usage of directories or not yet existing files in gramine manifest

[elnath]

Hello I would like to ask about following use case which could be used with version 1.8, but cannot be used with version 1.9

We would like to create an gsc image, sign it and use it in sgx environment. There are some files that are not present in the image, and we would like to provide them during a startup of a container (pod in kubernetes). E.g:

sgx.allowed_files = [
   "file:/app/config/pkcs11/"
]

configuration for pkcs11 will be provided during startup of a container as it differs from places where the image is deployed as

apiVersion: apps/v1
kind: Deployment
metadata:
...
          volumeMounts:
            - name: volume_name
              mountPath: "/app/config/pkcs11"
              readOnly: true

According to gramine documentation we should be able to use folders in sgx.allowed_files as well.

As I pointed in another issue we are getting an error during a build of gsc-...-unsigned image as the expand_trusted_files method in finalize_manifest.py is not counting with folders and missing files. Is there some misunderstanding from our side as the hash is now(version 1.9) computed for both sgx.trusted_files and sgx.allowed_files (and sgx.protected_files) when the documentation is stating, hash should be computed for sgx.trusted_files?

Please can you provide a hint how can we use gsc as described (usage of a files/folders that do not exist yet)? Or can you confirm, that the use described case cannot be used with gsc at all? Or do you plan to support such cases in future?

Thank you