Matthew James Briggs
Matthew James Briggs
A tracking issue for subissues leading to Twoliter's ability to update kit and SDK dependencies with the command `twoliter update`.
Tracking issue for all sub-issues that are required for somewhat of a minimum viable product of out-of-tree builds. This will require the use of external kits from the Bottlerocket project....
Use this as a tracking issue for the milestone of eliminating conditional compilation in Bottlerocket's build of both Rust code and packages. Even though the sub-issues will probably be in...
*Issue #, if available:* Closes #332 *Description of changes:* This is not pretty and I'm not entirely sure it solves the problem that was encountered in #332. I don't think...
*Issue #, if available:* Closes #334 *Description of changes:* ``` readme: describe credentials behavio ``` ``` better error message for misconfiguration If AWS credentials are missing, i.e. there is no...
We need to come up with the minimal set of IAM permissions that are required to run our test and resource agents on EC2/EKS nodes. Note that in #379 we...
The name here should basically match the name of the crate that produced the image. I commented on this early. The `name` field of the `Agent` model is poorly conceived....
We want to try nefarious things in an unpriviledged container an make sure selinux blocks them. This cannot happen at the same time as #432 depends on: - #419 -...
When running a normal container workload we want to check and make sure no selinux avc denials occur. This probably needs to be modeled as a workload test, and it...
Right now we have the ability to use plain Kubernetes secrets in our test and resource agents. This is not sufficiently secure for long-lived testsys clusters. We need a stronger...