Skip to content

Commit cfc3aba

Browse files
iKapitonauiKapitonau
committed
Refactor images
1 parent 3e07422 commit cfc3aba

File tree

10 files changed

+25
-13
lines changed

10 files changed

+25
-13
lines changed

meta-secret-vm/recipes-core/attest-tool/attest-tool.bb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ SRC_URI = "file://${THISDIR}/files"
77
S = "${WORKDIR}/${THISDIR}/files"
88

99
DEPENDS += "intel-sgx-primitives"
10+
RDEPENDS:${PN} += "intel-sgx-primitives"
1011

1112
do_compile() {
1213
${CC} ${LDFLAGS} -O2 attest_tool.cpp -ltdx_attest -o attest-tool

meta-secret-vm/recipes-core/images/secret-vm-rootfs-common-dev.inc

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
ROOTFS_POSTPROCESS_COMMAND += "add_env;"
2+
3+
add_env() {
4+
echo "DEBUG=true" >> ${IMAGE_ROOTFS}/etc/environment
5+
}

meta-secret-vm/recipes-core/images/secret-vm-rootfs-prod.inc renamed to meta-secret-vm/recipes-core/images/secret-vm-rootfs-common-prod.inc

File renamed without changes.

meta-secret-vm/recipes-core/images/secret-vm-rootfs.inc renamed to meta-secret-vm/recipes-core/images/secret-vm-rootfs-common.inc

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,7 @@ IMAGE_INSTALL = "base-files \
88
systemd \
99
secret-vm-attest-rest-server \
1010
secret-vm-scripts \
11-
docker-compose \
12-
intel-sgx-primitives"
11+
docker-compose"
1312

1413
IMAGE_FSTYPES = "cpio"
1514

meta-secret-vm/recipes-core/images/secret-vm-rootfs-dev.bb

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
1-
include secret-vm-rootfs.inc
1+
include secret-vm-rootfs-common.inc
2+
include secret-vm-rootfs-common-dev.inc

meta-secret-vm/recipes-core/images/secret-vm-rootfs-gpu-dev.bb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
11
include secret-vm-rootfs-gpu.inc
2+
include secret-vm-rootfs-common-dev.inc

meta-secret-vm/recipes-core/images/secret-vm-rootfs-gpu-prod.bb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
include secret-vm-rootfs-gpu.inc
2-
include secret-vm-rootfs-prod.inc
2+
include secret-vm-rootfs-common-prod.inc

meta-secret-vm/recipes-core/images/secret-vm-rootfs-gpu.inc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
include secret-vm-rootfs.inc
1+
include secret-vm-rootfs-common.inc
22

33
IMAGE_INSTALL += "secret-vm-scripts-gpu \
44
acpid \

meta-secret-vm/recipes-core/images/secret-vm-rootfs-prod.bb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
1-
include secret-vm-rootfs.inc
2-
include secret-vm-rootfs-prod.inc
1+
include secret-vm-rootfs-common.inc
2+
include secret-vm-rootfs-common-prod.inc

meta-secret-vm/recipes-core/secret-vm-scripts/files/scripts/secret-vm-generate-cert.sh

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030
#
3131
# Outputs:
3232
# - {dest_dir}/{prefix}_private.pem: Private key file in PEM format
33-
#p - {dest_dir}/{prefix}_cert.pem: Let's Encrypt signed X.509 certificate in PEM format
33+
# - {dest_dir}/{prefix}_cert.pem: Let's Encrypt signed X.509 certificate in PEM format
3434
# - {dest_dir}/{prefix}_public.pem: Public key extracted from the certificate in PEM format
3535
# - {dest_dir}/{prefix}_chain.pem: Certificate chain in PEM format
3636
#
@@ -41,10 +41,10 @@ generate_cert() {
4141
local email="${4:-secretvm@scrtlabs.com}" # Email for Let's Encrypt notifications
4242

4343
local certbot='docker run --rm
44-
-v /etc/letsencrypt:/etc/letsencrypt
45-
-v /var/lib/letsencrypt:/var/lib/letsencrypt
46-
-p 80:80
47-
certbot/certbot'
44+
-v /etc/letsencrypt:/etc/letsencrypt
45+
-v /var/lib/letsencrypt:/var/lib/letsencrypt
46+
-p 80:80
47+
certbot/certbot'
4848

4949
# Ensure certbot and openssl are installed
5050
#if ! command -v certbot &> /dev/null; then
@@ -77,9 +77,14 @@ generate_cert() {
7777

7878
echo "Requesting Let's Encrypt certificate for domain: ${domain}"
7979

80+
STAGING_FLAG=""
81+
if [ -n "$DEBUG" ]; then
82+
STAGING_FLAG="--staging"
83+
fi
84+
8085
# Request certificate using certbot in standalone mode
8186
if ! $certbot certonly --standalone \
82-
--staging \
87+
$STAGING_FLAG \
8388
--non-interactive \
8489
--agree-tos \
8590
--email "${email}" \

0 commit comments

Comments
 (0)