openshift
diff --git a/‎.devcontainer/README.md‎
Lines changed: 15 additions & 0 deletions b/‎.devcontainer/README.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎.devcontainer/devcontainer.json‎
Lines changed: 6 additions & 0 deletions b/‎.devcontainer/devcontainer.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.devcontainer/development/devcontainer.json‎
Lines changed: 18 additions & 0 deletions b/‎.devcontainer/development/devcontainer.json‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎.devcontainer/development/scripts/general_greeting.sh‎
Lines changed: 38 additions & 0 deletions b/‎.devcontainer/development/scripts/general_greeting.sh‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎.devcontainer/development/scripts/postCreateCommand.sh‎
Lines changed: 47 additions & 0 deletions b/‎.devcontainer/development/scripts/postCreateCommand.sh‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎.devcontainer/development/uplosi_azure_notes.md‎
Lines changed: 60 additions & 0 deletions b/‎.devcontainer/development/uplosi_azure_notes.md‎
Lines changed: 60 additions & 0 deletions
diff --git a/‎.github/dependabot.yml‎
Lines changed: 3 additions & 0 deletions b/‎.github/dependabot.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎.github/workflows/actionlint.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/actionlint.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/azure-e2e-test.yml‎
Lines changed: 20 additions & 20 deletions b/‎.github/workflows/azure-e2e-test.yml‎
Lines changed: 20 additions & 20 deletions
@@ -0,0 +1,15 @@
+# Minimal edit container (Alpine)
+This container are the bare minimum and can be used if no depedencies are needed, like Go etc.
+
+# General development container
+
+This container has been setup so all tasks can be done on general level and includes:
+* Go
+* YQ so that mkosi builds can run (building peerpodvm images)
+* qemu-utils needed for raw -> qcow2 conversion after mkosi build
+* Uplosi so built images can be uploaded to the different cloudproviders
+
+
+> **Note:** Note: Cloud provider-specific tools (e.g., Azure CLI, AWS CLI, Google Cloud SDK) are not included by default to keep the development environment lightweight. Developers can install these tools as needed based on their specific use cases.
+
+> **Note:** For guidance on using `mkosi` to build and upload images to an Azure Image Gallery, see the [uplosi_azure_notes.md](./development/uplosi_azure_notes.md).
@@ -0,0 +1,6 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/alpine
+{
+	"name": "Minimal edit container (Alpine)",
+	"image": "mcr.microsoft.com/devcontainers/base:alpine-3.20"
+}
@@ -0,0 +1,18 @@
+// Create a Pod VM image with mkosi
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/alpine
+{
+	"name": "General development container",
+	"image": "mcr.microsoft.com/devcontainers/base:ubuntu-24.04",
+	"postCreateCommand": "bash .devcontainer/development/scripts/postCreateCommand.sh",
+	"capAdd": [
+		"CAP_AUDIT_WRITE"
+	],
+	"features": {
+		"ghcr.io/devcontainers/features/docker-outside-of-docker:1": {},
+		"ghcr.io/devcontainers/features/go:1": {}
+	},
+	"containerEnv": {
+		"CONTAINER_WORKSPACE_FOLDER": "${containerWorkspaceFolder}"
+	}
+}
@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+logo() {
+  # ASCII logo w/text box, centered 
+printf '                                               
+                          +++                          
+                      +++++++++++                      
+                  +++++++--.--+++++++                  
+               ++++++--.       .--++++++               
+            ++++++-.               .-++++++            
+         ++++++-.                     .-++++++         
+       +++++-.                           .-+++++       
+      +++-.             ..---..             .-+++      
+     +++.            .-----------.            .+++     
+     +++          .-----------------.          +++     
+     +++        -----------------------        +++     
+     +++        ------------------++###        +++     
+     ++-       .---------------++######.       +++     
+     ++-       .------------++#########.       -++     
+     ++-       .-----------+###########.       -++     
+     ++-       .-----------+###########        +++     
