From d790e2cb988624d855debb2d83f363ad87bea3bb Mon Sep 17 00:00:00 2001
From: Noor <noormohammedb@protonmail.com>
Date: Tue, 11 Mar 2025 10:39:29 +0000
Subject: [PATCH] docker limit resources

---
 Cargo.lock       |  1 -
 src/container.rs | 14 +++++++++++---
 src/data.rs      |  1 +
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index b07c7c6..7a2a1a6 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -410,7 +410,6 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#9ba3bc318617b08d8c761767a23abd77519b7e6d"
 dependencies = [
  "base64",
  "prost",
diff --git a/src/container.rs b/src/container.rs
index 22676ef..5c4ee6f 100644
--- a/src/container.rs
+++ b/src/container.rs
@@ -1,4 +1,5 @@
 use anyhow::{anyhow, Result};
+use detee_shared::sgx::types::brain::Resource;
 use log::info;
 use std::process::Command;
 
@@ -7,6 +8,7 @@ pub fn deploy_enclave(
     container_name_uuid: String,
     port_map: Vec<(u16, u16)>,
     hratls_pubkey: String,
+    app_resource: Resource,
 ) -> Result<i32> {
     let port_maping_string = port_map
         .iter()
@@ -18,10 +20,16 @@ pub fn deploy_enclave(
         "Deploying enclave: {:?} with hratls: {:?}",
         enclave_path, hratls_pubkey
     );
-    // TODO: docker limit resources
+
+    let memory_mb = app_resource.memory_mb;
+    let vcpu = app_resource.vcpu;
+    // TODO: docker limit disk space
+    // let disk_mb = app_resource.disk_mb;
+    // --storage-opt size={disk_mb}m
+
     let docker_deploy_str = format!(
-        r#"docker run -d --name {container_name_uuid} -v {enclave_path}:/enclave_package \
-        --device /dev/sgx/enclave --device /dev/sgx/provision \
+        r#"docker run -d --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \
+        -v {enclave_path}:/enclave_package --device /dev/sgx/enclave --device /dev/sgx/provision \
         {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"#
     );
 
diff --git a/src/data.rs b/src/data.rs
index b33ceb8..4d6a68a 100644
--- a/src/data.rs
+++ b/src/data.rs
@@ -127,6 +127,7 @@ impl App {
             app_name.clone(),
             mapped_ports.clone(),
             new_app_req.hratls_pubkey,
+            new_app_req.resource.clone(),
         )?;
 
         if exit_code != 0 {