Commit Graph

12 Commits

Author SHA1 Message Date
Tuomas Katila
42c34a74a4 tls: drop additional ciphers
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
2024-08-21 12:28:02 +03:00
Tuomas Katila
1a13dcd3e2 tls: limit version to 1.2 only and selected ciphers
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
2024-08-20 11:58:38 +03:00
Mikko Ylinen
2399794ef8 webhooks: make SGX mutator registration to follow other webhooks
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2024-03-05 17:38:26 +02:00
Mikko Ylinen
d7997800a9 logging: move away from klogr to ktesting/textlogger
klog has added ktesting/textlogger and is going to deprecate
klogr. The deprecation is going to trigger golangci-lint (staticcheck)
errors so rework the logging and move to ktesting/textlogger.

The commit also fixes the loglevel setting with operator.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2023-11-20 09:46:41 +02:00
Mikko Ylinen
60530ecdcd go.mod: bump sigs.k8s.io/controller-runtime from 0.15.1 to 0.16.0
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2023-08-23 09:30:08 +03:00
Mikko Ylinen
42d47b9a81 go.mod: update to sigs.k8s.io/controller-runtime v0.15.0-beta.0
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2023-05-19 07:42:21 +03:00
Mikko Ylinen
e428cd6c19 go.mod: update to k8s 1.27.1 and controller runtime 0.15.x
k8s 1.27.x triggers build errors on controller-runtime 0.14.x
so we will need to update to 0.15.x at the same time.

Changes include:

* k8s e2e framework moved to use Ginkgo context so we add
  test context to all our test nodes.
* adapt Ginkgo parameter modifications.
* adapt SGX admissionwebhook to InjectDecoder removal.
* adapt deviceplugins and FPGA CRDs to controller-runtime
  API changes.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2023-05-09 14:49:24 +03:00
Mikko Ylinen
b81d2dcba8 Update SGX and FPGA webhook flags
SGX Admission webhook was quickly forked from FPGA's
implementation. After a bit of thinking, it turns out
leader election and metrics are not necessary for a
(idempotent) webhook-only functionality.

For FPGA Admission webhook, the metrics isn't correctly
set up so it's better to disable the functionality. Leader
election is kept but the flag name is renamed to align with
"kubebuilder v3 functionality" similar to how we changed it
to the operator as well.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2022-09-13 13:18:28 +03:00
Mikko Ylinen
f9ca36cc26 set TLSMinVersion for webhook servers
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2022-06-20 19:04:50 +03:00
Ed Bartosh
cec004c398 lint: enable wsl check
Fixes: #392

Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
2021-12-17 11:48:48 +02:00
Hyeongju Johannes Lee
09ba9fde00 Update tool versions and fix errors and warnings that originated from the update
Update tool versions
Fix the errors and warnings originated from the update:
-Correct type deviceInfo (->DeviceInfo) to make it public
-Fix gpu_plugin.go and vpu_plugin_test.go where stylecheck errors occur
-Fix deprecation warnings
-Rename type 'PatcherManager' to 'Manager' to solve exported errors
-Rename type 'SgxMutator' to 'Mutator' to solve exported errors

Signed-off-by: Hyeongju Johannes Lee <hyeongju.lee@intel.com>
2021-08-25 07:09:34 +00:00
Mikko Ylinen
280bdceb2a sgx: add separate admissionwebhook image
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2021-04-14 08:09:33 +03:00