{"id":30193193,"url":"https://github.com/google/cc-device-plugin","last_synced_at":"2026-04-01T18:58:42.917Z","repository":{"id":226498662,"uuid":"768845240","full_name":"google/cc-device-plugin","owner":"google","description":"A Kubernetes device plugin that exposes Confidential Computing devices to workloads in Google Kubernetes Engine (GKE) clusters.","archived":false,"fork":false,"pushed_at":"2026-03-19T23:44:27.000Z","size":32,"stargazers_count":6,"open_issues_count":2,"forks_count":4,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-24T10:32:55.547Z","etag":null,"topics":["confidential-computing","device-plugin","gcp","gke","golang","google","kubernetes","remote-attestation"],"latest_commit_sha":null,"homepage":"https://cloud.google.com/security/products/confidential-computing","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-03-07T20:56:02.000Z","updated_at":"2026-03-19T23:38:03.000Z","dependencies_parsed_at":"2024-03-13T20:39:14.801Z","dependency_job_id":"1ee6afcb-963d-4298-8412-5e870a5c8213","html_url":"https://github.com/google/cc-device-plugin","commit_stats":null,"previous_names":["google/cc-device-plugin"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/google/cc-device-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fcc-device-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fcc-device-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fcc-device-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fcc-device-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/cc-device-plugin/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fcc-device-plugin/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31047435,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-27T09:35:52.079Z","status":"ssl_error","status_checked_at":"2026-03-27T09:35:20.916Z","response_time":164,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["confidential-computing","device-plugin","gcp","gke","golang","google","kubernetes","remote-attestation"],"created_at":"2025-08-13T01:23:38.017Z","updated_at":"2026-04-01T18:58:42.893Z","avatar_url":"https://github.com/google.png","language":"Go","readme":"# Confidential Computing device plugin for Kubernetes\n[![Go Report Card](https://goreportcard.com/badge/github.com/google/cc-device-plugin)](https://goreportcard.com/report/github.com/google/cc-device-plugin)\n\n## Introduction\n\nThis is a [Kubernetes][k8s] [device plugin][dp] implementation that enables\nthe registration of Confidential Computing devices in a Google Kubernetes\nEngine (GKE) cluster for compute workloads. With the appropriate GKE setup\nand this plugin deployed, your Kubernetes cluster will be able to run jobs\n(e.g., Attestation) that require Confidential Computing devices.\n\nThis plugin supports the following technologies on GKE:\n*   **vTPM / AMD SEV:** Exposes `google.com/cc` resource.\n*   **AMD SEV-SNP:** Exposes `amd.com/sev-snp` resource. Requires AMD SNP machines.\n*   **Intel TDX:** Exposes `intel.com/tdx` resource. Requires Intel TDX machines.\n\n## Prerequisites\n*   A GKE cluster with node pools configured to support the desired\n    Confidential Computing technology (SEV, SEV-SNP, or TDX). This\n    includes selecting appropriate machine types and enabling Confidential\n    Nodes in the node pool settings.\n*   For SEV-SNP, ensure the node pool uses AMD SEV-SNP machine types.\n*   For TDX, ensure the node pool uses Intel TDX machine types.\n\n## Limitations\n*   This plugin targets Kubernetes v1.18+.\n*   Refer to [Confidential VM Supported Configurations](https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations)\n    for specific version and region availability.\n\n\n## Deployment\nThe device plugin needs to be run on all the nodes that are equipped with\nConfidential Computing devices.  The simplest way to do this is to create a\nKubernetes [DaemonSet][dp], which runs a copy of a pod on all (or some) Nodes\nin the cluster. \n\nWe have a pre-built Docker image on [Google Artifact Registry][release] that\nyou can use with your DaemonSet.  This repository also has a pre-defined yaml\nfile named `cc-device-plugin.yaml`.  You can create a DaemonSet in your\nKubernetes cluster by running this command using a stable version from the\nrelease repository:\n\n```\nkubectl create -f manifests/cc-device-plugin.yaml\n```\nor directly pull from the web using\n```\nkubectl create -f https://raw.githubusercontent.com/google/cc-device-plugin/main/manifests/cc-device-plugin.yaml\n```\n\n[dp]: https://kubernetes.io/docs/concepts/cluster-administration/device-plugins/\n[k8s]: https://kubernetes.io\n[tpm]: https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#vtpm\n[sevsnp]: https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overview#amd_sev-snp\n[tdx]: https://cloud.google.com/blog/products/identity-security/confidential-vms-on-intel-cpus-your-datas-new-intelligent-defense\n[release]: https://us-central1-docker.pkg.dev/gce-confidential-compute/release/cc-device-plugin\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fcc-device-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoogle%2Fcc-device-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fcc-device-plugin/lists"}