corda/sgx-jvm/tools/sx/sx
Chris Rankin c545a58c1d
Remote Attestation Phase 2 (#235)
* Initial host server skeleton.
* Create IASProxy project, and skeleton for attestation host.
* Fix up tests
* Extend attestation host skeleton, and make test ports configurable.
* Enhance MockIAS to make pseManifestStatus optional.
* Make IASProxy endpoints asynchronous.
* Add sub-modules for challenger and for common code.
* Create integration test for host's provisioning endpoint.
* Flesh out attestation challenger WAR.
* Package refactoring, to be more Java9 friendly.
* Refactor more messages into attestation-common.
* Remove our private key from the repository.
* Declare an empty PSE Manifest to be invalid.
* Fix basic integration test issues for challenger and host.
* Integrate keystore scripts into the build properly.
* Name keystore targets explicitly for Gradle.
* Allow HTTP conversation between Challenger, Host and ISV using session ID.
* Add MockHost for challenger's integration tests.
* Reconcile HTTP port numbers between Phase1 and Phase2 components.
* Remove elements that can be inherited from root project.
* Add placeholder README.
* Add convenient extension functions to ObjectMapper.
* Extend integration test coverage for challenger/host/isv.
* Catch IOException from HttpClient for challenger.
* Integrate host sub-module with remote-attestation project.
* Begin integrating host/enclave code from Phase I.
* Rename challenger's HTTP endpoint.
* Generate keystore for challenger "on the fly".
* Add native JNI code for accessing the SGX enclave.
* Point Gradle to the correct enclave object.
* Fixes for generating a Quote for this enclave.
* Return the IAS report to the challenger for verification.
* Begin populating the challenger's AttestationResponse message.
* Enable the challenger to pass encrypted secrets into the enclave.
* Align challenger, host and isv ports.
* Refactor challenger as a fat-jar application.
* AttestationResponse is not shared, so refactor into challenger.
* Move HttpClientContext objects into HttpClient blocks.
* Remove unused Message2 and Message3 objects.
* Add realistic dummy value for reportID from IAS.
* Small tidy-up on attestation host.
* First set of review comments.
* Add missing exception message.
* Update location of environment file.
* Use empty mock revocation lists by default.
* Improve logging and add "happy path" test for provisioning secrets.
* Update Gradle files so that we can run attestation-host from IntelliJ.
* The platformInfo field from IAS can be null, so allow this.
Also protect other JNI pointer parameters from NPE.
* Allow Gradle to build hardware enclave.
2017-12-22 14:42:42 +00:00

902 lines
25 KiB
Bash
Executable File

#!/usr/bin/env bash
# {{{ Environment
# Locations
version="0.1"
file="${BASH_SOURCE[0]}"
base_dir="$(cd "$(dirname "$file")/../.." && pwd)"
repo_dir="$(cd "${base_dir}/.." && pwd)"
repo_base="sgx-jvm"
progname="$(basename "$file")"
sx=${file}
# Configuration variables
VERBOSE=off
FORCE=off
TTY_MODE=on
COLOUR_MODE=on
TABSTOP=23
# Build variables
DEBUG_MODE=on
TARGET_CONFIG=debug
HARDWARE_MODE=off
USE_NATIVE_LOGGING=off
HSM_PROFILE=dev_sim
# Runtime variables
ISV_PORT=${PORT:-9080}
HOST_PORT=${HOST_PORT:-8080}
LINES=${LINES:-50}
# Debug variables
gdb_port=2000
jdwp_port=5005
# Docker environment
docker_ip=$(ifconfig docker0 2> /dev/null | sed -n 's/^.*inet \([^ ]*\).*/\1/p')
