microsoft
diff --git a/‎.github/workflows/basic-ci-amd64.yaml‎
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/basic-ci-amd64.yaml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.github/workflows/static-checks.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/static-checks.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.gitignore‎
Lines changed: 0 additions & 1 deletion b/‎.gitignore‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/agent/Cargo.lock‎
Lines changed: 126 additions & 26 deletions b/‎src/agent/Cargo.lock‎
Lines changed: 126 additions & 26 deletions
diff --git a/‎src/agent/Cargo.toml‎
Lines changed: 2 additions & 3 deletions b/‎src/agent/Cargo.toml‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎src/agent/policy/Cargo.toml‎
Lines changed: 44 additions & 0 deletions b/‎src/agent/policy/Cargo.toml‎
Lines changed: 44 additions & 0 deletions
diff --git a/‎src/agent/policy/src/lib.rs‎
Lines changed: 6 additions & 0 deletions b/‎src/agent/policy/src/lib.rs‎
Lines changed: 6 additions & 0 deletions
@@ -304,6 +304,8 @@ jobs:
           TARGET_BRANCH: ${{ inputs.target-branch }}
 
       - name: Install dependencies
+        env:
+          GITHUB_API_TOKEN: ${{ github.token }}
         run: bash tests/integration/nerdctl/gha-run.sh install-dependencies
 
       - name: get-kata-tarball
 
@@ -102,7 +102,7 @@ jobs:
           ./tests/install_rust.sh
           echo "${HOME}/.cargo/bin" >> $GITHUB_PATH
       - name: Install protobuf-compiler
-        if: ${{ matrix.command == 'make check' && matrix.component == 'genpolicy' }}
+        if: ${{ matrix.command != 'make vendor' && (matrix.component == 'agent' || matrix.component == 'genpolicy' || matrix.component == 'agent-ctl') }}
         run: sudo apt-get -y install protobuf-compiler
       - name: Install musl-tools
         if: ${{ matrix.component != 'runtime' }}
 
@@ -18,7 +18,6 @@ src/tools/log-parser/kata-log-parser
 
 # Microsoft-specific
 .cargo/
-vendor/
 src/agent/samples/policy/test-input/
 src/tarfs/**/*.cmd
 src/tarfs/**/*.ko
 
@@ -96,16 +96,15 @@ regorus = { version = "0.2.6", default-features = false, features = [
     "base64url",
 ], optional = true }
 json-patch = "2.0.0"
+kata-agent-policy = { path = "policy" }
 
 [dev-dependencies]
 tempfile = "3.1.0"
 test-utils = { path = "../libs/test-utils" }
 which = "4.3.0"
 
 [workspace]
-members = [
-    "rustjail",
-]
+members = ["rustjail", "policy"]
 
 [profile.release]
 lto = true
 
@@ -0,0 +1,44 @@
+[package]
+name = "kata-agent-policy"
+version = "0.1.0"
+authors = [
+    "The Kata Containers community <kata-dev@lists.katacontainers.io>",
+]
+edition = "2018"
+license = "Apache-2.0"
+
+[dependencies]
+# Async runtime
+tokio = { version = "1.39.0", features = [
+    "full",
+] }
+tokio-vsock = "0.3.4"
+
+anyhow = "1"
+
+# Configuration
+serde = { version = "1.0.129", features = [
+    "derive",
+] }
+serde_json = "1.0.39"
+
+# Agent Policy
+regorus = { version = "0.2.8", default-features = false, features = [
+    "arc",
+    "regex",
+    "std",
+    "base64",
+] }
+json-patch = "2.0.0"
+sha2 = { version = "0.10.6" }
+sev = { git = "https://github.com/virtee/sev", tag = "v1.2.0", default-features = false, features = [
+    "snp",
+] }
+protocols = { path = "../../libs/protocols" }
+
+# Note: this crate sets the slog 'max_*' features which allows the log level
+# to be modified at runtime.
+logging = { path = "../../libs/logging" }
+slog = "2.5.2"
+slog-scope = "4.1.2"
+slog-term = "2.9.0"
@@ -0,0 +1,6 @@
+// Copyright (c) 2024 Edgeless Systems GmbH
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+pub mod policy;