[Examples] Add two Java examples

First example is a trivial Java application. Second example is a Spring Boot web application. Signed-off-by: b-garbacz <bartlomiej.garbacz@intel.com>
gramineproject · Mar 18, 2024 · 8b5d608 · 8b5d608
1 parent 774e60c
commit 8b5d608
Show file tree

Hide file tree

Showing 15 changed files with 266 additions and 0 deletions.
diff --git a/Examples/java-simple/Dockerfile b/Examples/java-simple/Dockerfile
@@ -0,0 +1,7 @@
+FROM openjdk:11
+
+COPY JavaExample.java .
+
+RUN javac JavaExample.java
+
+CMD ["java", "JavaExample"]
diff --git a/Examples/java-simple/JavaExample.java b/Examples/java-simple/JavaExample.java
@@ -0,0 +1,8 @@
+// SPDX-License-Identifier: BSD-3-Clause
+// Copyright (C) 2023 Intel Corp.
+//                    Bartłomiej Garbacz <bartomiej.garbacz@intel.com>
+class JavaExample {
+    public static void main(String[] args) {
+        System.out.println("Hello from Graminized Java application!");
+    }
+}
diff --git a/Examples/java-simple/README.md b/Examples/java-simple/README.md
@@ -0,0 +1,45 @@
+# Simple Java application example
+
+Java is one of the most popular programming languages in the world. By using the GSC tool, you can
+deploy graminized containers with Java code. This is a trivial example on running a Java application
+using GSC. For more information on Java, please visit https://www.oracle.com/java/.
+
+## Notes
+
+* Tested on:
+  - Type: Azure Confidential Computing SGX Virtual Machine
+  - Size: Standard DC1s v3 (1 vCPU, 8 GiB memory)
+  - OS: Linux (Ubuntu 20.04)
+  - OpenJDK 11
+
+## Build and run graminized Docker image
+
+1. Build Docker image:
+
+```bash
+$ docker build -t openjdk-11-java-simple .
+```
+
+2. Graminize the Docker image (this step can take some time!):
+
+```bash
+$ (cd ../.. && ./gsc build openjdk-11-java-simple \
+    Examples/java-simple/java-simple.manifest \
+    -c <PATH-TO-CONFIG-FILE>)
+```
+
+3. Sign the graminized Docker image:
+
+```bash
+$ (cd ../.. && ./gsc sign-image openjdk-11-java-simple \
+    <PATH-TO-KEY-FILE> \
+    -c <PATH-TO-CONFIG-FILE>)
+```
+
+4. Run graminized image:
+
+```bash
+$ docker run --rm --device=/dev/sgx_enclave \
+    -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
+    gsc-openjdk-11-java-simple
+```
diff --git a/Examples/java-simple/java-simple.manifest b/Examples/java-simple/java-simple.manifest
@@ -0,0 +1,9 @@
+# For better performance.
+libos.check_invalid_pointers = false
+
+# This option is needed because Java uses memory-fault exception handlers.
+sgx.use_exinfo = true
+
+sys.stack.size = "2M"
+sgx.enclave_size = "4G"
+sgx.max_threads = 512
diff --git a/Examples/java-spring-boot/Dockerfile b/Examples/java-spring-boot/Dockerfile
@@ -0,0 +1,8 @@
+FROM openjdk:11
+
+RUN apt-get update && \
+    apt-get install -y openjdk-11-jdk
+
+COPY spring-boot-web-service/build/libs/spring-boot-web-service-0.0.1-SNAPSHOT.jar .
+
+ENTRYPOINT ["java", "-jar", "/spring-boot-web-service-0.0.1-SNAPSHOT.jar"]
diff --git a/Examples/java-spring-boot/README.md b/Examples/java-spring-boot/README.md
@@ -0,0 +1,92 @@
+# Java Spring Boot example
+
+Spring Boot is a popular framework for building Java-based web applications. By using the GSC tool,
+you can deploy Spring Boot web applications inside a graminized Docker container, such that the app
+runs inside the SGX enclave. For more information on Spring Boot, please visit https://spring.io/.
+
+## Notes
+
+* Tested on:
+  - Type: Azure Confidential Computing SGX Virtual Machine
+  - Size: Standard DC1s v3 (1 vCPU, 8 GiB memory)
+  - OS: Linux (Ubuntu 20.04)
+
+* Install the OpenJDK 11 package so that Gradle can consume the files:
+
+    ```bash
+    $ sudo apt-get install openjdk-11-jdk
+    ```
+
+* Follow the installation guide at https://gradle.org/install/ to install Gradle v7.6.
+
+## Build and run graminized Docker image
+
+1. Build a project using Gradle:
+
+```bash
+$ (cd spring-boot-web-service/ && gradle build)
+```
+
+2. Build Docker image:
+
+```bash
+$ docker build -t openjdk-11-java-spring-boot .
+```
+
+3. Clean up files that will be no longer used:
+
+```bash
+$ (cd spring-boot-web-service/ && gradle clean)
+```
+
+4. Graminize the Docker image (this step can take some time!):
+
+```bash
+$ (cd ../.. && ./gsc build openjdk-11-java-spring-boot \
+    Examples/java-spring-boot/java-spring-boot.manifest \
+    -c <PATH-TO-CONFIG-FILE>)
+```
+
+5. Sign the graminized Docker image:
+
+```bash
+$ (cd ../.. && ./gsc sign-image openjdk-11-java-spring-boot \
+    <PATH-TO-KEY-FILE> \
+    -c <PATH-TO-CONFIG-FILE>)
+```
+
+6. Run graminized image (the application may take a while to load):
+
+      * On the default port set to 8080:
+
+        ```bash
+        $ docker run --rm --device=/dev/sgx_enclave \
+            -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
+            -p 8080:8080 \
+            -d gsc-openjdk-11-java-spring-boot