if [ -z "$docker_ip" ]; then
docker_ip="192.168.65.1"
fi
# }}} Environment
# {{{ Logging
# {{{ Colours and Formatting
update_colours() {
if test -t 1; then
local ncolours=$(tput colors)
if test -n "$ncolours" && test $ncolours -ge 8; then
TABSTOP=34
bold="$(tput bold)"
underline="$(tput smul)"
standout="$(tput smso)"
normal="$(tput sgr0)"
black="$(tput setaf 0)"
red="$(tput setaf 1)"
green="$(tput setaf 2)"
yellow="$(tput setaf 3)"
blue="$(tput setaf 4)"
magenta="$(tput setaf 5)"
cyan="$(tput setaf 6)"
white="$(tput setaf 7)"
fi
fi
if [ "$COLOUR_MODE" == "off" ]; then
TABSTOP=23
bold=""
underline=""
standout=""
normal=""
black=""
red=""
green=""
yellow=""
blue=""
magenta=""
cyan=""
white=""
fi
}
update_colours
p_value() {
local key="$1"
shift 1
echo -e " ${yellow}${key}${normal}\t$@" | expand -t${TABSTOP}
}
p_value_verbose() {
if [ "${VERBOSE}" == "on" ]; then
local key="$1"
shift 1
p_value "$key" "$@"
fi
}
nl_verbose() {
if [ "${VERBOSE}" == "on" ]; then
echo
fi
}
# }}} Colours and Formatting
verbose() {
if [ "$VERBOSE" == "on" ]; then
info "$@"
fi
}
info() {
echo -e "${blue}$(date +'%H:%M:%S') ${yellow}info:${normal} $@"
}
warn() {
echo -e "${blue}$(date +'%H:%M:%S') ${red}warn:${normal} $@" > /dev/stderr
}
error() {
echo -e "${blue}$(date +'%H:%M:%S') ${red}error:${normal} $@" > /dev/stderr
exit 1
}
# }}} Logging
# {{{ Utilities
trim() {
sed 's/^[ ]*//' | sed 's/[ ]*$//' | sed 's/[ ][ ]*/ /g'
}
browse() {
local url="$1"
for b in "${BROWSER}" firefox chromium chrome opera open ; do
if [ ! -z "$(which $b)" ]; then
$b "${url}" 2>&1 > /dev/null &
exit
fi
done
warn "unable to find preferred browser"
echo "report location: $url"
}
# }}} Utilities
# {{{ Auto-Completion
print_autocompletion() {
cat<<EOF
_sx()
{
local cur="\${COMP_WORDS[COMP_CWORD]}"
local prev="\${COMP_WORDS[@]:0:COMP_CWORD}"
COMPREPLY=(\$(compgen -W "\$(sx shell commands "\$prev")" -- \$cur))
}
complete -F _sx sx
EOF
}
filter_commands() {
local category="$(echo " $@ " | sed 's/ -[A-Za-z]\+ //g' | trim)"
if [ "${category}" == "sx" ]; then
category="root"
fi
if [[ "${category}" =~ " exec" ]] || [[ "${category}" =~ "containers build" ]]; then
docker images sgx-ra-* | sed '1d' | cut -d' ' -f1 | sed 's/sgx-ra-//'
else
if [ "${category}" != "root" ]; then
category="$(echo "${category}" | sed 's/^.* \([^ ]*\)$/\1/')"
fi
sed -n "s/^[ ]*\([a-z-]*\)) # ${category}: .*$/\1/p" "${file}" | sort | uniq
fi
}
# }}} Auto-Completion
# {{{ Options
options() {
while getopts ":dDcCtTfvhHrpsSlP" opt; do
case $opt in
d) # (option): debug = on | off (-D)
TARGET_CONFIG=debug
DEBUG_MODE=on
;;
D)
DEBUG_MODE=off
;;
c) # (option): colours = on | off (-C)
COLOUR_MODE=on
update_colours
;;
C)
COLOUR_MODE=off
update_colours
;;
t) # (option): tty = on | off (-T)
TTY_MODE=on
;;
T)
TTY_MODE=off
;;
f) # (option): force operation
FORCE=on
;;
v) # (option): verbose output
VERBOSE=on
;;
h) # (option): hardware = on | off (-s)
HARDWARE_MODE=on
;;
s)
HARDWARE_MODE=off
;;
r) # (option): target = release | pre-release (-p)
TARGET_CONFIG=release
DEBUG_MODE=off
;;
p)
TARGET_CONFIG=pre-release
;;
s) # (option): hsm profile = simulator | development hsm (-S) | production (-P)
HSM_PROFILE=dev_sim
;;
S)
HSM_PROFILE=dev_hsm
;;
l)
USE_NATIVE_LOGGING=on
;;
P)
HSM_PROFILE=prod
;;
:)
error "option -${OPTARG} requires an argument"
;;
\?)
