From 94f08edbb3d7c82ce0f9d9c97548d3ba1e4da93a Mon Sep 17 00:00:00 2001 From: Xiangyu Tian <109123695+xiangyuT@users.noreply.github.com> Date: Wed, 26 Apr 2023 14:28:00 +0800 Subject: [PATCH] [PPML] Refactor BigDL Attestation Service Deployment of Docker and K8s (#8130) Refactor BigDL Attestation Service Deployment of Docker image, which split to base image and custom(reference) image. Update version to 2.4.0-SNAPSHOT. Refine documents. --- .github/workflows/manually_build.yml | 49 ++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/.github/workflows/manually_build.yml b/.github/workflows/manually_build.yml index a12a9baa..2b0315dd 100644 --- a/.github/workflows/manually_build.yml +++ b/.github/workflows/manually_build.yml @@ -34,6 +34,7 @@ on: - bigdl-ppml-trusted-deep-learning - bigdl-kms-base - bigdl-kms-reference + - bigdl-attestation-service tag: description: 'docker image tag (e.g. 2.1.0-SNAPSHOT)' required: true @@ -711,6 +712,54 @@ jobs: docker push 10.239.45.10/arda/${IMAGE}:${TAG} docker rmi -f ${IMAGE}:${TAG} 10.239.45.10/arda/${IMAGE}:${TAG} + bigdl-attestation-service: + if: ${{ github.event.inputs.artifact == 'bigdl-attestation-service' || github.event.inputs.artifact == 'all' }} + runs-on: [self-hosted, Shire] + + steps: + - uses: actions/checkout@v3 + - name: docker login + run: | + docker login -u ${DOCKERHUB_USERNAME} -p ${DOCKERHUB_PASSWORD} + - name: docker deploy bigdl-attestation-service + run: | + export BASE_IMAGE=intelanalytics/bigdl-ppml-trusted-bigdata-gramine-base + export AS_BASE_IMAGE=intelanalytics/bigdl-attestation-service-base + export AS_REF_IMAGE=intelanalytics/bigdl-attestation-service-reference + cd ppml/services/bigdl-attestation-service/docker + echo "########################################" + echo "#### bigdl-attestation-service-base ####" + echo "########################################" + cd base + sudo docker build \ + --no-cache=true \ + --build-arg http_proxy=${HTTP_PROXY} \ + --build-arg https_proxy=${HTTPS_PROXY} \ + --build-arg BASE_IMAGE_NAME=${BASE_IMAGE} \ + --build-arg BASE_IMAGE_TAG=${TAG} \ + --build-arg no_proxy=${NO_PROXY} \ + -t $AS_BASE_IMAGE:$TAG -f ./Dockerfile . + echo "########################################" + echo "#### bigdl-attestation-service-ref #####" + echo "########################################" + cd ../custom + openssl genrsa -3 -out enclave-key.pem 3072 + sudo docker build \ + --no-cache=true \ + --build-arg BASE_IMAGE_NAME=${AS_BASE_IMAGE} \ + --build-arg BASE_IMAGE_TAG=${TAG} \ + -t $AS_REF_IMAGE:$TAG -f ./Dockerfile . + + sudo docker push ${AS_BASE_IMAGE}:${TAG} + sudo docker tag ${AS_BASE_IMAGE}:${TAG} 10.239.45.10/arda/${AS_BASE_IMAGE}:${TAG} + sudo docker push 10.239.45.10/arda/${AS_BASE_IMAGE}:${TAG} + sudo docker rmi -f ${AS_BASE_IMAGE}:${TAG} 10.239.45.10/arda/${AS_BASE_IMAGE}:${TAG} + + sudo docker push ${AS_REF_IMAGE}:${TAG} + sudo docker tag ${AS_REF_IMAGE}:${TAG} 10.239.45.10/arda/${AS_REF_IMAGE}:${TAG} + sudo docker push 10.239.45.10/arda/${AS_REF_IMAGE}:${TAG} + sudo docker rmi -f ${AS_REF_IMAGE}:${TAG} 10.239.45.10/arda/${AS_REF_IMAGE}:${TAG} + bigdl-ppml-pccs: if: ${{ github.event.inputs.artifact == 'bigdl-ppml-pccs' || github.event.inputs.artifact == 'all' }} runs-on: [self-hosted, Shire]