github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-17 23:07:55 +00:00
Code Issues Projects Releases Wiki Activity

agent: embed ocicrypt config in rootfs by default

Browse Source 
Now the ocicrypt configuration used by CDH is always the same and it's
not a good practics to write it into the rootfs during runtime by
kata-agent. Thus we now move it to coco-guest-components build script.
The config will be embedded into guest image/initrd together with CDH
binary.

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
This commit is contained in:
Xynnn007
2025-06-13 10:27:15 +08:00
parent 22e65024ce
commit 6b1249186f
2 changed files with 5 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tools/packaging/static-build/coco-guest-components/build-static-coco-guest-components.sh
View File

@@ -35,6 +35,7 @@ build_coco_guest_components_from_source() {
DESTDIR="${DESTDIR}/usr/local/bin" TEE_PLATFORM=${TEE_PLATFORM} make install
install -D -m0755 "confidential-data-hub/hub/src/storage/scripts/luks-encrypt-storage" "${DESTDIR}/usr/local/bin/luks-encrypt-storage"
install -D -m0644 "confidential-data-hub/hub/src/image/ocicrypt_config.json" "${DESTDIR}/etc/ocicrypt_config.json"
popd
}