forked from rojkov/intel-device-plugins-for-kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
83 lines (68 loc) · 2.87 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
FROM ubuntu:20.04 AS builder
WORKDIR /root
RUN apt-get update && \
env DEBIAN_FRONTEND=noninteractive apt-get install -y \
wget \
unzip \
protobuf-compiler \
libprotobuf-dev \
build-essential \
cmake \
pkg-config \
gdb \
vim \
python3 \
git \
gnupg \
&& apt-get -y -q upgrade \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# SGX SDK is installed in /opt/intel directory.
WORKDIR /opt/intel
ARG SGX_SDK_INSTALLER=sgx_linux_x64_sdk_2.16.100.4.bin
ARG DCAP_VERSION=DCAP_1.13
RUN echo "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main" >> /etc/apt/sources.list.d/intel-sgx.list \
&& wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - \
&& apt-get update \
&& env DEBIAN_FRONTEND=noninteractive apt-get install -y \
libsgx-dcap-ql-dev \
libsgx-dcap-default-qpl-dev \
libsgx-quote-ex-dev
# Install SGX SDK
RUN wget https://download.01.org/intel-sgx/sgx-linux/2.16/distro/ubuntu20.04-server/$SGX_SDK_INSTALLER \
&& chmod +x $SGX_SDK_INSTALLER \
&& echo "yes" | ./$SGX_SDK_INSTALLER \
&& rm $SGX_SDK_INSTALLER
RUN git clone -b $DCAP_VERSION https://github.com/intel/SGXDataCenterAttestationPrimitives.git
RUN cd sgxsdk/SampleCode/SampleEnclave \
&& . /opt/intel/sgxsdk/environment \
&& make \
&& cd -
RUN cd SGXDataCenterAttestationPrimitives/SampleCode/QuoteGenerationSample \
&& . /opt/intel/sgxsdk/environment \
&& make \
&& cd -
FROM ubuntu:20.04
RUN apt-get update && \
apt-get install -y \
wget \
gnupg-agent
# Add 01.org to apt for SGX packages and install SGX runtime components
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main" | \
tee -a /etc/apt/sources.list.d/intel-sgx.list \
&& wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | \
gpg --dearmor --output /usr/share/keyrings/intel-sgx.gpg \
&& apt-get update \
&& env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
libsgx-enclave-common \
libsgx-urts \
libsgx-quote-ex \
libsgx-dcap-ql \
libsgx-dcap-default-qpl \
&& mkdir -p /opt/intel/sgx-sample-app/ \
&& mkdir -p /opt/intel/sgx-quote-generation/
COPY --from=builder /opt/intel/sgxsdk/SampleCode/SampleEnclave/app /opt/intel/sgx-sample-app/sgx-sample-app
COPY --from=builder /opt/intel/sgxsdk/SampleCode/SampleEnclave/enclave.signed.so /opt/intel/sgx-sample-app/enclave.signed.so
COPY --from=builder /opt/intel/SGXDataCenterAttestationPrimitives/SampleCode/QuoteGenerationSample/app /opt/intel/sgx-quote-generation/sgx-quote-generation
COPY --from=builder /opt/intel/SGXDataCenterAttestationPrimitives/SampleCode/QuoteGenerationSample/enclave.signed.so /opt/intel/sgx-quote-generation/enclave.signed.so
ENTRYPOINT /opt/intel/sgx-sample-app/sgx-sample-app