coco: introducing the hello-coco app

Add hello-coco Helm chart demonstrating SPIRE agent deployment in
confidential containers using x509pop node attestation. The chart
deploys a test pod in a CoCo peer-pod (confidential VM with AMD SNP or
Intel TDX) that fetches SPIRE agent certificates from KBS after TEE
attestation, establishing hardware as the root of trust instead of
Kubernetes.

The pod contains three containers: init container fetches sealed
secrets from KBS, SPIRE agent uses x509pop for node attestation, and
test workload receives SPIFFE SVIDs via unix attestation. This
validates the complete integration flow between ZTVP and CoCo
components.

Note: This could be dropped, if we stick with only the todoapp.

Signed-off-by: Beraldo Leal <bleal@redhat.com>

Author: beraldoleal

charts/hello-coco/Chart.yaml

@@ -0,0 +1,18 @@
+apiVersion: v2
+name: hello-coco
+description: A Helm chart for SPIRE Agent CoCo test pod demonstrates x509pop attestation with KBS
+type: application
+version: 0.0.1
+maintainers:
+  - name: Beraldo Leal
+    email: bleal@redhat.com
+  - name: Chris Butler
+    email: chris.butler@redhat.com
+keywords:
+  - spire
+  - coco
+  - confidentialcontainers
+  - attestation
+  - x509pop
+annotations:
+  category: Test

charts/hello-coco/templates/configmaps.yaml

@@ -0,0 +1,76 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: spire-agent-coco
+  namespace: zero-trust-workload-identity-manager
+data:
+  agent.conf: |
+    {
+      "agent": {
+        "data_dir": "/var/lib/spire",
+        "log_level": "debug",
+        "retry_bootstrap": true,
+        "server_address": "spire-server.apps.{{ .Values.global.clusterDomain }}",
+        "server_port": "443",
+        "socket_path": "/tmp/spire-agent/public/spire-agent.sock",
+        "trust_bundle_path": "/run/spire/bundle/bundle.crt",
+        "trust_domain": "apps.{{ .Values.global.clusterDomain }}"
+      },
+      "health_checks": {
+        "bind_address": "0.0.0.0",
+        "bind_port": 9982,
+        "listener_enabled": true,
+        "live_path": "/live",
+        "ready_path": "/ready"
+      },
+      "plugins": {
+        "KeyManager": [
+          {
+            "disk": {
+              "plugin_data": {
+                "directory": "/var/lib/spire"
+              }
+            }
+          }
+        ],
+        "NodeAttestor": [
+          {
+            "x509pop": {
+              "plugin_data": {
+                "private_key_path": "/sealed/key.pem",
+                "certificate_path": "/sealed/cert.pem"
+              }
+            }
+          }
+        ],
+        "WorkloadAttestor": [
+          {
+            "unix": {
+              "plugin_data": {}
+            }
+          }
+        ]
+      },
+      "telemetry": {
+        "Prometheus": {
+          "host": "0.0.0.0",
+          "port": "9402"
+        }
+      }
+    }
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: spiffe-helper-config
+  namespace: zero-trust-workload-identity-manager
+data:
+  helper.conf: |-
+    agent_address = "/tmp/spire-agent/public/spire-agent.sock"
+    cmd = ""
+    cmd_args = ""
+    cert_dir = "/svids"
+    renew_signal = ""
+    svid_file_name = "svid.pem"
+    svid_key_file_name = "svid_key.pem"
+    svid_bundle_file_name = "svid_bundle.pem"

