-
Notifications
You must be signed in to change notification settings - Fork 0
170 lines (143 loc) · 5.35 KB
/
build-enclave.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: Build Enclave
on:
push:
branches:
- master
- frontend-enclave
pull_request:
branches:
- master
- frontend-enclave
jobs:
build-enclave:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Verify required files are present
run: |
if [[ ! -f Dockerfile || ! -f setup.sh || ! -f supervisord.conf ]]; then
echo "Required files (Dockerfile, setup.sh, supervisord.conf) are missing!"
exit 1
fi
- name: Move files to folder structure
run: |
# Ensure setup directory exists
mkdir -p setup
# Move files into setup/ directory if not already there
mv Dockerfile setup/ || echo "Dockerfile already in setup/"
mv setup.sh setup/ || echo "setup.sh already in setup/"
mv supervisord.conf setup/ || echo "supervisord.conf already in setup/"
# Check and add outer Dockerfile and entrypoint.sh if not present
if [ ! -f Dockerfile ]; then
echo "Creating outer Dockerfile"
cat <<EOF > Dockerfile
# base image
FROM marlinorg/nitro-cli
# working directory
WORKDIR /app/setup
# add files
COPY entrypoint.sh ./
RUN chmod +x entrypoint.sh
# entry point
ENTRYPOINT [ "/app/setup/entrypoint.sh" ]
EOF
fi
# Create entrypoint.sh if not present
if [ ! -f entrypoint.sh ]; then
echo "Creating entrypoint.sh"
cat <<EOF > entrypoint.sh
#!/bin/sh
dockerd &
sleep 10
# Determine architecture
ARCH=\$(uname -m)
if [ "\$ARCH" = "aarch64" ]; then
PLATFORM=linux/arm64
else
PLATFORM=linux/amd64
fi
docker buildx create --name multiplatformEnclave --driver docker-container --bootstrap
docker buildx use multiplatformEnclave
cd /app/mount/setup
docker buildx build --platform \$PLATFORM -t enclave:latest --load .
mkdir -p /app/mount/enclave
mkdir -p /var/log/nitro_enclaves
touch /var/log/nitro_enclaves/nitro_enclaves.log
nitro-cli build-enclave --docker-uri enclave:latest --output-file /app/mount/enclave/enclave.eif
EOF
chmod +x entrypoint.sh
fi
- name: Commit and push entrypoint.sh if created
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add entrypoint.sh
git commit -m "Add entrypoint.sh generated by GitHub Actions" || echo "No changes to commit"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build Frontend Code
run: |
if [ -d "webapp" ]; then
echo "webapp folder found. Starting frontend build..."
cd webapp
if [ "${{ inputs.package_manager || 'npm' }}" == "yarn" ]; then
yarn install
yarn build
else
npm install
npm run build
fi
else
echo "No webapp folder found, skipping frontend build."
fi
- name: Commit and push frontend build
run: |
if [ -d "frontend/build" ]; then
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add frontend/build
git commit -m "Add frontend build files" || echo "No changes to commit"
git push
else
echo "No frontend build folder found, skipping commit and push."
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Run Enclave
run: |
docker build -t enclave .
docker run --privileged -v $(pwd):/app/mount enclave
- name: Verify enclave.eif file
id: verify_eif
run: |
echo "Searching for enclave.eif file..."
EIF_PATH=$(find / -name "enclave.eif" 2>/dev/null | head -n 1)
if [ -z "$EIF_PATH" ]; then
echo "Error: enclave.eif file not found!"
exit 1
fi
echo "File found at $EIF_PATH"
echo "EIF_PATH=$EIF_PATH" >> $GITHUB_ENV
- name: Initialize Git LFS
run: |
git lfs install
git lfs track "enclave/enclave.eif"
git add .gitattributes
git commit -m "Track enclave.eif with Git LFS" || echo "No changes to commit"
- name: Commit and push enclave.eif
run: |
cd $GITHUB_WORKSPACE # Move to the root directory of the repository
mkdir -p enclave
# Only copy if the file does not already exist in the target path
if [ ! -f enclave/enclave.eif ]; then
cp "$EIF_PATH" enclave/enclave.eif
else
echo "enclave.eif already exists in the destination path, skipping copy."
fi
git add enclave/enclave.eif
git commit -m "Add generated enclave.eif file" || echo "No changes to commit"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}