error "invalid option: -${OPTARG}"
;;
esac
done
}
# }}}
# {{{ Print Commands and Usage
print_commands() {
echo -e "${magenta}<command>${normal}"
local category=$1
local options=$2
sed -n "s/^[ ]*\([a-z-]*\)) # ${category}: \(.*\)$/ ${blue}\1${normal} \2/p" \
"${file}" | sed "/ hidden/d" | expand -t ${TABSTOP} | sort
echo
if [ "$options" != "NONE" ]; then
echo -e "${magenta}<options>${normal}"
sed -n "s/^[ ]*\([A-Za-z-]*\)) # (option): \(.*\)$/ ${blue}-\1${normal} \2/p" \
"${file}" | expand -t ${TABSTOP} | sort | grep $options
echo
fi
echo -e "${green}<variables>${normal}"
echo -e " ${blue}LINES${normal}\tnumber of lines to return from the end of the log files (default 50)" \
| expand -t ${TABSTOP}
echo -e " ${blue}PORT${normal}\tport number used for connecting to the ISV (default 9080)" \
| expand -t ${TABSTOP}
echo
exit 1
}
print_usage() {
local category=$1
local options=$2
echo -n -e "${bold}usage:${normal} ${green}<variables>${normal} ${progname} "
if [ "$category" != "root" ]; then
echo -n -e "${bold}${category}${normal} "
fi
echo -e "${magenta}<command> <options>${normal}"
echo
print_commands $category $options
}
# }}} Print Commands and Usage
# {{{ Container Utilities
in_container() {
local container="${1:-core}"
local CODE=$(pwd | sed 's/enterprise\/sgx-jvm.*$/enterprise/')
local tty=""
shift 1
mkdir -p ${HOME}/.container
echo 'export PS1="$ "' > ${HOME}/.container/.bashrc
if [ "${TTY_MODE}" == "on" ]; then
tty="-t"
fi
local privileged=""
local isgx_device=""
local mei0_device=""
local ports=""
local aesm_socket=""
privileged="--privileged"
if [ -e "/dev/isgx" ]; then
isgx_device="--device /dev/isgx"
if [ -e "/dev/mei0" ]; then
mei0_device="--device /dev/mei0"
fi
fi
ports="-p ${gdb_port}:${gdb_port} -p ${jdwp_port}:${jdwp_port} -p ${HOST_PORT}:${HOST_PORT}"
local sock="/var/run/aesmd/aesm.socket"
if [ -e "${sock}" ]; then
aesm_socket="-v ${sock}:${sock}"
fi
[ -z "$(docker images -q sgx-ra-${container})" ] && \
error "cannot find container image with name ${magenta}sgx-ra-${container}${normal}"
local c=$(docker images sgx-ra-${container} | tail -n1 | tr -s ' ()' '\t')
local container_name=$(echo "${c}" | cut -f 1)
local container_tag=$(echo "${c}" | cut -f 2)
local container_hash=$(echo "${c}" | cut -f 3)
verbose "running command in container"
nl_verbose
p_value_verbose "container image" "${container_name}:${container_tag} (${container_hash})"
p_value_verbose "network" "${docker_ip}"
if [ ! -z "${ports}" ]; then
p_value_verbose "ports" "${gdb_port}, ${jdwp_port}"
fi
if [ ! -z "$(echo "$@")" ]; then
p_value_verbose "command" "$@"
fi
if [ ! -z "${isgx_device}" ]; then
p_value_verbose "devices" "${isgx_device} ${mei0_device}"
fi
nl_verbose
docker run --rm -i ${tty} \
${privileged} \
--network host \
--add-host="localhost:${docker_ip}" \
-v ${CODE}:/code \
-v ${HOME}/.container:/home \
-v ${HOME}/.container/sgx:/sgx \
-e "PORT=${ISV_PORT}" \
-u `id -u`:`id -g` \
${ports} \
${isgx_device} \
${mei0_device} \
${aesm_socket} \
sgx-ra-${container} "$@"
nl_verbose
verbose "execution completed"
echo
}
container_make() {
local dir="$1"
shift 1
TTY_MODE=no
in_container core make -C ${repo_base}/${dir} "$@"
}
# }}} Container Utilities
# {{{ Debug Utilities
debug_server() {
local docker_process=$(docker ps | grep sgx-ra-core | cut -d' ' -f1)
if [ -z "$docker_process" ]; then
error "no debuggable processes running"
fi
