coco:support confidential containers pull image by HITweihailiuxu · Pull Request #203 · kuasar-io/kuasar

HITweihailiuxu · 2025-04-27T02:54:25Z

Pull image from remote image registry for confidential containers

xukobe · 2025-05-06T06:23:44Z

vmm/task/src/container.rs

+            .map_or_else(|| Err(other!("can not get image: {:?}", image_rpc::ANNO_K8S_IMAGE_NAME)),
+                        |name| Ok(name)
+            )?;
+        debug!("image_name = {:?}", image_name);


Do not use variable name in debug info?
Image name: {:?}, Container id: {:?}

xukobe · 2025-05-06T06:25:20Z

vmm/task/src/container.rs

+        container_id: &str,
+    ) -> Result<()> {
+        let image_name = annotations.get(image_rpc::ANNO_K8S_IMAGE_NAME)
+            .map_or_else(|| Err(other!("can not get image: {:?}", image_rpc::ANNO_K8S_IMAGE_NAME)),


Better to have container id with error info, so that it is easier to debug?
Failed to get image name from annotation for container {:?}

xukobe · 2025-05-06T06:47:47Z

vmm/task/src/image_rpc.rs

+        info!("image_client.config.auth set to: {}", !aa_kbc_params.is_empty());
+        image_client.config.auth = !aa_kbc_params.is_empty();
+
+        // Read enable signature verification from the task config and set it in the image_client


Check if signature verification is enabled, and set it in image client

xukobe · 2025-05-06T06:52:59Z

vmm/task/src/image_rpc.rs

+            .await;
+        match res {
+            Ok(image) => {
+                info!("pull and unpack image {:?}, cid: {:?}, with image-rs succeed. ", image, cid);


Successfully pull and unpack image ..

xukobe · 2025-05-06T06:53:09Z

vmm/task/src/image_rpc.rs

+                info!("pull and unpack image {:?}, cid: {:?}, with image-rs succeed. ", image, cid);
+            }
+            Err(e) => {
+                error!("pull and unpack image {:?}, cid: {:?}, with image-rs failed with {:?}. ",


kevin-wangzefeng · 2025-06-07T11:54:59Z

@HITweihailiuxu could you address the review comments, and fix the failing checks?

HITweihailiuxu · 2025-06-24T09:13:06Z

recompile protobuf by env GENERATE_PROTOBUF=1

HITweihailiuxu · 2025-07-01T08:13:11Z

@HITweihailiuxu could you address the review comments, and fix the failing checks?

I have modified the code based on the review comments and fixed the original failing checks by adding env GENERATE_PROTOBUF=1.
But the checks seems to need more repairs, such as rust upgrade, and protobuf compilation requires the protobuf-compiler dependency.
Can you tell me how to make the above changes? Many thanks.

HITweihailiuxu · 2025-07-21T01:53:02Z

/retest

abel-von · 2025-07-29T09:08:36Z

It seems the codes has not been cargo fmt ed

Signed-off-by: liuxu <liuxu156@huawei.com>

HITweihailiuxu · 2025-07-31T01:29:26Z

It seems the codes has not been cargo fmt ed

fixed

abel-von · 2025-09-26T05:10:44Z

@HITweihailiuxu could you please fix the clippy error of CI?

HITweihailiuxu · 2025-10-13T01:48:09Z

@HITweihailiuxu could you please fix the clippy error of CI?

There are two types of issues in the access control error report:

Some used variables are reported as unused;
The tests-wasm compilation fails but this PR does not involve any modifications.

I have tried to fix them but failed.I have no idea how to proceed. Could you give me some guidance?

HITweihailiuxu requested a review from a team as a code owner April 27, 2025 02:54

xukobe reviewed May 6, 2025

View reviewed changes

HITweihailiuxu force-pushed the coco-dev branch from ce28c29 to 4769f07 Compare June 24, 2025 09:33

HITweihailiuxu requested a review from a team as a code owner June 24, 2025 09:33

HITweihailiuxu force-pushed the coco-dev branch from 4769f07 to 01979a5 Compare July 1, 2025 12:02

HITweihailiuxu requested a review from a team as a code owner July 1, 2025 12:02

HITweihailiuxu force-pushed the coco-dev branch 3 times, most recently from 7493578 to f13230e Compare July 1, 2025 12:39

HITweihailiuxu force-pushed the coco-dev branch 2 times, most recently from 54f22f9 to c174202 Compare July 22, 2025 09:10

HITweihailiuxu force-pushed the coco-dev branch 4 times, most recently from 8dc3b15 to 0621f54 Compare July 30, 2025 03:43

coco:support confidential containers pull image

1918c38

Signed-off-by: liuxu <liuxu156@huawei.com>

HITweihailiuxu force-pushed the coco-dev branch 5 times, most recently from a656444 to 1918c38 Compare July 30, 2025 08:04

Conversation

HITweihailiuxu commented Apr 27, 2025

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

kevin-wangzefeng commented Jun 7, 2025

Uh oh!

HITweihailiuxu commented Jun 24, 2025

Uh oh!

HITweihailiuxu commented Jul 1, 2025

Uh oh!

HITweihailiuxu commented Jul 21, 2025

Uh oh!

abel-von commented Jul 29, 2025

Uh oh!

HITweihailiuxu commented Jul 31, 2025

Uh oh!

abel-von commented Sep 26, 2025

Uh oh!

HITweihailiuxu commented Oct 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

HITweihailiuxu commented Oct 13, 2025 •

edited

Loading