From 1143bb6f78775f66de504ffdd4c21e34c7041443 Mon Sep 17 00:00:00 2001
From: Davis Benny <davis.benny@intel.com>
Date: Tue, 5 Nov 2024 21:37:31 +0530
Subject: [PATCH] Adding gramine-manifest-check before signing container

  Adding gramine-manifest-check before signing container.

Signed-off-by: Davis Benny <davis.benny@intel.com>
---
 templates/Dockerfile.common.sign.template | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/Dockerfile.common.sign.template b/templates/Dockerfile.common.sign.template
index ad2a1ce9..8d6b4047 100644
--- a/templates/Dockerfile.common.sign.template
+++ b/templates/Dockerfile.common.sign.template
@@ -10,6 +10,8 @@ COPY gsc-signer-key.pem /gramine/app_files/gsc-signer-key.pem
 
 ARG passphrase
 
+RUN {% block path %}{% endblock %} gramine-manifest-check /gramine/app_files/entrypoint.manifest
+
 RUN {% block path %}{% endblock %} gramine-sgx-sign \
       --key /gramine/app_files/gsc-signer-key.pem \
       --manifest /gramine/app_files/entrypoint.manifest \