+        ```
+
+      * On a customized port using an environment variable, e.g. 9080:
+
+        ```bash
+        $ docker run --rm --device=/dev/sgx_enclave \
+            -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
+            -e SERVER_PORT=9080 \
+            -p 9080:9080 \
+            -d gsc-openjdk-11-java-spring-boot
+        ```
+
+
+7. Once you have the graminized container up and running, verify its correctness by calling the
+   following command below. The result should be the following text - "Hello from Graminized Spring
+   Boot application":
+
+```bash
+$ wget -qO- localhost:<port>
+```
+
+8. To stop the graminized container with Spring-Boot application, run the command:
+
+```bash
+$ docker stop <containerID>
+```
diff --git a/Examples/java-spring-boot/THIRDPARTYLICENSES.txt b/Examples/java-spring-boot/THIRDPARTYLICENSES.txt
@@ -0,0 +1,2 @@
+SPDX-License-Identifier: Apache-2.0
+Copyright © 2023 Spring
diff --git a/Examples/java-spring-boot/java-spring-boot.manifest b/Examples/java-spring-boot/java-spring-boot.manifest
@@ -0,0 +1,13 @@
+# For better performance.
+libos.check_invalid_pointers = false
+
+# This option is needed because Java uses memory-fault exception handlers.
+sgx.use_exinfo = true
+
+sys.stack.size = "2M"
+sgx.enclave_size = "8G"
+sgx.max_threads = 128
+
+# SERVER_PORT is an equivalent environment variable to server.port in Spring Boot
+# that specifies the port number on which the application runs.
+loader.env.SERVER_PORT = { passthrough = true }
diff --git a/Examples/java-spring-boot/spring-boot-web-service/build.gradle b/Examples/java-spring-boot/spring-boot-web-service/build.gradle
@@ -0,0 +1,27 @@
+/*
+    This configuration file is used by Gradle, to define how to build and package a Java project.
+    For more information on Gradle, please visit
+    https://docs.gradle.org/current/userguide/tutorial_using_tasks.html.
+*/
+plugins {
+    id 'java'
+    id 'org.springframework.boot' version '2.7.8'
+    id 'io.spring.dependency-management' version '1.0.15.RELEASE'
+}
+
+group = 'org.demo'
+version = '0.0.1-SNAPSHOT'
+sourceCompatibility = '11'
+
+repositories {
+    mavenCentral()
+}
+
+dependencies {
+    implementation 'org.springframework.boot:spring-boot-starter-web'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+}
+
+tasks.named('test') {
+    useJUnitPlatform()
+}
diff --git a/Examples/java-spring-boot/spring-boot-web-service/gradle/wrapper/gradle-wrapper.properties b/Examples/java-spring-boot/spring-boot-web-service/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,5 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.6-bin.zip
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
diff --git a/Examples/java-spring-boot/spring-boot-web-service/settings.gradle b/Examples/java-spring-boot/spring-boot-web-service/settings.gradle
@@ -0,0 +1 @@
+rootProject.name = 'spring-boot-web-service'
diff --git a/...a-spring-boot/spring-boot-web-service/src/main/java/org/demo/example/DemoApplication.java b/...a-spring-boot/spring-boot-web-service/src/main/java/org/demo/example/DemoApplication.java
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: BSD-3-Clause
+// Copyright (C) 2023 Intel Corp.
+//                    Bartłomiej Garbacz <bartomiej.garbacz@intel.com>
+package org.demo.example;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class DemoApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(DemoApplication.class, args);
+    }
+
+}
diff --git a/...oot/spring-boot-web-service/src/main/java/org/demo/example/DemoApplicationController.java b/...oot/spring-boot-web-service/src/main/java/org/demo/example/DemoApplicationController.java
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: BSD-3-Clause
+// Copyright (C) 2023 Intel Corp.
+//                    Bartłomiej Garbacz <bartomiej.garbacz@intel.com>
+package org.demo.example;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class DemoApplicationController {
+
+    @GetMapping("/")
+    public String getString() {
+        return "Hello from Graminized Spring Boot Application.\n";
+    }
+}
diff --git a/Examples/java-spring-boot/spring-boot-web-service/src/main/resources/application.properties b/Examples/java-spring-boot/spring-boot-web-service/src/main/resources/application.properties
@@ -0,0 +1 @@
+server.port=8080
diff --git a/...ing-boot/spring-boot-web-service/src/test/java/org/demo/example/DemoApplicationTests.java b/...ing-boot/spring-boot-web-service/src/test/java/org/demo/example/DemoApplicationTests.java
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: BSD-3-Clause
+// Copyright (C) 2023 Intel Corp.
+//                    Bartłomiej Garbacz <bartomiej.garbacz@intel.com>
+package org.demo.example;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class DemoApplicationTests {
+
+    @Test
+    void contextLoads() {
+    }
+
+}