search

confidential-containers / cloud-api-adaptor

Ability to create Kata pods using cloud provider APIs aka the peer-pods approach
Apache License 2.0
47 stars 79 forks source link

podvm: Remove OPA from build #1869

Closed stevenhorsman closed 3 months ago

stevenhorsman commented 3 months ago

Now we have switched to the main version of kata-agent, where regorus is being used to enforce policy, we can remove OPA from the podvm image

bpradipt commented 3 months ago

@stevenhorsman should this be also removed - https://github.com/confidential-containers/cloud-api-adaptor/blob/main/src/cloud-api-adaptor/podvm/files/etc/systemd/system/kata-opa.service ?

stevenhorsman commented 3 months ago

@stevenhorsman should this be also removed - https://github.com/confidential-containers/cloud-api-adaptor/blob/main/src/cloud-api-adaptor/podvm/files/etc/systemd/system/kata-opa.service ?

Yes - thanks for the spot. I'll sort that now

stevenhorsman commented 3 months ago

@stevenhorsman should this be also removed - https://github.com/confidential-containers/cloud-api-adaptor/blob/main/src/cloud-api-adaptor/podvm/files/etc/systemd/system/kata-opa.service ?

Yes - thanks for the spot. I'll sort that now

I've added the kata-opa.service related removals in 79f852913ff6bf90ca04811ebd9bc343ccb9f63e for easier review, but if people are happen I'll fixup it into the previous commit

bpradipt commented 3 months ago

@stevenhorsman should this be also removed - https://github.com/confidential-containers/cloud-api-adaptor/blob/main/src/cloud-api-adaptor/podvm/files/etc/systemd/system/kata-opa.service ?

Yes - thanks for the spot. I'll sort that now

I've added the kata-opa.service related removals in 79f8529 for easier review, but if people are happen I'll fixup it into the previous commit

looks good.. you can squash the commits and hopefully the CI will be happy post that