forked from cloud-security-research/sgx-ra-tls
-
Notifications
You must be signed in to change notification settings - Fork 1
/
container-build.sh
executable file
·52 lines (44 loc) · 1.18 KB
/
container-build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/bash
# Build project from scratch in a Docker container.
set -e
set -x
REPO_DIR=$(readlink -f .)
TEMP_DIR=$(mktemp -d /var/tmp/ratls-XXX)
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
-i|--image)
IMAGE="$2"
shift # past argument
shift # past value
;;
-b|--branch)
REPO_BRANCH="$2"
shift
shift
;;
-k|--keep)
CMD=" ; bash"
shift # past argument
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters
pushd $TEMP_DIR
git clone $REPO_DIR
cd $(basename $REPO_DIR)
[ -n "$REPO_BRANCH" ] && git checkout $REPO_BRANCH
# --privileged=true is required for SGX-LKL only. The build process
# for SGX-LKL wants to mount things, uses iptables, etc.
docker run --device=/dev/isgx --device=/dev/sgx --device=/dev/gsgx \
--privileged=true \
-v /var/run/aesmd:/var/run/aesmd \
-v$(pwd):/project \
-it $IMAGE bash -c "cd /project $CMD"
popd