Steve Horsman
Steve Horsman
Add authenticated registry support for guest-pull Fixes: #8122
In https://github.com/kata-containers/kata-containers/blob/fe7ef878d2101e92bb0268d44b38743e726aa0bc/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh#L1142-L1146 I thought I added the ability for certain release components to be tagged with the release version. We couldn't test it until a release was done. With 3.6.0...
This feature builds upon the initial basic image pull work in https://github.com/kata-containers/kata-containers/issues/8103 as one of the possible next steps to extend it to support more of the current `CCv0` feature...
In the AC meeting on 6th June 2024 (https://etherpad.opendev.org/p/Kata_Containers_2024_Architecture_Committee_Mtgs#L45) we had a discussion about the balance of keeping our toolchains up-to-date (and the crates/packages used regularly updated) to drive out...
This was first reported in https://github.com/kata-containers/kata-containers/pull/10009#issuecomment-2236027135 whilst testing out signature verification. When trying to create a pod from the image `ghcr.io/confidential-containers/test-container-image-rs:unsigned` in the guest I found that from the agent's...
Add information about what required jobs are and our initial guidelines for how jobs are eligible for being made required, or non-required
Similar to https://github.com/confidential-containers/cloud-api-adaptor/issues/2076 - for trustee we have the following entries in verisons.yaml ``` coco-trustee: description: "Provides attestation and secret delivery components" url: "https://github.com/confidential-containers/trustee" version: "v0.10.1" image: "ghcr.io/confidential-containers/key-broker-service" image_tag: "built-in-as-v0.10.1"...
Update the contributor role descriptions and guidelines for review, based on the vPTG discussion
At the moment the [contributor criteria](https://github.com/kata-containers/community/tree/main?tab=readme-ov-file#contributor) states: > A Contributor to the Kata Containers project is someone who has had code merged within the last 12 months. This is used...
By default the checkout action leave the credentials in the checked-out repo's `.git/config`, which means they could get exposed. Use persist-credentials: false to prevent this happening. Note: static-checks.yaml does use...