From 449ba1d5d986ca4eab8d5a7537541c72097b9fda Mon Sep 17 00:00:00 2001
From: LI Qing <geding.lq@alibaba-inc.com>
Date: Tue, 14 Jan 2020 13:28:29 +0800
Subject: [PATCH] Add Dockerfile for Ubuntu 18.04

---
 Makefile                            | 13 +++-
 tools/docker/Dockerfile.ubuntu18.04 | 95 +++++++++++++++++++++++++++++
 tools/docker/README.md              | 16 ++---
 tools/docker/build_image.sh         | 13 ++--
 4 files changed, 124 insertions(+), 13 deletions(-)
 create mode 100644 tools/docker/Dockerfile.ubuntu18.04

diff --git a/Makefile b/Makefile
index ad9a5d06..2a75a365 100644
--- a/Makefile
+++ b/Makefile
@@ -6,9 +6,20 @@ githooks:
 	@find .git/hooks -type l -exec rm {} \; && find .githooks -type f -exec ln -sf ../../{} .git/hooks/ \;
 	@echo "Add Git hooks that check Rust code format issues before commits and pushes"
 
+GIT_MIN_VERSION := 2.11.0
+GIT_CURRENT_VERSION := $(shell git --version | sed 's/[^0-9.]*//g')
+GIT_NEED_PROGRESS := $(shell /bin/echo -e "$(GIT_MIN_VERSION)\n$(GIT_CURRENT_VERSION)" \
+			| sort -V | head -n1 | grep -q $(GIT_MIN_VERSION) && echo "true" || echo "false")
+# If git version >= min_version, append the `--progress` option to show progress status
+ifeq ($(GIT_NEED_PROGRESS), true)
+	GIT_OPTION := --progress
+else
+	GIT_OPTION :=
+endif
+
 submodule: githooks
 	git submodule init
-	git submodule update
+	git submodule update $(GIT_OPTION)
 	@# Try to apply the patches. If failed, check if the patches are already applied
 	cd deps/rust-sgx-sdk && git apply ../rust-sgx-sdk.patch >/dev/null 2>&1 || git apply ../rust-sgx-sdk.patch -R --check
 	cd deps/serde-json-sgx && git apply ../serde-json-sgx.patch >/dev/null 2>&1 || git apply ../serde-json-sgx.patch -R --check
diff --git a/tools/docker/Dockerfile.ubuntu18.04 b/tools/docker/Dockerfile.ubuntu18.04
new file mode 100644
index 00000000..33f17b0d
--- /dev/null
+++ b/tools/docker/Dockerfile.ubuntu18.04
@@ -0,0 +1,95 @@
+FROM ubuntu:18.04
+
+LABEL maintainer="Qing Li <geding.lq@alibaba-inc.com>"
+
+RUN apt-get update && DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-install-recommends \
+        alien \
+        autoconf \
+        automake \
+        build-essential \
+        ca-certificates \
+        cmake \
+        curl \
+        debhelper \
+        expect \
+        g++ \
+        gdb \
+        git-core \
+        jq \
+        kmod \
+        libboost-system-dev \
+        libboost-thread-dev \
+        libcurl4-openssl-dev \
+        libfuse-dev \
+        libjsoncpp-dev \
+        liblog4cpp5-dev \
+        libprotobuf-c0-dev \
+        libprotobuf-dev \
+        libssl-dev \
+        libtool \
+        libxml2-dev \
+        ocaml \
+        ocamlbuild \
+        pkg-config \
+        protobuf-compiler \
+        python \
+        python-pip \
+        sudo \
+        unzip \
+        uuid-dev \
+        vim \
+        wget \
+        zip \
+        && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Install cpuid tool for tests
+WORKDIR /tmp
+RUN wget http://www.etallen.com/cpuid/cpuid-20180519.x86_64.tar.gz && \
+    tar -xf ./cpuid-20180519.x86_64.tar.gz && \
+    cp ./cpuid-20180519/cpuid /usr/bin/ && \
+    rm -rf /tmp/cpuid-20180519*
+
+# Install SGX SDK
+WORKDIR /tmp
+RUN git clone -b sgx_2.7.1_for_occlum https://github.com/occlum/linux-sgx && \
+    mkdir /etc/init && \
+    cd linux-sgx && \
+    ./download_prebuilt.sh && \
+    ./compile_and_install.sh && \
+    echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc && \
+    rm -rf /tmp/linux-sgx
+
+# Install Rust
+ENV OCCLUM_RUST_VERSION=nightly-2019-11-25
+RUN curl https://sh.rustup.rs -sSf | \
+        sh -s -- --default-toolchain ${OCCLUM_RUST_VERSION} -y && \
+    rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git
+ENV PATH="/root/.cargo/bin:$PATH"
+
+# Install Occlum toolchain
+COPY toolchains/gcc/* /tmp/
+WORKDIR /tmp
+RUN ./build.sh
+ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH"
+
+# Install the latest version of Occlum
+WORKDIR /root
+RUN git clone https://github.com/occlum/occlum && \
+    cd occlum && \
+    make submodule && \
+    make LIBOS_RELEASE=1 && \
+    make install && \
+    cp -r demos /root/demos && \
+    rm -rf /root/occlum
+
+# Start AESM service automatically
+#
+# To do so, we add the script to ~/.bashrc. We cannot use systemd to run AESM
+# as a "real" service since the pid 1 is not systemd in Docker. So we start
+# up AESM service when an user login with an interative shell.
+COPY docker/start_aesm.sh /opt/occlum/
+RUN echo '/opt/occlum/start_aesm.sh' >> /root/.bashrc
+
+WORKDIR /root
diff --git a/tools/docker/README.md b/tools/docker/README.md
index 95cfef74..f120a804 100644
--- a/tools/docker/README.md
+++ b/tools/docker/README.md
@@ -1,10 +1,10 @@
 # Building Occlum Docker images
 
 This folder contains scripts and Dockerfiles for users to build the Docker images
-for Occlum. An Occlum Docker image sets up the development environment for 
+for Occlum. An Occlum Docker image sets up the development environment for
 Occlum and also gets Occlum preinstalled.
 
-Currently, two Linux OS distributions are supported: Ubuntu 16.04 and CentOS 7.2.
+Currently, Three Linux OS distributions are supported: Ubuntu 16.04, Ubuntu 18.04 and CentOS 7.2.
 
 ## How to Build
 
@@ -12,11 +12,11 @@ To build an Occlum Docker image, run the following command
 ```
 ./build_image.sh <OCCLUM_LABEL> <OS_NAME>
 ```
-where `<OCCLUM_LABEL>` is an arbitrary string chosen by the user to 
-describe the version of Occlum preinstalled in the Docker image 
-(e.g., "latest", "0.8.0", and "prerelease") and `<OS_NAME>` is the 
-name of the OS distribution that the Docker image is based on. 
-Currently, `<OS_NAME>` must be one of the following values: 
-`ubuntu16.04` and `centos7.2`.
+where `<OCCLUM_LABEL>` is an arbitrary string chosen by the user to
+describe the version of Occlum preinstalled in the Docker image
+(e.g., "latest", "0.9.0", and "prerelease") and `<OS_NAME>` is the
+name of the OS distribution that the Docker image is based on.
+Currently, `<OS_NAME>` must be one of the following values:
+`ubuntu16.04`, `ubuntu18.04` and `centos7.2`.
 
 The resulting Docker image will have `occlum/occlum:<OCCLUM_LABEL>-<OS_NAME>` as its label.
diff --git a/tools/docker/build_image.sh b/tools/docker/build_image.sh
index 163d9900..e55c6e23 100755
--- a/tools/docker/build_image.sh
+++ b/tools/docker/build_image.sh
@@ -15,11 +15,12 @@ USAGE:
     build_image.sh <OCCLUM_LABEL> <OS_NAME>
 
 <OCCLUM_LABEL>:
-    An arbitrary string chosen by the user to describe the version of Occlum preinstalled in the Docker image, e.g., "latest", "0.8.0", "prerelease", and etc.
+    An arbitrary string chosen by the user to describe the version of Occlum preinstalled in the Docker image, e.g., "latest", "0.9.0", "prerelease", and etc.
 
 <OS_NAME>:
     The name of the OS distribution that the Docker image is based on. Currently, <OS_NAME> must be one of the following values:
         ubuntu16.04         Use Ubuntu 16.04 as the base image
+        ubuntu18.04         Use Ubuntu 18.04 as the base image
         centos7.2           Use CentOS 7.2 as the base image
 
 The resulting Docker image will have "occlum/occlum:<OCCLUM_LABEL>-<OS_NAME>" as its label.
@@ -36,9 +37,13 @@ fi
 occlum_label=$1
 os_name=$2
 
-if [ "$os_name" != "ubuntu16.04" ] && [ "$os_name" != "centos7.2" ];then
-    report_error
-fi
+function check_item_in_list() {
+    item=$1
+    list=$2
+    [[ $list =~ (^|[[:space:]])$item($|[[:space:]]) ]]
+}
+
+check_item_in_list "$os_name" "ubuntu16.04 ubuntu18.04 centos7.2" || report_error
 
 cd "$script_dir/.."
 docker build -f "$script_dir/Dockerfile.$os_name" -t "occlum/occlum:$occlum_label-$os_name" .