Reviewed 12 of 12 files at r1, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion, not enough approvals from maintainers (3 more required), not enough approvals from different teams (2 more required, approved so far: ) (waiting on @aneessahib)

Examples/aks-attestation/aks-secret-prov-server.dockerfile line 32 at r1 (raw file):

ARG server_dcap_pf="n"
RUN if [ $server_dcap_pf="y" ]; then \
        sed -i "s|verify_measurements_callback,|NULL,|g" \

Please don't patch sources with sed. Also, why do you even need this?

Reviewable status: all files reviewed, 1 unresolved discussion, not enough approvals from maintainers (2 more required), not enough approvals from different teams (2 more required, approved so far: ) (waiting on @mkow)

Examples/aks-attestation/aks-secret-prov-server.dockerfile line 32 at r1 (raw file):

This file is taken as is from https://github.com/gramineproject/contrib/blob/master/Curated-Apps/verifier/verifier.dockerfile.template

This change will force the verification logic to default to https://github.com/gramineproject/gramine/blob/da990909010a5989dc89c63f4c7a22d78fb3f5c6/tools/sgx/ra-tls/ra_tls_verify_dcap.c#L206, and this is more secure. ( verify_measurements_callback which only prints the different quote attributes)

Reviewable status: all files reviewed, 1 unresolved discussion, not enough approvals from maintainers (2 more required), not enough approvals from different teams (2 more required, approved so far: ) (waiting on @mkow)

Examples/aks-attestation/aks-secret-prov-server.dockerfile line 32 at r1 (raw file):

btw - we should be ok to modify examples to suit our needs, no?