Description

In order to have PVCs with coco you need to pass through with a raw block device.
Passing through with a raw block device requires a number of binaries in an initcontainer and/or pre-script for the application which are not in the rpm repository for ubi images, however, are for RHEL.

Key binaries:

• mkfs.xfs
• blkid
• cryptsetup

This requires xfsprogs and cryptsetup rpms.

(see example code here:https://github.com/butler54/kata-vp-testing/blob/25f7fdf0c33064c5da5a7b1f8afd0f1644aa7724/charts/all/storage/templates/baseline.yaml)

There are two parts to this:
1. The actual logic for building the file system for coco. This is a common pattern that will be required and could be built as a specialised container image with an appropriate script. This would provide value to end-users as managing file system components is high risk
2. The fact that if a user is motivated they at least need the binaries described above. For support purposes this needs to be provided by a UBI based container..

Steps to reproduce

<What actions did you take to hit the bug?
1. Mounted a block device
2. Attempted to use UBI image to make a filesystem
3. Reverted to using centos stream

Expected result

I would expect this to be provided by a support container for coco.

Actual result

Had to use centos images.

Impact

Does

Env

• OSC 1.9.0 and trustee 0.3.0 on various BM systems. Occurs for standard kata and kata-cc

Additional helpful info