-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
57 lines (42 loc) · 1.43 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
FROM ubuntu:18.04 as builder
# Install Prerequisites
RUN apt-get update && apt-get install -yq --no-install-recommends \
ca-certificates \
build-essential \
wget
# Install SGX SDK
WORKDIR /opt/intel
RUN wget https://download.01.org/intel-sgx/sgx-linux/2.11/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.11.100.2.bin \
&& chmod +x sgx_linux_x64_sdk_2.11.100.2.bin \
&& echo yes | ./sgx_linux_x64_sdk_2.11.100.2.bin
# STEP 1 Build executable binary
WORKDIR /workspace
# Copy source code from the host
COPY ./ ./
RUN make build
# STEP 2 Build a small image
FROM ubuntu:18.04 as sample
RUN apt-get update && apt-get install -y \
g++ \
libcurl4-openssl-dev \
libprotobuf-dev \
libssl-dev \
make \
wget \
gnupg \
module-init-tools
# Install the Intel(R) SGX PSW
RUN echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' | tee /etc/apt/sources.list.d/intel-sgx.list \
&& wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - \
&& apt-get update && apt-get install -y \
# Install launch service
libsgx-launch \
libsgx-urts \
# Install EPID-based attestation service:
libsgx-epid \
# Install algorithm agnostic attestation service
libsgx-quote-ex
WORKDIR /project
# Copy our static executable binary
COPY --from=builder /workspace/src/app /workspace/src/enclave.signed.so ./
CMD ["/project/app"]