Skip to content

github readme

github readme #27

Workflow file for this run

name: Build Enclave
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
build-enclave:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to Docker Hub
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
- name: Verify required files are present
run: |
if [[ ! -f Dockerfile || ! -f setup.sh || ! -f supervisord.conf ]]; then
echo "Required files (Dockerfile, setup.sh, supervisord.conf) are missing!"
exit 1
fi
- name: Move files to folder structure
run: |
# Ensure setup directory exists
mkdir -p setup
# Move files into setup/ directory if not already there
mv Dockerfile setup/ || echo "Dockerfile already in setup/"
mv setup.sh setup/ || echo "setup.sh already in setup/"
mv supervisord.conf setup/ || echo "supervisord.conf already in setup/"
# Check and add outer Dockerfile and entrypoint.sh if not present
if [ ! -f Dockerfile ]; then
echo "Creating outer Dockerfile"
cat <<EOF > Dockerfile
# base image
FROM marlinorg/nitro-cli
# working directory
WORKDIR /app/setup
# add files
COPY entrypoint.sh ./
RUN chmod +x entrypoint.sh
# entry point
ENTRYPOINT [ "/app/setup/entrypoint.sh" ]
EOF
fi
# Create entrypoint.sh if not present
if [ ! -f entrypoint.sh ]; then
echo "Creating entrypoint.sh"
cat <<EOF > entrypoint.sh
#!/bin/sh
dockerd &
sleep 10
# Determine architecture
ARCH=\$(uname -m)
if [ "\$ARCH" = "aarch64" ]; then
PLATFORM=linux/arm64
else
PLATFORM=linux/amd64
fi
docker buildx create --name multiplatformEnclave --driver docker-container --bootstrap
docker buildx use multiplatformEnclave
cd /app/mount/setup
docker buildx build --platform \$PLATFORM -t enclave:latest --load .
mkdir -p /app/mount/enclave
mkdir -p /var/log/nitro_enclaves
touch /var/log/nitro_enclaves/nitro_enclaves.log
nitro-cli build-enclave --docker-uri enclave:latest --output-file /app/mount/enclave/enclave.eif
EOF
chmod +x entrypoint.sh
fi
- name: Commit and push entrypoint.sh if created
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add entrypoint.sh
git commit -m "Add entrypoint.sh generated by GitHub Actions" || echo "No changes to commit"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Run Enclave
run: |
docker build -t enclave .
docker run --privileged -v $(pwd):/app/mount enclave
- name: Verify enclave.eif file
id: verify_eif
run: |
echo "Searching for enclave.eif file..."
EIF_PATH=$(find / -name "enclave.eif" 2>/dev/null | head -n 1)
if [ -z "$EIF_PATH" ]; then
echo "Error: enclave.eif file not found!"
exit 1
fi
echo "File found at $EIF_PATH"
echo "EIF_PATH=$EIF_PATH" >> $GITHUB_ENV
- name: Initialize Git LFS
run: |
git lfs install
git lfs track "enclave/enclave.eif"
git add .gitattributes
git commit -m "Track enclave.eif with Git LFS" || echo "No changes to commit"
- name: Commit and push enclave.eif
run: |
cd $GITHUB_WORKSPACE # Move to the root directory of the repository
mkdir -p enclave
# Only copy if the file does not already exist in the target path
if [ ! -f enclave/enclave.eif ]; then
cp "$EIF_PATH" enclave/enclave.eif
else
echo "enclave.eif already exists in the destination path, skipping copy."
fi
git add enclave/enclave.eif
git commit -m "Add generated enclave.eif file" || echo "No changes to commit"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}