harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 15:13:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
492 commits 23 branches 61 tags 2.2 MiB
Commit graph

492 commits

This branch
This branch
All branches
Author SHA1 Message Date
Harald Hoyer
439574f22c
chore(tdx_google): remove unused teepot package from system environment 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-19 15:01:02 +01:00
Harald Hoyer
760ff7eff1
refactor(tdx_google): simplify service configurations 
- Replaced hardcoded metadata-fetching logic with shared metadata service.
- Removed custom pre-start scripts and refactored environment handling.
- Updated Vector configuration to include custom field transformations.
- Streamlined container startup process and ensured proper cleanup.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-19 15:00:43 +01:00
Harald Hoyer
5d2ad57cfd
refactor(tdx_google): modularize tdx_google configuration 
- Split `tdx_google/configuration.nix` into smaller modules: `vector.nix`, and `container.nix`.
- Simplified the main configuration by leveraging modular imports for better readability and maintainability.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>

# Conflicts:
#	packages/tdx_google/configuration.nix
 2025-02-19 15:00:42 +01:00
Harald Hoyer
4d273076ee
Merge pull request #271 from matter-labs/Metadata-Flavor 
fix(teepot): add custom HTTP header for google metadata and update default endpoint
 2025-02-19 14:59:09 +01:00
Harald Hoyer
98a71b3e3a
fix(teepot): add custom HTTP header for google metadata and update default endpoint 
- Replace `reqwest::get` with a configured `reqwest::Client` to support custom headers (e.g., "Metadata-Flavor: Google").
- Update default OTLP endpoint to include the "http://" prefix for clarity.
 2025-02-19 13:58:39 +01:00
Harald Hoyer
ee3061b2ec
Merge pull request #270 from matter-labs/serial 
feat(configuration): update journald and serial settings
 2025-02-19 11:30:28 +01:00
Harald Hoyer
bbbce81541
feat(configuration): update journald and serial settings 
- Set journald console to `/dev/ttyS0` for improved logging.
- Disable `serial-getty@ttyS0` service to avoid conflicts.
 2025-02-19 11:16:34 +01:00
Harald Hoyer
c4b1431221
Merge pull request #268 from matter-labs/tdx-test 
feat: rewrite google-metadata test as tdx-test
 2025-02-18 08:36:12 +01:00
Harald Hoyer
daf375836b
chore: remove unused deps 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-14 16:47:45 +01:00
Harald Hoyer
fbbb37ca5a
tests(tdxtest): ramp up the testing 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-14 16:47:44 +01:00
Harald Hoyer
a41460b7f0
feat(tdx-google): enhance container service setup 
- Add `vector.service` and `chronyd.service` dependencies to `docker_start_container` service.
- Use `EnvironmentFile` and a pre-start script to dynamically generate environment variables for container setup.
- Improve error handling and clarity in container initialization.
 2025-02-14 16:47:43 +01:00
Harald Hoyer
908579cd60
feat: rewrite google-metadata test as tdx-test 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-14 16:47:42 +01:00
Harald Hoyer
3325312c0d
Merge pull request #255 from matter-labs/vector_kafka 
feat(google-tdx): add vector pushing to kafka for logging
 2025-02-13 10:00:59 +01:00
Harald Hoyer
9266a9f072
feat(google-tdx): add Vector service integration 
- Enable Vector service and configure OpenTelemetry source.
- Add sinks for logs output to console and Kafka.
- Configure environment setup for Kafka using GCP metadata API.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-12 08:34:18 +01:00
Harald Hoyer
ff22db6054
chore(google-tdx): removed commented-out ssh debugging 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-11 08:29:34 +01:00
Harald Hoyer
c5cdc1e4ab
feat(google-tdx): disable LLMNR and MulticastDNS 
- Configured resolved service, disabling LLMNR and MulticastDNS
  for improved resolution settings.

