nixsgx

mirror of https://github.com/matter-labs/nixsgx.git synced 2025-07-21 07:33:55 +02:00

Author	SHA1	Message	Date
Harald Hoyer	86524f9b3b	Merge branch 'main' into gramine-v1.8	2024-11-19 23:08:47 +07:00
ozwaldorf	0b72b70409	feat(sgxGramineContainer): expose maxLayers argument from image builder	2024-11-13 13:03:53 -05:00
Harald Hoyer	50f3adc1c6	feat(gramine): v1.7 -> v1.8 Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-11-12 17:28:54 +01:00
Harald Hoyer	1e8c8ed1c7	refactor: replace mkSGXContainer with sgxGramineContainer - Deprecate `mkSGXContainer` in favor of `sgxGramineContainer`. - Update references to use the new container creation function. - Streamline the codebase by simplifying `overlays/libTee/default.nix`. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-08-08 14:34:34 +02:00
Harald Hoyer	9a35ad60ad	fix: get rid of `/dev/` in containers `enableFakechroot = true` somehow triggered the inclusion of `/dev`. Some fake chroots included `/dev/kvm` with different permissions, so the produced container was not the same. As this fake chroot is not needed anymore with using `--chroot` for `gramine-sgx-sign`, it can be turned off. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-07-02 12:12:22 +02:00
Harald Hoyer	4a6aff1d2e	fix: make containers reproducible again by providing the `--chroot` argument to `gramine-sgx-sign` and with a careful assembled `nix` directory, containing no build root artifacts. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-07-02 11:17:10 +02:00
Harald Hoyer	2d39aee8b4	feat: use overlay to specify `mkSGXContainer` will simplify `pkgs.callPackage lib.nixsgx.mkSGXContainer` to `nixsgxLib.mkSGXContainer`. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2024-07-01 16:06:23 +02:00

7 commits