From 9c01b0a2810bc84e9f9aa529d13383b1e16242f7 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@matterlabs.dev>
Date: Wed, 12 Jun 2024 13:22:03 +0200
Subject: [PATCH] feat: add `container-vault-admin`

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
---
 packages/container-vault-admin/default.nix | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/packages/container-vault-admin/default.nix b/packages/container-vault-admin/default.nix
index 235ddd7..ec70476 100644
--- a/packages/container-vault-admin/default.nix
+++ b/packages/container-vault-admin/default.nix
@@ -1,27 +1,29 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright (c) 2024 Matter Labs
 { dockerTools
-, nixsgx
-, teepot
 , buildEnv
+, teepot
+, openssl
 , curl
+, nixsgx
 }:
 dockerTools.buildLayeredImage {
-  name = "vault-unseal";
+  name = "vault-admin";
 
-  config.Entrypoint = [ "${teepot.teepot.vault_unseal}/bin/vault-unseal" ];
+  config.Entrypoint = [ "${teepot.teepot.vault_admin}/bin/vault-admin" ];
 
   contents = buildEnv {
     name = "image-root";
     paths = with dockerTools; with nixsgx;[
-      azure-dcap-client
+      openssl.out
       curl.out
       sgx-dcap.quote_verify
+      sgx-dcap.default_qpl
       usrBinEnv
       binSh
       caCertificates
       fakeNss
-      teepot.teepot.vault_unseal
+      teepot.teepot.vault_admin
     ];
     pathsToLink = [ "/bin" "/lib" "/etc" ];
   };