harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 23:23:57 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
196 commits 23 branches 61 tags 2.2 MiB
Commit graph

23 commits

Author SHA1 Message Date
Harald Hoyer
695355d095
chore: Update GitHub actions to run on custom runner and push to Google Artifact Registry 
This commit updates the GitHub workflows to push Docker images to Google Artifact Registry.
Additionally, it refines event conditions, separates build ID generation for normal pushes and tag pushes, and introduces tagging workflow for '*-sgx-*' tags.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-28 10:41:58 +02:00
renovate[bot]
6e57e4f1c9
chore(deps): update actions/checkout digest to 692973e 2024-06-13 17:10:58 +00:00
Harald Hoyer
7870e08779
ci: fix infra docker push 
s/::/:/g

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-12 15:12:55 +02:00
Harald Hoyer
cfb133bca9
ci: fix and revise docker push strategy 
- containers are not `latest` by default anymore
- `latest` tag is only set on push to main branch
- buildid tag is only set on push to main branch, and
  changed to the infra repo soonish
- added the missing `vault-unseal` and `vault-admin` container

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-12 14:06:27 +02:00
Harald Hoyer
d0c5950c0e
feat: use nixsgx nix function to create containers 
It refactors the way the SGX containers are built.
This removes all `Dockerfile` and gramine manifest files.
It also enables a single recipe for azure and non-azure variants.

Additionally the `teepot-crate.nix` is now the inherited recipe to
build the rust `teepot` crate.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-10 16:32:02 +02:00
renovate[bot]
01fb85ef04
chore(deps): update cachix/install-nix-action action to v27 2024-05-22 12:08:24 +00:00
renovate[bot]
d5b44bae8f
chore(deps): update cachix/cachix-action action to v15 2024-05-22 11:31:25 +00:00
renovate[bot]
ea91acadc0
chore(deps): update actions/checkout digest to a5ac7e5 2024-05-21 11:07:53 +00:00
renovate[bot]
7cc38a78df
chore(deps): update actions/checkout digest to 0ad4b8f 2024-04-29 09:46:45 +00:00
Harald Hoyer
6dbafa13d9
ci: pin nixci version to the 23.11 release 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-04-25 09:38:43 +02:00
Harald Hoyer
9e068871c1
ci: remove workflows already in nix check 
reduces time to run the CI.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-27 17:00:50 +01:00
Harald Hoyer
0654bacdb5
ci: use crane flake to build with nix 
This enables to add cargo `fmt`, `clippy` and `deny` to nix, using cached results.

Move the `teepot` crate to the `crates` subdir to make the life easier for
the `crane` flake.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-11 10:01:59 +01:00
Harald Hoyer
7a427b68c7
ci: use --check for nix fmt 
otherwise the ci job does not fail

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-08 15:32:38 +01:00
renovate[bot]
a0510ec32d
chore(deps): update cachix/install-nix-action action to v26 2024-03-08 13:31:52 +00:00
Harald Hoyer
a8a9a94380
ci: fix nix push_to_docker concurrency group 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-08 12:17:51 +01:00
Harald Hoyer
97420df006
feat: attestation test on azure and default dcap 
```
❯ docker run -i --rm --privileged  --device /dev/sgx_enclave --net host \
  matterlabsrobot/teepot-self-attestation-test-sgx-azure:latest \
  | base64 -d --ignore-garbage \
  | docker run -i --rm --net host matterlabsrobot/verify-attestation-sgx-azure:latest
```

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-07 16:05:27 +01:00
Harald Hoyer
f875e7a6e4
chore(deps): update rust crate base64 to 0.22.0 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-05 11:10:41 +01:00
Harald Hoyer
91f1612e0f
chore: cleanup and nixify 
* create containers with nix
* updated README.md
* added SPDX license headers

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-28 11:09:34 +01:00
Harald Hoyer
ec26f75cfb
ci: fix docker push 
docker does not support pushing and tagging with a different name in one
go as podman does.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-15 09:42:34 +01:00
Harald Hoyer
a52b611f86
ci: fix pushing to docker 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-15 09:26:49 +01:00
Harald Hoyer
b59db0f996
fix: use matterlabsrobot docker namespace 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-14 16:45:38 +01:00
Harald Hoyer
d8110f3720
feat: build and push container-verify-attestation 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-14 16:01:59 +01:00
Harald Hoyer
89ffbd35a8
feat: initial commit 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-09 10:10:53 +01:00