feat: implement Intel TDX/AMD SEV-SNP support

Hardware Support: Added support for Intel TDX and AMD SEV-SNP device attestation.
Architecture: Refactored to a multi-resource architecture supporting concurrent plugin instances.
Resource Logic: Fixed vTPM sharing limits (corrected from 1 to 256).
Reliability: Implemented robust socket cleanup and standardized error handling (errcheck).
CI/CD: Updated GitHub Actions to v5, enabled strict linting, and expanded test coverage to ./... .

Author: jimmychiuuuu

.github/workflows/ci.yml

@@ -29,47 +29,38 @@ jobs:
       matrix:
         go-version: [1.21.x]
         os: [ubuntu-latest]
-        architecture: [x32, x64]
-    name: Generate/Build/Test (${{ matrix.os }}, ${{ matrix.architecture }}, Go ${{ matrix.go-version }})
+        architecture: [x64]
+    name: Build/Test (${{ matrix.os }}, ${{ matrix.architecture }}, Go ${{ matrix.go-version }})
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go-version }}
           architecture: ${{ matrix.architecture }}
+          cache: true
       - name: Build all modules
-        run: CGO_ENABLED=0 go build -v
+        run: CGO_ENABLED=0 go build -v ./...
       - name: Test all modules
-        run: CGO_ENABLED=0 go test ./deviceplugin/... -v
+        run: CGO_ENABLED=0 go test ./... -v
 
   lint:
-    strategy:
-      matrix:
-        go-version: [1.21.x]
-        os: [ubuntu-latest]
-        dir: ["./"]
-    name: Lint ${{ matrix.dir }} (${{ matrix.os }}, Go ${{ matrix.go-version }})
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
-          go-version: ${{ matrix.go-version }}
+          go-version: 1.21.x
+          cache: true
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v3.2.0
+        uses: golangci/golangci-lint-action@v4
         with:
           version: latest
-          working-directory: ${{ matrix.dir }}
           args: >
-            -D errcheck
+            -E errcheck
             -E stylecheck
             -E goimports
             -E misspell
             -E revive
             -E gofmt
-            -E goimports
-            --exclude-use-default=false
-            --max-same-issues=0
-            --max-issues-per-linter=0
-            --timeout 2m
+            --timeout 5m

README.md

@@ -15,7 +15,7 @@ this plugin deployed in your Kubernetes cluster, you will be able to run jobs
 * This plugin targets Kubernetes v1.18+.
 
 ## Deployment
-The device plugin needs to be run on all the nodes that are equipped with Confidential Computing devices (e.g. TPM).  The simplest way of doing so is to create a Kubernetes [DaemonSet][dp], which run a copy of a pod on all (or some) Nodes in the cluster.  We have a pre-built Docker image on [Goolge Artifact Registry][release] that you can use for with your DaemonSet.  This repository also have a pre-defined yaml file named `cc-device-plugin.yaml`.  You can create a DaemonSet in your Kubernetes cluster by running this command:
+The device plugin needs to be run on all the nodes that are equipped with Confidential Computing devices (e.g. TPM).  The simplest way of doing so is to create a Kubernetes [DaemonSet][dp], which run a copy of a pod on all (or some) Nodes in the cluster.  We have a pre-built Docker image on [Google Artifact Registry][release] that you can use for with your DaemonSet.  This repository also have a pre-defined yaml file named `cc-device-plugin.yaml`.  You can create a DaemonSet in your Kubernetes cluster by running this command:
 
 ```
 kubectl create -f manifests/cc-device-plugin.yaml