Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/confidential-containers/guest-components

Confidential Containers Guest Tools and Components

https://github.com/confidential-containers/guest-components

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (9.0%) to scientific vocabulary
Last synced: 10 months ago · JSON representation

Repository

Confidential Containers Guest Tools and Components

Basic Info
  • Host: GitHub
  • Owner: confidential-containers
  • License: apache-2.0
  • Language: Rust
  • Default Branch: main
  • Homepage:
  • Size: 3.57 MB
Statistics
  • Stars: 103
  • Watchers: 24
  • Forks: 119
  • Open Issues: 85
  • Releases: 12
Created over 4 years ago · Last pushed 10 months ago
Metadata Files
Readme License Codeowners

README.md

Confidential Container Tools and Components

FOSSA Status OpenSSF Scorecard

This repository includes tools and components for confidential container images.

Components

Attestation Agent An agent for facilitating attestation protocols. Can be built as a library to run in a process-based enclave or built as a process that runs inside a confidential vm.

image-rs Rust implementation of the container image management library.

ocicrypt-rs Rust implementation of the OCI image encryption library.

api-server-rest CoCo Restful API server.

confidential-data-hub Confidential Data Hub.

coco-keyprovider CoCo Keyprovider. Used to encrypt the container images.

Tools

secret-cli Utility for sealing and unsealing sealed secrets

CDH Client A tool for exercising CDH endpoints

CDH Go Client A Go tool for exercising CDH endpoints

CDH (One Shot) One Shot version of CDH

CoCo Keyprovider Keyprovider endpoint for encrypting images

Build

A Makefile is provided to quickly build Attestation Agent/Api Server Rest/Confidential Data Hub for a given platform.

shell make build TEE_PLATFORM=$(TEE_PLATFORM) make install DESTDIR=/usr/local/bin

The TEE_PLATFORM parameter can be - none: for tests with non-confidential guests - all: for all following platforms - fs: for platforms with encrypted root filesystems (i.e. s390x) - tdx: for Intel TDX - az-tdx-vtpm: for Intel TDX with Azure vTPM - sev: for AMD SEV(-ES) - snp: for AMD SEV-SNP - amd: for both AMD SEV(-ES) and AMD SEV-SNP - az-snp-vtpm: for AMD SEV-SNP with Azure vTPM - se: for IBM Secure Execution (SE)

by default, kbs/sev as a resource provider will be built in Confidential Data Hub. If you do not want enable any default except for only builtin offline-fs-kbc, you can build with NO_RESOURCE_PROVIDER flag set to true.

shell make build TEE_PLATFORM=$(TEE_PLATFORM) NO_RESOURCE_PROVIDER=true

License

FOSSA Status

Owner

  • Name: Confidential Containers
  • Login: confidential-containers
  • Kind: organization

GitHub Events

Total
  • Create event: 164
  • Commit comment event: 1
  • Release event: 3
  • Issues event: 57
  • Watch event: 20
  • Delete event: 161
  • Issue comment event: 418
  • Push event: 267
  • Pull request event: 507
  • Pull request review event: 660
  • Pull request review comment event: 339
  • Fork event: 24
Last Year
  • Create event: 164
  • Commit comment event: 1
  • Release event: 3
  • Issues event: 57
  • Watch event: 20
  • Delete event: 161
  • Issue comment event: 418
  • Push event: 267
  • Pull request event: 507
  • Pull request review event: 660
  • Pull request review comment event: 339
  • Fork event: 24

