Background

Create a Konflux build pipeline for the Intel SGX Data Center Attestation Primitives (DCAP) registration flow container to enable automated building and distribution of this confidential computing component.

Container Details

• Source: https://github.com/openshift/confidential-compute-artifacts/tree/main/containerfiles/dcap-registration-flow
• Base Image: Red Hat Universal Base Image (UBI) 9
• DCAP Version: 1.23
• Purpose: Intel SGX platform registration and PCK (Platform Configuration Key) ID retrieval

Container Components

• Intel SGX RPM repository setup
• Intel SGX repository key import
• SGX PCK ID retrieval tool installation
• Custom registration flow script
• Entry point configuration for registration workflow

Technical Requirements

• Set up Konflux build configuration for the DCAP registration flow Containerfile
• Configure build parameters and environment variables
• Ensure proper Red Hat UBI 9 base image usage
• Validate Intel SGX repository access and key management
• Test container functionality for SGX platform registration

Acceptance Criteria

• [ ] Konflux build pipeline created and configured
• [ ] Container builds successfully with all dependencies
• [ ] Container image passes security scans
• [ ] Registration flow script executes correctly
• [ ] PCK ID retrieval tool functions properly
• [ ] Documentation updated with build instructions
• [ ] CI/CD pipeline validates container functionality

Dependencies

• Access to Intel SGX repositories
• Red Hat UBI 9 base image availability
• Konflux platform configuration
• Container registry access for image storage