teepot

mirror of https://github.com/matter-labs/teepot.git synced 2025-10-25 20:34:05 +02:00

Author	SHA1	Message	Date
Harald Hoyer	27f35a7432	Merge pull request #193 from matter-labs/secure-eventfd fix(container-vault-sgx-azure): remove insecure eventfd setting	2024-08-29 11:22:50 +02:00
Harald Hoyer	8d3f378392	fix(container-vault-sgx-azure): remove insecure eventfd setting Removed the sys.insecure__allow_eventfd setting, because gramine has a secure eventfd implementation since [v1.7](https://github.com/gramineproject/gramine/releases/tag/v1.7).	2024-08-29 10:58:46 +02:00
Harald Hoyer	8ce8f5bccb	Merge pull request #182 from matter-labs/vault_netpoll fix(vault): maybe fix `netpollBreak` issues	2024-08-08 15:11:27 +02:00
Harald Hoyer	33fe7f17fa	fix(vault): maybe fix `netpollBreak` issues - Updated the flake.lock for nixsgx dependency with new revision to get a patched gramine https://github.com/matter-labs/nixsgx/pull/54 - Enabled `sys.insecure__allow_eventfd` to support recent golang changes in the `netpoll` implementation	2024-08-08 14:51:04 +02:00
Harald Hoyer	49fb234d2a	Merge pull request #181 from matter-labs/ulimit fix(container-vault-sgx-azure): increase max file descriptors for vault	2024-08-08 12:19:40 +02:00
Harald Hoyer	2d1d68210b	fix(container-vault-sgx-azure): increase max file descriptors for vault Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-08 11:06:56 +02:00
Harald Hoyer	bb93775252	Merge pull request #179 from matter-labs/renovate/trufflesecurity-trufflehog-3.x chore(deps): update trufflesecurity/trufflehog action to v3.81.7	2024-08-08 10:20:46 +02:00
renovate[bot]	cec4785d49	chore(deps): update trufflesecurity/trufflehog action to v3.81.7	2024-08-08 08:12:27 +00:00
Harald Hoyer	9b34b30d24	Merge pull request #180 from matter-labs/renovate/serde-monorepo chore(deps): update rust crate serde to v1.0.205	2024-08-08 10:11:58 +02:00
renovate[bot]	6b7e1b09cb	chore(deps): update rust crate serde to v1.0.205	2024-08-08 02:33:26 +00:00
Harald Hoyer	4f606d0117	Merge pull request #178 from matter-labs/performance_multiplier fix: increase `performance_multiplier`	2024-08-07 16:55:59 +02:00
Harald Hoyer	c92cb4e0b1	fix: increase `performance_multiplier` Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 16:43:30 +02:00
Harald Hoyer	af9ee3df2e	Merge pull request #177 from matter-labs/performance_multiplier fix: use `performance_multiplier`	2024-08-07 16:06:16 +02:00
Harald Hoyer	6be0ac561e	fix: use `performance_multiplier` The vault instances lose the raft leader status, while loading the `vault-auth-tee` plugin, because the gramine enviroment slows down the `execve` significantly. Using `performance_multiplier` relaxes the timeouts for the raft protocol. see also: https://github.com/hashicorp/vault/issues/28009 Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 15:54:22 +02:00
Harald Hoyer	e476792bfe	Merge pull request #160 from matter-labs/renovate/trufflesecurity-trufflehog-3.x chore(deps): update trufflesecurity/trufflehog action to v3.81.6	2024-08-07 15:54:08 +02:00
renovate[bot]	847a950500	chore(deps): update trufflesecurity/trufflehog action to v3.81.6	2024-08-07 13:47:32 +00:00
Harald Hoyer	09aa640c65	Merge pull request #176 from matter-labs/cargo_update chore: cargo update	2024-08-07 15:47:08 +02:00
Harald Hoyer	0bdc3425e4	chore: cargo update and fix `cargo clippy` issues. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 15:26:20 +02:00
Harald Hoyer	64715ccbdf	Merge pull request #175 from matter-labs/unseal feat: add Kubernetes pod spec for vault-unseal and update docs	2024-08-07 15:24:46 +02:00
Harald Hoyer	eae8b860a9	feat: add Kubernetes pod spec for vault-unseal and update docs - Add `vault-unseal-pod-*.yaml` for Kubernetes deployment. - Update `README.md` to reflect changes in unseal and sign commands. - Add `vault` to the `shells/teepot/default.nix` package list. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 14:46:10 +02:00
Harald Hoyer	4ed311a16a	Merge pull request #174 from matter-labs/raft_join fix(teepot-vault-unseal-sgx): make ca files readable	2024-08-07 14:45:39 +02:00
