Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3225

Exception for online build

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Medium Medium
    • OSC 1.7.0
    • None
    • konflux
    • None
    • BU Product Work
    • 3
    • False
    • None
    • True
    • KATA-2412 - deploy a key broker service for Confidential Containers
    • Kata Sprint #256, Kata Sprint #257, Kata Sprint #258
    • 0
    • 0.000

      We need an exception to keep network access while building trustee on Konflux.
      The default policy is to have a hermetic build, that is without access to the network.
      Docs: Enabling hermetic builds.

      We need network access to install build dependencies from authenticated repositories (Dockerfile). The prefetch-dependencies task on Konflux doesn't support authenticated repositories at the moment (STONEBLD-2618).

      • tpm2-tss-devel
      • protobuf-compiler

      We also need to download binaries from Intel (Dockerfile). Cachi2 doesn't support curl at the moment (KONFLUX-2390).

              ddepaula@redhat.com Danilo de Paula
              rh-ee-cconte Camilla Conte
              Petr Matousek
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: