feat: rename manifest and sigs to app by default via appName parameter

This will ease the creation of scripts processing containers further.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>

lib/default.nix

@@ -21,6 +21,7 @@ _:
     , extraPostBuild ? ""
     , extraChrootCommands ? ""
     , appDir ? "/app"
+    , appName ? "app"
     , sigFile ? null
     , extendedPackages ? [ ]
     , customRecursiveMerge ? null
@@ -121,7 +122,7 @@ _:
               set -e
               mkdir -p $out/{etc,var/run}
               mkdir -p $out/${appDir}/{.dcap-qcnl,.az-dcap-client}
-              ln -s ${manifestFile} $out/${appDir}/${name}.manifest.toml
+              ln -s ${manifestFile} $out/${appDir}/${appName}.manifest.toml
               # Increase IPv4 address priority
               printf "precedence ::ffff:0:0/96  100\n" > $out/etc/gai.conf
               ${
@@ -170,10 +171,10 @@ _:
             ''
               ${extraCmd};
               if [ -n "$GRAMINE_DIRECT" ]; then
-                  exec gramine-direct ${name};
+                  exec gramine-direct ${appName};
               else
                   [[ -r /var/run/aesmd/aesm.socket ]] || restart-aesmd >&2;
-                  exec gramine-sgx ${name};
+                  exec gramine-sgx ${appName};
               fi
             ''
           ];
@@ -200,10 +201,10 @@ _:
                 (
                   set -e
                   cd ${appDir}
-                  HOME=${appDir} ${nixsgx.gramine}/bin/gramine-manifest ${manifestFile} ${name}.manifest;
+                  HOME=${appDir} ${nixsgx.gramine}/bin/gramine-manifest ${manifestFile} ${appName}.manifest;
                   ${nixsgx.gramine}/bin/gramine-sgx-sign \
-                    --manifest ${name}.manifest \
-                    --output ${name}.manifest.sgx \
+                    --manifest ${appName}.manifest \
+                    --output ${appName}.manifest.sgx \
                     --key ${keyfile};
                   eval "${extraChrootCommands}"
                 )
@@ -221,8 +222,8 @@ _:
 
                 includeStorePaths = false;
                 extraCommands = ''
-                  mkdir -p app
-                  cp ${sigFile} app/nixsgx-test-sgx-azure.sig
+                  mkdir -p ${appDir}
+                  cp ${sigFile} ${appDir}/${appName}.sig
                 '';
               }
           else fromImage;

packages/nixsgx-test-sgx-azure/default.nix

@@ -1,25 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright (c) 2024 Matter Labs
-{ lib
-, pkgs
-, inputs
-, nixsgx
-, hello
-}:
-pkgs.callPackage lib.nixsgx.mkSGXContainer {
-  name = "nixsgx-test-sgx-azure";
-  tag = "latest";
-
-  packages = [ hello ];
-  entrypoint = lib.meta.getExe hello;
-
+{ nixsgx }: nixsgx.nixsgx-test-sgx-dcap.override {
+  container-name = "nixsgx-test-sgx-azure";
   isAzure = true;
-
-  manifest = {
-    sgx = {
-      edmm_enable = false;
-      enclave_size = "32M";
-      max_threads = 2;
-    };
-  };
 }

packages/nixsgx-test-sgx-dcap/default.nix

@@ -5,15 +5,18 @@
 , inputs
 , nixsgx
 , hello
+, isAzure ? false
+, container-name ? "nixsgx-test-sgx-dcap"
+, tag ? "latest"
 }:
 pkgs.callPackage lib.nixsgx.mkSGXContainer {
-  name = "nixsgx-test-sgx-dcap";
-  tag = "latest";
+  name = container-name;
+  inherit tag isAzure;
 
   packages = [ hello ];
   entrypoint = lib.meta.getExe hello;
 
-  isAzure = false;
+  extraCmd = "echo \"Starting ${container-name}\"; gramine-sgx-sigstruct-view app.sig";
 
   manifest = {
     sgx = {