diff --git a/demo/dlb-dpdk-demo/Dockerfile b/demo/dlb-dpdk-demo/Dockerfile index 0c4f23fd8..ad57f08c4 100644 --- a/demo/dlb-dpdk-demo/Dockerfile +++ b/demo/dlb-dpdk-demo/Dockerfile @@ -26,7 +26,7 @@ RUN cd dpdk-* && patch -Np1 < $(echo ../dlb/dpdk/dpdk_dlb_*.patch) && sed -i 's/ RUN cd dpdk-* && ninja -C builddir install && install -D builddir/app/dpdk-test-eventdev /install_root/usr/bin/dpdk-test-eventdev FROM ubuntu:20.04 -RUN apt-get update && apt-get install -y libnuma1 +RUN apt-get update && apt-get install -y libnuma1 libatomic1 COPY --from=builder /install_root / COPY test.sh /usr/bin/ diff --git a/deployments/sgx_aesmd/base/sgx_default_qcnl.conf b/deployments/sgx_aesmd/base/sgx_default_qcnl.conf index 67cb3aff4..486e39122 100644 --- a/deployments/sgx_aesmd/base/sgx_default_qcnl.conf +++ b/deployments/sgx_aesmd/base/sgx_default_qcnl.conf @@ -1,2 +1,17 @@ -PCCS_URL=https://localhost:8081/sgx/certification/v3/ -USE_SECURE_CERT=FALSE +{ + // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them. + + // This sample is a typical config file for a development environment which has a local PCCS setup + // QPL will get PCK certificates as well as quote verification collateral from the local PCCS service + // The PCCS service uses self-signed certificates + // You should choose the correct PCCS API version. "3.1" will return CRL in raw DER format + // It is recommended to use "3.1" for DCAP 1.12 release and later + + //PCCS server address + "pccs_url": "https://localhost:8081/sgx/certification/v4/", + + // To accept insecure HTTPS certificate, set this option to false + "use_secure_cert": false, + + "pccs_api_version": "3.1" +} diff --git a/deployments/sgx_enclave_apps/base/intelsgx-job.yaml b/deployments/sgx_enclave_apps/base/intelsgx-job.yaml index ef9730e02..8475e4b62 100644 --- a/deployments/sgx_enclave_apps/base/intelsgx-job.yaml +++ b/deployments/sgx_enclave_apps/base/intelsgx-job.yaml @@ -21,8 +21,6 @@ spec: securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false - capabilities: - add: ["IPC_LOCK"] resources: limits: sgx.intel.com/epc: "512Ki" diff --git a/deployments/sgx_enclave_apps/overlays/sgx_ecdsa_inproc_quote/sgx_default_qcnl.conf b/deployments/sgx_enclave_apps/overlays/sgx_ecdsa_inproc_quote/sgx_default_qcnl.conf index 67cb3aff4..486e39122 100644 --- a/deployments/sgx_enclave_apps/overlays/sgx_ecdsa_inproc_quote/sgx_default_qcnl.conf +++ b/deployments/sgx_enclave_apps/overlays/sgx_ecdsa_inproc_quote/sgx_default_qcnl.conf @@ -1,2 +1,17 @@ -PCCS_URL=https://localhost:8081/sgx/certification/v3/ -USE_SECURE_CERT=FALSE +{ + // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them. + + // This sample is a typical config file for a development environment which has a local PCCS setup + // QPL will get PCK certificates as well as quote verification collateral from the local PCCS service + // The PCCS service uses self-signed certificates + // You should choose the correct PCCS API version. "3.1" will return CRL in raw DER format + // It is recommended to use "3.1" for DCAP 1.12 release and later + + //PCCS server address + "pccs_url": "https://localhost:8081/sgx/certification/v4/", + + // To accept insecure HTTPS certificate, set this option to false + "use_secure_cert": false, + + "pccs_api_version": "3.1" +} diff --git a/test/e2e/deviceplugins_suite_test.go b/test/e2e/deviceplugins_suite_test.go index ad3387ab3..b7898e888 100644 --- a/test/e2e/deviceplugins_suite_test.go +++ b/test/e2e/deviceplugins_suite_test.go @@ -108,7 +108,7 @@ func setupFirstNode() []byte { utils.Kubectl("node-feature-discovery", "apply", "-k", "deployments/nfd/overlays/node-feature-rules/kustomization.yaml") if err = e2epod.WaitForPodsRunningReady(c, "node-feature-discovery", 2, 0, - 100*time.Second, map[string]string{}); err != nil { + 200*time.Second, map[string]string{}); err != nil { framework.Failf("unable to wait for NFD pods to be running and ready: %v", err) }