Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security policy appended to container's environment variables #1219

Merged
merged 3 commits into from
Nov 11, 2021
Merged

security policy appended to container's environment variables #1219

merged 3 commits into from
Nov 11, 2021

Conversation

svolos
Copy link
Contributor

@svolos svolos commented Nov 5, 2021

Attestation sidecar containers need to have access to the security policy so they can extract the init-time claims of the utility VM as presented in the security policy.

@svolos svolos requested a review from a team as a code owner November 5, 2021 17:29
security policy appended to environment variables so that containers …
eb3e6a0 
…can have access to it at runtime

Signed-off-by: Stavros Volos <svolos@microsoft.com>
@svolos svolos changed the title security policy appended to environment variables security policy appended to container's environment variables Nov 5, 2021
anmaxvl
anmaxvl approved these changes Nov 10, 2021
View reviewed changes
Copy link
Contributor

@anmaxvl anmaxvl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

internal/guest/runtime/hcsv2/uvm.go Outdated Show resolved Hide resolved
policyEnforcer casting part of the if statement
5bbe7f5 
Signed-off-by: Stavros Volos <svolos@microsoft.com>
re[hrase comment on the security policy environment variable
3751f07 
Signed-off-by: Stavros Volos <svolos@microsoft.com>
@anmaxvl anmaxvl merged commit d230699 into microsoft:master Nov 11, 2021
anmaxvl pushed a commit to anmaxvl/hcsshim that referenced this pull request Nov 17, 2021
@ambarve
Merged PR 5361442: Update ADO to hcsshim db9908f
f584e1e 
Related work items: microsoft#1067, microsoft#1097, microsoft#1119, microsoft#1170, microsoft#1176, microsoft#1180, microsoft#1181, microsoft#1182, microsoft#1183, microsoft#1184, microsoft#1185, microsoft#1186, microsoft#1187, microsoft#1188, microsoft#1189, microsoft#1191, microsoft#1193, microsoft#1194, microsoft#1195, microsoft#1196, microsoft#1197, microsoft#1200, microsoft#1201, microsoft#1202, microsoft#1203, microsoft#1204, microsoft#1205, microsoft#1206, microsoft#1207, microsoft#1209, microsoft#1210, microsoft#1211, microsoft#1218, microsoft#1219, microsoft#1220, microsoft#1223
princepereira pushed a commit to princepereira/hcsshim that referenced this pull request Aug 29, 2024
@svolos
security policy appended to container's environment variables (micros…
08be361 
…oft#1219)

security policy appended to environment variables so that containers can have access to it at runtime

Signed-off-by: Stavros Volos <svolos@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anmaxvl anmaxvl anmaxvl approved these changes

@dcantah dcantah dcantah approved these changes

Assignees

@anmaxvl anmaxvl

@dcantah dcantah

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@svolos @anmaxvl @dcantah