local process=$(docker exec -it "$docker_process" pidof java | cut -d' ' -f1)
nohup docker exec -t "$docker_process" \
gdbserver --attach localhost:2000 "$process" 2>&1 > /dev/null &
}
# }}} Debug Utilities
# {{{ Command: Build
cmd_build() {
if [ "${1:0:1}" == "-" ]; then
options "$@"
shift 1
fi
local dir="${1:-.}"
shift 1
info "building ${dir} $@"
local vars=""
if [ "${HARDWARE_MODE}" == "on" ]; then
p_value_verbose "mode" "hardware"
vars="${vars} SGX_USE_HARDWARE=TRUE"
else
p_value_verbose "mode" "simulation"
vars="${vars} SGX_USE_HARDWARE=FALSE"
fi
if [ "${DEBUG_MODE}" == "on" ]; then
p_value_verbose "debug" "on"
vars="${vars} SGX_DEBUG_MODE=TRUE"
else
p_value_verbose "debug" "off"
vars="${vars} SGX_DEBUG_MODE=FALSE"
fi
if [ "${TARGET_CONFIG}" == "release" ]; then
p_value_verbose "configuration" "release"
vars="${vars} SGX_IS_PRERELEASE=FALSE SGX_DEBUG_MODE=FALSE"
elif [ "${TARGET_CONFIG}" == "pre-release" ]; then
p_value_verbose "configuration" "pre-release"
vars="${vars} SGX_IS_PRERELEASE=TRUE"
elif [ "${DEBUG_MODE}" == "on" ]; then
p_value_verbose "configuration" "debug"
vars="${vars} SGX_IS_PRERELEASE=FALSE SGX_DEBUG_MODE=TRUE"
else
p_value_verbose "configuration" "release"
vars="${vars} SGX_IS_PRERELEASE=FALSE SGX_DEBUG_MODE=FALSE"
fi
if [ "${USE_NATIVE_LOGGING}" == "on" ]; then
p_value_verbose "logging" "on"
vars="${vars} LOGGING=TRUE"
else
p_value_verbose "logging" "off"
fi
if [ "${HSM_PROFILE}" == "prod" ]; then
p_value_verbose "hsm profile" "production"
elif [ "${HSM_PROFILE}" == "dev_hsm" ]; then
p_value_verbose "hsm profile" "development hsm"
else
p_value_verbose "hsm profile" "simulator"
fi
vars="${vars} HSM_PROFILE=${HSM_PROFILE}"
echo
container_make ${dir} ${vars} "$@"
echo
}
# }}} Command: Build
# {{{ Command: Containers
build_container() {
local build_targets="$1"
local target="$2"
local make_target="$3"
if [[ " ${build_targets} " =~ " ${target} " ]]; then
if [ "$FORCE" == "on" ]; then
${sx} containers remove ${target}
fi
local images=$(docker images | grep sgx-ra-)
if [ ! -z "${images}" ]; then
exit 0
fi
info "building container ${blue}${target}${normal} using target ${magenta}${make_target}${normal} ..."
echo
make -C "${base_dir}/containers/${target}" ${make_target}
echo
fi
}
cmd_containers() {
local command=$1
shift 1
local build_targets="$(echo " $@ " | sed 's/ -[A-Za-z]\+ //g' | trim)"
if [ -z "${build_targets}" ]; then
build_targets="core"
fi
case $command in
build) # containers: create containers for build and testing
options "$@"
verbose "building targets: ${build_targets} ..."
build_container "${build_targets}" "core" "container"
;;
install-sdk) # containers: install the sgx sdk for containers
options "$@"
verbose "installing sgx sdk in container ${build_targets} ..."
build_container "${build_targets}" "core" "sgxsdk"
;;
exec) # containers: run command in container (<image> <command>)
if [ "${1:0:1}" == "-" ]; then
options "$@"
shift 1
fi
local container="${1:-core}"
shift 1
in_container "${container}" "$@"
;;
running) # containers: show list of running containers
options "$@"
verbose "list of running containers related to this project"
docker ps -a | sed -n -e '1p' -e '/sgx-ra-*/p'
;;
list) # containers: show list of available images
options "$@"
verbose "list of available images related to this project"
docker images sgx-ra-*
;;
clean) # containers: stop and remove all containers
info "stopping containers ..."
