Updated Nix workflow and deployment scripts for Google Metadata integration. - Bumped `anyhow` to 1.0.95 and updated Cargo.lock. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-01-27 16:18:58 +01:00
Harald Hoyer	e2c31919c9	Merge pull request #251 from matter-labs/pab/onchain-verification feat(tee-key-preexec): support for onchain-compatible pubkey in report_data	2025-01-17 13:17:16 +01:00
Patryk Bęza	afa524c18c	Address code review comments	2025-01-17 12:41:07 +01:00
Patryk Bęza	2d04ba0508	feat(tee-key-preexec): add support for Solidity-compatible pubkey in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with https://github.com/matter-labs/zksync-era/pull/3414.	2025-01-16 20:46:16 +01:00

1 2 3 4 5 ...

503 commits