21. March 2023

[dimakuv]

Agenda

(please write your proposed agenda items in comments under this discussion)

• Dmitrii: moving to DockerHub's Docker-Sponsored Open Source (DSOS) Program
  • Our https://hub.docker.com/r/gramineproject/gramine is affected by sunsetting free access: https://web.docker.com/rs/790-SSB-375/images/privatereposfaq.pdf
  • Need to fill out the form: https://www.docker.com/community/open-source/application/
  • During meeting, should look at the form and agree how we fill it out
• Mona: GSC options
  • option for user provided manifest and not generating permissive manifest
  • GSC alternative for Docker containerization solution by starting with a base Docker Gramine image and adding user application and manual manifest creation

Dmitrii: moving to DockerHub's Docker-Sponsored Open Source (DSOS) Program

Woju: Docker retires its free tier of DockerHub. We are affected. We can either continue using DockerHub via their Open Source Initiative, or move to something else.

• Mariusz: we can move to GitHub; they have unlimited (?) amount of space for public open source projects, and 500MB for private ones. UPDATE: looks like this is wrong, the space is still limited to 500MB.
• Michal: there is no advantage to moving to GitHub (other than it's free).

[ filling out the form https://www.docker.com/community/open-source/application/ -- DONE. Now waiting for an email for Michal. ]

[ discussions of GitHub solution: https://github.com/features/packages ]

Mona: GSC options

Mona: people may want to bring GSC-generated images in production. The point is: one must carefully craft the Gramine binaries/dependencies in the final image, and also carefully craft the manifest file.

• Option one: user provided manifest and not generating permissive manifest. But if we would allow users to provide their own complete manifest file, then there is (almost) nothing for GSC left to be done -- such users should just ignore the GSC tool and create the Gramine-added Docker image themselves.

• Mona: do you think it's safe to put GSC-generated images in production?

  • Dmitrii: yes, if people know what they're doing, GSC images are fine.
  • Woju: GSC images are pretty large, with a large manifest, so it's suboptimal for sure. But GSC is not insecure by itself.

• Woju: if you want to educate people to "dockerize" applications in a crisp, secure and minimal way, we should write a tutorial.

• Mona: with GSC and even with core Gramine, we put too many unnecessary files into the manifest.

  • Woju: even our examples have too many files, like sgx.trusted_files = [ "file:/usr/" ]. This is the nature of writing examples that seamlessly work across different OS distros.
  • Anees: customers typically create very slick/tight Docker images, so the argument of "too many files" is not that strong.

• Michal: the two top priorities for Gramine are (1) to ensure that the app actually works, and works correctly, and (2) to make app interactions with the untrusted world secure. The "how many files are mentioned in the manifest" issue is not a priority.

• Woju: generally, this is a performance/storage optimization problem. We cannot offer a general solution because we don't know what/how we're optimizing.

[Vad1mo]

If, for some reason, the Docker-Sponsored Open-Source Program isn't working out, we are happy to help you out. We operate a Harbor-based container registry as a service that has many benefits over most of the other registries out there.

There are also features regarding containerized image distribution, that might be valuable too as well.

[monavij]

Discuss GSC option for user provided manifest and not generating permissive manifest
Discuss GSC alternative for Docker containerization solution by starting with a base Docker Gramine image and adding user application and manual manifest creation

[mkow]

Michal: there is no advantage to moving to GitHub (other than it's free).

What I meant here was that it's the same for us (no advantage, but no disadvantage also) and I think it was in the context of considering paying for DockerHub. I.e. I meant that why pay if free GitHub would work the same for us. No that GitHub option is somehow worse.

Michal: the two top priorities for Gramine are (1) to ensure that the app actually works, and works correctly, and (2) to make app interactions with the untrusted world secure. The "how many files are mentioned in the manifest" issue is not a priority.

That's not exactly what I meant :) I mean that these two are more important, and dropping some files from the trusted files list may break some apps, so maybe we shouldn't do it (because having things working correctly is more important than optimizing size of the resulting images).

[oshogbo]

Mariusz: we can move to GitHub; they have unlimited (?)

GitHub Packages usage is free for public packages. For private packages, each account on GitHub.com receives a certain amount of free storage and data transfer
Source