Setup dir #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Enclave | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| branches: | |
| - master | |
| jobs: | |
| build-enclave: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Log in to Docker Hub | |
| env: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin | |
| - name: Verify required files are present | |
| run: | | |
| if [[ ! -f Dockerfile || ! -f setup.sh || ! -f supervisord.conf ]]; then | |
| echo "Required files (Dockerfile, setup.sh, supervisord.conf) are missing!" | |
| exit 1 | |
| fi | |
| - name: Move files to folder structure | |
| run: | | |
| # Ensure setup directory exists | |
| mkdir -p setup | |
| # Move files into setup/ directory if not already there | |
| mv Dockerfile setup/ || echo "Dockerfile already in setup/" | |
| mv setup.sh setup/ || echo "setup.sh already in setup/" | |
| mv supervisord.conf setup/ || echo "supervisord.conf already in setup/" | |
| # Create outer Dockerfile if not present | |
| if [ ! -f Dockerfile ]; then | |
| echo "Creating outer Dockerfile" | |
| cat <<EOF > Dockerfile | |
| # Base image with Nitro CLI | |
| FROM marlinorg/nitro-cli | |
| # Set working directory | |
| WORKDIR /app/setup | |
| # Copy and make entrypoint executable | |
| COPY entrypoint.sh ./ | |
| RUN chmod +x entrypoint.sh | |
| # Set entry point to entrypoint.sh | |
| ENTRYPOINT [ "/app/setup/entrypoint.sh" ] | |
| EOF | |
| fi | |
| # Create entrypoint.sh if not present | |
| if [ ! -f entrypoint.sh ]; then | |
| echo "Creating entrypoint.sh" | |
| cat <<EOF > entrypoint.sh | |
| #!/bin/sh | |
| dockerd & | |
| sleep 10 | |
| # Set platform based on architecture | |
| ARCH=\$(uname -m) | |
| if [ "\$ARCH" = "aarch64" ]; then | |
| PLATFORM=linux/arm64 | |
| else | |
| PLATFORM=linux/amd64 | |
| fi | |
| docker buildx create --name multiplatformEnclave --driver docker-container --bootstrap | |
| docker buildx use multiplatformEnclave | |
| # Build the inner enclave image | |
| cd /app/mount/setup | |
| docker buildx build --platform \$PLATFORM -t enclave:latest --load . | |
| # Prepare directories for Nitro Enclaves | |
| mkdir -p /app/mount/enclave | |
| mkdir -p /var/log/nitro_enclaves | |
| touch /var/log/nitro_enclaves/nitro_enclaves.log | |
| # Build the enclave image file | |
| nitro-cli build-enclave --docker-uri enclave:latest --output-file /app/mount/enclave/enclave.eif | |
| EOF | |
| fi | |
| - name: Build and Run Enclave | |
| run: | | |
| docker build -t enclave . | |
| docker run --privileged -v "$(pwd)":/app/mount enclave |