[ ! -z "$(docker ps -aq)" ] && \
docker ps -aq | xargs docker rm
;;
remove) # containers: delete images related to this project (<filter>)
local image="$1"
if [ -z "${image}" -o "${image:0:1}" == "-" ]; then
error "no filter specified"
else
shift 1
fi
options "$@"
if [ "$FORCE" == "on" ]; then
${sx} containers clean
fi
local image_pattern="sgx-ra-${image}*"
info "removing images matching: ${image_pattern} ..."
[ ! -z "$(docker images -q ${image_pattern})" ] && \
docker images -q ${image_pattern} | xargs docker rmi -f
;;
prune) # containers: prune system; stop containers and delete images
docker system prune -af
;;
clear-cache) # containers: clear cached home directory for containers
info "deleting files in directory: ${HOME}/.container/"
rm -rf ${HOME}/.container/
;;
*)
options "$@"
print_usage "containers" "\(-f\|-v\)"
;;
esac
}
# }}} Command: Containers
# {{{ Command: Debug
# {{{ GDB Config
write_gdb_config() {
code_dir=${1:-/code}
sgx_dir=${2:-/sgx}
cat<<EOF
set pagination off
set breakpoint pending on
handle SIGSEGV noprint nostop
set print thread-events off
dir ${code_dir}/${repo_base}:${code_dir}/sgx-jvm/linux-sgx/sdk/tkey_exchange:${code_dir}/sgx-jvm/linux-sgx/sdk/ukey_exchange:${sgx_dir}/sgxsdk/lib64/gdb-sgx-plugin:\$cdir:\$cwd
EOF
}
# }}} GDB Config
# {{{ VS Code Config
write_vscode_config() {
code_dir=${1:-/code}
sgx_dir=${2:-~/.container/sgx}
cat<<EOF
{
"version": "0.2.0",
"configurations": [
{
"name": "(gdb) Attach Remote",
"type": "cppdbg",
"request": "launch",
"program": "java",
"miDebuggerServerAddress": "localhost:2000",
"args": [],
"stopAtEntry": false,
"cwd": "\${workspaceFolder}",
"environment": [],
"externalConsole": true,
"MIMode": "gdb",
"miDebuggerPath": "${sgx_dir}/sgxsdk/bin/sgx-gdb",
"setupCommands": [
{
"description": "Enable pretty-printing for gdb",
"text": "-enable-pretty-printing",
"ignoreFailures": true
}
]
}
]
}
EOF
}
# }}} VS Code Config
cmd_debug() {
local command="$1"
shift 1
case $command in
config-defaults) # debug: create configuration files for host and containers
info "generating configuration file for gdb"
mkdir -p ~/.container
write_gdb_config "/code" "/sgx" > ${HOME}/.container/.gdbinit
write_gdb_config "${repo_dir}" "${HOME}/.container/sgx" > ${HOME}/.gdbinit
info "generating launch configuration for vs code"
mkdir -p "${repo_dir}/${repo_base}/.vscode"
write_vscode_config "${repo_dir}" "${HOME}/.container/sgx" > "${repo_dir}/${repo_base}/.vscode/launch.json"
;;
server) # debug: start debug server in container and attach to running java process
debug_server
;;
attach) # debug: attach debugger to remote target in container
options "$@"
info "attaching debugger to $docker_ip:$gdb_port ..."
