CCF Development Setup#

Environment Setup#

First, on your development VM, checkout the CCF repository or install the latest CCF release.

Then, to quickly set up the dependencies necessary to build CCF itself and CCF applications, simply run:

$ cd <ccf_path>/getting_started/setup_vm
$ ./run.sh ccf-dev.yml --extra-vars "platform=sgx"

$ cd <ccf_path>/getting_started/setup_vm
$ ./run.sh ccf-dev.yml --extra-vars "platform=snp clang_version=15"

Warning

The virtual version of CCF can also be run on hardware that does not support SGX/SNP. Virtual mode does not provide any security guarantees and should be used for development purposes only.

$ cd <ccf_path>/getting_started/setup_vm
$ ./run.sh ccf-dev.yml --extra-vars "platform=virtual clang_version=15"

Once this is complete, you can proceed to Build and Sign CCF Applications.

Build Container#

The quickest way to get started building CCF applications is to use the CCF build container. It contains all the dependencies needed to build and test CCF itself as well as CCF applications.

$ export VERSION="4.0.0"
$ export PLATFORM="sgx" # One of sgx, snp or virtual
$ docker pull mcr.microsoft.com/ccf/app/dev:$VERSION-$PLATFORM

The container contains the latest release of CCF along with a complete build toolchain, and startup scripts.

If your hardware does support SGX, and has the appropriate driver installed and loaded, then you will only need to expose the device to the container by passing --device /dev/sgx_enclave:/dev/sgx_enclave --device /dev/sgx_provision:/dev/sgx_provision -v /dev/sgx:/dev/sgx when you start it. It can be run on hardware that does not support SGX, in which case you will want to use the virtual binaries, or build in virtual mode.

Note

  • When running the build container on SGX-enabled hardware, pass the --device /dev/sgx_enclave:/dev/sgx_enclave --device /dev/sgx_provision:/dev/sgx_provision -v /dev/sgx:/dev/sgx options to use SGX in the container.

  • virtual mode provides no security guarantee. It is only useful for development and prototyping.

Visual Studio Code Setup#

If you use Visual Studio Code you can install the Remote Container extension and use the sample devcontainer.json config. More details on that process.