Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/confidential-containers/trustee

Attestation and Secret Delivery Components

https://github.com/confidential-containers/trustee

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (11.2%) to scientific vocabulary

Keywords

attestation confidential-computing key-management
Last synced: 6 months ago · JSON representation

Repository

Attestation and Secret Delivery Components

Basic Info
  • Host: GitHub
  • Owner: confidential-containers
  • License: apache-2.0
  • Language: Rust
  • Default Branch: main
  • Homepage:
  • Size: 2.83 MB
Statistics
  • Stars: 103
  • Watchers: 20
  • Forks: 123
  • Open Issues: 117
  • Releases: 10
Topics
attestation confidential-computing key-management
Created almost 4 years ago · Last pushed 6 months ago
Metadata Files
Readme License Codeowners

README.md

Trusted Components for Attestation and Secret Management

FOSSA Status OpenSSF Scorecard

This repository contains tools and components for attesting confidential guests and providing secrets to them. Collectively, these components are known as Trustee. Trustee typically operates on behalf of the guest owner and interact remotely with guest components.

Trustee was developed for the Confidential Containers project, but can be used with a wide variety of applications and hardware platforms.

Components

For further information, see documentation of individual components.

Architecture

Trustee is flexible and can be deployed in several different configurations. This figure shows one common way to deploy these components in conjunction with certain guest components.

mermaid flowchart LR AA -- attests guest ----> KBS CDH -- requests resource --> KBS subgraph Guest CDH <.-> AA end subgraph Trustee AS -- verifies evidence --> KBS RVPS -- provides reference values--> AS end client-tool -- configures --> KBS

Deployment

There are two main ways to deploy Trustee.

Docker Compose

One simple way to get started with Trustee is with Docker compose, which can be used to quickly setup a cluster matching the diagram above.

Please refer to the cluster setup guide.

This cluster could be run inside a VM or as part of a managed service.

Kubernetes

There are two supported ways of deploying Trustee on Kubernetes. One is via the KBS Operator, which deploys the KBS components. The second option is to use the KBS' provided Kubernetes tooling here.

License

FOSSA Status

Owner

  • Name: Confidential Containers
  • Login: confidential-containers
  • Kind: organization

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 118
  • Total pull requests: 421
  • Average time to close issues: 3 months
  • Average time to close pull requests: 6 days
  • Total issue authors: 34
  • Total pull request authors: 45
  • Average comments per issue: 1.71
  • Average comments per pull request: 1.03
  • Merged pull requests: 280
  • Bot issues: 1
  • Bot pull requests: 144
Past Year
  • Issues: 67
  • Pull requests: 309
  • Average time to close issues: 11 days
  • Average time to close pull requests: 4 days
  • Issue authors: 25
  • Pull request authors: 36
  • Average comments per issue: 1.01
  • Average comments per pull request: 0.84
  • Merged pull requests: 199
  • Bot issues: 1
  • Bot pull requests: 120
View more stats
Top Authors
Issue Authors
  • fitzthum (27)
  • Xynnn007 (16)
  • mkulke (9)
  • mythi (5)
  • huoqifeng (4)
  • tylerfanelli (4)
  • ccxiaop (4)
  • thomas-fossati (4)
  • niteeshkd (3)
  • AdithyaKrishnan (3)
  • litian1992 (3)
  • deeglaze (3)
  • ssolit (3)
  • ChengyuZhu6 (3)
  • fidencio (2)
Pull Request Authors
  • dependabot[bot] (144)
  • fitzthum (55)
  • Xynnn007 (53)
  • mythi (32)
  • pawelpros (20)
  • huoqifeng (15)
  • mkulke (14)
  • tylerfanelli (8)
  • kartikjoshi21 (6)
  • BbolroC (6)
  • portersrc (5)
  • seungukshin (5)
  • pmores (4)
  • AdithyaKrishnan (4)
  • ChengyuZhu6 (3)
Top Labels
Issue Labels
bug (18) test_e2e (1) enhancement (1) sev-snp (1) dependencies (1) rust (1)
Pull Request Labels
dependencies (144) rust (133) test_e2e (11) go (6) github_actions (5) bug (2) enhancement (2) sev-snp (1) documentation (1) az-cvm-vtpm (1)

Dependencies

.github/workflows/rust.yml actions
  • actions-rs/toolchain v1 composite
  • actions/checkout v3 composite
Cargo.lock cargo
  • 315 dependencies