csi-kata-directvolume: Support CoCo ephemeral disk

This enables support to pass confidential=true and ephemeral=true to the shim
via a feature flag.

Signed-off-by: Aurélien Bombo <abombo@microsoft.com>

src/tools/csi-kata-directvolume/pkg/directvolume/controllerserver.go

@@ -62,6 +62,8 @@ func (dv *directVolume) CreateVolume(ctx context.Context, req *csi.CreateVolumeR
 			volumeCtx[utils.KataContainersDirectFsType] = value
 		case utils.KataContainersDirectLoop:
 			volumeCtx[utils.KataContainersDirectLoop] = value
+		case utils.KataContainersDirectCoCoEphemeral:
+			volumeCtx[utils.KataContainersDirectCoCoEphemeral] = value
 		default:
 			klog.Warningf("unknown parameter: %s", key)
 		}

src/tools/csi-kata-directvolume/pkg/directvolume/nodeserver.go

@@ -106,6 +106,11 @@ func (dv *directVolume) NodePublishVolume(ctx context.Context, req *csi.NodePubl
 		guestOptions = options
 	}
 
+	if isCoCoEphemeralVolume(attrib) {
+		attrib["confidential"] = "true"
+		attrib["ephemeral"] = "true"
+	}
+
 	// kata-containers DirectVolume add
 	mountInfo := utils.MountInfo{
 		VolumeType: volType,
@@ -225,6 +230,10 @@ func isLoopDevice(VolumeCtx map[string]string) bool {
 	return parseBool(VolumeCtx[utils.KataContainersDirectLoop])
 }
 
+func isCoCoEphemeralVolume(VolumeCtx map[string]string) bool {
+	return parseBool(VolumeCtx[utils.KataContainersDirectCoCoEphemeral])
+}
+
 // getDeviceSymlinkPath returns the path of the symlink that is used to
 // point to the loop device from inside the specified stagingTargetPath
 // directory.

src/tools/csi-kata-directvolume/pkg/utils/utils.go

@@ -27,6 +27,7 @@ const (
 	KataContainersDirectVolumeType    = "katacontainers.direct.volume/volumetype"
 	KataContainersDirectFsType        = "katacontainers.direct.volume/fstype"
 	KataContainersDirectLoop          = "katacontainers.direct.volume/loop"
+	KataContainersDirectCoCoEphemeral = "katacontainers.direct.volume/cocoephemeral"
 	DirectVolumeTypeName              = "directvol"
 	IsDirectVolume                    = "is_directvolume"
 )