You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by sh...@apache.org on 2022/11/16 08:26:46 UTC
[incubator-teaclave-java-tee-sdk] branch master updated: Update README.md Docker file and .asf.yaml file
This is an automated email from the ASF dual-hosted git repository.
shaojunwang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
The following commit(s) were added to refs/heads/master by this push:
new f0172ee Update README.md Docker file and .asf.yaml file
new 9ab223d Merge pull request #6 from superajun-wsj/update-readme-config
f0172ee is described below
commit f0172ee315a2048d97d657de625dbdff230eaee3
Author: shaojunwang <sh...@apache.org>
AuthorDate: Mon Nov 14 16:43:38 2022 +0800
Update README.md Docker file and .asf.yaml file
---
.asf.yaml | 28 ++++++++++++++++++++++
README.md | 58 ++++++++++++++++++++++++++++++++--------------
coverage/run.sh | 1 -
tools/cicd/dockerfile_base | 2 +-
tools/cicd/make.sh | 4 ++++
5 files changed, 74 insertions(+), 19 deletions(-)
diff --git a/.asf.yaml b/.asf.yaml
new file mode 100644
index 0000000..1131f2e
--- /dev/null
+++ b/.asf.yaml
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+github:
+ description: "Apache Teaclave (incubating) Java TEE SDK is an open source universal confidential computing framework, making java computation on privacy-sensitive data safe and simple."
+ homepage: https://teaclave.apache.org
+ labels:
+ - confidential-computing
+ - trusted-execution-environment
+ - tee
+ - sgx
+ - java
+ - graalvm
+ features:
+ issues: true
+
\ No newline at end of file
diff --git a/README.md b/README.md
index 106c9a4..485be58 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ Teaclave Java TEE SDK provides seven components:
<div align="center">
<img src="./docs/resources/JavaEnclave_Architecture.png" width = "400" height = "400" alt="Teaclave Java TEE SDK Architecture" align=center />
</div>
-<center>Teaclave Java TEE SDK Architecture</center>
+<p align="center">Teaclave Java TEE SDK Architecture</p>
<br />
## Confidential computing Java project structure based on Teaclave Java TEE SDK
@@ -39,19 +39,17 @@ A Java confidential computing application project based on Teaclave Java TEE SDK
<div align="center">
<img src="./docs/resources/JavaEnclave_Application_Dependency.png" width = "400" height = "300" alt="Teaclave Java TEE SDK Application Dependency" align=center />
</div>
-<center>Teaclave Java TEE SDK Application Dependency</center>
+<p align="center">Teaclave Java TEE SDK Application Dependency</p>
<br />
<div align="center">
<img src="./docs/resources/JavaEnclave_Project_Structure.png" width = "400" height = "400" alt="Teaclave Java TEE SDK Project Structure" align=center />
</div>
-<center>Teaclave Java TEE SDK Project Structure</center>
+<p align="center">Teaclave Java TEE SDK Project Structure</p>
<br />
-## Getting started
+## Environment preparation
-### Environment preparation
-
-#### 1. Is SGX2 supported?
+### 1. Is SGX2 supported?
`apt install cpuid && cpuid -1 -l 0x12`
@@ -59,25 +57,51 @@ A Java confidential computing application project based on Teaclave Java TEE SDK
if SGX2 is not supported, only MOCK_IN_JVM and MOCK_IN_SVM enclave modes in Teaclave Java TEE SDK could be run normally.
-#### 2. Is the SGX2 driver installed?
+### 2. Is the SGX2 driver installed?
`cd /dev` and check whether `sgx_enclave sgx_provision` soft link files exist.
if it is not, you need to install the sgx driver according to reference: https://github.com/intel/linux-sgx-driver.
-#### 3. enable_rdfsbase kernel module
+### 3. enable_rdfsbase kernel module
if Linux kernel before 5.9, please install the enable_rdfsbase kernel module according to reference: https://github.com/occlum/enable_rdfsbase. enable_rdfsbase kernel module is needed if you create an enclave instance with EMBEDDED_LIB_OS mode defined in Teaclave Java TEE SDK.
-#### 4. Enter Teaclave Java TEE SDK docker
+## Run Samples/Test/Benchmark
-`docker run -it --privileged --network host -v /dev/sgx_enclave:/dev/sgx/enclave -v /dev/sgx_provision:/dev/sgx/provision teaclave-java-tee-sdk:v0.1.0-ubuntu18.04`
+### 1. Enter Teaclave Java TEE SDK docker
Teaclave Java TEE SDK Docker provides a compilation and deployment environment for a java confidential computing application based on Teaclave Java TEE SDK.
-### HelloWorld sample instruction
+`docker run -it --privileged --network host -v /dev/sgx_enclave:/dev/sgx/enclave -v /dev/sgx_provision:/dev/sgx/provision teaclave/teaclave-java-tee-sdk:v0.1.0-ubuntu18.04`
+
+### 2. Run samples
+
+`cd /opt/javaenclave/samples`
+
+run helloworld: `cd helloworld && ./run.sh`
+
+run springboot: `cd springboot && ./run.sh`
+
+### 3. Run test
+
+`cd /opt/javaenclave/test && ./run.sh`
+
+### 4. Run benchmark
+
+`cd /opt/javaenclave/benchmark`
+
+run guomi: `cd guomi && ./run.sh`
+
+run string: `cd string && ./run.sh`
+
+## HelloWorld demo instruction
+
+### 1. Enter Teaclave Java TEE SDK docker
+
+`docker run -it --privileged --network host -v /dev/sgx_enclave:/dev/sgx/enclave -v /dev/sgx_provision:/dev/sgx/provision teaclave/teaclave-java-tee-sdk:v0.1.0-ubuntu18.04`
-#### 1. Create a HelloWorld project structure
+### 2. Create a HelloWorld project structure
Teaclave Java TEE SDK provides a java confidential computing archetype project to help us create a basic project structure.
@@ -85,7 +109,7 @@ Teaclave Java TEE SDK provides a java confidential computing archetype project t
archetype creates a maven project with three submodules, a host submodule enclave submodule, and a common submodule.
-#### 2. Define enclave service interface in the common submodule
+### 3. Define enclave service interface in the common submodule
`cd helloworld/common/src/main/java/com/sample/` and create a common package in this submodule `mkdir -p helloworld/common`.
@@ -104,7 +128,7 @@ public interface Service {
Note that we have to annotate this service interface with `@EnclaveService` which Teaclave Java TEE SDK provides.
-#### 3. Create enclave service interface provider in enclave submodule
+### 4. Create enclave service interface provider in enclave submodule
`cd helloworld/enclave/src/main/java/com/sample/` and create an enclave package in this submodule `mkdir -p helloworld/enclave`.
@@ -127,7 +151,7 @@ public class ServiceImpl implements Service {
Note that we have to annotate this class with the annotation `@AutoService(Interface. class)`.
-#### 4. Develop host submodule to create and invoke enclave service
+### 5. Develop host submodule to create and invoke enclave service
`cd helloworld/host/src/main/java/com/sample/` and create an host package in this submodule `mkdir -p helloworld/host`.
@@ -162,7 +186,7 @@ public class Main {
}
```
-#### 5. Build and run
+### 6. Build and run
cd back to HelloWorld project top dir and build it: `mvn -Pnative clean package`.
diff --git a/coverage/run.sh b/coverage/run.sh
index 21541e2..f656cc7 100755
--- a/coverage/run.sh
+++ b/coverage/run.sh
@@ -20,7 +20,6 @@
TEST_PATH=$1
# Download jacoco agent from maven central repo.
-apt install unzip
rm -rf jacoco && mkdir -p jacoco && rm -rf result && mkdir -p result/classes && rm -rf site
pushd jacoco
wget https://search.maven.org/remotecontent?filepath=org/jacoco/jacoco/0.8.3/jacoco-0.8.3.zip -O temp.zip && unzip temp.zip && rm -rf temp.zip
diff --git a/tools/cicd/dockerfile_base b/tools/cicd/dockerfile_base
index 1dd2714..1b9fd0a 100644
--- a/tools/cicd/dockerfile_base
+++ b/tools/cicd/dockerfile_base
@@ -33,7 +33,7 @@ ADD ["tmpDownloadDir/Alibaba_Dragonwell_Standard_11.0.16.12.8_x64_alpine-linux.t
ADD ["tmpDownloadDir/sgx_linux_x64_sdk_2.17.101.1.bin", "/root/tools/"]
# install necessary tools.
-RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y gdb gnupg wget aptitude libfuse-dev libtool tzdata jq && \
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y gdb gnupg wget aptitude libfuse-dev libtool tzdata jq unzip && \
echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y maven && \
echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential libz-dev zlib1g-dev && \
echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' > /etc/apt/sources.list.d/intel-sgx.list && \
diff --git a/tools/cicd/make.sh b/tools/cicd/make.sh
index 0284875..e33d229 100755
--- a/tools/cicd/make.sh
+++ b/tools/cicd/make.sh
@@ -157,6 +157,10 @@ function collect_javaenclave_release() {
mkdir -p ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native
cp -r ${WORKDIR}/third-party-libs/bouncycastle-native/pom.xml ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native
cp -r ${WORKDIR}/third-party-libs/bouncycastle-native/target/*.jar ${WORKDIR}/release/opt/javaenclave/jar/bouncycastle-native
+ cp -r ${WORKDIR}/test ${WORKDIR}/release/opt/javaenclave/
+ cp -r ${WORKDIR}/samples ${WORKDIR}/release/opt/javaenclave/
+ cp -r ${WORKDIR}/coverage ${WORKDIR}/release/opt/javaenclave/
+ cp -r ${WORKDIR}/benchmark ${WORKDIR}/release/opt/javaenclave/
build_release_image
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org