-
Notifications
You must be signed in to change notification settings - Fork 0
/
sconify.sh
executable file
·36 lines (31 loc) · 1.22 KB
/
sconify.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#!/bin/bash
# Declare the app entrypoint
ENTRYPOINT="node /app/index.js"
# Declare image related variables
IMG_NAME=rogargon/yt-oracle
IMG_FROM=${IMG_NAME}:temp-non-tee
IMG_TO=${IMG_NAME}:tee-debug
# Build the regular non-TEE image
docker build . -t ${IMG_FROM}
docker pull registry.scontain.com:5050/sconecuratedimages/node:14.4.0-alpine3.11
# Run the sconifier to build the TEE image based on the non-TEE image
docker run -it --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
registry.scontain.com:5050/scone-production/iexec-sconify-image:5.7.5-v8 \
sconify_iexec \
--name=${IMG_NAME} \
--from=${IMG_FROM} \
--to=${IMG_TO} \
--binary-fs \
--fs-dir=/app \
--host-path=/etc/hosts \
--host-path=/etc/resolv.conf \
--binary=/usr/local/bin/node \
--heap=1G \
--dlopen=1 \
--no-color \
--verbose \
--command=${ENTRYPOINT} \
&& echo -e "\n------------------\n" \
&& echo "successfully built TEE docker image => ${IMG_TO}" \
&& echo "application mrenclave.fingerprint is $(docker run --rm -e SCONE_HASH=1 ${IMG_TO})"