Add GMSA support for V2 process isolated containers#797
Merged
dcantah merged 1 commit intomicrosoft:masterfrom Apr 28, 2020
Merged
Add GMSA support for V2 process isolated containers#797dcantah merged 1 commit intomicrosoft:masterfrom
dcantah merged 1 commit intomicrosoft:masterfrom
Conversation
dcantah
force-pushed
the
gmsa
branch
2 times, most recently
from
00b4b82 to
57809ee
Compare
dcantah
changed the title
jstarks
reviewed
Apr 14, 2020
Contributor
Author
|
@kevpar @katiewasnothere @ambarve if one of you has time today could you take a gander at this :) |
Member
|
Linking to #347 for tracking :) |
dcantah
force-pushed
the
gmsa
branch
4 times, most recently
from
c6d1de7 to
d7cf697
Compare
kevpar
reviewed
Apr 22, 2020
kevpar
reviewed
Apr 22, 2020
kevpar
reviewed
Apr 22, 2020
kevpar
reviewed
Apr 22, 2020
kevpar
reviewed
Apr 22, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 23, 2020
kevpar
reviewed
Apr 24, 2020
kevpar
reviewed
Apr 24, 2020
kevpar
reviewed
Apr 24, 2020
kevpar
reviewed
Apr 24, 2020
dcantah
force-pushed
the
gmsa
branch
3 times, most recently
from
a6b3546 to
4768792
Compare
kevpar
reviewed
Apr 24, 2020
Member
|
Can you update the title so we don't use the term "V2 process isolated containers", please? |
kevpar
reviewed
Apr 24, 2020
Contributor
Author
What is the concern with the title/what would you rather it be? If it's with the V2 removing that wouldn't be accurate as we already do support GMSA for V1 schema containers. |
Member
|
Realistically not a big deal I suppose. I'm trying to cut down on us using "v2" as an shorthand since I think it's vague (are you talking about v2 hcs schema, v2 hcs APIs, v2 containerd shim protocol, something else?). If you clarify in the description I think the title is okay. |
Contributor
Author
|
@kevpar Good point, all the V1-V2 and codenames was very confusing at the beginning so I understand haha. Added a clarification to the description. |
kevpar
reviewed
Apr 27, 2020
kevpar
reviewed
Apr 27, 2020
* Add generated V2 schema files for Container Credential Guard * Add new hcs calls that are necessary to setup container credential guard instances. * Add new resource type CCGInstance that implements ResourceCloser so a containers ccg instance will be cleaned up on container close. * Add tests to validate gmsa * Remove logging from resource Release methods and just return an error. Forego returning immediately on an error in ReleaseResources and return afterwards if any of the releases failed. Signed-off-by: Daniel Canter <dcanter@microsoft.com>
26 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Support for V2 HCS Schema process isolated containers
instances.
ccg instance will be cleaned up on container close.
Signed-off-by: Daniel Canter dcanter@microsoft.com