Update rustc and docker #970
Conversation
Codecov Report
@@ Coverage Diff @@
## master #970 +/- ##
=======================================
Coverage 63.55% 63.55%
=======================================
Files 38 38
Lines 2445 2445
=======================================
Hits 1554 1554
Misses 709 709
Partials 182 182Continue to review full report at Codecov.
|
|
are you serious?
|
.circleci/config.yml
Outdated
| @@ -1,6 +1,6 @@ | |||
| defaults: &defaults | |||
| docker: | |||
| - image: ekiden/testing:0.2.0 | |||
| - image: nhdh/testing:0.2.0 | |||
There was a problem hiding this comment.
note: assumption is that this will change back once validated / before merged
docker/Makefile
Outdated
| @@ -0,0 +1,14 @@ | |||
| .PHONY: development | |||
There was a problem hiding this comment.
Rather than allocating an ssh private key / github account provisioned for the dev docker file so that it can get the private fork of sgx, might be easier to hardcode a read-only github deploy key to the image - the expectation being that if you have access to this repo / image source, you also can get access to that repo.
|
Requesting a deploy-key based pull of the docker image, rather than the current Otherwise looks good |
nhynes
force-pushed
the
update-rust
branch
2 times, most recently
from
91fd955 to
04c4534
Compare
| ./linux/installer/bin/sgx_linux_x64_sdk_*.bin --prefix /opt && \ | ||
| echo "source /opt/sgxsdk/environment" >> /root/.bashrc | ||
| COPY --from=intermediate /opt/sgxsdk /opt/sgxsdk | ||
| RUN echo "source /opt/sgxsdk/environment" >> /root/.bashrc | ||
|
|
||
| # install rust (versions based on those found successful in https://github.com/oasislabs/rust-sgx-sdk/blob/v1.0.1-ekiden1/dockerfile/Dockerfile) |
There was a problem hiding this comment.
should this refer to -ekiden2?
There was a problem hiding this comment.
this comment shouldn't even exist. it implies that the working version is unpredictable, which it's not
| all: $(IMAGES) | ||
|
|
||
| development: development/Dockerfile | ||
| docker build $@ -t $(IMG_ORG)/$@:$(IMG_VER) -f $< |
There was a problem hiding this comment.
shouldn't need -f when the Dockerfile has the default name
weird, the manpages for docker-build suggests that it shouldn't even be -f deployment/Dockerfile
-f, --file=PATH/Dockerfile
Path to the Dockerfile to use. If the path is a relative path and you are
building from a local directory, then the path must be relative to that
directory. If you are building from a remote URL pointing to either a
tarball or a Git repository, then the path must be relative to the root of
the remote context. In all cases, the file must be within the build context.
The default is Dockerfile.
(bold added)
| libssl-dev libcurl4-openssl-dev | ||
|
|
||
| RUN mkdir /root/.ssh/ | ||
| COPY deploy_key /root/.ssh/id_rsa |
There was a problem hiding this comment.
cc @ryscheng
will we have to deauthorize this key before we make this repo public?
| @@ -0,0 +1,51 @@ | |||
| -----BEGIN RSA PRIVATE KEY----- | |||
| MIIJKgIBAAKCAgEArF5Jh+XO+tQq79+t4GyVkO+ka7BZV0RbF03HQ6R6Tm+dPlOW | |||
There was a problem hiding this comment.
it's a github deploy key for the oasislabs/intel-sgx repo
| RUN mkdir /root/.ssh/ | ||
| COPY deploy_key /root/.ssh/id_rsa | ||
| RUN chmod 600 /root/.ssh/id_rsa && \ | ||
| ssh-keyscan github.com >> /root/.ssh/known_hosts && \ |
There was a problem hiding this comment.
does this reduce the authenticity? is there a precedent for doing this?
There was a problem hiding this comment.
Vishwa used this pattern in the pwasm-microservice
No description provided.