Mikko Ylinen
Mikko Ylinen
> We expect the user to generate the admin keypair for the KBS (and keyprovider), but this really isn't necessary. This commit does maintain the existing workflow, so users can...
> > The minor caveat in this PR is that users who prefer to keep the existing flow get exposed to this new flow. > > The keys are only...
> Thanks for the fix. `docker compose` and `docker-compose` both exist, but seems that `docker-compose` has been merged into `docker`. See #455 (I think this PR shoud set `Fixes: ...`)
> we should maintain them as an independent crate within the Trustee repository, rather than as a submodule of verifier as it is now in [#802](https://github.com/confidential-containers/trustee/pull/802) . I'm fine with...
Just to unpack this a bit. We have no generic TPM attester so I believe the result is expected?
@dmcgowan is this still targeted for 2.2? I was testing this w/ Kata and rebased to 2.2-beta.0 on Linux XFS today and things worked OK. I could run more tests...
> I think we could implement a check during blockfile snapshotter's initialization to detect the cross-filesystem case. If detected, it would log a warning and fallback to using `io.Copy`. Yes...
> Could we initially just enable by default for ext4, this driver was initially not intended to be used on ext4 but this change could make it usable. I got...
@ssolit can you rebase and push again?
@seungukshin note [this comment](https://github.com/confidential-containers/trustee/pull/684#discussion_r1936785208) related to #639. Would you be able to check the image builds using podman too?