From 878ea6c38c6ad1583b6837d535c83defe8183470 Mon Sep 17 00:00:00 2001
From: Shirong Hao <shirong@linux.alibaba.com>
Date: Wed, 23 Sep 2020 13:54:03 +0800
Subject: [PATCH] sgx-tools: Add `make package` command to build rpm and deb
 packages.

Signed-off-by: Shirong Hao <shirong@linux.alibaba.com>
---
 Makefile                                |  3 +-
 sgx-tools/Makefile                      |  3 ++
 sgx-tools/dist/Makefile                 | 32 +++++++++++++
 sgx-tools/dist/deb/build.sh             | 41 +++++++++++++++++
 sgx-tools/dist/deb/debian/changelog     |  5 +++
 sgx-tools/dist/deb/debian/compat        |  1 +
 sgx-tools/dist/deb/debian/control       | 12 +++++
 sgx-tools/dist/deb/debian/rules         | 18 ++++++++
 sgx-tools/dist/deb/debian/source/format |  1 +
 sgx-tools/dist/rpm/sgx-tools.spec       | 60 +++++++++++++++++++++++++
 10 files changed, 174 insertions(+), 2 deletions(-)
 create mode 100644 sgx-tools/dist/Makefile
 create mode 100755 sgx-tools/dist/deb/build.sh
 create mode 100644 sgx-tools/dist/deb/debian/changelog
 create mode 100644 sgx-tools/dist/deb/debian/compat
 create mode 100644 sgx-tools/dist/deb/debian/control
 create mode 100755 sgx-tools/dist/deb/debian/rules
 create mode 100644 sgx-tools/dist/deb/debian/source/format
 create mode 100644 sgx-tools/dist/rpm/sgx-tools.spec

diff --git a/Makefile b/Makefile
index dad55ce..96220b3 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,6 @@
 
 export INCLAVARE_CONTAINERS_VERSION := $(shell cat ./VERSION)
 components := rune shim sgx-tools
-dist_release_components := rune shim
 
 all:
 	for name in $(components); do \
@@ -25,6 +24,6 @@ uninstall:
 	done
 
 package:
-	for name in $(dist_release_components); do \
+	for name in $(components); do \
 		$(MAKE) -C $$name package; \
 	done
diff --git a/sgx-tools/Makefile b/sgx-tools/Makefile
index 6812b04..a939363 100644
--- a/sgx-tools/Makefile
+++ b/sgx-tools/Makefile
@@ -38,3 +38,6 @@ install: $(APP)
 
