Loading...

XML

Word

Printable

Type: Feature
Resolution: Done
Priority: Medium
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Activity Type:
Product / Portfolio Work
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Color Status:
Not Selected
Parent Link:
OCPSTRAT-2027OpenShift Confidential Containers

WSJF:
0

Target Version:

OSC 1.6.0

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

Intelligence Requested:
Market:

Currently, cloud-init is used to process the podvm configuration data made available via cloud config (config-drive)

Cloud Config is a venue to execute arbitrary untrusted code at startup and not recommended in the CoCo model.

In upstream for Azure, we have already switched to using metadata service to fetch the config info using a custom program - process-user-data.

This feature is to enable the upstream feature in the downstream Red Hat builds, this means adding new binaries to the osc-podvm-payload container image

Ref upstream issue: https://github.com/confidential-containers/cloud-api-adaptor/issues/1467

links to

Merge request - Ensure config is retrieved from metadata service

Merge request - Updated US source to: 056bd46 Merge branch 'kata-2982-1.6' into 'osc-1.6-rhel-9'

Merge request - Updated US source to: 0175fda Merge branch 'fix-KATA-2976' into 'osc-1.6-rhel-9'

Merge request - Updated US source to: 0175fda Merge branch 'fix-KATA-2976' into 'osc-1.7-rhel-9'

Assignee:: Pradipta Banerjee

Reporter:: Jens Freimann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/11/28 10:28 AM

Updated:: 2025/07/29 11:35 PM

Resolved:: 2024/05/30 1:06 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates