Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
ceec490
Merge pull request #22 from vinfnet/exp-aks-voting-app
vinfnet Jun 4, 2026
ba83eb1
Add sealed container ACI confidential sample with SKR flow
sgallagherMS Jun 19, 2026
b3b7bc9
feat: Add -WelcomeSecret parameter for sealed secret encryption demo
sgallagherMS Jun 22, 2026
18c0c38
docs: add comprehensive section on artifact integrity and signature v…
sgallagherMS Jun 22, 2026
c3ccecf
change: update default resource prefix from sgall to sealaci
sgallagherMS Jun 22, 2026
c57381d
ui: add colored backgrounds to sealed data sections
sgallagherMS Jun 22, 2026
991956d
chore: refresh generated deployment template signature after redeploy
sgallagherMS Jun 24, 2026
7834479
docs: signpost new sealed-container content in main READMEs
sgallagherMS Jun 24, 2026
bcb5791
feat: add preflight check for optional tools (cosign/syft/trivy) with…
sgallagherMS Jun 24, 2026
d97b221
fix: avoid secret-scan false positive in appImage example
sgallagherMS Jun 24, 2026
74e9d17
Merge pull request #24 from vinfnet/exp-sealed-sbom-caci
vinfnet Jun 24, 2026
fef8c7a
Document NAT egress and offline CVM mode
sgallagherMS Jun 24, 2026
77c3be7
Add prerequisite checks and documentation
sgallagherMS Jun 26, 2026
96c81dd
Add Quickstart section with Intel TDX and AMD SEV-SNP examples
sgallagherMS Jun 26, 2026
7cd9e43
Remove recommendation text from Intel TDX section
sgallagherMS Jun 26, 2026
5c1b3e7
Fix formatting: remove duplicate code fence after Intel TDX SKU verif…
sgallagherMS Jun 26, 2026
4b270ca
Remove hyphens from basename example values
sgallagherMS Jun 26, 2026
f798b75
Shorten README basename examples to 5 chars max
sgallagherMS Jun 26, 2026
d0bfc49
Add AMD SEV-SNP v6 Quickstart examples
sgallagherMS Jun 26, 2026
499baa8
Harden in-VM attestation download and failure handling
sgallagherMS Jun 26, 2026
652b9db
Harden Linux in-VM attestation download path
sgallagherMS Jun 26, 2026
b28d42e
Fix CVM attestation reliability and NAT egress validation
sgallagherMS Jun 26, 2026
23dad92
Retry transient VM visibility delays around attestation
sgallagherMS Jun 26, 2026
6415c20
Validate v6 CVM matrix and harden Linux attestation extraction
sgallagherMS Jun 26, 2026
af55636
Add two-tier CVM validation: local pre-push and GitHub Actions CI/CD …
sgallagherMS Jun 26, 2026
defca5f
Install pre-push validation hook via one-command setup
sgallagherMS Jun 26, 2026
c54d06c
test: verify automatic hooks on commit and push
sgallagherMS Jun 26, 2026
edfac0d
feat: add validation output to PR comments and commit messages
sgallagherMS Jun 26, 2026
7e5eeca
docs: add validation automation guide for PR comments and commit mess…
sgallagherMS Jun 26, 2026
f8762d9
chore: move validation reporting to PR comments and reduce CI checks
sgallagherMS Jun 26, 2026
7c924ec
docs: update README for PR-comment validation and reduced CI checks
sgallagherMS Jun 26, 2026
0c8da9c
chore: cosmetic comment update in BuildRandomCVM
sgallagherMS Jun 26, 2026
ea71e2e
fix: include basic attestation fields in PR matrix comment
sgallagherMS Jun 26, 2026
486d1c8
fix: capture all streams for attestation parsing in PR comment
sgallagherMS Jun 26, 2026
d37d482
fix: run matrix in parallel and improve attestation/comment accuracy
sgallagherMS Jun 26, 2026
e784876
fix: correct parallel job argument binding for matrix runner
sgallagherMS Jun 26, 2026
d6dc371
chore: disable automatic PR validation comments
sgallagherMS Jun 26, 2026
d61f9f6
docs: update hook installer output for no PR auto-comments
sgallagherMS Jun 26, 2026
4b5f157
feat: re-enable matrix PR auto-comments by default
sgallagherMS Jun 26, 2026
3df8344
docs: update validation workflow docs for matrix PR comments
sgallagherMS Jun 26, 2026
e180396
Merge pull request #25 from vinfnet/exp-ado-vm-svr
vinfnet Jun 26, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions .github/workflows/cvm-validation.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
name: CVM Validation on PR

on:
pull_request:
types: [opened, synchronize, reopened]
paths:
- 'vm-samples/**'
- 'scripts/**'
- '.github/workflows/cvm-validation.yml'
workflow_dispatch:
inputs:
skipCleanup:
description: 'Skip resource cleanup (for debugging)'
required: false
default: 'false'

jobs:
secret-scan:
name: Secret Scan
runs-on: windows-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Run secret scan
shell: pwsh
run: ./scripts/pre-commit.ps1 -ScanMode all

validate-syntax:
name: Syntax & Parameter Validation
runs-on: windows-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Run pre-push validation
shell: pwsh
run: ./scripts/validate-cvm.ps1 -SkipTemplateValidation

summary:
name: Validation Summary
runs-on: windows-latest
needs: [secret-scan, validate-syntax]
if: always()
steps:
- name: Check results
shell: pwsh
run: |
Write-Host ""
Write-Host "═══════════════════════════════════════════════════" -ForegroundColor Cyan
Write-Host " CVM PR Validation Summary" -ForegroundColor Cyan
Write-Host "═══════════════════════════════════════════════════" -ForegroundColor Cyan
Write-Host ""

