This is an automated email from the ASF dual-hosted git repository. shaojunwang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
commit 033f9b85bd8fc455e0a652c86088edbc56718f20 Author: jeffery.wsj <[email protected]> AuthorDate: Thu Aug 25 19:30:51 2022 +0800 [sdk] Update build and deploy in JavaEnclave Summary: Optimize building and deploying process in JavaEnclave. Test Plan: all tests pass Reviewers: lei.yul, cengfeng.lzy, sanhong.lsh Issue: https://aone.alibaba-inc.com/task/44433361 CR: https://code.aone.alibaba-inc.com/java-tee/JavaEnclave/codereview/9882860 --- benchmark/guomi/pom.xml | 2 +- build.sh | 35 ++--- samples/springboot/pom.xml | 2 +- test/pom.xml | 2 +- third-party-libs/bouncycastle-native/pom.xml | 2 +- tools/cicd/Dockerfile | 45 ------- tools/cicd/dockerfile_base | 45 +++++++ tools/cicd/dockerfile_release | 7 + tools/cicd/make.sh | 194 +++++++++++++++++++++++---- 9 files changed, 241 insertions(+), 93 deletions(-) diff --git a/benchmark/guomi/pom.xml b/benchmark/guomi/pom.xml index 08f51eb..3f4a9ec 100644 --- a/benchmark/guomi/pom.xml +++ b/benchmark/guomi/pom.xml @@ -49,7 +49,7 @@ <dependency> <groupId>com.alibaba.confidentialcomputing</groupId> <artifactId>bouncycastle-native</artifactId> - <version>1.0-SNAPSHOT</version> + <version>0.1.0</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> diff --git a/build.sh b/build.sh index e6338da..0333b68 100755 --- a/build.sh +++ b/build.sh @@ -1,29 +1,34 @@ #!/bin/bash +STAGE=$1 + # set sgx enclave remote attestation PCCS_URL. echo "PCCS_URL=${PCCS_URL}" > /etc/sgx_default_qcnl.conf echo "USE_SECURE_CERT=TRUE" >> /etc/sgx_default_qcnl.conf # parse shell file's path location. SHELL_FOLDER=$(cd "$(dirname "$0")";pwd) - cd "${SHELL_FOLDER}" -# fix occlum aesm service issue. -sed -i '128,129s/.*//g' /opt/occlum/build/bin/occlum - # workspace dir is the same as build.sh path location. WORKDIR="$PWD" SETTING="--settings /root/tools/settings.xml" -# Build JavaEnclave SDK -cd "${WORKDIR}"/sdk && mvn $SETTING clean install -# Install JavaEnclave SDK -rm -rf /opt/javaenclave && mkdir -p /opt/javaenclave && cp -r ${SHELL_FOLDER}/sdk/native/bin /opt/javaenclave \ -&& cp -r ${SHELL_FOLDER}/sdk/native/config /opt/javaenclave && cp -r ${SHELL_FOLDER}/sdk/native/script/build_app /opt/javaenclave -# Install JavaEnclave archetype -cd "${WORKDIR}"/archetype && mvn $SETTING clean install -# Install BouncyCastle Native Package -cd "${WORKDIR}"/third-party-libs/bouncycastle-native && mvn $SETTING clean install -# Test unit test cases in JavaEnclave -cd "${WORKDIR}"/test && OCCLUM_RELEASE_ENCLAVE=true mvn $SETTING -Pnative clean package +if [ ! "$STAGE" -o "build" = "$STAGE" ]; then + pushd "${WORKDIR}"/sdk && mvn ${SETTING} clean install && popd + # Install BouncyCastle Native Package + pushd "${WORKDIR}"/third-party-libs/bouncycastle-native && mvn $SETTING clean install && popd + # Install JavaEnclave archetype + pushd "${WORKDIR}"/archetype && mvn $SETTING clean install && popd +elif [ ! "$STAGE" -o "test" = "$STAGE" ]; then + # Test unit test cases in JavaEnclave + pushd "${WORKDIR}"/test && OCCLUM_RELEASE_ENCLAVE=true mvn $SETTING -Pnative clean package && popd +elif [ ! "$STAGE" -o "samples" = "$STAGE" ]; then + # samples in JavaEnclave + pushd "${WORKDIR}"/samples/helloworld && ./run.sh && popd + pushd "${WORKDIR}"/samples/springboot && ./run.sh && popd +elif [ ! "$STAGE" -o "benchmark" = "$STAGE" ]; then + # benchmark in JavaEnclave + pushd "${WORKDIR}"/benchmark/guomi && ./run.sh && popd + pushd "${WORKDIR}"/benchmark/string && ./run.sh && popd +fi diff --git a/samples/springboot/pom.xml b/samples/springboot/pom.xml index 7ed2109..279cf5f 100644 --- a/samples/springboot/pom.xml +++ b/samples/springboot/pom.xml @@ -54,7 +54,7 @@ <dependency> <groupId>com.alibaba.confidentialcomputing</groupId> <artifactId>bouncycastle-native</artifactId> - <version>1.0-SNAPSHOT</version> + <version>0.1.0</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> diff --git a/test/pom.xml b/test/pom.xml index a5e79dd..1556912 100644 --- a/test/pom.xml +++ b/test/pom.xml @@ -50,7 +50,7 @@ <dependency> <groupId>com.alibaba.confidentialcomputing</groupId> <artifactId>bouncycastle-native</artifactId> - <version>1.0-SNAPSHOT</version> + <version>0.1.0</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> diff --git a/third-party-libs/bouncycastle-native/pom.xml b/third-party-libs/bouncycastle-native/pom.xml index c21c2ec..bf07950 100644 --- a/third-party-libs/bouncycastle-native/pom.xml +++ b/third-party-libs/bouncycastle-native/pom.xml @@ -5,7 +5,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>com.alibaba.confidentialcomputing</groupId> <artifactId>bouncycastle-native</artifactId> - <version>1.0-SNAPSHOT</version> + <version>0.1.0</version> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <graal.version>22.2.0</graal.version> diff --git a/tools/cicd/Dockerfile b/tools/cicd/Dockerfile deleted file mode 100644 index cdac972..0000000 --- a/tools/cicd/Dockerfile +++ /dev/null @@ -1,45 +0,0 @@ -FROM ubuntu:18.04 - -LABEL maintainer="Junshao Wang <[email protected]>" - -ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 -ENV DEBIAN_FRONTEND noninteractive - -ADD ["graalvm-ce-java11-22.2.0.tar", "/root/tools/"] -ADD ["zlib-1.2.11.tar.gz", "/root/tools/"] -ADD ["settings.xml", "/root/tools/"] -ADD ["zlib-1.2.11.tar.gz", "/root/tools/"] -ADD ["Alibaba_Dragonwell_11.0.15.11.9_x64_alpine-linux.tar.gz", "/root/tools"] -ADD ["sgx_linux_x64_sdk_2.17.100.1.bin", "/root/tools/"] -ENV GRAALVM_HOME "/root/tools/graalvm-ce-java11-22.2.0" -ENV JAVA_HOME "/root/tools/graalvm-ce-java11-22.2.0" -ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH" -ENV CC=/usr/local/occlum/bin/occlum-gcc - -ARG PSW_VERSION=2.17.100.3 -ARG DCAP_VERSION=1.14.100.3 - -# install necessary tools. -RUN apt-get update && apt-get install -y gdb gnupg wget aptitude libfuse-dev libtool tzdata jq && \ - echo -e 'yes\n' | apt-get install -y maven && \ - echo -e 'yes\n' | apt-get install -y build-essential libz-dev zlib1g-dev && \ - echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' > /etc/apt/sources.list.d/intel-sgx.list && \ - wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - && \ - echo 'deb [arch=amd64] https://occlum.io/occlum-package-repos/debian bionic main' | tee /etc/apt/sources.list.d/occlum.list && \ - wget -qO - https://occlum.io/occlum-package-repos/debian/public.key | apt-key add - && \ - apt-get update && aptitude install -y \ - occlum \ - libsgx-launch-dev=$PSW_VERSION-bionic1 \ - libsgx-urts=$PSW_VERSION-bionic1 \ - libsgx-urts-dbgsym=$PSW_VERSION-bionic1 \ - libsgx-uae-service=$PSW_VERSION-bionic1 \ - libsgx-dcap-quote-verify-dev=$DCAP_VERSION-bionic1 \ - libsgx-dcap-ql-dev=$DCAP_VERSION-bionic1 \ - libsgx-dcap-default-qpl=$DCAP_VERSION-bionic1 && \ - echo -e 'yes\n' | apt-get install -y maven && \ - echo -e 'yes\n' | apt-get install -y build-essential libz-dev zlib1g-dev && \ - cd /root/tools/zlib-1.2.11 && ./configure --prefix=/opt/occlum/toolchains/gcc/x86_64-linux-musl && make && make install && \ - cd /root/tools && chmod 777 sgx_linux_x64_sdk_2.17.100.1.bin && echo -e 'no\n/opt/teesdk\n' | ./sgx_linux_x64_sdk_2.17.100.1.bin - -# copy dcap_occlum lib from occlum docker image. -COPY --from=occlum/occlum:0.26.4-ubuntu18.04 /opt/occlum/toolchains/dcap_lib /opt/occlum/toolchains/dcap_lib diff --git a/tools/cicd/dockerfile_base b/tools/cicd/dockerfile_base new file mode 100644 index 0000000..22e9f86 --- /dev/null +++ b/tools/cicd/dockerfile_base @@ -0,0 +1,45 @@ +FROM ubuntu:18.04 as javaenclave_base + +LABEL maintainer="Junshao Wang <[email protected]>" + +ENV GRAALVM_HOME="/root/tools/graalvm-ce-java11-22.2.0" +ENV JAVA_HOME="/root/tools/graalvm-ce-java11-22.2.0" +ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH" +ENV CC=/usr/local/occlum/bin/occlum-gcc + +ARG PSW_VERSION=2.17.100.3 +ARG DCAP_VERSION=1.14.100.3 + +ADD ["tmpDownloadDir/graalvm-ce-java11-22.2.0.tar", "/root/tools/"] +ADD ["tmpDownloadDir/zlib-1.2.11.tar.gz", "/root/tools/"] +ADD ["tmpDownloadDir/settings.xml", "/root/tools/"] +ADD ["tmpDownloadDir/Alibaba_Dragonwell_11.0.15.11.9_x64_alpine-linux.tar.gz", "/root/tools"] +ADD ["tmpDownloadDir/sgx_linux_x64_sdk_2.17.100.1.bin", "/root/tools/"] + +# install necessary tools. +RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y gdb gnupg wget aptitude libfuse-dev libtool tzdata jq && \ + echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y maven && \ + echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential libz-dev zlib1g-dev && \ + echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' > /etc/apt/sources.list.d/intel-sgx.list && \ + wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - && \ + echo 'deb [arch=amd64] https://occlum.io/occlum-package-repos/debian bionic main' | tee /etc/apt/sources.list.d/occlum.list && \ + wget -qO - https://occlum.io/occlum-package-repos/debian/public.key | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - && \ + apt-get update && aptitude install -y \ + occlum \ + libsgx-launch-dev=${PSW_VERSION}-bionic1 \ + libsgx-urts=${PSW_VERSION}-bionic1 \ + libsgx-urts-dbgsym=${PSW_VERSION}-bionic1 \ + libsgx-uae-service=${PSW_VERSION}-bionic1 \ + libsgx-dcap-quote-verify-dev=${DCAP_VERSION}-bionic1 \ + libsgx-dcap-ql-dev=${DCAP_VERSION}-bionic1 \ + libsgx-dcap-default-qpl=${DCAP_VERSION}-bionic1 && \ + echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y maven && \ + echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential libz-dev zlib1g-dev && \ + cd /root/tools/zlib-1.2.11 && ./configure --prefix=/opt/occlum/toolchains/gcc/x86_64-linux-musl && make && make install && \ + cd /root/tools && chmod 777 sgx_linux_x64_sdk_2.17.100.1.bin && echo -e 'no\n/opt/teesdk\n' | ./sgx_linux_x64_sdk_2.17.100.1.bin + +# copy dcap_occlum lib from occlum docker image. +COPY --from=occlum/occlum:0.26.4-ubuntu18.04 /opt/occlum/toolchains/dcap_lib /opt/occlum/toolchains/dcap_lib + +# fix occlum aesm service issue. +RUN sed -i '/"Error: AESM service is not started yet. Need to start it first"/{N;s/.*//}' /opt/occlum/build/bin/occlum \ No newline at end of file diff --git a/tools/cicd/dockerfile_release b/tools/cicd/dockerfile_release new file mode 100644 index 0000000..ab6d421 --- /dev/null +++ b/tools/cicd/dockerfile_release @@ -0,0 +1,7 @@ +FROM javaenclave_base:v0.1.0 as javaenclave_release + +LABEL maintainer="Junshao Wang <[email protected]>" + +# Install JavaEnclave SDK +WORKDIR /opt +ADD ["javaenclave.tar.gz", "."] diff --git a/tools/cicd/make.sh b/tools/cicd/make.sh index c05d6f3..321a701 100755 --- a/tools/cicd/make.sh +++ b/tools/cicd/make.sh @@ -1,53 +1,189 @@ #!/bin/bash -MODE=$1 +STAGE=$1 -BUILD_IMAGE=javaenclave_build -BUILD_TAG=v0.1.12 +BASE_IMAGE=javaenclave_base +BASE_TAG=v0.1.0 -SHELL_FOLDER=$(cd "$(dirname "$0")";pwd) +RELEASE_IMAGE=javaenclave_release +RELEASE_TAG=v0.1.0 +SHELL_FOLDER=$(cd "$(dirname "$0")";pwd) cd "${SHELL_FOLDER}" WORKDIR=$(dirname $(dirname "$PWD")) - -# check target images exist or not, build it if not. -if [[ "$(docker images -q ${BUILD_IMAGE}:${BUILD_TAG} 2> /dev/null)" == "" ]]; then - # We have built and packaged GraalVM 22.2.0 from source code and then uploaded to OSS, the official release of GraalVM CE required to manually install native-image component. - wget http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/JDK11-22.2.0/graalvm-ce-java11-22.2.0.tar - wget http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/zlib-1.2.11.tar.gz - wget http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/settings_taobao.xml -O settings.xml - wget https://dragonwell.oss-cn-shanghai.aliyuncs.com/11/tee_java/dependency/sgx_linux_x64_sdk_2.17.100.1.bin - wget https://dragonwell.oss-cn-shanghai.aliyuncs.com/11.0.15.11.9/Alibaba_Dragonwell_11.0.15.11.9_x64_alpine-linux.tar.gz - docker build -t ${BUILD_IMAGE}:${BUILD_TAG} . - rm -f graalvm-ce-java11-22.2.0.tar - rm -f settings.xml - rm -f zlib-1.2.11.tar.gz - rm -f sgx_linux_x64_sdk_2.17.100.1.bin - rm -f Alibaba_Dragonwell_11.0.15.11.9_x64_alpine-linux.tar.gz -fi - # Set PCCS for DCAP Remote Attestation. PCCS_URL='https://sgx-dcap-server.cn-beijing.aliyuncs.com/sgx/certification/v3/' -if [ ! "$MODE" -o "build" = "$MODE" ]; then - echo "enter build mode" - # test JavaEnclave's unit test cases and samples +function build_base_image() { + # check base image exist or not, build it if not. + if [[ "$(docker images -q ${BASE_IMAGE}:${BASE_TAG} 2> /dev/null)" == "" ]]; then + echo "build base image" + # We have built and packaged GraalVM 22.2.0 from source code and then uploaded to OSS, the official release of GraalVM CE required to manually install native-image component. + wget -P tmpDownloadDir http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/JDK11-22.2.0/graalvm-ce-java11-22.2.0.tar + wget -P tmpDownloadDir http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/zlib-1.2.11.tar.gz + wget -P tmpDownloadDir https://dragonwell.oss-cn-shanghai.aliyuncs.com/11/tee_java/dependency/sgx_linux_x64_sdk_2.17.100.1.bin + wget -P tmpDownloadDir https://dragonwell.oss-cn-shanghai.aliyuncs.com/11.0.15.11.9/Alibaba_Dragonwell_11.0.15.11.9_x64_alpine-linux.tar.gz + wget http://graal.oss-cn-beijing.aliyuncs.com/graal-enclave/settings_taobao.xml -O tmpDownloadDir/settings.xml + # Build JavaEnclave Base Image. + docker build -t ${BASE_IMAGE}:${BASE_TAG} -f dockerfile_base . + rm -rf tmpDownloadDir + fi +} + +function build_javaenclave() { + echo "build javaenclave" + build_base_image + docker run -i --rm --privileged --network host \ + -w "${WORKDIR}" \ + -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ + -v /dev/sgx_enclave:/dev/sgx/enclave \ + -v /dev/sgx_provision:/dev/sgx/provision \ + ${BASE_IMAGE}:${BASE_TAG} /bin/bash build.sh ${STAGE} +} + +function build_release_image() { + # check release image exist or not, build it if not. + if [[ "$(docker images -q ${RELEASE_IMAGE}:${RELEASE_TAG} 2> /dev/null)" == "" ]]; then + echo "build release image" + build_javaenclave + tar zcvf javaenclave.tar.gz -C ${WORKDIR}/release/opt javaenclave + docker build -t ${RELEASE_IMAGE}:${RELEASE_TAG} -f dockerfile_release . + rm -rf javaenclave.tar.gz + fi +} + +function test_javaenclave() { + echo "test javaenclave" + build_release_image + # test JavaEnclave's unit test cases + docker run -i --rm --privileged --network host \ + -w "${WORKDIR}" \ + -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ + -e PCCS_URL=${PCCS_URL} \ + -v /dev/sgx_enclave:/dev/sgx/enclave \ + -v /dev/sgx_provision:/dev/sgx/provision \ + ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh ${STAGE} +} + +function samples_javaenclave() { + echo "samples javaenclave" + build_release_image + # samples JavaEnclave's samples + docker run -i --rm --privileged --network host \ + -w "${WORKDIR}" \ + -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ + -e PCCS_URL=${PCCS_URL} \ + -v /dev/sgx_enclave:/dev/sgx/enclave \ + -v /dev/sgx_provision:/dev/sgx/provision \ + ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh ${STAGE} +} + +function benchmark_javaenclave() { + echo "benchmark javaenclave" + build_release_image + # benchmark JavaEnclave docker run -i --rm --privileged --network host \ -w "${WORKDIR}" \ -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ -e PCCS_URL=${PCCS_URL} \ -v /dev/sgx_enclave:/dev/sgx/enclave \ -v /dev/sgx_provision:/dev/sgx/provision \ - ${BUILD_IMAGE}:${BUILD_TAG} /bin/bash build.sh -elif [ "develop" = "$MODE" ]; then - echo "enter develop mode" - # /bin/bash build.sh and then develop your project. + ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh ${STAGE} +} + +function collect_javaenclave_release() { + echo "collect javaenclave release" + mkdir -p ${WORKDIR}/release/opt/javaenclave + cp -r ${WORKDIR}/sdk/native/bin ${WORKDIR}/release/opt/javaenclave + cp -r ${WORKDIR}/sdk/native/config ${WORKDIR}/release/opt/javaenclave + cp -r ${WORKDIR}/sdk/native/script/build_app ${WORKDIR}/release/opt/javaenclave + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/sdk + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/sdk/host + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/sdk/enclave + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/sdk/common + cp -r ${WORKDIR}/sdk/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/sdk + cp -r ${WORKDIR}/sdk/host/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/sdk/host + cp -r ${WORKDIR}/sdk/host/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/sdk/host + cp -r ${WORKDIR}/sdk/enclave/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/sdk/enclave + cp -r ${WORKDIR}/sdk/enclave/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/sdk/enclave + cp -r ${WORKDIR}/sdk/common/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/sdk/common + cp -r ${WORKDIR}/sdk/common/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/sdk/common + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/archetype + cp -r ${WORKDIR}/archetype/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/archetype + cp -r ${WORKDIR}/archetype/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/archetype + mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native + cp -r ${WORKDIR}/third-party-libs/bouncycastle-native/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native + cp -r ${WORKDIR}/third-party-libs/bouncycastle-native/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native + build_release_image +} + +function develop_javaenclave() { + echo "develop javaenclave" + build_base_image docker run -it --rm --privileged --network host \ -w "${WORKDIR}" \ -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ -e PCCS_URL=${PCCS_URL} \ -v /dev/sgx_enclave:/dev/sgx/enclave \ -v /dev/sgx_provision:/dev/sgx/provision \ - ${BUILD_IMAGE}:${BUILD_TAG} /bin/bash + ${BASE_IMAGE}:${BASE_TAG} /bin/bash +} + +function develop_application() { + echo "develop application based on JavaEnclave" + build_release_image + docker run -it --rm --privileged --network host \ + -w "${WORKDIR}" \ + -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \ + -e PCCS_URL=${PCCS_URL} \ + -v /dev/sgx_enclave:/dev/sgx/enclave \ + -v /dev/sgx_provision:/dev/sgx/provision \ + ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash +} + +function clean_javaenclave() { + echo "clean javaenclave" + pushd ${WORKDIR} + # remove all files generated in building and developing. + # remove all target dir. + find -name target | xargs rm -rf + # remove all .o and .so files + find -name *.o | xargs rm -rf && find -name *.so | xargs rm -rf + # remove release dir. + rm -rf ${WORKDIR}/release + popd +} + +if [ ! "$STAGE" ]; then + # docker build javaenclave base image. + # build JavaEnclave in javaenclave base image docker. + # test JavaEnclave unit test case in javaenclave release image docker. + build_javaenclave + collect_javaenclave_release + test_javaenclave +elif [ "build" = "$STAGE" ]; then + # docker build javaenclave base image. + build_javaenclave +elif [ "release" = "$STAGE" ]; then + # docker build javaenclave release image. + collect_javaenclave_release +elif [ "test" = "$STAGE" ]; then + # test JavaEnclave unit test case in javaenclave release image docker. + test_javaenclave +elif [ "samples" = "$STAGE" ]; then + # run samples in javaenclave release image docker. + samples_javaenclave +elif [ "benchmark" = "$STAGE" ]; then + # run benchmark in javaenclave release image docker. + benchmark_javaenclave +elif [ "develop" = "$STAGE" ]; then + # enter javaenclave base image docker and develop JavaEnclave. + develop_javaenclave +elif [ "develop_app" = "$STAGE" ]; then + # enter javaenclave release image docker and develop application. + develop_application +elif [ "clean" = "$STAGE" ]; then + # remove all tmp files generated in build. + clean_javaenclave fi --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
