[Bug] VM1 should not get the secret of VM2

[yalzhang]

To reproduce:

1. Scale 2 machines, wait for the 2 machines join the cluster;
2. On one of the node, try to retrive the secrets for both VMs;
3. VM1 successfully retrieves VM2's LUKS key --- unexpected

$ oc get machine.trusted-execution-clusters.io 
NAME                                           AGE
machine-a6cf770a-2d2b-44f2-8c58-210f92e3cd5e   17m
machine-d8eef043-11d9-4e8c-bc3f-0516bd605f04   26m

$ oc get nodes  | grep cvm
cvm-machineset-pgghw                            Ready    worker,worker-cvm      26m   v1.34.2
cvm-machineset-xr98w                            Ready    worker,worker-cvm      36m   v1.34.2

$ oc debug node/cvm-machineset-xr98w
Starting pod/cvm-machineset-xr98w-debug-rhj9g ...
To use host binaries, run `chroot /host`. Instead, if you need to access host namespaces, run `nsenter -a -t 1`.
Pod IP: 10.0.128.6
All commands and output from this session will be recorded in container logs, including credentials and sensitive information passed through the command prompt.
If you don't see a command prompt, try pressing enter.
sh-5.1# chroot /host
sh-5.1# trustee-attester  --url http://kbs-service-confidential-clusters.apps.cc-421-shared-capz.cc.azure.dog8.cloud get-resource --path default/d8eef043-11d9-4e8c-bc3f-0516bd605f04/root 
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Closing handle 1078383124
[2026-04-07T15:19:23Z INFO  tss_esapi::context] Context closed.
eyJrZXlfdHlwZSI6Im9jdCIsImtleSI6InhQQ3ErRlNNbDlSWDRUa2F3d201UU9QVjVDa0dzVXNiIn0=
sh-5.1# trustee-attester  --url http://kbs-service-confidential-clusters.apps.cc-421-shared-capz.cc.azure.dog8.cloud get-resource --path default/a6cf770a-2d2b-44f2-8c58-210f92e3cd5e/root
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Context closed.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Closing context.
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Closing handle 1078383124
[2026-04-07T15:23:37Z INFO  tss_esapi::context] Context closed.
eyJrZXlfdHlwZSI6Im9jdCIsImtleSI6Ikp6bGUyNTUvc0E0MUN1WlRLMW1wdWU4SEUyR2wrSjJ4In0=

[Jakob-Naucke]

yea this requires resource policies and has been demonstrated in investigations (trusted-execution-clusters/investigations#51) but hasn't been brought to operator yet