$results = @{
"Secret Scan" = "${{ needs.secret-scan.result }}"
"Syntax & Parameter Validation" = "${{ needs.validate-syntax.result }}"
}

foreach ($check in $results.Keys) {
$status = $results[$check]
if ($status -eq "success") {
Write-Host " ✓ $check" -ForegroundColor Green
} elseif ($status -eq "skipped") {
Write-Host " ⊘ $check (skipped)" -ForegroundColor Yellow
} else {
Write-Host " ✗ $check ($status)" -ForegroundColor Red
}
}

Write-Host ""
if ("${{ needs.secret-scan.result }}" -eq "success" -and
"${{ needs.validate-syntax.result }}" -eq "success") {
Write-Host "✓ All validations passed" -ForegroundColor Green
Write-Host ""
exit 0
} else {
Write-Host "✗ Some validations failed" -ForegroundColor Red
Write-Host ""
exit 1
}
8 changes: 5 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,11 @@ Confidential computing is the protection of data-in-use through isolating comput
| Addition | Description |
|---|---|
| **[Visual Attestation Demo v2 (ACI)](/aci-samples/visual-attestation-demo-v2/README.md)** 🆕 | Simplified ACI port of the AKS visual attestation sample. Flask app calls Microsoft Azure Attestation **directly** via the upstream `get-snp-report` tool — **no SKR sidecar**, single container. Side-by-side Confidential vs Standard SKU deployment demonstrates falsifiability: the same image fails deterministically on Standard (no `/dev/sev-guest`), proving the success case really came from AMD silicon. |
| **[Sealed Container (ACI) — updated](aci-samples/sealed-container/README.md)** 🆕 | New sealed-container guidance and features: `-WelcomeSecret` encryption/decryption flow, artifact integrity verification walkthrough (checksums vs signatures), clearer UI section highlighting, and updated deployment defaults/documentation. |
| **[Federated Multi-Party Demo](/multi-party-samples/advanced-app-federated/README.md)** ⭐ | New 4-party (Contoso, Fabrikam, Wingtip Toys, Woodgrove Bank) **federated** analytics demo. Each partner decrypts its own data inside its own AMD SEV-SNP TEE and returns only aggregates — no raw PII ever crosses the trust boundary. Includes a 3-minute [`DEMO-SCRIPT.md`](/multi-party-samples/advanced-app-federated/DEMO-SCRIPT.md). |
| **[CVM samples now support Intel TDX](/vm-samples/README.md)** | [`BuildRandomCVM.ps1`](/vm-samples/BuildRandomCVM.ps1) auto-detects AMD SEV-SNP (`DCa*`/`ECa*`) vs Intel TDX (`DCe*`/`ECe*`, e.g. `Standard_DC2es_v6`) from the chosen VM SKU and runs the matching attestation config. See the [Intel TDX examples](/vm-samples/README.md#intel-tdx-examples) in the VM samples README. |
| **Updated in-VM attestation tooling** | The CVM build script now runs the latest pre-built `attest` binary from [Azure/cvm-attestation-tools](https://github.com/Azure/cvm-attestation-tools/releases/latest) inside the VM (Linux + Windows), then **decodes the returned MAA JWT** (header, payload and key claims like `x-ms-attestation-type` and `x-ms-compliance-status`) using `jq` on Linux and built-in `ConvertFrom-Json` on Windows. The legacy [`WindowsAttest.ps1`](/vm-samples/WindowsAttest.ps1) is kept for reference but is **no longer recommended**. |
| **[CVM samples now support Intel TDX](/vm-samples/README.md)** | [`BuildRandomCVM.ps1`](/vm-samples/BuildRandomCVM.ps1) auto-detects AMD SEV-SNP (`DCa*`/`ECa*`) vs Intel TDX (`DCe*`/`ECe*`, e.g. `Standard_DC2es_v6`) from the chosen VM SKU and runs the matching attestation config. The script now also enables outbound internet on the private VM subnet via NAT Gateway by default, with `-NoInternetAccess` available for fully isolated deployments. The June 2026 validation matrix now includes all four combinations: AMD v6 Windows, AMD v6 Linux, TDX v6 Windows, and TDX v6 Linux. See the [Intel TDX examples](/vm-samples/README.md#intel-tdx-examples) in the VM samples README. |
| **Validation workflow update** 🆕 | Local `pre-push` performs validation only (no PR commenting). Use `./scripts/post-validation-comment.ps1` to run the 4-way CVM matrix and auto-post results as a **comment on the active PR** (use `-NoPostToPr` to skip posting). Commit-message annotation is removed. GitHub Actions is temporarily running **secret scan + syntax/parameter validation only** until service principal secrets are available. See [Validation Automation](docs/VALIDATION-AUTOMATION.md). |
| **Updated in-VM attestation tooling** | The CVM build script now runs the latest pre-built `attest` binary from [Azure/cvm-attestation-tools](https://github.com/Azure/cvm-attestation-tools/releases/latest) inside the VM (Linux + Windows), then **decodes the returned MAA JWT** (header, payload and key claims like `x-ms-attestation-type` and `x-ms-compliance-status`) using `jq` on Linux and built-in `ConvertFrom-Json` on Windows. Linux extraction now supports `unzip`, `python3`, or `bsdtar` fallback paths to avoid image-specific package gaps. When `-NoInternetAccess` is used, this attestation step is skipped because the VM cannot reach GitHub to download the tooling. The legacy [`WindowsAttest.ps1`](/vm-samples/WindowsAttest.ps1) is kept for reference but is **no longer recommended**. |
| **Repo redirect** | [`https://aka.ms/accsamples`](https://aka.ms/accsamples) now points to this repo. The legacy [`confidential-container-samples`](https://github.com/Azure-Samples/confidential-container-samples) repo remains read-only / archived for reference. |

### Previously (May 2026)
Expand Down Expand Up @@ -156,7 +158,7 @@ Confidential Virtual Machine (CVM) deployment scripts:
- Windows Server 2022 Datacenter, Windows Server 2019, Windows 11 Enterprise 24H2, Ubuntu 24.04 LTS, RHEL 9.5 — all confidential-VM images
- **New attestation flow** — runs the latest pre-built `attest` binary from [`Azure/cvm-attestation-tools`](https://github.com/Azure/cvm-attestation-tools/releases/latest) inside the freshly deployed VM (Linux + Windows) and decodes the returned MAA JWT (header, payload, key claims like `x-ms-attestation-type`, `x-ms-compliance-status`, `secure-boot`, `tpm-enabled`) using `jq` on Linux / built-in `ConvertFrom-Json` on Windows
- **Pre-flight checks** before any resources are created: rejects Intel SGX SKUs (different isolation model), validates the chosen SKU is offered in the target region, and confirms there is enough vCPU quota in the VM family
- **Bastion-optional** (`-DisableBastion`) and **smoketest mode** (`-smoketest`) for CI / cost-controlled validation
- **Bastion-optional** (`-DisableBastion`), **internet-optional** (`-NoInternetAccess`), and **smoketest mode** (`-smoketest`) for CI / cost-controlled validation
- **BuildRandomSQLCVM.ps1** - SQL Server 2022 on Confidential VM

### [AKS Samples](/aks-samples/README.md)
Expand Down
12 changes: 12 additions & 0 deletions aci-samples/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,18 @@ Scripts and samples for creating Confidential Azure Container Instances (ACIs) u
| [Visual Attestation Demo](visual-attestation-demo/README.md) | Interactive web application demonstrating remote attestation via Microsoft Azure Attestation (MAA) using the SKR sidecar |
| [Visual Attestation Demo v2](visual-attestation-demo-v2/README.md) 🆕 | Simplified ACI port that calls MAA **directly** from the Flask app via the upstream `get-snp-report` tool (no SKR sidecar). Side-by-side Confidential vs Standard SKU deployment to demonstrate falsifiability. |
| [App + PostgreSQL Finance Demo](app-and-postgreSQL-demo/README.md) 🆕 | Confidential ACI with DCa/ECa AMD PostgreSQL, 5,000 financial transactions, Application Gateway, and 9 threat scenarios |
| [Sealed Container](sealed-container/README.md) 🆕 | Production-shaped sealed container: hand-authored restrictive CCE policy (no exec, no stdio, no logging), SKR-released AES key that unwraps an encrypted data bundle into tmpfs inside the TEE, signed SBOM + Trivy scan + cosign signatures over every artifact, signed top-level manifest with checksums. |

## New in Sealed Container (June 2026)

If you already know this sample, start here for the latest updates:

- **`-WelcomeSecret` workflow**: Pass a secret at build time, store it as an encrypted `welcome.txt` envelope, and decrypt/display only after successful attestation.
- **Artifact integrity guidance**: Clear explanation of what is enforced automatically (`checksums.sha256`) versus what is generated for audit (`.sig` signature files).
- **UI clarity improvements**: Distinct visual backgrounds for `Sealed data status`, `Decrypted files (metadata only)`, and `Secret payload decrypted after attestation`.
- **Updated defaults and docs**: Refreshes around build/deploy usage and README navigation for sealed-container operators.

See full details: [sealed-container/README.md](sealed-container/README.md)

---

Expand Down
8 changes: 8 additions & 0 deletions aci-samples/sealed-container/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Local build state — regenerated by Build-SealedArtifacts.ps1
acr-config.json
deployment-params*.json

# Local credentials / ephemeral keys (never commit)
*.priv.pem
*.private.pem
wrap-key.pem
Loading
Loading