-
Notifications
You must be signed in to change notification settings - Fork 39
/
Copy pathenclave.Dockerfile
47 lines (35 loc) · 1.58 KB
/
enclave.Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# Build Stages:
# build-base = downloads modules and prepares the directory for compilation. Based on the ego-dev image
# build-enclave = copies over the actual source code of the project and builds it using a compiler cache
# deploy = copies over only the enclave executable without the source
# in a lightweight base image specialized for deployment and prepares the /data/ folder.
FROM ghcr.io/edgelesssys/ego-dev:v1.3.0 AS build-base
# setup container data structure
RUN mkdir -p /home/obscuro/go-obscuro
# Ensures container layer caching when dependencies are not changed
WORKDIR /home/obscuro/go-obscuro
COPY go.mod .
COPY go.sum .
RUN ego-go mod download
# Trigger new build stage for compiling the enclave
FROM build-base as build-enclave
COPY . .
WORKDIR /home/obscuro/go-obscuro/go/enclave/main
# Build the enclave using the cross image build cache.
RUN --mount=type=cache,target=/root/.cache/go-build \
ego-go build
# Sign the enclave executable
RUN ego sign main
# Final container folder structure:
# /home/obscuro/data contains working files for the enclave
# /home/obscuro/go-obscuro/go/enclave/main contains the executable for the enclave
#
# Trigger a new build stage and use the smaller ego version:
FROM ghcr.io/edgelesssys/ego-deploy:v1.3.0
# Copy just the binary for the enclave into this build stage
COPY --from=build-enclave \
/home/obscuro/go-obscuro/go/enclave/main home/obscuro/go-obscuro/go/enclave/main
WORKDIR /home/obscuro/go-obscuro/go/enclave/main
# simulation mode is ACTIVE by default
ENV OE_SIMULATION=1
EXPOSE 11000