-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podvm-mkosi: Add option in mkosi build for AA_KBC #1576
podvm-mkosi: Add option in mkosi build for AA_KBC #1576
Conversation
Without providing this option the image will not contain an attestation-agent with cc_kbc support. Signed-off-by: Magnus Kulke <magnuskulke@microsoft.com>
I think we need to install additional packages in the builder for this to work? |
66d569a
to
77ed47f
Compare
hmm, we shouldn't need this if we pick the attesters individually. let me add a gh action workflow to check |
This is with |
Ah, yes. this won't work atm. Do we have a podvm configuration that would work with a TDX attester? (the upcoming Azure impl will most likely not depend on the tdx attester libs) If not, we can maybe avoid dealing with that dependency for the time being and address it once the use case comes up. I just checked building w/ |
77ed47f
to
4a221e0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Without providing this option the image will not contain an attestation-agent with cc_kbc support.