Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3225

Exception for online build

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Medium Medium
    • OSC 1.7.0
    • None
    • konflux
    • None
    • BU Product Work
    • 3
    • False
    • None
    • True
    • KATA-2412 - deploy a key broker service for Confidential Containers
    • Kata Sprint #256, Kata Sprint #257, Kata Sprint #258
    • 0
    • 0.000

      We need an exception to keep network access while building trustee on Konflux.
      The default policy is to have a hermetic build, that is without access to the network.
      Docs: Enabling hermetic builds.

      We need network access to install build dependencies from authenticated repositories (Dockerfile). The prefetch-dependencies task on Konflux doesn't support authenticated repositories at the moment (STONEBLD-2618).

      • tpm2-tss-devel
      • protobuf-compiler

      We also need to download binaries from Intel (Dockerfile). Cachi2 doesn't support curl at the moment (KONFLUX-2390).

        1.
        		 Merge policy changes Sub-task Closed Medium Camilla Conte
        2.
        		 Update policy in integration test Sub-task Closed Medium Camilla Conte
        3.
        		 update merge request to reflect that we won't have the trustee-intel Konflux component Sub-task Closed Medium Camilla Conte

            ddepaula@redhat.com Danilo de Paula
            rh-ee-cconte Camilla Conte
            Petr Matousek
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: