KBS doesn't support RVPS registration with a built-in image

[lmilleri]

The RVPS registration is only available when the RVPS is deployed as a separate process (e.g., using the docker-compose orchestrator and grpc).

If you deploy the kbs as a built-in image (AS and RVPS embedded as crates), the registration API is no longer available.

Just for reference, this is the command for generating a KBS built-in image:

docker build -t kbs-all:latest . -f ./kbs/docker/Dockerfile

[Xynnn007]

Hi @lmilleri , thanks for bringing this issue. Could you share some use cases of RVPS now? To me, RVPS is still under development. In https://github.com/confidential-containers/kbs/issues/311#issuecomment-1933350385 I commented

To me, RVPS is still an abstract/developing module to work with software supply chain, which is not mature, so it might not be a great issue. Even if its API is not exposed, we can also use the policy to reach the same goal -- set reference values, by configuring the reference values manually. Before RVPS implements deterministic semantics and functionality, it would be ok to keep as-is

Does it make sense? If there are real use cases, I'd like to add the API exposure to KBS.

[lmilleri]

Hi @Xynnn007, I'm working on the kbs-operator for deploying the KBS service in a k8s cluster. For me it is not urgent, considering the following:

• kbs-operator will deploy the KBS service in microservice mode by default (in progress)
• RVPS development is at early stages Thanks