charts/hello-coco/templates/pod.yaml

@@ -0,0 +1,171 @@
+# SPIRE Agent with x509pop attestation running in CoCo peer pod.
+# Uses CDH sealed secrets for agent credentials (cert/key fetched from KBS after TEE attestation).
+apiVersion: v1
+kind: Pod
+metadata:
+  name: spire-agent-cc
+  namespace: zero-trust-workload-identity-manager
+  labels:
+    app: spire-agent-cc
+spec:
+  runtimeClassName: kata-remote
+  # shareProcessNamespace allows SPIRE agent to inspect workload processes for unix attestation
+  # This is secure because the real isolation boundary is the confidential VM (peer-pod with TEE),
+  # not individual containers. All containers in this pod are part of the same trust boundary.
+  shareProcessNamespace: true
+  serviceAccountName: spire-agent
+  nodeSelector:
+    workload-type: coco
+  # TODO: Make imagePullSecrets configurable like qtodo chart pattern (values.yaml + conditional)
+  # Currently hardcoded 'global-pull-secret' which must be manually created in the namespace
+  # Should either: 1) use ServiceAccount.imagePullSecrets, or 2) be conditional from values
+  imagePullSecrets:
+  - name: global-pull-secret
+
+  containers:
+  # SPIRE Agent Sidecar
+  - name: spire-agent
+    image: registry.redhat.io/zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9@sha256:4073ef462525c2ea1326f3c44ec630e33cbab4b428e8314a85d38756c2460831
+    command: ["/bin/sh", "-c"]
+    args:
+      - |
+        echo "=== DEBUG: Checking /sealed mount ==="
+        ls -laR /sealed || echo "/sealed does not exist"
+        echo "=== DEBUG: Content of cert.pem (first 200 bytes) ==="
+        head -c 200 /sealed/cert.pem 2>&1 || echo "Cannot read cert.pem"
+        echo "=== DEBUG: Testing network connectivity to KBS (cluster-internal) ==="
+        curl -k -I https://kbs-service.trustee-operator-system.svc.cluster.local:8080 2>&1 | head -20
+        echo "=== DEBUG: Testing network connectivity to KBS (public route) ==="
+        curl -k -I https://kbs.apps.bleal-vp.azure.sandboxedcontainers.com 2>&1 | head -20
+        echo "=== DEBUG: Testing if CDH is running (HTTP on localhost:8006) ==="
+        curl -v http://127.0.0.1:8006/cdh/resource/default/spire-cert-qtodo/cert 2>&1 | head -50
+        echo "=== DEBUG: Starting spire-agent ==="
+        /spire-agent run -config /opt/spire/conf/agent/agent.conf
+    env:
+    - name: PATH
+      value: "/opt/spire/bin:/bin"
+    - name: MY_NODE_NAME
+      value: "coco-vm-node"  # Virtual node name for CoCo
+    ports:
+    - containerPort: 9982
+      name: healthz
+      protocol: TCP
+    livenessProbe:
+      httpGet:
+        path: /live
+        port: healthz
+        scheme: HTTP
+      initialDelaySeconds: 15
+      periodSeconds: 60
+    readinessProbe:
+      httpGet:
+        path: /ready
+        port: healthz
+        scheme: HTTP
+      initialDelaySeconds: 10
+      periodSeconds: 30
+    volumeMounts:
+    - name: spire-config
+      mountPath: /opt/spire/conf/agent
+      readOnly: true
+    - name: spire-bundle
+      mountPath: /run/spire/bundle
+      readOnly: true
+    - name: spire-socket
+      mountPath: /tmp/spire-agent/public
+    - name: spire-persistence
+      mountPath: /var/lib/spire
+    - name: sealed-creds
+      mountPath: /sealed
+      readOnly: true
+    securityContext:
+      readOnlyRootFilesystem: true
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+        - ALL
+      seccompProfile:
+        type: RuntimeDefault
+
+  # SPIFFE Helper Sidecar
+  - name: spiffe-helper
+    image: ghcr.io/spiffe/spiffe-helper:0.10.1
+    imagePullPolicy: IfNotPresent
+    args:
+      - "-config"
+      - "/etc/helper.conf"
+    volumeMounts:
+      - name: spiffe-helper-config
+        readOnly: true
+        mountPath: /etc/helper.conf
+        subPath: helper.conf
+      - name: spire-socket
+        readOnly: true
+        mountPath: /tmp/spire-agent/public
+      - name: svids
+        mountPath: /svids
+    securityContext:
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+        - ALL
+      readOnlyRootFilesystem: false
+      seccompProfile:
+        type: RuntimeDefault
+
+  # Test Workload Container
+  - name: test-workload
+    image: registry.redhat.io/ubi9/ubi-minimal:latest
+    command: ["/bin/sh", "-c"]
+    args:
+      - |
+        echo "=== SPIRE Agent CoCo Test Started ==="
+        echo "Waiting for SPIFFE certificates..."
+
+        # Wait for SPIFFE certificates
+        while [ ! -f /svids/svid.pem ]; do
+          echo "Waiting for SPIFFE certificates..."
+          sleep 2
+        done
+
+        echo "SPIFFE certificates found!"
+        ls -la /svids/
+
+        echo "=== Testing SPIFFE X.509 certificates ==="
+        echo "Certificate details:"
+        openssl x509 -in /svids/svid.pem -text -noout | head -20
+
+        echo "=== Sleeping for manual inspection ==="
+        sleep 3600
+    volumeMounts:
+    - name: svids
+      mountPath: /svids
+      readOnly: true
+    securityContext:
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+        - ALL
+      readOnlyRootFilesystem: false
+      seccompProfile:
+        type: RuntimeDefault
+
+  volumes:
+  - name: spire-config
+    configMap:
+      name: spire-agent-coco
+  - name: spiffe-helper-config
+    configMap:
+      name: spiffe-helper-config
+  - name: spire-bundle
+    configMap:
+      name: spire-bundle
+  - name: spire-socket
+    emptyDir: {}
+  - name: spire-persistence
+    emptyDir: {}
+  - name: sealed-creds
+    secret:
+      secretName: {{ .Values.sealedSecret.name }}
+  - name: svids
+    emptyDir: {}

