diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 67d0a2d..b95bf6d 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -63,3 +63,9 @@ jobs:
 
       - name: nix build
         run: nix run github:nixos/nixpkgs/nixos-23.11#nixci
+
+      - name: integration check
+        run: |
+          nix build --accept-flake-config -L .#nixsgx-test-sgx-azure
+          docker load -i result
+          docker run -i --env GRAMINE_DIRECT=1 --privileged --init --rm nixsgx-test-sgx-azure:latest | grep -q -F 'Hello, world!'
diff --git a/.gitignore b/.gitignore
index b041889..7b67073 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@
 /.envrc
 /.direnv
 /result
+/result-*
diff --git a/lib/default.nix b/lib/default.nix
index 665254b..af85f61 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -166,7 +166,17 @@ _:
             "LD_LIBRARY_PATH=${lib.makeLibraryPath [ pkgs.curl.out (if isAzure then nixsgx.azure-dcap-client.out else nixsgx.sgx-dcap.default_qpl)]}"
           ];
           Entrypoint = [ "/bin/sh" "-c" ];
-          Cmd = [ "${extraCmd}; [[ -r /var/run/aesmd/aesm.socket ]] || restart-aesmd >&2; exec gramine-sgx ${name}" ];
+          Cmd = [
+            ''
+              ${extraCmd};
+              if [ -n \"$GRAMINE_DIRECT\" ]; then
+                  exec gramine-direct ${name};
+              else
+                  [[ -r /var/run/aesmd/aesm.socket ]] || restart-aesmd >&2;
+                  exec gramine-sgx ${name};
+              fi
+            ''
+          ];
           WorkingDir = "${appDir}";
         };