feat(sgx): try to reduce the docker layers

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>

overlays/libTee/sgxGramineContainer.nix

@@ -97,9 +97,6 @@ let
   tomlFormat = pkgs.formats.toml { };
   manifestFile = tomlFormat.generate "${name}.manifest.toml" mergedManifest;
 
-  contents = pkgs.buildEnv {
-    name = "image-root-${appName}";
-
   paths = with pkgs.dockerTools; with nixsgx;[
     openssl.out
     curl.out
@@ -131,23 +128,27 @@ let
       eval "${extraPostBuild}"
     )
   '';
+
+  contents = pkgs.buildEnv {
+    name = "image-root-${appName}";
+    inherit paths pathsToLink postBuild;
   };
 
   extendedContents = pkgs.buildEnv {
     name = "extended-root-${appName}";
 
-    paths = with pkgs.dockerTools; with nixsgx;[
+    paths = paths ++ (with pkgs.dockerTools; with nixsgx;[
       coreutils
       restart-aesmd
       sgx-psw
       usrBinEnv
       binSh
       fakeNss
-    ] ++ extendedPackages;
+    ]) ++ extendedPackages;
 
-    pathsToLink = [ "/bin" "/lib" "/etc" "/share" ];
+    pathsToLink = pathsToLink ++ [ "/bin" "/lib" "/etc" "/share" ];
 
-    postBuild =
+    postBuild = postBuild + (
       if sgx_default_qcnl_conf != null then ''
         (
           set -e
@@ -155,7 +156,8 @@ let
           rm -f $out/etc/sgx_default_qcnl.conf
           ln -s ${sgx_default_qcnl_conf} $out/etc/sgx_default_qcnl.conf
         )
-      '' else null;
+      '' else ""
+    );
   };
 
   config = {
@@ -201,7 +203,6 @@ let
         name = "${name}-manifest-${appName}";
         inherit tag;
         inherit contents;
-        inherit fromImage;
         inherit maxLayers;
 
         includeStorePaths = false;