+     +++       .-----------+###########        +++     
+     +++        -----------+##########+        +++     
+     +++         ..--------+#######+-.         +++     
+     +++.            .-----+####-.            .+++     
+      +++-              ..-++-.              -+++      
+       ++++--.                           .--++++       
+         ++++++-.                     .-++++++         
+            ++++++-.               .-++++++            
+               ++++++-.         .-++++++               
+                  ++++++--...--++++++                  
+                      +++++++++++                      
+                         +++++                         
+                                                                                                                                                                                                                                  
+'
+}
+logo
+                                                                        
@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+DEBIAN_FRONTEND=noninteractive sudo apt-get update -qq && sudo apt-get install -yq qemu-utils
+
+mkdir -p  ~/.local/scripts/
+cp "${CONTAINER_WORKSPACE_FOLDER}/.devcontainer/development/scripts/general_greeting.sh" ~/.local/scripts/ || exit
+echo "source ~/.local/scripts/general_greeting.sh" >> ~/.bashrc
+
+YQ_VERSION=$(awk -F'= *' '/^YQ_VERSION/ {print $2}' ${CONTAINER_WORKSPACE_FOLDER}/src/cloud-api-adaptor/Makefile.defaults)
+
+# Detect raw values
+RAW_ARCH=$(uname -m)
+RAW_OS=$(uname -s)
+
+# Normalize OS
+case "$RAW_OS" in
+    Linux*)     DISTRO_OS="linux" ;;
+    Darwin*)    DISTRO_OS="darwin" ;;
+    FreeBSD*)   DISTRO_OS="freebsd" ;;
+    CYGWIN*|MINGW*|MSYS*) DISTRO_OS="windows" ;;
+    *)          DISTRO_OS="unknown" ;;
+esac
+
+# Normalize architecture
+case "$RAW_ARCH" in
+    x86_64)   DISTRO_ARCH="amd64" ;;
+    aarch64)  DISTRO_ARCH="arm64" ;;
+    armv7l)   DISTRO_ARCH="arm/v7" ;;
+    armv6l)   DISTRO_ARCH="arm/v6" ;;
+    i386|i686) DISTRO_ARCH="386" ;;
+    s390x)    DISTRO_ARCH="s390x" ;;
+    *)        DISTRO_ARCH="$RAW_ARCH" ;;  # fallback to raw
+esac
+
+# Output results (optional)
+echo "DISTRO_OS=$DISTRO_OS"
+echo "DISTRO_ARCH=$DISTRO_ARCH"
+
+# Build URL
+YQ_DOWNLOAD_URL="https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_${DISTRO_OS}_${DISTRO_ARCH}"
+
+echo "Downloading yq version ${YQ_VERSION} for ${DISTRO_OS}/${DISTRO_ARCH} from:"
+echo "${YQ_DOWNLOAD_URL}"
+
+sudo wget -qO /usr/bin/yq "${YQ_DOWNLOAD_URL}"
+sudo chmod +x /usr/bin/yq
+
+go install github.com/edgelesssys/uplosi@latest
@@ -0,0 +1,60 @@
+## Edit 
+```console
+/workspaces/cloud-api-adaptor/src/cloud-api-adaptor/versions.yaml
+```
+oci.guest-components.reference to desired tag found here (non sha) : [ghcr.io/confidential-containers/guest-components](https://github.com/orgs/confidential-containers/packages?repo_name=guest-components)
+
+## mkosi build debug podvm
+
+```console
+cd /workspaces/cloud-api-adaptor/src/cloud-api-adaptor/podvm-mkosi
+TEE_PLATFORM=az-cvm-vtpm make debug
+```
+
+## Set envs
+
+```console
+export AZURE_COMMUNITY_GALLERY_NAME=cocopodvm
+export AZURE_PODVM_GALLERY_NAME=gallerycaaimages
+
+export AZURE_PODVM_IMAGE_DEF_NAME= # podvm_image0_debug or podvm_image0
+export AZURE_PODVM_IMAGE_VERSION=
+
+export AZURE_SUBSCRIPTION_ID=
+export AZURE_RESOURCE_GROUP=
+```
+
+## Add azure cli
+
+```console
+curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+az login
+```
+
+## Create uplosi config
+
+```console
+SHARING_NAME_PREFIX="$(echo $AZURE_COMMUNITY_GALLERY_NAME | cut -d'-' -f1)"
+cat <<EOF> uplosi.conf
+[base]
+imageVersion = "$AZURE_PODVM_IMAGE_VERSION"
+name = "$AZURE_PODVM_IMAGE_DEF_NAME"
+
+[variant.default]
+provider = "azure"
+
+[base.azure]
+subscriptionID = "$AZURE_SUBSCRIPTION_ID"
+location = "westeurope"
+resourceGroup = "$AZURE_RESOURCE_GROUP"
+sharedImageGallery = "$AZURE_PODVM_GALLERY_NAME"
+sharingNamePrefix = "$SHARING_NAME_PREFIX"
+
+EOF
+```
+
+## Run uplosi
+
+```console
+uplosi upload build/system.raw
+```
@@ -17,6 +17,9 @@ updates:
       - "src/peerpod-ctrl"
       - "src/webhook"
     groups:
+      avast/retry-go:
+        patterns:
+          - github.com/avast/retry-go
       aws-sdk-go-v2:
         patterns:
           - "*aws-sdk-go-v2*"
 
