diff --git a/src/agent/Makefile b/src/agent/Makefile index 2e51c3a117..0fed742b9b 100644 --- a/src/agent/Makefile +++ b/src/agent/Makefile @@ -41,16 +41,6 @@ ifeq ($(AGENT_POLICY),yes) override EXTRA_RUSTFEATURES += agent-policy endif -##VAR PULL_TYPE=default|guest-pull define if agent enables the guest pull image feature -PULL_TYPE ?= default -ifeq ($(PULL_TYPE),default) - override EXTRA_RUSTFEATURES += default-pull -# Enable guest pull image feature of rust build -else ifeq ($(PULL_TYPE),guest-pull) - override EXTRA_RUSTFEATURES += guest-pull -endif - - include ../../utils.mk ##VAR STANDARD_OCI_RUNTIME=yes|no define if agent enables standard oci runtime feature diff --git a/src/agent/src/features.rs b/src/agent/src/features.rs index 3c06d8cef8..c5f1b00e28 100644 --- a/src/agent/src/features.rs +++ b/src/agent/src/features.rs @@ -8,8 +8,6 @@ pub fn get_build_features() -> Vec { let features: Vec<&str> = vec![ #[cfg(feature = "agent-policy")] "agent-policy", - #[cfg(feature = "guest-pull")] - "guest-pull", #[cfg(feature = "seccomp")] "seccomp", #[cfg(feature = "standard-oci-runtime")] diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 1ebdb87d0c..f072434f2e 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -57,7 +57,6 @@ use rustjail::process::ProcessOperations; #[cfg(target_arch = "s390x")] use crate::ccw; -#[cfg(feature = "guest-pull")] use crate::confidential_data_hub::image::KATA_IMAGE_WORK_DIR; use crate::device::block_device_handler::get_virtio_blk_pci_device_name; #[cfg(target_arch = "s390x")] @@ -108,7 +107,6 @@ use kata_types::k8s; pub const CONTAINER_BASE: &str = "/run/kata-containers"; const MODPROBE_PATH: &str = "/sbin/modprobe"; -#[cfg(feature = "guest-pull")] const TRUSTED_IMAGE_STORAGE_DEVICE: &str = "/dev/trusted_store"; /// the iptables seriers binaries could appear either in /sbin /// or /usr/sbin, we need to check both of them @@ -238,7 +236,6 @@ impl AgentService { handle_cdi_devices(&sl(), &mut oci, "/var/run/cdi", AGENT_CONFIG.cdi_timeout).await?; // Handle trusted storage configuration before mounting any storage - #[cfg(feature = "guest-pull")] cdh_handler_trusted_storage(&mut oci) .await .map_err(|e| anyhow!("failed to handle trusted storage: {}", e))?; @@ -316,14 +313,12 @@ impl AgentService { let pipe_size = AGENT_CONFIG.container_pipe_size; let p = if let Some(p) = oci.process() { - #[cfg(feature = "guest-pull")] { let new_p = confidential_data_hub::image::get_process(p, &oci, req.storages.clone())?; Process::new(&sl(), &new_p, cid.as_str(), true, pipe_size, proc_io)? } - #[cfg(not(feature = "guest-pull"))] Process::new(&sl(), p, cid.as_str(), true, pipe_size, proc_io)? } else { info!(sl(), "no process configurations!"); diff --git a/src/agent/src/storage/mod.rs b/src/agent/src/storage/mod.rs index 3b18f345e0..237ca4417b 100644 --- a/src/agent/src/storage/mod.rs +++ b/src/agent/src/storage/mod.rs @@ -24,7 +24,6 @@ use self::bind_watcher_handler::BindWatcherHandler; use self::block_handler::{PmemHandler, ScsiHandler, VirtioBlkMmioHandler, VirtioBlkPciHandler}; use self::ephemeral_handler::EphemeralHandler; use self::fs_handler::{OverlayfsHandler, Virtio9pHandler, VirtioFsHandler}; -#[cfg(feature = "guest-pull")] use self::image_pull_handler::ImagePullHandler; use self::local_handler::LocalHandler; use crate::mount::{baremount, is_mounted, remove_mounts}; @@ -36,7 +35,6 @@ mod bind_watcher_handler; mod block_handler; mod ephemeral_handler; mod fs_handler; -#[cfg(feature = "guest-pull")] mod image_pull_handler; mod local_handler; @@ -148,7 +146,6 @@ lazy_static! { Arc::new(BindWatcherHandler {}), #[cfg(target_arch = "s390x")] Arc::new(self::block_handler::VirtioBlkCcwHandler {}), - #[cfg(feature = "guest-pull")] Arc::new(ImagePullHandler {}), ];