-
Notifications
You must be signed in to change notification settings - Fork 180
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Docs] Add Scaffolding for Gramine to documentation
Signed-off-by: Mariusz Zaborski <oshogbo@invisiblethingslab.com>
- Loading branch information
Showing
2 changed files
with
42 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
Scaffolding for Gramine | ||
======================= | ||
|
||
The Scaffolding for Gramine (SCAG) tool transforms your application | ||
into a graminized Docker image, encapsulating both your application and | ||
the Gramine Library OS. The primary objective of the Scaffolding project | ||
is to simplify the process of safeguarding applications against malicious | ||
hosts. | ||
|
||
Setting itself apart from alternative solutions (like GSC), SCAG doesn't | ||
transform a Docker image, instead it generates a whole Docker image from | ||
the given projects. During the build process the required Dockerfile, | ||
manifest file, and other required configuration files are generated | ||
automatically for the user. A list of currently supported frameworks | ||
can be found in | ||
`documentation <https://gramine-scaffolding.readthedocs.io/en/latest/manpages/scag-setup.html#cmdoption-scag-setup-framework>`__ | ||
. | ||
|
||
To speed up the process, SCAG offers a single command - ``scag-quickstart``. | ||
This tool also guides user interactively through the entire process of | ||
"graminizing" the application, from setting up the project to building it, | ||
and finally running it. For more advanced usage of SCAG, users are encouraged | ||
to refer to the documentation. | ||
|
||
SCAG wraps the application with additional security measures, such as adding | ||
SSL/TLS to plaintext-networking apps. All web-based frameworks, such as | ||
Express.js and Flask, are preconfigured to operate behind | ||
a web server (Nginx), with SSL/TLS and the RA-TLS extension. | ||
|
||
Note that the SCAG tool is standalone and not part of core Gramine, and is | ||
hosted here: | ||
|
||
- https://github.com/intel/ScaffoldingForGramine -- GitHub repository, | ||
- https://gramine-scaffolding.readthedocs.io/en/latest/ -- documentation. |