This is an automated email from the ASF dual-hosted git repository.
shaojunwang pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
The following commit(s) were added to refs/heads/master by this push:
new 7528755 add-github-cicd
7528755 is described below
commit 75287559c0c69d650048918b5b131597cc5bea59
Author: shaojunwang <[email protected]>
AuthorDate: Mon Feb 6 17:40:02 2023 +0800
add-github-cicd
---
.github/workflows/ci.yml | 31 +++++++++++++++++++++++++++++++
README.md | 2 +-
build.sh | 14 +++++++++++++-
tools/cicd/make.sh | 28 ++++++++++++++--------------
4 files changed, 59 insertions(+), 16 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..ee29df1
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,31 @@
+name: Apache Teaclave Java Tee SDK CI
+run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
+on: [push, pull_request, workflow_dispatch]
+defaults:
+ run:
+ shell: bash
+
+jobs:
+ Explore-GitHub-Actions:
+ runs-on: [self-hosted, linux]
+ steps:
+ - run: echo "🎉 The job was automatically triggered by a ${{
github.event_name }} event."
+ - run: echo "🐧 This job is now running on a ${{ runner.os }} server
hosted by GitHub!"
+ - run: echo "🔎 The name of your branch is ${{ github.ref }} and your
repository is ${{ github.repository }}."
+ - name: Check out repository code
+ uses: actions/checkout@v3
+ - run: echo "💡 The ${{ github.repository }} repository has been cloned
to the runner."
+ - run: echo "🖥️ The workflow is now ready to test your code on the
runner."
+ - name: List files in the repository
+ run: ls ${{ github.workspace }}
+ - name: Build JavaEnclave
+ run: sudo ${{ github.workspace }}/tools/cicd/make.sh build
+ - name: Release JavaEnclave
+ run: sudo ${{ github.workspace }}/tools/cicd/make.sh release
+ - name: Test JavaEnclave
+ run: sudo ${{ github.workspace }}/tools/cicd/make.sh test
+ - name: Run JavaEnclave Samples
+ run: sudo ${{ github.workspace }}/tools/cicd/make.sh samples
+ - name: Run JavaEnclave Benchmark
+ run: sudo ${{ github.workspace }}/tools/cicd/make.sh benchmark
+ - run: echo "🍏 This job's status is ${{ job.status }}."
\ No newline at end of file
diff --git a/README.md b/README.md
index ddd8ee4..18c5b47 100644
--- a/README.md
+++ b/README.md
@@ -206,7 +206,7 @@ In essence, it's an SPI mechanism between host and enclave
parts.
`MOCK_IN_SVM` mode in Teaclave Java TEE SDK is also a simulated mode, it
doesn't need SGX hardware support. Compare with `MOCK_IN_JVM` mode, the enclave
submodule
will be compiled into a native image, and the host submodule run in a JVM
environment. host part will load, create and invoke service defined in enclave
by JNI native call.
-### TEE_SDK mode
+#### TEE_SDK mode
`TEE_SDK` mode is a hardware mode, it must run on the platform with SGX2
hardware support. Compare with `MOCK_IN_SVM` mode, the enclave submodule also
will be compiled into a native image, but it will be loaded and run in sgx
enclave environment. The host part will run in a JVM environment, and both the
host and enclave module will run in one process.
diff --git a/build.sh b/build.sh
index fe7593b..ca22576 100755
--- a/build.sh
+++ b/build.sh
@@ -40,17 +40,29 @@ if [ ! "$STAGE" -o "build" = "$STAGE" ]; then
# Install JavaEnclave archetype
pushd "${WORKDIR}"/archetype && mvn clean install && popd
elif [ ! "$STAGE" -o "test" = "$STAGE" ]; then
+ mkdir -p /dev/sgx
+ ln -s /dev/sgx_enclave /dev/sgx/enclave
+ ln -s /dev/sgx_provision /dev/sgx/provision
# Test unit test cases in JavaEnclave
pushd "${WORKDIR}"/test && ./run.sh && popd
elif [ ! "$STAGE" -o "coverage" = "$STAGE" ]; then
+ mkdir -p /dev/sgx
+ ln -s /dev/sgx_enclave /dev/sgx/enclave
+ ln -s /dev/sgx_provision /dev/sgx/provision
# collect and analysis JavaEnclave ut coverage
pushd "${WORKDIR}"/coverage && ./run.sh "${WORKDIR}"/test && popd
elif [ ! "$STAGE" -o "samples" = "$STAGE" ]; then
+ mkdir -p /dev/sgx
+ ln -s /dev/sgx_enclave /dev/sgx/enclave
+ ln -s /dev/sgx_provision /dev/sgx/provision
# samples in JavaEnclave
pushd "${WORKDIR}"/samples/helloworld && ./run.sh && popd
pushd "${WORKDIR}"/samples/springboot && ./run.sh && popd
elif [ ! "$STAGE" -o "benchmark" = "$STAGE" ]; then
+ mkdir -p /dev/sgx
+ ln -s /dev/sgx_enclave /dev/sgx/enclave
+ ln -s /dev/sgx_provision /dev/sgx/provision
# benchmark in JavaEnclave
pushd "${WORKDIR}"/benchmark/guomi && ./run.sh && popd
pushd "${WORKDIR}"/benchmark/string && ./run.sh && popd
-fi
\ No newline at end of file
+fi
diff --git a/tools/cicd/make.sh b/tools/cicd/make.sh
index e33d229..d5cd9da 100755
--- a/tools/cicd/make.sh
+++ b/tools/cicd/make.sh
@@ -62,8 +62,8 @@ function build_javaenclave() {
docker run -i --rm --privileged --network host \
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${BASE_IMAGE}:${BASE_TAG} /bin/bash build.sh $1
}
@@ -87,8 +87,8 @@ function test_javaenclave() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
}
@@ -101,8 +101,8 @@ function collect_javaenclave_coverage() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
}
@@ -115,8 +115,8 @@ function samples_javaenclave() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
}
@@ -129,8 +129,8 @@ function benchmark_javaenclave() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
}
@@ -172,8 +172,8 @@ function develop_javaenclave() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${BASE_IMAGE}:${BASE_TAG} /bin/bash
}
@@ -185,8 +185,8 @@ function develop_application() {
-w "${WORKDIR}" \
-v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}" \
-e PCCS_URL=${PCCS_URL} \
- -v /dev/sgx_enclave:/dev/sgx/enclave \
- -v /dev/sgx_provision:/dev/sgx/provision \
+ -v /dev/sgx_enclave:/dev/sgx_enclave \
+ -v /dev/sgx_provision:/dev/sgx_provision \
${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
