Confidential Container Tools and Components

This repository includes tools and components for confidential container images.

Components

Attestation Agent An agent for facilitating attestation protocols. Can be built as a library to run in a process-based enclave or built as a process that runs inside a confidential vm.

image-rs Rust implementation of the container image management library.

ocicrypt-rs Rust implementation of the OCI image encryption library.

api-server-rest CoCo Restful API server.

coco-keyprovider CoCo Keyprovider. Used to encrypt the container images.

Build

A Makefile is provided to quickly build Attestation Agent/Api Server Rest/Confidential Data Hub of a given platform.

make build TEE_PLATFORM=$(TEE_PLATFORM)
make install DESTDIR=/usr/local/bin

The TEE_PLATFORM parameter can be

test: for test
tdx: for Intel TDX
sev: for AMD SEV

Name		Name	Last commit message	Last commit date
Latest commit History 794 Commits
.github		.github
api-server-rest		api-server-rest
attestation-agent		attestation-agent
confidential-data-hub		confidential-data-hub
image-rs		image-rs
ocicrypt-rs		ocicrypt-rs
.dockerignore		.dockerignore
.gitignore		.gitignore
CODEOWNERS		CODEOWNERS
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Confidential Container Tools and Components

Components

Build

License

About

Releases

Packages

Languages

License

piotrpalcz/image-rs

Folders and files

Latest commit

History

Repository files navigation

Confidential Container Tools and Components

Components

Build

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages