github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-10-21 07:22:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
248 Commits 2 Branches 12 Tags
3c25b5403b790eab972628e5fcce6773663aec65
Commit Graph

248 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul Meyer
721d6ff757 docs: update broken link in release notes 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-07-08 17:09:12 +03:00
Steve Horsman
166d3aef09 Merge pull request #105 from stevenhorsman/check-list-updates 
Check list updates
 2023-07-07 08:32:25 +01:00
Paul Meyer
6801741f73 docs: update ccc whitepaper link 
The link to the previous version was broken. Replacing with the latest
version v1.3 of the whitepaper.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-07-03 12:40:01 -04:00
Pradipta Banerjee
a5f8b349a1 Merge pull request #103 from katexochen/feat/contribution-no-vendor 
contributing: remove instructions for Go vendoring
 2023-07-03 18:43:46 +05:30
stevenhorsman
ca1b1c005c release-check-list: Formatting 
- Try and improve the formatting to be it easier to read/understand

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
 2023-06-29 16:45:23 +01:00
stevenhorsman
fa330a6727 release-check-list: Update peer pods 
- Link to the peer pods release process to declutter the checklist

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
 2023-06-29 16:39:44 +01:00
Paul Meyer
2c0165c74e contributing: remove instructions for Go vendoring 
None of the CoCo projects is using vendoring.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-06-27 15:09:02 +02:00
stevenhorsman
789b0e81ec release-check-list: Update release checklist 
- Merge steps that can be achieved in a common PR
- Add steps to wait for runtime payload builds
- Add peer pods steps

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
 2023-06-22 15:28:50 -04:00
James Magowan
5f68f05f1d Merge pull request #96 from magowan/merge-documentation-repo 
Merge documentation repo
 2023-06-21 21:43:50 +01:00
James Magowan
d46bb484ad Update README, CODEOWNERS 
Updated README to combine README from documentation repo with one from community repo.
And updated CODEOWNERS to confidential-containers-maintainers ahead of renaming the repo.

Signed-off-by: James Magowan <MAGOWAN@uk.ibm.com>
 2023-06-19 14:53:35 +01:00
Xynnn_
eafd1abe9c update release v0.6.0 docs for enclave-cc (#128) 
Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
 2023-06-19 14:42:51 +01:00
James Magowan
4b0a277a5c Merge remote-tracking branch 'upstream-documentation-repo/main' into test 
Merging community/documentation repos together
 2023-06-09 12:31:52 +01:00
James Magowan
ea425851ef Prepare for merge community/documentation repos 
Signed-off-by: James Magowan <MAGOWAN@uk.ibm.com>
 2023-06-09 12:23:54 +01:00
Dan Middleton
4c5da468ac Update OpenSSF Badge line for release 0.6 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-06-08 11:14:40 -04:00
Tobin Feldman-Fitzthum
ffa50c4a44 Release notes for v0.6.0 
Create new release notes file with content for
v0.6.0.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-06-08 09:05:20 -04:00
Jeremi Piotrowski
a2b6269d36 release-check-list: add AS and KBS steps 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-05-20 02:16:36 +02:00
Zhongze Tang
aca326e7c8 Improve the doc 
`asciidoctor` is not included in a freshly installed Ubuntu Server 22.04 LTS.
The doc enters wrong folder when configure `attestation-agent`

Signed-off-by: tangbao <i@tbis.me>
 2023-05-09 09:25:17 -04:00
Larry Dewey
7ac2cc952a docs: Removing link for now 
Due to some of the discussions in the community, we are removing this
for now.

Signed-off-by: Larry Dewey <larry.dewey@amd.com>
 2023-05-01 09:37:40 -04:00
Larry Dewey
c29278b0c7 cleanup: Fixing some grammar and wording. 
This adds some cleanup for the existing documentation, adds some
language specifiers for code blocks, as well as some fixes for minor
spelling issues.

Signed-off-by: Larry Dewey <larry.dewey@amd.com>
 2023-05-01 09:37:40 -04:00
stevenhorsman
33d1a067d8 Update cloud-api-adaptor link in release notes 
- Point to the released version of the Peer pods readme

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
 2023-04-17 11:19:14 -04:00
Tobin Feldman-Fitzthum
6a765dcbe1 Reorganize Quickstart Guide 
Simplify quickstart guide to cover installation,
basic usage, encryption/signing, attestation.
Focus on the generic KBS.
Everything else is moved to other files. Pointers
to the relevant files are included where needed.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 16:05:54 -04:00
Tobin Feldman-Fitzthum
4b2f89ee47 SEV: Add annotations guide 
The shim now supports a nmber of annotations for SEV(-ES),
meaning that we no longer need to modify the config file
to set things like the guest policy or kbs uri. Update
the quickstart guide to spread the news.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 16:05:54 -04:00
Tobin Feldman-Fitzthum
e7bac1044c SEV: Add guide overview 
Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 16:05:54 -04:00
Tobin Feldman-Fitzthum
57ea613caa SEV: fix heading level 
Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 16:05:54 -04:00
Tobin Feldman-Fitzthum
43e5f31851 Rename guides 
Use snake_case and remove redundant guide name

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 16:05:54 -04:00
Tobin Feldman-Fitzthum
5f8a0482cd Update release notes for v0.5.0 
Add changes that have been made since middle of the release period.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
 2023-04-14 21:27:38 +02:00
Jeremi Piotrowski
dfb080c508 ssh-demo: Use KBS URI in demo 
The offline_fs_kbc file needs to be updated to use a kbs-uri compatible name
for the key, and the container image has been regenerated to reference the
decryption key via kbs uri in it's annotation.

The image has two tags: encrypted and decrypted.

Fixes: #6604
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-04-06 16:07:26 +02:00
Jeremi Piotrowski
04084b965e release-check-list: fix swapped cargo update flag 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-04-04 10:26:21 +02:00
Jeremi Piotrowski
1a097620a2 release-check-list: fix crate name in step 2 to "attestation_agent 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2023-04-04 10:26:21 +02:00
Jiale Zhang
141f31f476 QuickStart: Add Usage of CoCo Key Broker System 
Fixed: #101

Signed-off-by: Jiale Zhang <zhangjiale@linux.alibaba.com>
 2023-04-03 08:10:44 +02:00
Jiale Zhang
cf2cfd873d QuickStart: Reorganize and refined simplification 
Fixed: #96

The current quick start is relatively lengthy,
this commit make the technology stacks for special HW separate markdown pages:

- Use simple-kbs to encrypt container image and deploy it on SEV: `guides/sev-guide.md`
- Use Verdictd to encrypt container image and deploy it on TDX: `guides/eaa-verdictd-guide.md`

Signed-off-by: Jiale Zhang <zhangjiale@linux.alibaba.com>
 2023-04-03 08:10:44 +02:00
Pradipta Banerjee
bae433e921 Update architecture doc and diagrams (#111) 
The patch includes number of fixes for the architecture doc.
Fixes the logical flow between the attestation agent and relying party
for all the diagrams.
Fixes the architecture diagram for process-based TEEs and replaces
references to inclavare with enclave-cc.
Added the architecture diagram for peer-pods approach.
Finally updated the markdown to use relative paths for the images to make
it easier for viewing during reviews and editors.

Signed-off-by: Pradipta Banerjee <pradipta.banerjee@gmail.com>
 2023-04-01 15:41:59 +05:30
Dan Middleton
720bf64b69 Formatting fixups and date fix 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan
5b1a1f478c Add KBS as a new feature 
Co-authored-by: Jiale Zhang <652716685@qq.com>
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan
96fe6d46a0 Add KBS Resource URI as a new feature. 
Co-authored-by: Xynnn_ <xynnn@linux.alibaba.com>
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan
06a9707741 Add SEV annotation config feature 
Co-authored-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan Middleton
fe4521dbe4 Update security badge status 
Since last release the final repos have added unit test coverage and
linting hooked into CI.

Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan Middleton
c078719588 Add enclave-cc / SGX support 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan Middleton
d277154b22 Initial draft of v0.5 release notes 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-30 07:51:24 -05:00
Dan Middleton
b3922ef78e Fix formatting 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-03 16:21:26 -06:00
Dan Middleton
5eae0f00b7 Fix KBC release notes 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-03 16:21:26 -06:00
Dan Middleton
88923984de Add docs links and release overview comment 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-03 16:21:26 -06:00
Dan
fe4784640a Add oci-crypt link 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
 2023-03-03 16:21:26 -06:00
Dan
f6b7d4bffa Remove redundant KBS 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
 2023-03-03 16:21:26 -06:00
Dan
d5f6ccd76e Define KBS 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
 2023-03-03 16:21:26 -06:00
Dan
37d484813b Fix s390x naming 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
 2023-03-03 16:21:26 -06:00
Dan
5948dbe382 Update releases/v0.4.0.md 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
 2023-03-03 16:21:26 -06:00
Dan Middleton
d2d4bc2ed5 Remove SEV KBS limitation from release notes 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-03 16:21:26 -06:00
Dan Middleton
94e09c394c release notes v0.4.0 initial commit 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2023-03-03 16:21:26 -06:00
Fabiano Fidêncio
8207e74e01 Merge pull request #73 from fidencio/topic/ensure-the-template-is-listed 
templates: Ensure the release-check-list template is displayed
 2023-02-22 16:29:59 +01:00