-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podvm: Remove skopeo and umoci from the peer pod VM image #164
Comments
@stevenhorsman is this issue still relevant or can be closed? |
Yes, this is relevant and we will hopefully have it for the mid-November release. Yohei is already looking into it IIRC |
I've mapped it to the CoCo release project, priority medium and drop V0.2.0 as the release |
@stevenhorsman any additional work pending w.r.to this issue ? |
@bpradipt - yes. As per the description in this - it is about removing all references to building skopeo and umoci in our peer pod VM image builds, rather than just changing the default as #263 did. I want this as a gate for removing the ability to use skopeo in the kata-agent as only by removing the ability to use skopeo (which we know people are still using for authenticated registry support) will we drive out the remaining cases that need skopeo. Does that make sense? |
- Update Makefiles to remove the skopeo and umoci targets that install them into the peer pod image. - Note: The skopeo and umoci source targets are still needed to copy and unpack the pause image for now. Fixes: confidential-containers#164 Signed-off-by: stevenhorsman <steven@uk.ibm.com>
- Update Makefiles to remove the skopeo and umoci targets that install them into the peer pod image. - Note: The skopeo and umoci source targets are still needed to copy and unpack the pause image for now. Fixes: #164 Signed-off-by: stevenhorsman <steven@uk.ibm.com>
- Update Makefiles to remove the skopeo and umoci targets that install them into the peer pod image. - Note: The skopeo and umoci source targets are still needed to copy and unpack the pause image for now. Fixes: confidential-containers#164 Signed-off-by: stevenhorsman <steven@uk.ibm.com>
- Update Makefiles to remove the skopeo and umoci targets that install them into the peer pod image. - Note: The skopeo and umoci source targets are still needed to copy and unpack the pause image for now. Fixes: confidential-containers#164 Signed-off-by: stevenhorsman <steven@uk.ibm.com>
Once the skopeo to image-rs gaps have been resolved (such as signature verification in kata-containers/kata-containers#4888 and authenticated registry support in kata-containers/kata-containers#4601) we should try removing all references to the umoci/skopeo binaries from the peer pod vm images (including the
USE_SKOPEO
, rather than just default to them not being used as per #256) and check that they still work as expected and there aren't any other skopeo specific features we were relying on in any cloud-providers.The reason being that once we remove the kata-agent references to Skopeo and Umoci then we won't be able to use any skopeo/umoci functions, so want to understand this before we remove an upstream feature we require.
The text was updated successfully, but these errors were encountered: