Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
constellation config generate
by @msanft in https://github.com/edgelesssys/constellation/pull/2455
constellation apply
command to replace init
and upgrade apply
by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/2484
init
or upgrade apply
by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/2487
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.12.0...v2.13.0
constellation verify
by @elchead in https://github.com/edgelesssys/constellation/pull/2391
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.11.0...v2.12.0
-c
and -w
flags from constellation create
by @3u13r in https://github.com/edgelesssys/constellation/pull/2325
verify
by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/2299
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.10.1...v2.11.0
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.10.0...v2.10.1
aws-load-balancer-controller
to fix SecurityGroup cleanup on K8s service deletion by @elchead in https://github.com/edgelesssys/constellation/pull/2090
--workspace
flag to set base directory for Constellation workspace by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/2148
iam upgrade apply
by @elchead in https://github.com/edgelesssys/constellation/pull/2132
status
by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/2128
verify
command by @katexochen in https://github.com/edgelesssys/constellation/pull/2172
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.9.0...v2.10.0
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.9.0...v2.9.1
awsSEVSNP
as new variant by @derpsteb in https://github.com/edgelesssys/constellation/pull/1900
status
shows attestation config by @elchead in https://github.com/edgelesssys/constellation/pull/2056
upgrade apply --force
skips all compatibility checks by @elchead in https://github.com/edgelesssys/constellation/pull/1940
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.8.0...v2.9.0
config generate
by @elchead in https://github.com/edgelesssys/constellation/pull/1769
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.7.1...v2.8.0
constellation iam destroy
error on Azure by force-deleting resource group by @msanft in https://github.com/edgelesssys/constellation/pull/1667
upgrade apply
by @derpsteb in https://github.com/edgelesssys/constellation/pull/1702
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.7.0...v2.7.1
upgradeConfig
and require name
and microserviceVersion
fields by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/1541
EnforceIDKeyDigest
config field to enable Microsoft Azure Attestation fallback when verifying AMD SNP-SEV id key digest by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/1257
upgrade apply
now allows upgrading measurements only by @derpsteb in https://github.com/edgelesssys/constellation/pull/1432
confidentialVM
config option for Azure clusters in favor of attestationVariant
by @daniel-weisse in https://github.com/edgelesssys/constellation/pull/1539
status
command to print upgrade and version status of cluster by @derpsteb in https://github.com/edgelesssys/constellation/pull/1520
upgrade check
command by @msanft in https://github.com/edgelesssys/constellation/pull/1394
constellation verify
by @msanft in https://github.com/edgelesssys/constellation/pull/1577
upgrade apply
for image-only upgrades by @derpsteb in https://github.com/edgelesssys/constellation/pull/1468
Full Changelog: https://github.com/edgelesssys/constellation/compare/v2.6.0...v2.7.0