Harald Hoyer	36449980c2	fix(teepot-vault-unseal-sgx): pass `CA_CERT_FILE` Although the file was included, it was not in the standard location. Passing the absolute path fixes the issue. The CA file is needed for the raft join command. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 14:34:25 +02:00
Harald Hoyer	42aa0ed6b0	Merge pull request #173 from matter-labs/debug_vault chore: turn off debug again	2024-08-07 13:10:25 +02:00
Harald Hoyer	97a1654c59	chore: turn off debug again The increase of `max_threads` and `stack.size` did the trick. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 12:22:17 +02:00
Harald Hoyer	68c8bda0e4	Merge pull request #172 from matter-labs/debug_vault chore: tweak vault parameters for slow plugin loading	2024-08-07 10:25:00 +02:00
Harald Hoyer	0de5447580	chore: tweak vault parameters for slow plugin loading Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-07 10:12:36 +02:00
Harald Hoyer	0541bbabf4	Merge pull request #171 from matter-labs/debug_vault chore: debug vault with gramine debug	2024-08-06 17:05:10 +02:00
Harald Hoyer	a0a08d2ce7	chore: debug vault with gramine debug Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-06 16:34:36 +02:00
Harald Hoyer	57b25f65f5	Merge pull request #170 from matter-labs/debug_vault chore: debug vault with gramine trace	2024-08-06 15:53:32 +02:00
Harald Hoyer	a0144973f1	Merge branch 'main' into debug_vault	2024-08-06 15:20:46 +02:00
Harald Hoyer	cd108a5d9f	chore: debug vault with gramine trace Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-06 15:12:12 +02:00
Harald Hoyer	738412a13c	Merge pull request #169 from matter-labs/debug_vault chore: debug vault with gramine warning	2024-08-06 13:10:48 +02:00
Harald Hoyer	840730d598	chore: debug vault with gramine warning Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-06 12:57:48 +02:00
Harald Hoyer	7daeb1b323	Merge pull request #159 from matter-labs/renovate/tokio-1.x-lockfile chore(deps): update rust crate tokio to v1.39.1	2024-07-26 10:52:09 +02:00
renovate[bot]	6b3a60c3d1	chore(deps): update rust crate tokio to v1.39.1	2024-07-23 16:34:36 +00:00
D025	7f525eb172	ci: change runners for execute jobs	2024-07-23 13:55:01 +00:00
Harald Hoyer	1397e3c2dd	Merge pull request #161 from matter-labs/patrick/simplify-dependencies fix(verify-attestation): simplify dependencies	2024-07-22 15:41:48 +02:00
Patryk Bęza	ad6ce872f8	fix(verify-attestation): simplify dependencies The zksync crates have recently been published on crates.io. Let's take advantage of them! Specifically, we are replacing alloy-primitives with zksync_basic_types to avoid the additional transitive dependencies introduced by alloy.	2024-07-22 14:45:27 +02:00
Harald Hoyer	c48cbc636d	Merge pull request #156 from matter-labs/patrick/sgx-attestation-verifier feat(verify-attestation): attestation and batch signature verification binary	2024-07-12 08:54:36 +02:00
Patryk Bęza	51c1e72a03	Use Docker's entrypoint instead of command	2024-07-11 17:49:37 +02:00
Patryk Bęza	78447ea307	Unify verify-attestation-sgx and verify-attestation Rationale: too much copy-paste	2024-07-11 17:13:11 +02:00
Patryk Bęza	0a0811e99e	Fix formatting	2024-07-11 13:16:16 +02:00
Patryk Bęza	f3f6ea1dba	Introduce root_hash option	2024-07-11 11:29:37 +02:00
Patryk Bęza	f90088be76	SGX attestation & batch signature verification tool	2024-07-10 14:47:07 +02:00
Harald Hoyer	0d8943c582	Merge pull request #155 from matter-labs/fix_config_dns fix: dns for vault nodes	2024-07-09 15:50:09 +02:00
otani	ace415a43e	fix: dns for vault nodes	2024-07-09 16:39:04 +03:00
Harald Hoyer	9826f028b4	Merge pull request #154 from matter-labs/teepot-dns chore: change dns names for the vault cluster	2024-07-09 12:13:52 +02:00
Harald Hoyer	ae01290bcc	chore: change dns names for the vault cluster Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-07-09 11:11:10 +02:00
Harald Hoyer	8dadc1f76b	Merge pull request #150 from matter-labs/VAULT_AUTH_TEE_SHA256_FILE fix(tee-vault-unseal): pick either `VAULT_AUTH_TEE_SHA256` string or file	2024-07-03 14:58:37 +02:00
Harald Hoyer	204aa33f7f	fix(tee-vault-unseal): pick either `VAULT_AUTH_TEE_SHA256` string or file Pick either `VAULT_AUTH_TEE_SHA256` or `VAULT_AUTH_TEE_SHA256_FILE`, with `VAULT_AUTH_TEE_SHA256` having the precedence. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-07-03 14:42:06 +02:00

1 2 3 4 5 ...

279 commits