harald/nixsgx
1
0
Fork 0
mirror of https://github.com/matter-labs/nixsgx.git synced 2025-07-21 23:43:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add GRAMINE_DIRECT

Browse source 
if the container is passed `GRAMINE_DIRECT=1` then `gramine-direct`
is executed. This helps debugging on non-sgx machines.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer 2024-06-14 14:25:46 +02:00
parent 070abadeb7
commit ec8f336547
Signed by: harald
GPG key ID: F519A1143B3FBE32
3 changed files with 18 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lib/default.nix
View file

@ -166,7 +166,17 @@ _:
"LD_LIBRARY_PATH=${lib.makeLibraryPath [ pkgs.curl.out (if isAzure then nixsgx.azure-dcap-client.out else nixsgx.sgx-dcap.default_qpl)]}"
];
Entrypoint = [ "/bin/sh" "-c" ];
Cmd = [ "${extraCmd}; [[ -r /var/run/aesmd/aesm.socket ]] || restart-aesmd >&2; exec gramine-sgx ${name}" ];
Cmd = [
''
${extraCmd};
if [ -n \"$GRAMINE_DIRECT\" ]; then
exec gramine-direct ${name};
else
[[ -r /var/run/aesmd/aesm.socket ]] || restart-aesmd >&2;
exec gramine-sgx ${name};
fi
''
];
WorkingDir = "${appDir}";
};