harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 23:23:57 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
168 commits 23 branches 61 tags 2.2 MiB
Commit graph

34 commits

Author SHA1 Message Date
Harald Hoyer
cfb133bca9
ci: fix and revise docker push strategy 
- containers are not `latest` by default anymore
- `latest` tag is only set on push to main branch
- buildid tag is only set on push to main branch, and
  changed to the infra repo soonish
- added the missing `vault-unseal` and `vault-admin` container

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-12 14:06:27 +02:00
renovate[bot]
8049ae5cf1
chore(deps): update trufflesecurity/trufflehog action to v3.78.1 2024-06-11 19:59:54 +00:00
Harald Hoyer
d0c5950c0e
feat: use nixsgx nix function to create containers 
It refactors the way the SGX containers are built.
This removes all `Dockerfile` and gramine manifest files.
It also enables a single recipe for azure and non-azure variants.

Additionally the `teepot-crate.nix` is now the inherited recipe to
build the rust `teepot` crate.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-06-10 16:32:02 +02:00
renovate[bot]
01fb85ef04
chore(deps): update cachix/install-nix-action action to v27 2024-05-22 12:08:24 +00:00
renovate[bot]
d5b44bae8f
chore(deps): update cachix/cachix-action action to v15 2024-05-22 11:31:25 +00:00
renovate[bot]
8863d4d691
chore(deps): update trufflesecurity/trufflehog action to v3.76.3 2024-05-21 22:33:59 +00:00
renovate[bot]
ea91acadc0
chore(deps): update actions/checkout digest to a5ac7e5 2024-05-21 11:07:53 +00:00
renovate[bot]
dc51edba09
chore(deps): update trufflesecurity/trufflehog action to v3.75.1 2024-05-07 01:09:52 +00:00
renovate[bot]
7cc38a78df
chore(deps): update actions/checkout digest to 0ad4b8f 2024-04-29 09:46:45 +00:00
renovate[bot]
9716eb44a7
chore(deps): update trufflesecurity/trufflehog action to v3.74.0 2024-04-29 09:42:38 +00:00
Harald Hoyer
6dbafa13d9
ci: pin nixci version to the 23.11 release 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-04-25 09:38:43 +02:00
renovate[bot]
b0e6ff7c67
chore(deps): update trufflesecurity/trufflehog action to v3.73.0 2024-04-18 12:04:02 +00:00
renovate[bot]
84afb301ff
chore(deps): update trufflesecurity/trufflehog action to v3.71.2 2024-03-28 16:07:07 +00:00
renovate[bot]
8757c91316
chore(deps): update trufflesecurity/trufflehog action to v3.71.1 2024-03-27 16:05:37 +00:00
Harald Hoyer
9e068871c1
ci: remove workflows already in nix check 
reduces time to run the CI.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-27 17:00:50 +01:00
Harald Hoyer
0654bacdb5
ci: use crane flake to build with nix 
This enables to add cargo `fmt`, `clippy` and `deny` to nix, using cached results.

Move the `teepot` crate to the `crates` subdir to make the life easier for
the `crane` flake.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-11 10:01:59 +01:00
Harald Hoyer
7a427b68c7
ci: use --check for nix fmt 
otherwise the ci job does not fail

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-08 15:32:38 +01:00
renovate[bot]
373504c581
chore(deps): update trufflesecurity/trufflehog action to v3.69.0 2024-03-08 14:25:47 +00:00
renovate[bot]
a0510ec32d
chore(deps): update cachix/install-nix-action action to v26 2024-03-08 13:31:52 +00:00
Harald Hoyer
a8a9a94380
ci: fix nix push_to_docker concurrency group 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-08 12:17:51 +01:00
Harald Hoyer
97420df006
feat: attestation test on azure and default dcap 
```
❯ docker run -i --rm --privileged  --device /dev/sgx_enclave --net host \
  matterlabsrobot/teepot-self-attestation-test-sgx-azure:latest \
  | base64 -d --ignore-garbage \
  | docker run -i --rm --net host matterlabsrobot/verify-attestation-sgx-azure:latest
```

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-07 16:05:27 +01:00
renovate[bot]
d118158c77
chore(deps): update trufflesecurity/trufflehog action to v3.68.5 2024-03-07 03:39:38 +00:00
Harald Hoyer
f875e7a6e4
chore(deps): update rust crate base64 to 0.22.0 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-03-05 11:10:41 +01:00
renovate[bot]
5d2e5dccd6
chore(deps): update trufflesecurity/trufflehog action to v3.68.4 2024-03-05 08:35:12 +00:00
Harald Hoyer
91f1612e0f
chore: cleanup and nixify 
* create containers with nix
* updated README.md
* added SPDX license headers

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-28 11:09:34 +01:00
renovate[bot]
8784837184
chore(deps): update trufflesecurity/trufflehog action to v3.68.0 2024-02-21 18:34:14 +00:00
Harald Hoyer
ec26f75cfb
ci: fix docker push 
docker does not support pushing and tagging with a different name in one
go as podman does.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-15 09:42:34 +01:00
Harald Hoyer
a52b611f86
ci: fix pushing to docker 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-15 09:26:49 +01:00
Harald Hoyer
b59db0f996
fix: use matterlabsrobot docker namespace 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-14 16:45:38 +01:00
Harald Hoyer
d8110f3720
feat: build and push container-verify-attestation 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-14 16:01:59 +01:00
renovate[bot]
8ba6f5651f
chore(deps): update trufflesecurity/trufflehog action to v3.67.6 2024-02-13 16:05:13 +00:00
Harald Hoyer
f8c94c3e6b
chore: do not publish containers to ghcr.io anymore 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-13 16:54:21 +01:00
renovate[bot]
0b8ee36068
chore(deps): update trufflesecurity/trufflehog action to v3.67.5 2024-02-09 12:39:15 +00:00
Harald Hoyer
89ffbd35a8
feat: initial commit 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2024-02-09 10:10:53 +01:00