| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| FROM ubuntu:18.04 as javaenclave_base |
| |
| LABEL maintainer="Junshao Wang" |
| |
| ENV GRAALVM_HOME="/root/tools/graalvm-ce-java11-22.2.0" |
| ENV JAVA_HOME="/root/tools/graalvm-ce-java11-22.2.0" |
| ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH" |
| ENV CC=/usr/local/occlum/bin/occlum-gcc |
| |
| ARG PSW_VERSION=2.17.100.3 |
| ARG DCAP_VERSION=1.14.100.3 |
| |
| ADD ["tmpDownloadDir/graalvm-ce-java11-22.2.0.tar.gz", "/root/tools/"] |
| ADD ["tmpDownloadDir/zlib-1.2.11.tar.gz", "/root/tools/"] |
| ADD ["tmpDownloadDir/Alibaba_Dragonwell_Standard_11.0.16.12.8_x64_alpine-linux.tar.gz", "/root/tools"] |
| ADD ["tmpDownloadDir/sgx_linux_x64_sdk_2.17.101.1.bin", "/root/tools/"] |
| |
| # install necessary tools. |
| RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y gdb gnupg wget aptitude libfuse-dev libtool tzdata jq && \ |
| echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y maven && \ |
| echo -e 'yes\n' | DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential libz-dev zlib1g-dev && \ |
| echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' > /etc/apt/sources.list.d/intel-sgx.list && \ |
| wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - && \ |
| echo 'deb [arch=amd64] https://occlum.io/occlum-package-repos/debian bionic main' | tee /etc/apt/sources.list.d/occlum.list && \ |
| wget -qO - https://occlum.io/occlum-package-repos/debian/public.key | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - && \ |
| apt-get update && aptitude install -y \ |
| occlum \ |
| libsgx-launch-dev=${PSW_VERSION}-bionic1 \ |
| libsgx-urts=${PSW_VERSION}-bionic1 \ |
| libsgx-urts-dbgsym=${PSW_VERSION}-bionic1 \ |
| libsgx-uae-service=${PSW_VERSION}-bionic1 \ |
| libsgx-dcap-quote-verify-dev=${DCAP_VERSION}-bionic1 \ |
| libsgx-dcap-ql-dev=${DCAP_VERSION}-bionic1 \ |
| libsgx-dcap-default-qpl=${DCAP_VERSION}-bionic1 && \ |
| cd /root/tools/zlib-1.2.11 && ./configure --prefix=/opt/occlum/toolchains/gcc/x86_64-linux-musl && make && make install && \ |
| cd /root/tools && chmod 777 sgx_linux_x64_sdk_2.17.101.1.bin && echo -e 'no\n/opt/teesdk\n' | ./sgx_linux_x64_sdk_2.17.101.1.bin |
| |
| # copy dcap_occlum lib from occlum docker image. |
| COPY --from=docker.io/occlum/occlum:0.26.4-ubuntu18.04 /opt/occlum/toolchains/dcap_lib /opt/occlum/toolchains/dcap_lib |
| |
| # fix occlum aesm service issue. |
| RUN sed -i '/"Error: AESM service is not started yet. Need to start it first"/{N;s/.*//}' /opt/occlum/build/bin/occlum |