Setup

Environment

Ubuntu 20.04 with Linux Kernel ≥ 5.11
CPU: Intel Xeon E-2288G
Docker (>= 20.10.21) & Docker-Compose

Prepare SSH Keys

To access a private GitHub repository in Dockerfile, you need to configure your SSH keys:

# do not enter passphrase
ssh-keygen -t ed25519 -C "your_email@example.com"
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
cp ~/.ssh/id_ed25519 .

Then, you need to add the content in ~/.ssh/id_ed25519.pub to GitHub SSH keys by clicking the New SSH keys button.

Prepare Cert Files

To establish a TLS connection, we need a CA and a client cert for mutual authentication. We store them in the cert directory:

Generate cert/ca.key:

Generate cert/ca.crt:

Generate client private key:

 openssl ecparam -genkey -name prime256v1 -out cert/client.key

Export keys to pkcs8 in unencrypted format:

openssl pkcs8 -topk8 -nocrypt -in cert/client.key -out cert/client.pkcs8

Generate client CSR:

openssl req -new -SHA256 -key cert/client.key -nodes -out cert/client.csr

Generate client cert:

openssl x509 -req -extfile <(printf "subjectAltName=DNS:localhost,DNS:www.example.com") -days 3650 -in cert/client.csr -CA cert/ca.crt -CAkey cert/ca.key -CAcreateserial -out cert/client.crt

Pull Docker Images

Follow this document to authenticate to GCP Artifact Registry.

asia-northeast1-docker.pkg.dev/clique-demo/clique-sibyl-base/clique-sibyl-base:2.2.2
asia-northeast1-docker.pkg.dev/clique-demo/clique-sibyl-base/clique-sibyl-mtls-base:2.2.2
asia-northeast1-docker.pkg.dev/clique-demo/clique-sibyl-base/clique-sibyl-dcsv2-base:2.2.2
asia-northeast1-docker.pkg.dev/clique-demo/clique-sibyl-base/clique-sibyl-dcsv2-mtls-base:2.2.2

PreviousIntegration Example: Clique Sibyl SDK (proving off-chain data with TEE)NextBuild a Data Connector

Last updated 5 months ago