WIP: Add enclave information #681
Conversation
| print(' Enclaves:') | ||
| print_enclaves([n.enclave for n in node_names_with_enclaves | ||
| if n.name.full_name == args.node_name]) |
There was a problem hiding this comment.
i am okay with either way, but we could consider this is one of the option for ros2 node info.
There was a problem hiding this comment.
I wasn't sure which is the best option. My rationale for leaving it in the default output is:
- Most people are running unsecured systems, and in this case it does not add a lot to the information output
- If someone is running a secured system, this can be important information, and users might want to frequently see this when they are examining a system.
There was a problem hiding this comment.
Is there any interest in this, or should I withdraw the PR? Internally, we've found that this information would be very useful for our development, and I'd like to help the community if possible.
There was a problem hiding this comment.
I think this is helpful. can you open this PR as Non-Draft for review?
Most people are running unsecured systems, and in this case it does not add a lot to the information output
IMO, this is why i came up with option such as --include-enclaves.
Adds information about the security enclave associated with a node to the information. This helps us debug complex security configurations in large systems, and verify that nodes are associated with appropriate enclaves. I'd like to get feedback on the approach before I attempt to fix the unit tests.
Distro A, OPSEC #4584
Signed-off-by: David Anthony [email protected]