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout the code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
 
 
@@ -46,17 +46,17 @@ jobs:
     permissions:
       id-token: write
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
+    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
       name: 'Az CLI login'
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
         tenant-id: ${{ secrets.AZURE_TENANT_ID }}
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
+      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
 
     - name: Build container image
       id: build-container
@@ -82,22 +82,22 @@ jobs:
     strategy:
       matrix:
         parameters:
-          - id: "tdx"
-            machine_type: "Standard_DC2es_v5"
-            jitter: 0
+          # - id: "tdx"
+          #   machine_type: "Standard_DC2es_v5"
+          #   jitter: 0
           - id: "snp"
             machine_type: "Standard_DC2as_v5"
             jitter: 10
     permissions:
       id-token: write
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
     - name: Extract go version number
       run: echo "GO_VERSION=$(yq -e '.tools.golang' versions.yaml)" >> "$GITHUB_ENV"
 
     - name: Set up Go environment
-      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+      uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
       with:
         go-version: "${{ env.GO_VERSION }}"
         cache-dependency-path: "**/go.sum"
@@ -144,7 +144,7 @@ jobs:
           ${{ env.TEST_PROVISION_FILE }}
         name: e2e-configuration-${{ matrix.parameters.id }}
 
-    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
+    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
       name: 'Az CLI login'
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
@@ -172,26 +172,26 @@ jobs:
     strategy:
       matrix:
         parameters:
-          - id: "tdx"
-            machine_type: "Standard_DC2es_v5"
+          # - id: "tdx"
+          #   machine_type: "Standard_DC2es_v5"
           - id: "snp"
             machine_type: "Standard_DC2as_v5"
     permissions:
       id-token: write
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
     - name: Extract version numbers
       run: |
         echo "GO_VERSION=$(yq -e '.tools.golang' versions.yaml)" >> "$GITHUB_ENV"
         echo "ORAS_VERSION=$(yq -e '.tools.oras' versions.yaml)" >> "$GITHUB_ENV"
 
-    - uses: oras-project/setup-oras@8d34698a59f5ffe24821f0b48ab62a3de8b64b20 # v1
+    - uses: oras-project/setup-oras@22ce207df3b08e061f537244349aac6ae1d214f6 # v1.2.4
       with:
         version: ${{ env.ORAS_VERSION }}
 
     - name: Set up Go environment
-      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+      uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
       with:
         go-version: ${{ env.GO_VERSION }}
         cache-dependency-path: "**/go.sum"
@@ -213,11 +213,11 @@ jobs:
           echo "CLUSTER_NAME=${{ format(env.CLUSTER_NAME_TEMPLATE, matrix.parameters.id) }}" >> "$GITHUB_ENV"
 
     - name: Restore the configuration created before
-      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
       with:
         name: e2e-configuration-${{ matrix.parameters.id }}
 
-    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
+    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
       name: 'Az CLI login'
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
@@ -262,16 +262,16 @@ jobs:
     strategy:
       matrix:
         parameters:
-          - id: "tdx"
-            machine_type: "Standard_DC2es_v5"
-            jitter: 0
+          # - id: "tdx"
+          #   machine_type: "Standard_DC2es_v5"
+          #   jitter: 0
           - id: "snp"
             machine_type: "Standard_DC2as_v5"
             jitter: 10
     permissions:
       id-token: write
     steps:
-    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
+    - uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
       name: 'Az CLI login'
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}