package credentials

import "github.com/Microsoft/hcsshim/internal/credentials"

Package credentials holds the necessary structs and functions for adding and removing Container Credential Guard instances (shortened to CCG normally) for V2 HCS schema containers.

Index

Types

type CCGResource

type CCGResource struct {
	// contains filtered or unexported fields
}

CCGResource stores the id used when creating a ccg instance. Used when closing a container to be able to release the instance.

func CreateCredentialGuard

func CreateCredentialGuard(ctx context.Context, id, credSpec string, hypervisorIsolated bool) (*hcsschema.ContainerCredentialGuardInstance, *CCGResource, error)

CreateCredentialGuard creates a container credential guard instance and returns the state object to be placed in a v2 container doc.

func (*CCGResource) Release

func (ccgResource *CCGResource) Release(ctx context.Context) error

Release calls into hcs to remove the ccg instance for the container matching CCGResource.id. These do not get cleaned up automatically they MUST be explicitly removed with a call to ModifyServiceSettings. The instances will persist unless vmcompute.exe exits or they are removed manually as done here.

Source Files

credentials.go doc.go

Version
v0.13.0 (latest)
Published
Apr 21, 2025
Platform
windows/amd64
Imports
7 packages
Last checked
16 hours ago

Tools for package owners.