 uninstall:
 	@rm -f $(BINDIR)/$(APP)
+
+package:
+	$(MAKE) -C dist package
diff --git a/sgx-tools/dist/Makefile b/sgx-tools/dist/Makefile
new file mode 100644
index 0000000..3f406e9
--- /dev/null
+++ b/sgx-tools/dist/Makefile
@@ -0,0 +1,32 @@
+PROJECT_DIR := $(shell cd ../..; pwd)
+RPMBUILD_DIR := $(shell mktemp -u /tmp/rpmbuild.XXXX)
+RELEASE_TARBALL_URL := https://github.com/alibaba/inclavare-containers/archive/v$(INCLAVARE_CONTAINERS_VERSION).tar.gz
+RELEASE_TARBALL_FILE := $(RPMBUILD_DIR)/SOURCES/v$(INCLAVARE_CONTAINERS_VERSION).tar.gz
+RELEASE_TARBALL_EXIST := $(shell if [ -f $(RELEASE_TARBALL_FILE) ]; then echo "y"; else echo "n"; fi;)
+
+release-tarball:
+ifneq ($(RELEASE_TARBALL_EXIST), y)
+	@mkdir -p $(RPMBUILD_DIR)/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
+	@wget -P $(RPMBUILD_DIR)/SOURCES $(RELEASE_TARBALL_URL)
+endif
+
+rpm: release-tarball
+	@rpmbuild -D "_topdir $(RPMBUILD_DIR)" -ba rpm/sgx-tools.spec
+	@cp $(RPMBUILD_DIR)/RPMS/x86_64/*.rpm $(PROJECT_DIR)
+	@rm -rf $(RPMBUILD_DIR)
+	@echo "the rpms of sgx-tools located in $(PROJECT_DIR)"
+
+deb:
+	@cd deb && ./build.sh
+	@echo "the debs of sgx-tools located in $(PROJECT_DIR)"
+
+package:
+ifeq (/etc/debian_version, $(wildcard /etc/debian_version))
+	make deb
+else ifeq (/etc/redhat-release, $(wildcard /etc/redhat-release))
+	make rpm
+else
+	@echo "error! don't support generating packages on this system"
+endif
+
+.PHONY: release-tarball rpm deb package
diff --git a/sgx-tools/dist/deb/build.sh b/sgx-tools/dist/deb/build.sh
new file mode 100755
index 0000000..aa7bd32
--- /dev/null
+++ b/sgx-tools/dist/deb/build.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+PROJECT_DIR=$(cd ../../..; pwd)
+DEBBUILD_DIR=$(mktemp -u /tmp/debbuild.XXXX)
+SCRIPT_DIR=$(pwd)
+PACKAGE=sgx-tools
+PROJECT=inclavare-containers
+VERSION=$(cd ../../..; cat ./VERSION)
+RELEASE_TARBALL=$DEBBUILD_DIR/v$VERSION.tar.gz
+RELEASE_TARBALL_URL=https://github.com/alibaba/inclavare-containers/archive/v$VERSION.tar.gz
+TARBALL_NAME=$PACKAGE\_$VERSION.orig.tar.gz
+DEB_BUILD_FOLDER=$DEBBUILD_DIR/$PACKAGE-$VERSION
+
+# create and rename the tarball
+mkdir -p $DEBBUILD_DIR
+if [ ! -f "$RELEASE_TARBALL" ]; then
+  wget -P $DEBBUILD_DIR $RELEASE_TARBALL_URL
+fi
+tar zxfP $DEBBUILD_DIR/v$VERSION.tar.gz -C $DEBBUILD_DIR
+mv $DEBBUILD_DIR/$PROJECT-$VERSION $DEBBUILD_DIR/$PACKAGE-$VERSION
+cd $DEBBUILD_DIR && tar zcfP $TARBALL_NAME $PACKAGE-$VERSION
+
+# check the go version
+if ! [ -x "$(command -v go)" ]; then
+  echo 'Error: go is not installed. Please install Go 1.14 and above'
+  exit 1
+fi
+
+NEED_GO_VERSION=14
+CURRENT_GO_VERSION=$(go version | awk '{print $3}' | sed 's/go//g' | sed 's/\./ /g' | awk '{print $2}')
+if [ $CURRENT_GO_VERSION -lt $NEED_GO_VERSION  ]; then
+  echo 'Error: go version is less than 1.14.0. Please install Go 1.14 and above'
+  exit
+fi
+
+# build_deb_package
+cp -rf  $SCRIPT_DIR/debian $DEB_BUILD_FOLDER
+cd $DEB_BUILD_FOLDER
+dpkg-buildpackage -us -uc
+cp $DEBBUILD_DIR/*.*deb $PROJECT_DIR
+rm -rf $DEBBUILD_DIR
diff --git a/sgx-tools/dist/deb/debian/changelog b/sgx-tools/dist/deb/debian/changelog
new file mode 100644
index 0000000..ee05cb6
--- /dev/null
+++ b/sgx-tools/dist/deb/debian/changelog
@@ -0,0 +1,5 @@
+sgx-tools (0.4.1-1) unstable; urgency=low
+
+  * Initial release.
+
+ -- Shirong Hao <shirong@linux.alibaba.com>  Sun, 30 Aug 2020 13:48:35 +0000
diff --git a/sgx-tools/dist/deb/debian/compat b/sgx-tools/dist/deb/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/sgx-tools/dist/deb/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/sgx-tools/dist/deb/debian/control b/sgx-tools/dist/deb/debian/control
new file mode 100644
index 0000000..0346d49
