-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
50 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
# EGo | ||
|
||
<img src="src/logo.svg" alt="EGo logo" width="40%"/> | ||
|
||
[![GitHub Actions Status][github-actions-badge]][github-actions] | ||
|
@@ -13,6 +14,7 @@ | |
* `ego`, a CLI tool that handles all enclave-related tasks such as signing and enclave creation. | ||
|
||
Building and running a confidential Go app is as easy as: | ||
|
||
```sh | ||
ego-go build hello.go | ||
ego sign hello | ||
|
@@ -22,26 +24,35 @@ ego run hello | |
## Install | ||
|
||
### Install the snap | ||
|
||
The easiest way to install EGo is via the snap: | ||
|
||
```sh | ||
sudo snap install ego-dev --classic | ||
``` | ||
|
||
You also need `gcc` and `libcrypto`. On Ubuntu install them with: | ||
|
||
```sh | ||
sudo apt install build-essential libssl-dev | ||
``` | ||
|
||
### Install the DEB package | ||
If you're on Ubuntu 18.04 or above, you can install the DEB package: | ||
|
||
If you're on Ubuntu 20.04 or 22.04, you can install the DEB package: | ||
|
||
```bash | ||
wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add | ||
sudo add-apt-repository "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu `lsb_release -cs` main" | ||
wget https://github.com/edgelesssys/ego/releases/download/v1.3.0/ego_1.3.0_amd64.deb | ||
sudo apt install ./ego_1.3.0_amd64.deb build-essential libssl-dev | ||
sudo mkdir -p /etc/apt/keyrings | ||
wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo tee /etc/apt/keyrings/intel-sgx-keyring.asc > /dev/null | ||
echo "deb [signed-by=/etc/apt/keyrings/intel-sgx-keyring.asc arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/intel-sgx.list | ||
sudo apt update | ||
EGO_DEB=ego_1.4.0_amd64_ubuntu-$(lsb_release -rs).deb | ||
wget https://github.com/edgelesssys/ego/releases/download/v1.4.0/$EGO_DEB | ||
sudo apt install ./$EGO_DEB build-essential libssl-dev | ||
``` | ||
|
||
### Build from source | ||
|
||
*Prerequisite*: [Edgeless RT](https://github.com/edgelesssys/edgelessrt) is installed and sourced. | ||
|
||
```sh | ||
|
@@ -53,26 +64,35 @@ make install | |
``` | ||
|
||
### Build via Docker | ||
|
||
You can reproducibly build the latest release: | ||
|
||
```sh | ||
cd dockerfiles | ||
DOCKER_BUILDKIT=1 docker build -o. - < Dockerfile.build | ||
DOCKER_BUILDKIT=1 docker build --target export -o. - < Dockerfile | ||
``` | ||
|
||
Or build the latest master: | ||
|
||
```sh | ||
cd dockerfiles | ||
DOCKER_BUILDKIT=1 docker build --build-arg egotag=master --build-arg erttag=master -o. - < Dockerfile.build | ||
DOCKER_BUILDKIT=1 docker build --target export --build-arg egotag=master --build-arg erttag=master -o. - < Dockerfile | ||
``` | ||
This outputs the DEB package. | ||
|
||
This outputs the DEB package for Ubuntu 22.04. | ||
For Ubuntu 20.04, replace `Dockerfile` with `Dockerfile.focal` in the above commands. | ||
|
||
Optionally build the `ego-dev` and `ego-deploy` images: | ||
|
||
```sh | ||
docker build --target dev -t ghcr.io/edgelesssys/ego-dev -f Dockerfile.release . | ||
docker build --target deploy -t ghcr.io/edgelesssys/ego-deploy -f Dockerfile.release . | ||
DOCKER_BUILDKIT=1 docker build --target dev -t ghcr.io/edgelesssys/ego-dev - < Dockerfile | ||
DOCKER_BUILDKIT=1 docker build --target deploy -t ghcr.io/edgelesssys/ego-deploy - < Dockerfile | ||
``` | ||
|
||
## Getting started | ||
|
||
Now you're ready to build applications with EGo! To start, check out the following samples: | ||
|
||
* [helloworld](samples/helloworld) is a minimal example of an enclave application. | ||
* [remote_attestation](samples/remote_attestation) shows how to use the basic remote attestation API of EGo. | ||
* [attested_tls](samples/attested_tls) is similar to the above, but uses a higher level API to establish an attested TLS connection. | ||
|
@@ -84,6 +104,7 @@ Now you're ready to build applications with EGo! To start, check out the followi | |
* [azure_attestation](samples/azure_attestation) shows how to use Microsoft Azure Attestation for remote attestation. | ||
|
||
## Documentation | ||
|
||
* The [EGo documentation](https://docs.edgeless.systems/ego) covers building, signing, running, and debugging confidential apps. | ||
* The [EGo API](https://pkg.go.dev/github.com/edgelesssys/ego) provides access to *remote attestation* and *sealing* to your confidential app at runtime. | ||
|
||
|
@@ -99,8 +120,7 @@ Now you're ready to build applications with EGo! To start, check out the followi | |
* Read [`CONTRIBUTING.md`](CONTRIBUTING.md) for information on issue reporting, code guidelines, and our PR process. | ||
* Pull requests are welcome! You need to agree to our [Contributor License Agreement](https://cla-assistant.io/edgelesssys/ego). | ||
* This project and everyone participating in it are governed by the [Code of Conduct](/CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code. | ||
* Please report any security issue via a [private GitHub vulnerability report](https://github.com/edgelesssys/ego/security/advisories/new) or write to [email protected]. | ||
|
||
* Please report any security issue via a [private GitHub vulnerability report](https://github.com/edgelesssys/ego/security/advisories/new) or write to <[email protected]>. | ||
|
||
<!-- refs --> | ||
[github-actions]: https://github.com/edgelesssys/ego/actions | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters