-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
BU Product Work
-
3
-
False
-
None
-
False
-
KATA-2412 - deploy a key broker service for Confidential Containers
-
-
-
Kata Sprint #256
-
0
-
0.000
For IBM SE support, it is required to deploy certificates and configuration files to trustee.
More details at https://github.com/confidential-containers/trustee/blob/main/deps/verifier/src/se/README.md
Proposed solution (for tech preview):
- Have an option in Trustee operator to provide additional volumemount for SE (provide the PVC name in CRD?)
- The new volume needs to be prepared by the admin (having the keys etc).
- Provide an example of PersistentVolume and PersistentVolumeClaim using default storage class. This default SC is deployment specific