--- /dev/null
+++ b/sgx-tools/dist/deb/debian/control
@@ -0,0 +1,12 @@
+Source: sgx-tools
+Section: devel
+Priority: extra
+Maintainer: shirong <shirong@linux.alibaba.com>
+Build-Depends: debhelper (>=9), libprotobuf-dev (>=3), protobuf-compiler
+Standards-Version: 3.9.8
+Homepage: https://github.com/alibaba/inclavare-containers
+
+Package: sgx-tools
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Description: sgx-tools is a command line tool for inclavare-containers. Interact Intel SGX aesm service to retrieve various materials such as launch token, Quoting Enclave's target information, enclave quote and enclave remote attestation report from IAS.
diff --git a/sgx-tools/dist/deb/debian/rules b/sgx-tools/dist/deb/debian/rules
new file mode 100755
index 0000000..16befcd
--- /dev/null
+++ b/sgx-tools/dist/deb/debian/rules
@@ -0,0 +1,18 @@
+#!/usr/bin/make -f
+BUILD_ROOT := $(CURDIR)/debian/sgx-tools
+BUILD_DIR := /usr/local/bin
+PROTOBUF_VERSION := 1.3.5
+NAME := sgx-tools
+
+export GO111MODULE := on
+
+%:
+	dh $@
+
+override_dh_auto_build:
+	go get github.com/golang/protobuf/protoc-gen-go@v$(PROTOBUF_VERSION)
+	make -C $(NAME)
+override_dh_auto_install:
+	install -d -p $(BUILD_ROOT)$(BUILD_DIR)
+	install -p -m 755 $(CURDIR)/$(NAME)/$(NAME) $(BUILD_ROOT)$(BUILD_DIR)
+override_dh_usrlocal:
diff --git a/sgx-tools/dist/deb/debian/source/format b/sgx-tools/dist/deb/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/sgx-tools/dist/deb/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/sgx-tools/dist/rpm/sgx-tools.spec b/sgx-tools/dist/rpm/sgx-tools.spec
new file mode 100644
index 0000000..1b4672a
--- /dev/null
+++ b/sgx-tools/dist/rpm/sgx-tools.spec
@@ -0,0 +1,60 @@
+%define centos_base_release 1
+%define _debugsource_template %{nil}
+
+%global PROTOBUF_VERSION 1.3.5
+%global PROJECT inclavare-containers
+%global BIN_DIR /usr/local/bin
+
+Name: sgx-tools
+Version: 0.4.1
+Release: %{centos_base_release}%{?dist}
+Summary: sgx-tools is a commandline tool, used to interact Intel SGx aesm service.
+
+Group: Development/Tools
+License: Apache License 2.0
+URL: https://github.com/alibaba/%{PROJECT}
+Source0: https://github.com/alibaba/%{PROJECT}/archive/v%{version}.tar.gz
+
+BuildRequires: protobuf >= 3
+BuildRequires: protobuf-compiler
+ExclusiveArch: x86_64
+
+%description
+sgx-tools is a command line tool for inclavare-containers. Interact Intel SGX aesm service to retrieve various materials such as launch token, Quoting Enclave's target information, enclave quote and enclave remote attestation report from IAS.
+
+%prep
+%setup -q -n %{PROJECT}-%{version}
+
+%build
+# we cann't download go1.14 through 'yum install' in centos, so that wo check the go version in the '%build' section rather than in the 'BuildRequires' section.
+if ! [ -x "$(command -v go)" ]; then
+  echo 'Error: go is not installed. Please install Go 1.14 and above'
+  exit 1
+fi
+
+NEED_GO_VERSION=14
+CURRENT_GO_VERSION=$(go version | awk '{print $3}' | sed 's/go//g' | sed 's/\./ /g' | awk '{print $2}')
+if [ $CURRENT_GO_VERSION -lt $NEED_GO_VERSION  ]; then
+  echo 'Error: go version is less than 1.14.0. Please install Go 1.14 and above'
+  exit 1
+fi
+
+export GOPATH=${RPM_BUILD_DIR}/%{PROJECT}-%{version}
+export GOPROXY="https://mirrors.aliyun.com/goproxy,direct"
+export PATH=$PATH:${GOPATH}/bin
+export GO111MODULE=on
+go get github.com/golang/protobuf/protoc-gen-go@v%{PROTOBUF_VERSION}
+pushd %{name}
+make
+popd
+
+%install
+install -d -p %{buildroot}%{BIN_DIR}
+install -p -m 755 %{name}/%{name} %{buildroot}%{BIN_DIR}
+
+%files
+%{BIN_DIR}/%{name}
+
+%changelog
+* Wed Sep 23 2020 Shirong Hao <shirong@linux.alibaba.com> - 0.4.1
+- Package init.
-- 
GitLab