charts/hello-coco/templates/sealed-secret.yaml

@@ -0,0 +1,21 @@
+# Sealed Secret for SPIRE agent x509pop attestation
+#
+# This creates a K8s Secret with sealed secret references that CDH will unseal
+# inside the TEE after successful hardware attestation.
+#
+# Format: sealed.fakejwsheader.<base64-json>.fakesignature
+# The JSON payload contains the KBS resource path, and CDH fetches the real secret.
+#
+{{- define "hello-coco.sealedRef" -}}
+{{- $json := printf `{"version":"0.1.0","type":"vault","name":"kbs:///%s","provider":"kbs","provider_settings":{},"annotations":{}}` . -}}
+sealed.fakejwsheader.{{ $json | b64enc }}.fakesignature
+{{- end }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Values.sealedSecret.name }}
+  namespace: zero-trust-workload-identity-manager
+type: Opaque
+stringData:
+  cert.pem: {{ include "hello-coco.sealedRef" .Values.sealedSecret.certPath | quote }}
+  key.pem: {{ include "hello-coco.sealedRef" .Values.sealedSecret.keyPath | quote }}

charts/hello-coco/values.yaml

@@ -0,0 +1,22 @@
+# Default values for hello coco
+
+# SPIRE trust domain
+# The SPIRE agent must be configured with the same trust domain as the SPIRE Server
+# This ensures the agent can successfully authenticate and workloads receive valid SPIFFE IDs
+# Typically set to apps.<your cluster domain>
+trustDomain: "apps.example.com"
+
+# KBS URL for CDH (Confidential Data Hub) to fetch sealed secrets after TEE attestation
+# Dev (single cluster): http://kbs-service.trustee-operator-system.svc.cluster.local:8080
+# Prod (separate trusted cluster): https://kbs.trusted-cluster.example.com
+kbsUrl: "http://kbs-service.trustee-operator-system.svc.cluster.local:8080"
+
+# Sealed secret configuration for SPIRE agent x509pop attestation
+# These are KBS resource paths where the agent cert/key are stored
+sealedSecret:
+  # Name of the K8s Secret to create with sealed references
+  name: "spire-agent-sealed-creds"
+  # KBS resource path for the certificate (e.g., default/spire-cert-qtodo/cert)
+  certPath: "default/spire-cert-qtodo/cert"
+  # KBS resource path for the private key (e.g., default/spire-key-qtodo/key)
+  keyPath: "default/spire-key-qtodo/key"

values-coco-dev.yaml

@@ -325,6 +325,11 @@ clusterGroup:
       project: hub
       chart: sandboxed-policies
       chartVersion: 0.0.*
+    hello-coco:
+      name: hello-coco
+      namespace: zero-trust-workload-identity-manager
+      project: hub
+      path: charts/hello-coco
   argoCD:
     resourceExclusions: |
       - apiGroups: