Skip to content
This repository has been archived by the owner on Apr 15, 2024. It is now read-only.

Commit

Permalink
service/quote-server: add Dockerfile (#40)
Browse files Browse the repository at this point in the history 
* quote-server: add Dockerfile

* quote-server/Dockerfile: remove port after using Unix Domain Socket

* remove rust runtime in final container to reduce image size
  • Loading branch information
@hairongchen
hairongchen authored Jul 18, 2023
1 parent 41dfdb0 commit d4c3cf4
Showing 1 changed file with 53 additions and 0 deletions.
53 changes: 53 additions & 0 deletions container/quote-server/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
FROM ubuntu:22.04 AS quote-server-builder

ARG DCAP_VERSION="1.16"

RUN apt-get update && apt-get install -y git golang curl build-essential clang protobuf-compiler protobuf-c-compiler libprotobuf-c-dev libprotobuf-c1

RUN curl --proto '=https' --tlsv1.3 https://sh.rustup.rs -sSf > rustup.sh
RUN /bin/sh ./rustup.sh --profile minimal -y && rm ./rustup.sh

RUN curl https://download.01.org/intel-sgx/sgx-dcap/${DCAP_VERSION}/linux/distro/ubuntu22.04-server/sgx_debian_local_repo.tgz -o sgx_debian_local_repo.tgz
RUN tar zxvf sgx_debian_local_repo.tgz && \
rm -f sgx_debian_local_repo.tgz

RUN echo "deb [trusted=yes arch=amd64] file:/sgx_debian_local_repo jammy main" |\
tee /etc/apt/sources.list.d/sgx_debian_local_repo.list

RUN apt-get update && apt install -y libtdx-attest libtdx-attest-dev

COPY service /service
COPY proto /proto
RUN cd /service/quote-server && make build

# add rediness and liveness probe command
RUN git clone https://github.com/grpc-ecosystem/grpc-health-probe.git
RUN cd /grpc-health-probe && go build

# ======================================================================================================================

FROM ubuntu:22.04 as quote-server-base

ARG DCAP_VERSION="1.16"

ARG USERNAME=ccnp
ARG USER_UID=1000
ARG USER_GID=$USER_UID

RUN apt-get update && apt-get install -y curl

RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME

RUN curl https://download.01.org/intel-sgx/sgx-dcap/${DCAP_VERSION}/linux/distro/ubuntu22.04-server/sgx_debian_local_repo.tgz -o sgx_debian_local_repo.tgz
RUN tar zxvf sgx_debian_local_repo.tgz && rm -f sgx_debian_local_repo.tgz
RUN echo "deb [trusted=yes arch=amd64] file:/sgx_debian_local_repo jammy main" | tee /etc/apt/sources.list.d/sgx_debian_local_repo.list
RUN apt-get update && apt install -y libtdx-attest libtdx-attest-dev

RUN apt-get -y clean && rm -rf /var/lib/apt/lists/*.

COPY --from=quote-server-builder /service/quote-server/target/release/quote_server /bin
COPY --from=quote-server-builder /grpc-health-probe/grpc-health-probe /usr/bin

USER $USERNAME
CMD ["/bin/quote_server"]

0 comments on commit d4c3cf4

Please sign in to comment.