Gramine Shielded Containers¶
The Gramine Shielded Containers (GSC) tool transforms a base Docker image into a new, “graminized” image which includes the Gramine Library OS and the Gramine-specific app configuration. It uses Gramine to execute the application inside an Intel SGX enclave.
At first a base Docker image has to be graminized via the
gsc build command.
In a second step, the image must be signed via a
gsc sign-image command.
Subsequently, the image can be run using
Note that the GSC tool is split from core Gramine and is hosted here: