feat(tdx_google): add iproute2 and vector initialization wait

- Include iproute2 in the container path for required networking tools. - Add a script to wait for vector to initialize before proceeding.
2025-07-21 15:13:56 +02:00 · 2025-03-21 13:11:23 +01:00 · 2025-03-21 13:11:23 +01:00 · 3f90e4f80b
commit 3f90e4f80b
parent 63c16b1177
1 changed files with 10 additions and 1 deletions
--- a/packages/tdx_google/container.nix
+++ b/packages/tdx_google/container.nix
@ -15,10 +15,19 @@
      User = "root";
      EnvironmentFile = "-/run/env/env";
    };
-    path = [ pkgs.docker pkgs.teepot.teepot.tdx_extend ];
+    path = [ pkgs.docker pkgs.teepot.teepot.tdx_extend pkgs.iproute2 ];
    script = ''
      set -eu -o pipefail

+      # wait for vector to initialize itself
+      for i in {1..30}; do
+        if [[ $(ss -H -t -l -n sport = 4318) ]]; then
+          break
+        fi
+        echo "Waiting for vector to initialize itself..." >&2
+        sleep 1
+      done
+
      DIGEST=''${CONTAINER_DIGEST#sha256:}
      echo "Measuring $DIGEST" >&2
      test -c /dev/tdx_guest && tdx-extend --digest "$DIGEST" --rtmr 3