Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: High
Fix Version/s: OSC 1.7.0
Affects Version/s: None
Component/s: podvm
Labels:
None

Work Type:
BU Product Work
Epic Link:
Add support for retrieving secret from KBS by CoCo
Blocked:
False
Blocked Reason:
None
Ready:
False
Feature Link:
KATA-2446 - Secure Key Release for Confidential Workloads
Intelligence Requested:
Market:

Original story points:
3
Sprint:
Kata Sprint #256
Cost of Delay:
0
WSJF:
0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Currently AA is built with support for only offline_fs_kbc as shown in the code ref below

https://gitlab.cee.redhat.com/cpaas-midstream/osc-operator/-/blob/osc-1.6-rhel-9/distgit/containers/osc-podvm-payload/Dockerfile.in?ref_type=heads#L4

For CoCo AA (x86_64) needs to be built with support for

ATTESTER="az_snp_vtpm_attester,az_tdx_vtpm_attester"

For s390x ATTESTER=none

Assignee:: Beraldo Leal

Reporter:: Pradipta Banerjee

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/04/26 10:38 AM

Updated:: 2024/09/05 1:30 AM

Resolved:: 2024/07/15 1:15 PM