-
Notifications
You must be signed in to change notification settings - Fork 0
88 lines (70 loc) · 2.51 KB
/
build-enclave.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
name: Build Enclave
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
build-enclave:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to Docker Hub
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
- name: Verify required files are present
run: |
if [[ ! -f Dockerfile || ! -f setup.sh || ! -f supervisord.conf ]]; then
echo "Required files (Dockerfile, setup.sh, supervisord.conf) are missing!"
exit 1
fi
- name: Move files to folder structure
run: |
mkdir -p setup
mv Dockerfile setup/ || echo "Dockerfile already in setup/"
mv setup.sh setup/ || echo "setup.sh already in setup/"
mv supervisord.conf setup/ || echo "supervisord.conf already in setup/"
# Check and add outer Dockerfile and entrypoint.sh if not present
if [ ! -f Dockerfile ]; then
echo "Creating outer Dockerfile"
cat <<EOF > Dockerfile
# base image
FROM marlinorg/nitro-cli
# working directory
WORKDIR /app/setup
# add files
COPY entrypoint.sh ./
RUN chmod +x entrypoint.sh
# entry point
ENTRYPOINT [ "/app/setup/entrypoint.sh" ]
EOF
fi
if [ ! -f entrypoint.sh ]; then
echo "Creating entrypoint.sh"
cat <<EOF > entrypoint.sh
#!/bin/sh
dockerd &
sleep 10
# Determine architecture
ARCH=\$(uname -m)
if [ "\$ARCH" = "aarch64" ]; then
PLATFORM=linux/arm64
else
PLATFORM=linux/amd64
fi
docker buildx create --name multiplatformEnclave --driver docker-container --bootstrap
docker buildx use multiplatformEnclave
cd /app/mount/setup
docker buildx build --platform \$PLATFORM -t enclave:latest --load .
mkdir -p /app/mount/enclave
mkdir -p /var/log/nitro_enclaves
touch /var/log/nitro_enclaves/nitro_enclaves.log
nitro-cli build-enclave --docker-uri enclave:latest --output-file /app/mount/enclave/enclave.eif
EOF
fi
- name: Build and Run Enclave
run: |
docker build -t enclave .
docker run --privileged -v `pwd`:/app/mount enclave