Issues and Pull Requests

Last synced: 10 months ago

All Time
  • Total issues: 98
  • Total pull requests: 548
  • Average time to close issues: 4 months
  • Average time to close pull requests: 9 days
  • Total issue authors: 40
  • Total pull request authors: 43
  • Average comments per issue: 2.3
  • Average comments per pull request: 0.84
  • Merged pull requests: 380
  • Bot issues: 0
  • Bot pull requests: 274
Past Year
  • Issues: 26
  • Pull requests: 322
  • Average time to close issues: 20 days
  • Average time to close pull requests: 3 days
  • Issue authors: 19
  • Pull request authors: 27
  • Average comments per issue: 1.19
  • Average comments per pull request: 0.56
  • Merged pull requests: 209
  • Bot issues: 0
  • Bot pull requests: 203
View more stats
Top Authors
Issue Authors
  • Xynnn007 (28)
  • mkulke (7)
  • bpradipt (6)
  • fitzthum (6)
  • jialez0 (4)
  • mythi (4)
  • ChengyuZhu6 (4)
  • wainersm (3)
  • huoqifeng (2)
  • fu-ju (2)
  • prashant9394 (2)
  • fidencio (2)
  • JakubLedworowski (1)
  • zvonkok (1)
  • Amulyam24 (1)
Pull Request Authors
  • dependabot[bot] (274)
  • Xynnn007 (102)
  • mythi (26)
  • mkulke (25)
  • fitzthum (16)
  • ChengyuZhu6 (13)
  • 1570005763 (8)
  • jialez0 (7)
  • BbolroC (7)
  • portersrc (5)
  • huoqifeng (5)
  • jodh-intel (4)
  • skaegi (4)
  • wainersm (3)
  • Apokleos (3)
Top Labels
Issue Labels
bug (18) image-rs (2) enhancement (1) cdh (1) 2hours (1) mid_priority (1)
Pull Request Labels
dependencies (274) rust (262) github_actions (13) image-rs (2) go (1) do-not-merge (1) cdh (1) enhancement (1)

Packages

  • Total packages: 2
  • Total downloads: unknown
  • Total dependent packages: 0
    (may contain duplicates)
  • Total dependent repositories: 0
    (may contain duplicates)
  • Total versions: 14
proxy.golang.org: github.com/confidential-containers/guest-components/confidential-data-hub/golang
  • Versions: 0
  • Dependent Packages: 0
  • Dependent Repositories: 0
Rankings
Dependent packages count: 6.4%
Average: 6.6%
Dependent repos count: 6.8%
Last synced: 11 months ago
proxy.golang.org: github.com/confidential-containers/guest-components
  • Versions: 14
  • Dependent Packages: 0
  • Dependent Repositories: 0
Rankings
Dependent packages count: 7.3%
Average: 7.6%
Dependent repos count: 7.8%
Last synced: 10 months ago

