add-github-cicd

shaojunwang · superajun-wsj · commit 75287559c0c6 · 2023-02-09T15:45:27.000+08:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,31 @@
+name: Apache Teaclave Java Tee SDK CI
+run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
+on: [push, pull_request, workflow_dispatch]
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  Explore-GitHub-Actions:
+    runs-on: [self-hosted, linux]
+    steps:
+      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
+      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
+      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
+      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
+      - name: List files in the repository
+        run: ls ${{ github.workspace }}
+      - name: Build JavaEnclave
+        run: sudo ${{ github.workspace }}/tools/cicd/make.sh build
+      - name: Release JavaEnclave
+        run: sudo ${{ github.workspace }}/tools/cicd/make.sh release
+      - name: Test JavaEnclave
+        run: sudo ${{ github.workspace }}/tools/cicd/make.sh test
+      - name: Run JavaEnclave Samples
+        run: sudo ${{ github.workspace }}/tools/cicd/make.sh samples
+      - name: Run JavaEnclave Benchmark
+        run: sudo ${{ github.workspace }}/tools/cicd/make.sh benchmark
+      - run: echo "🍏 This job's status is ${{ job.status }}."
diff --git a/README.md b/README.md
@@ -206,7 +206,7 @@ In essence, it's an SPI mechanism between host and enclave parts.
 `MOCK_IN_SVM` mode in Teaclave Java TEE SDK is also a simulated mode, it doesn't need SGX hardware support. Compare with `MOCK_IN_JVM` mode, the enclave submodule
 will be compiled into a native image, and the host submodule run in a JVM environment. host part will load, create and invoke service defined in enclave by JNI native call.
 
-### TEE_SDK mode
+#### TEE_SDK mode
 
 `TEE_SDK` mode is a hardware mode, it must run on the platform with SGX2 hardware support. Compare with `MOCK_IN_SVM` mode, the enclave submodule also will be compiled into a native image, but it will be loaded and run in sgx enclave environment. The host part will run in a JVM environment, and both the host and enclave module will run in one process.
 
diff --git a/build.sh b/build.sh
@@ -40,17 +40,29 @@ if [ ! "$STAGE" -o "build" = "$STAGE" ]; then
   # Install JavaEnclave archetype
   pushd "${WORKDIR}"/archetype && mvn clean install && popd
 elif [ ! "$STAGE" -o "test" = "$STAGE" ]; then
+  mkdir -p /dev/sgx
+  ln -s /dev/sgx_enclave /dev/sgx/enclave
+  ln -s /dev/sgx_provision /dev/sgx/provision
   # Test unit test cases in JavaEnclave
   pushd "${WORKDIR}"/test && ./run.sh && popd
 elif [ ! "$STAGE" -o "coverage" = "$STAGE" ]; then
+  mkdir -p /dev/sgx
+  ln -s /dev/sgx_enclave /dev/sgx/enclave
+  ln -s /dev/sgx_provision /dev/sgx/provision
   # collect and analysis JavaEnclave ut coverage
   pushd "${WORKDIR}"/coverage && ./run.sh "${WORKDIR}"/test && popd
 elif [ ! "$STAGE" -o "samples" = "$STAGE" ]; then
+  mkdir -p /dev/sgx
+  ln -s /dev/sgx_enclave /dev/sgx/enclave
+  ln -s /dev/sgx_provision /dev/sgx/provision
   # samples in JavaEnclave
   pushd "${WORKDIR}"/samples/helloworld && ./run.sh && popd
   pushd "${WORKDIR}"/samples/springboot && ./run.sh && popd
 elif [ ! "$STAGE" -o "benchmark" = "$STAGE" ]; then
+  mkdir -p /dev/sgx
+  ln -s /dev/sgx_enclave /dev/sgx/enclave
+  ln -s /dev/sgx_provision /dev/sgx/provision
   # benchmark in JavaEnclave
   pushd "${WORKDIR}"/benchmark/guomi && ./run.sh && popd
   pushd "${WORKDIR}"/benchmark/string && ./run.sh && popd
-fi
+fi
diff --git a/tools/cicd/make.sh b/tools/cicd/make.sh
@@ -62,8 +62,8 @@ function build_javaenclave() {
   docker run -i --rm --privileged --network host                    \
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${BASE_IMAGE}:${BASE_TAG} /bin/bash build.sh $1
 }
 
@@ -87,8 +87,8 @@ function test_javaenclave() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
 }
 
@@ -101,8 +101,8 @@ function collect_javaenclave_coverage() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
 }
 
@@ -115,8 +115,8 @@ function samples_javaenclave() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
 }
 
@@ -129,8 +129,8 @@ function benchmark_javaenclave() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash build.sh $1
 }
 
@@ -172,8 +172,8 @@ function develop_javaenclave() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${BASE_IMAGE}:${BASE_TAG} /bin/bash
 }
 
@@ -185,8 +185,8 @@ function develop_application() {
   -w "${WORKDIR}"                                                   \
   -v "${HOME}"/.m2:/root/.m2 -v "${WORKDIR}":"${WORKDIR}"           \
   -e PCCS_URL=${PCCS_URL}                                           \
-  -v /dev/sgx_enclave:/dev/sgx/enclave             \
-  -v /dev/sgx_provision:/dev/sgx/provision         \
+  -v /dev/sgx_enclave:/dev/sgx_enclave             \
+  -v /dev/sgx_provision:/dev/sgx_provision         \
   ${RELEASE_IMAGE}:${RELEASE_TAG} /bin/bash
 }
 
