Trusted Certificate Service (TCS) is a K8s service to protect signing keys using Intel's SGX technology. K8s CSR and cert-manager CR APIs are both supported. TCS also contains integration samples for Istio service mesh and Key Management Reference Application (KMRA).
Move the code related to the handling of QuoteAttestation CR to the Issuer controller. Now TCSIssuer owns the QuoteAttestation and checks its ready status within the issuer reconcile loop. So, we do not need a dedicated watch loop for checking the status of the QuoteAttestation CRs.
ipuustin
commented
2 years ago
Move the code related to the handling of QuoteAttestation CR to the Issuer controller. Now TCSIssuer owns the QuoteAttestation and checks its ready status within the issuer reconcile loop. So, we do not need a dedicated watch loop for checking the status of the QuoteAttestation CRs.