aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-18 22:04:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

runtime: Adds annotations for SEV/kbs controls at the pod level

Browse Source 
Note: only for online-kbs configuration

Fixes #5782

Signed-off-by: Jim Cadden <jcadden@ibm.com>
This commit is contained in:
Jim Cadden
2022-11-30 12:03:35 -05:00
parent 4eb88d6a74
commit 4510aeaa91
5 changed files with 60 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/runtime/virtcontainers/pkg/annotations/annotations.go
View File

@@ -6,10 +6,12 @@
package annotations
const (
kataAnnotationsPrefix = "io.katacontainers."
kataConfAnnotationsPrefix = kataAnnotationsPrefix + "config."
kataAnnotHypervisorPrefix = kataConfAnnotationsPrefix + "hypervisor."
kataAnnotContainerPrefix = kataAnnotationsPrefix + "container."
kataAnnotationsPrefix = "io.katacontainers."
kataConfAnnotationsPrefix = kataAnnotationsPrefix + "config."
kataAnnotHypervisorPrefix = kataConfAnnotationsPrefix + "hypervisor."
kataAnnotPreAttestationPrefix = kataConfAnnotationsPrefix + "pre_attestation."
kataAnnotSevPrefix = kataConfAnnotationsPrefix + "sev."
kataAnnotContainerPrefix = kataAnnotationsPrefix + "container."
//
// OCI
@@ -24,6 +26,21 @@ const (
SandboxConfigPathKey = kataAnnotationsPrefix + "config_path"
)
// Annotations related to Confidential Containers (CoCo)
const (
//
// Assets
//
// GuestPreAttestation toggled pre_attestation functionality on/off
GuestPreAttestation = kataAnnotPreAttestationPrefix + "enabled"
// GuestPreAttestationURI set the remote URL for online-kbs
GuestPreAttestationURI = kataAnnotPreAttestationPrefix + "uri"
// SEVGuestPolicy set the AMD SEV guest policy
SEVGuestPolicy = kataAnnotSevPrefix + "policy"
)
// Annotations related to Hypervisor configuration
const (
//