Dependencies

.github/workflows/dco.yml actions
  • tim-actions/dco master composite
  • tim-actions/get-pr-commits master composite
Cargo.toml cargo
  • filetime 0.2 development
  • nix 0.26 development
  • openssl 0.10.44 development
  • rstest 0.16.0 development
  • serial_test 0.9.0 development
  • strum 0.24 development
  • strum_macros 0.24 development
  • tempfile 3.2 development
  • tokio 1 development
  • anyhow 1
  • async-compression 0.3.15
  • async-trait 0.1.56
  • base64 0.13.0
  • dircpy 0.3.12
  • flate2 1.0
  • flume 0.10.14
  • fs_extra 1.2.0
  • futures-util 0.3
  • hex 0.4.3
  • libc 0.2
  • log 0.4.14
  • nix 0.26
  • oci-distribution 0.9.4
  • oci-spec 0.5.8
  • prost 0.11
  • protobuf 3.2.0
  • sequoia-openpgp 1.7.0
  • serde >=1.0.27
  • serde_json >=1.0.9
  • serde_yaml 0.8
  • sha2 >=0.10
  • sigstore 0.3.0
  • strum 0.24
  • strum_macros 0.24
  • tar 0.4.37
  • tokio 1.0
  • tonic 0.8
  • ttrpc 0.7.1
  • url 2.2.2
  • walkdir 2
  • zstd 0.11
.github/workflows/aa_basic.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
.github/workflows/aa_cc_kbc.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
.github/workflows/aa_crypto.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
.github/workflows/aa_eaa_kbc.yml actions
  • actions/checkout v2 composite
.github/workflows/aa_occlum_sgx.yml actions
  • actions/checkout v2 composite
.github/workflows/aa_release.yml actions
  • actions/checkout v3 composite
  • docker/build-push-action v4 composite
  • docker/login-action v2 composite
.github/workflows/aa_sample_keyprovider.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
.github/workflows/aa_sev_kbc.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
.github/workflows/image_rs_build.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v3 composite
.github/workflows/ocicrypt_rs_build.yml actions
  • actions-rs/cargo v1 composite
  • actions-rs/toolchain v1 composite
  • actions/checkout v2 composite
attestation-agent/coco_keyprovider/Cargo.toml cargo
  • rstest 0.17.0 development
  • aes-gcm 0.10.1
  • clap 4.0.29
  • ctr 0.9.2
  • env_logger 0.9.0
  • futures 0.3.5
  • jwt-simple 0.11.4
  • prost 0.8
  • rand 0.8.4
  • reqwest 0.11.14
  • tokio 1.0
  • tonic 0.5
  • uuid 1.3.0
attestation-agent/deps/crypto/Cargo.toml cargo
  • rstest 0.17.0 development
  • aes-gcm 0.10.1
  • ctr 0.9.2
  • openssl 0.10
  • rand 0.8.5
  • rsa 0.6.1
  • sha2 0.10
attestation-agent/kbc/Cargo.toml cargo
  • rstest 0.16.0 development
  • tokio 1.20.1 development
  • bincode 1.3.3
  • foreign-types 0.5.0
  • prost 0.11.0
  • tokio 1.0
  • tonic 0.8.0
  • uuid 1.1.2
attestation-agent/lib/Cargo.toml cargo
  • tokio 1.20.1 development
  • tokio 1.0
  • tonic 0.8.0
image-rs/Cargo.toml cargo
  • cfg-if 1.0.0 development
  • filetime 0.2 development
  • nix 0.26 development
  • openssl 0.10.44 development
  • rstest 0.17.0 development
  • serial_test 2.0.0 development
  • strum 0.24 development
  • strum_macros 0.24 development
  • tempfile 3.2 development
  • tokio 1 development
  • anyhow 1
  • async-compression 0.3.15
  • async-trait 0.1.56
  • base64 0.13.0
  • cfg-if 1.0.0
  • dircpy 0.3.12
  • flate2 1.0
  • fs_extra 1.2.0
  • futures 0.3.28
  • futures-util 0.3
  • hex 0.4.3
  • lazy_static 1.4.0
  • libc 0.2
  • log 0.4.14
  • nix 0.26
  • nydus-api 0.3.0
  • nydus-service 0.3.0
  • oci-spec 0.5.8
  • prost 0.11
  • protobuf 3.2.0
  • sequoia-openpgp 1.7.0
  • serde >=1.0.27
  • serde_json >=1.0.9
  • serde_yaml 0.9
  • sha2 >=0.10
  • strum 0.24
  • strum_macros 0.24
  • tar 0.4.37
  • tokio 1.0
  • tonic 0.8
  • ttrpc 0.7.1
  • url 2.2.2
  • walkdir 2
  • zstd 0.12
ocicrypt-rs/Cargo.toml cargo
  • aes-gcm 0.10 development
  • openssl >=0.10 development
  • tokio 1.17.0 development
  • aes >=0.8
  • anyhow >=1.0
  • async-trait 0.1.61
  • base64 0.13
  • base64-serde 0.6
  • cfg-if 1.0.0
  • ctr >=0.9
  • hmac >=0.12
  • josekit >=0.7
  • lazy_static >=1.4
  • openssl >=0.10
  • pin-project-lite 0.2.9
  • prost >=0.11.0
  • protobuf 3.2.0
  • ring 0.16.20
  • serde >=1.0
  • serde_json >=1.0
  • sha2 >=0.10
  • tokio 1.17.0
  • tonic >=0.8.0
  • ttrpc 0.7.1