diff --git a/CMakeLists.txt b/CMakeLists.txt index 043875bf..66ed620d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,6 +1,6 @@ cmake_minimum_required(VERSION 3.11) -project(marblerun VERSION 1.1.0) +project(marblerun VERSION 1.2.0) find_package(OpenEnclave CONFIG REQUIRED) if (NOT CMAKE_BUILD_TYPE) diff --git a/charts/Chart.yaml b/charts/Chart.yaml index 792af851..b3c154a6 100644 --- a/charts/Chart.yaml +++ b/charts/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v1.1.0 +appVersion: v1.2.0 description: The control plane for confidential computing. home: https://edgeless.systems keywords: @@ -9,7 +9,7 @@ kubeVersion: ">=1.13.0-0" name: marblerun sources: - https://github.com/edgelesssys/marblerun -version: 1.1.0 +version: 1.2.0 maintainers: - name: Edgeless Systems email: contact@edgeless.systems diff --git a/charts/README.md b/charts/README.md index e20085a2..ac433a3c 100644 --- a/charts/README.md +++ b/charts/README.md @@ -45,7 +45,7 @@ their default values. | `coordinator.sealDir` | string | Path to the directory used for sealing data. Needs to be consistent with the persisten storage setup | `"/coordinator/data/"` | | `coordinator.simulation` | bool | SGX simulation settings, set to `true` if your not running on an SGX capable cluster | `false` | | `coordinator.storageClass` | string | Kubernetes [StorageClass](https://kubernetes.io/docs/concepts/storage/storage-classes/) to use for creating the Coordinator PVC. Leave empty to use the default StorageClass | -| `coordinator.version` | string | Version of the coordinator container image to pull | `"v1.1.0"` | +| `coordinator.version` | string | Version of the coordinator container image to pull | `"v1.2.0"` | | `global.coordinatorComponentLabel` | string | Control plane label. Do not edit | `"edgeless.systems/control-plane-component"` | | `global.coordinatorNamespaceLabel` | string | Control plane label. Do not edit | `"edgeless.systems/control-plane-ns"` | | `global.podAnnotations` | object | Additional annotations to add to all pods | `{}`| @@ -55,7 +55,7 @@ their default values. | `marbleInjector.start` | bool | Start the marbleInjector webhook | `false` | | `marbleInjector.replicas` | int | Replicas of the marbleInjector webhook | `1` | | `marbleInjector.repository` | string | Name of the container registry to pull the marbleInjector image from | `"ghcr.io/edgelesssys/marblerun"` | -| `marbleInjector.version` | string | Version of the marbleInjector container image to pull | `"v1.1.0"` | +| `marbleInjector.version` | string | Version of the marbleInjector container image to pull | `"v1.2.0"` | | `marbleInjector.useCertManager` | bool | Set to use cert-manager for certificate provisioning. Required when using standalone helm chart for installation | `false` | | `marbleInjector.objectSelector` | object | ObjectSelector to trigger marble-injector mutation, See the [K8S documentation](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-objectselector) for more information | `{matchExpressions:[{key:"marblerun/marbletype",operator:"Exists"}]}` | | `marbleInjector.namespaceSelector` | object | NamespaceSelector to trigger marble-injector mutation, See the [K8S documentation](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-namespaceselector) for more information | `{}` | diff --git a/charts/values.yaml b/charts/values.yaml index 4371f37c..3dc6bea1 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -29,7 +29,7 @@ marbleInjector: repository: ghcr.io/edgelesssys/marblerun image: marble-injector pullPolicy: IfNotPresent - version: v1.1.0 + version: v1.2.0 # Set to true to install the injection webhook start: false @@ -61,7 +61,7 @@ coordinator: repository: ghcr.io/edgelesssys/marblerun image: coordinator pullPolicy: IfNotPresent - version: v1.1.0 + version: v1.2.0 # Environment configuration for the coordinator control-plane # meshServerPort needs to be configured to the same port as in the data-plane marbles diff --git a/dockerfiles/Dockerfile.build-base b/dockerfiles/Dockerfile.build-base index d7d79cb4..d47e04d3 100644 --- a/dockerfiles/Dockerfile.build-base +++ b/dockerfiles/Dockerfile.build-base @@ -1,8 +1,8 @@ -FROM ubuntu:focal-20230308 +FROM ubuntu:focal-20230605 RUN apt-get update && apt-get install -dy --no-install-recommends \ build-essential \ ca-certificates \ - clang-10 \ + clang-11 \ cmake \ git \ libssl-dev \ diff --git a/dockerfiles/Dockerfile.coordinator b/dockerfiles/Dockerfile.coordinator index a6415b52..47779ec8 100644 --- a/dockerfiles/Dockerfile.coordinator +++ b/dockerfiles/Dockerfile.coordinator @@ -1,19 +1,20 @@ -FROM ghcr.io/edgelesssys/marblerun/build-base:v1.1.0 AS build +FROM ghcr.io/edgelesssys/marblerun/build-base:v1.2.0 AS build # don't run `apt-get update` because required packages are cached in build-base for reproducibility RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ build-essential \ ca-certificates \ - clang-10 \ + clang-11 \ cmake \ git \ libssl-dev \ ninja-build \ wget -ARG erttag=v0.3.8 -ARG mrtag=v1.1.0 -RUN wget -qO- https://golang.org/dl/go1.20.2.linux-amd64.tar.gz | tar -C /usr/local -xz \ +ARG erttag=v0.3.9 +ARG mrtag=v1.2.0 +ARG goversion=1.20.5 +RUN wget -qO- https://golang.org/dl/go${goversion}.linux-amd64.tar.gz | tar -C /usr/local -xz \ && git clone -b $erttag --depth=1 https://github.com/edgelesssys/edgelessrt \ && git clone -b $mrtag --depth=1 https://github.com/edgelesssys/marblerun \ && mkdir ertbuild mrbuild @@ -43,10 +44,10 @@ COPY --from=build \ / # the coordinator container image -FROM ubuntu:focal-20230308 AS release +FROM ubuntu:focal-20230605 AS release ARG PSW_VERSION=2.19.100.3-focal1 ARG DCAP_VERSION=1.16.100.2-focal1 -ARG AZ_VERSION=1.11.2 +ARG AZ_VERSION=1.12.0 RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates gnupg libcurl4 wget \ && wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add \ && echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' >> /etc/apt/sources.list \ diff --git a/go.mod b/go.mod index 1eb788d6..f73edbcc 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/crypto v0.10.0 golang.org/x/sys v0.9.0 google.golang.org/grpc v1.56.1 - google.golang.org/protobuf v1.30.0 + google.golang.org/protobuf v1.31.0 gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.12.1 k8s.io/api v0.27.3 diff --git a/go.sum b/go.sum index 73bdff5d..6fa54401 100644 --- a/go.sum +++ b/go.sum @@ -1059,8 +1059,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/renovate.json b/renovate.json index 1aaaf4bd..edf39881 100644 --- a/renovate.json +++ b/renovate.json @@ -16,8 +16,10 @@ "gomodTidy", "gomodUpdateImportPaths" ], - "prConcurrentLimit": 4, - "assignees": ["daniel-weisse"], + "prConcurrentLimit": 6, + "assignees": [ + "daniel-weisse" + ], "packageRules": [ { "matchManagers": [