- Removed commented-out Prometheus Node config

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-11 08:29:29 +01:00
Harald Hoyer
fae9ad7f58
Merge pull request #264 from matter-labs/renovate/trufflesecurity-trufflehog-3.x 
chore(deps): update trufflesecurity/trufflehog action to v3.88.6
 2025-02-11 08:28:54 +01:00
renovate[bot]
f3f5147bb1
chore(deps): update trufflesecurity/trufflehog action to v3.88.6 2025-02-10 18:59:21 +00:00
Harald Hoyer
a65e25742c
Merge pull request #263 from matter-labs/cargo_update 
chore: cargo deps update
 2025-02-10 19:58:55 +01:00
Harald Hoyer
45309e58f4
chore: cargo deps update 
with code fixes for the new versions.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-02-10 15:44:16 +01:00
Harald Hoyer
99ab2f2b76
Merge pull request #231 from matter-labs/renovate/enarx-spdx-digest 
chore(deps): update enarx/spdx digest to b5bfdd4
 2025-02-10 15:37:47 +01:00
renovate[bot]
49faaa984b
chore(deps): update enarx/spdx digest to b5bfdd4 2025-02-10 13:49:56 +00:00
Harald Hoyer
584a07defa
Merge pull request #243 from matter-labs/renovate/reqwest-0.x-lockfile 
chore(deps): update rust crate reqwest to v0.12.12
 2025-02-10 14:49:30 +01:00
renovate[bot]
7d01a240d4
chore(deps): update rust crate reqwest to v0.12.12 2025-02-10 13:37:44 +00:00
Harald Hoyer
7a33be4a68
Merge pull request #230 from matter-labs/renovate/actions-checkout-digest 
chore(deps): update actions/checkout digest to 11bd719
 2025-02-10 14:36:18 +01:00
renovate[bot]
01eac64182
chore(deps): update actions/checkout digest to 11bd719 2025-02-10 12:56:55 +00:00
Harald Hoyer
129afe25e6
Merge pull request #256 from matter-labs/renovate/rustls-0.x-lockfile 
chore(deps): update rust crate rustls to v0.23.22
 2025-02-10 13:56:28 +01:00
renovate[bot]
87dd281437
chore(deps): update rust crate rustls to v0.23.22 2025-02-10 12:23:22 +00:00
Harald Hoyer
f95b6c52d6
Merge pull request #257 from matter-labs/renovate/serde-monorepo 
chore(deps): update rust crate serde to v1.0.217
 2025-02-10 13:20:52 +01:00
renovate[bot]
decdc55a89
chore(deps): update rust crate serde to v1.0.217 2025-02-10 11:38:07 +00:00
Harald Hoyer
3bad44d38f
Merge pull request #200 from matter-labs/renovate/trufflesecurity-trufflehog-3.x 
chore(deps): update trufflesecurity/trufflehog action to v3.88.5
 2025-02-10 12:36:25 +01:00
renovate[bot]
129c3c1333
chore(deps): update trufflesecurity/trufflehog action to v3.88.5 2025-02-10 11:23:00 +00:00
Harald Hoyer
c5273f2cc9
Merge pull request #254 from matter-labs/renovate/clap-4.x-lockfile 
chore(deps): update rust crate clap to v4.5.28
 2025-02-10 12:20:53 +01:00
renovate[bot]
6b9984f4d6
chore(deps): update rust crate clap to v4.5.28 2025-02-04 03:12:07 +00:00
Patrick
c6e236cf46
Merge pull request #252 from matter-labs/tdx-test 
feat: add Google Metadata support and TDX container test
 2025-02-03 17:17:20 +01:00
Harald Hoyer
11a22c9e67
feat: add Google Metadata support and TDX container test 
- Introduced `google-metadata` binary for reading GCP instance attributes.
- Added TDX container test with new `container-test-tdx` package.
- Updated Nix workflow and deployment scripts for Google Metadata integration.
- Bumped `anyhow` to 1.0.95 and updated Cargo.lock.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-01-27 16:18:58 +01:00
Harald Hoyer
e2c31919c9
Merge pull request #251 from matter-labs/pab/onchain-verification 
feat(tee-key-preexec): support for onchain-compatible pubkey in report_data
 2025-01-17 13:17:16 +01:00
Patryk Bęza
afa524c18c
Address code review comments 2025-01-17 12:41:07 +01:00
Patryk Bęza
2d04ba0508
feat(tee-key-preexec): add support for Solidity-compatible pubkey in report_data 
This PR is part of the effort to implement on-chain TEE proof
verification. This PR goes hand in hand with https://github.com/matter-labs/zksync-era/pull/3414.
 2025-01-16 20:46:16 +01:00
Patrick
e5cca31ac0
Merge pull request #250 from matter-labs/preexec-test 
feat(tee-key-preexec): add test container for tee-key-preexec
 2025-01-15 16:01:59 +01:00
Harald Hoyer
99037ceb6c
feat(tee-key-preexec): add test container for tee-key-preexec 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-01-15 15:48:21 +01:00
Harald Hoyer
e649fdab87
Merge pull request #248 from matter-labs/tdx_nix 
feat(tdx): add nix build for TDX google VMs
 2025-01-14 16:10:31 +01:00
Harald Hoyer
dc1e756ec6
feat(tdx): add nix build for TDX google VMs 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-01-14 14:50:43 +01:00
Harald Hoyer
8270c389e4
Merge pull request #247 from matter-labs/collateral_free_on_error 
fix(teepot-tee-quote-verification-rs): free collateral on ffi error
 2025-01-13 15:29:52 +01:00
Harald Hoyer
dc9263911f
fix(teepot-tee-quote-verification-rs): free collateral on ffi error 
Free the FFI collateral on rust checks anyway to prevent memory leaks.

Also remove the `TryFrom<&sgx_ql_qve_collateral_t>` as it is unsafe.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-01-13 13:50:04 +01:00
Harald Hoyer
1f88d506a3
Merge pull request #246 from matter-labs/fix_leak 
fix(teepot-tee-quote-verification-rs): memory leak
 2025-01-13 10:53:50 +01:00
Harald Hoyer
584223dc93
fix(teepot-tee-quote-verification-rs): memory leak 
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
 2025-01-13 10:35:12 +01:00
Harald Hoyer
9de56d3adb
Merge pull request #234 from matter-labs/renovate/cachix-install-nix-action-30.x 
chore(deps): update cachix/install-nix-action action to v30
 2025-01-07 11:28:08 +01:00
renovate[bot]
102f73b1eb
chore(deps): update cachix/install-nix-action action to v30 2024-12-20 16:13:47 +00:00
Patrick
d2fbdb5bed
Merge pull request #236 from matter-labs/flake_update 
chore(flake): update nixsgx flake input
 2024-12-20 17:11:54 +01:00