-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
27 lines (18 loc) · 931 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Gradle build stage
FROM gradle:7.4-jdk17 AS builder
COPY ./src/project /home/gradle
RUN gradle build jar && cp /home/gradle/build/libs/*.jar /enclave.jar
# Enclave image build stage
FROM enclaive/gramine-os:jammy-33576d39
RUN apt-get update \
&& apt-get install -y libprotobuf-c1 openjdk-17-jre-headless \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /enclave.jar /app/
COPY ./java.manifest.template /app/
COPY ./entrypoint.sh /app/
WORKDIR /app
RUN gramine-argv-serializer "/usr/lib/jvm/java-17-openjdk-amd64/bin/java" "-XX:CompressedClassSpaceSize=8m" "-XX:ReservedCodeCacheSize=8m" "-Xmx8m" "-Xms8m" "-jar" "/app/enclave.jar" > jvm_args.txt
RUN gramine-sgx-gen-private-key \
&& gramine-manifest -Dlog_level=error -Darch_libdir=/lib/x86_64-linux-gnu java.manifest.template java.manifest \
&& gramine-sgx-sign --manifest java.manifest --output java.manifest.sgx
ENTRYPOINT ["sh", "entrypoint.sh"]