local gdb_exec="gdb"
if [ "${FORCE}" == "on" ]; then
gdb_exec="gdb_"
fi
if [ ! -z "$(which ${gdb_exec})" ]; then
verbose "using native installation of gdb"
gdb -q \
-ex "target remote $docker_ip:$gdb_port"
else
verbose "using containerised installation of gdb"
${sx} containers exec core gdb -q \
-ex "target remote $docker_ip:$gdb_port"
fi
;;
*)
options "$@"
print_usage "debug" "NONE"
;;
esac
}
# }}} Command: Debug
# {{{ Command: HSM
cmd_hsm() {
local command="$1"
shift 1
case $command in
start-simulator) # hsm: start hsm simulator (<hsm directory>)
local UTIMACO_HSM_DIR=$1
local TIMESTAMP=$(date +%Y%m%d_%H%M%S)
local SIMULATOR_RUN_DIR=${base_dir}/log/hsm_simulator/$TIMESTAMP
mkdir -p $SIMULATOR_RUN_DIR
bash -c $UTIMACO_HSM_DIR/SDK/Linux/bin/cs_sim.sh \
-f $SIMULATOR_RUN_DIR/stdout > /dev/null &
;;
stop-simulator) # hsm: stop hsm simulator
local jobs=$(ps -o pid,args | \
grep cs_sim | \
grep -v grep | \
cut -d' ' -f 1)
if [ ! -z "${jobs}" ]; then
kill ${jobs}
fi
;;
*)
options "$@"
print_usage "hsm" "NONE"
;;
esac
}
# }}} Command: HSM
# {{{ Command: Reports
cmd_reports() {
local command="$1"
shift 1
case $command in
unit-tests) # reports: open test report for unit test suite
find "${repo_dir}/${repo_base}" \
-path "*/build/reports/tests/test/index.html" \
-exec browse {} \;
;;
integration-tests) # reports: open test report for integration tests
find "${repo_dir}/${repo_base}" \
-path "*/build/reports/tests/integrationTest/index.html" \
-exec browse {} \;
;;
*)
options "$@"
print_usage "reports" "NONE"
;;
esac
}
# }}} Command: Reports
# {{{ Command: Shell
cmd_shell() {
local command="$1"
shift 1
case $command in
commands) # shell: list available commands
filter_commands "$@"
;;
auto-completion) # shell: print configuration for shell auto-completion
print_autocompletion
;;
info) # shell: show configuration based on passed options
options "$@"
p_value "version" "${version}"
p_value "script directory" "${base_dir}"
p_value "repository directory" "${repo_dir}"
p_value "repository base" "${repo_base}"
p_value "debug mode" "${DEBUG_MODE}"
p_value "tty mode" "${TTY_MODE}"
p_value "verbose mode" "${VERBOSE}"
p_value "hardware mode" "${HARDWARE_MODE}"
p_value "target configuration" "${TARGET_CONFIG}"
p_value "c/native debug port" "${gdb_port}"
p_value "java debug port" "${jdwp_port}"
p_value "docker ip address" "${docker_ip}"
exit
;;
*)
options "$@"
print_usage "shell" "NONE"
;;
esac
}
# }}} Command: Shell
# {{{ Command: Tags
ctags_config() {
cat<<EOF
--langdef=kotlin
--langmap=kotlin:.kt
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*(private[^ ]*|protected)?[ \t]*class[ \t]+([a-zA-Z0-9_]+)/\4/c,classes/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*(private[^ ]*|protected)?[ \t]*object[ \t]+([a-zA-Z0-9_]+)/\4/o,objects/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*(private[^ ]*|protected)?[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*data class[ \t]+([a-zA-Z0-9_]+)/\6/c,data classes/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*(private[^ ]*|protected)?[ \t]*enum class[ \t]+([a-zA-Z0-9_]+)/\4/c,enum classes/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy)[ \t]*)*(private[^ ]*|protected)?[ \t]*interface[ \t]+([a-zA-Z0-9_]+)/\4/i,interfaces/
--regex-kotlin=/^[ \t]*type[ \t]+([a-zA-Z0-9_]+)/\1/T,types/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy|private[^ ]*(\[[a-z]*\])*|protected)[ \t]*)*fun[ \t]+([a-zA-Z0-9_]+)/\4/m,methods/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy|private[^ ]*|protected)[ \t]*)*val[ \t]+([a-zA-Z0-9_]+)/\3/co,constants/
--regex-kotlin=/^[ \t]*((abstract|final|sealed|implicit|lazy|private[^ ]*|protected)[ \t]*)*var[ \t]+([a-zA-Z0-9_]+)/\3/va,variables/
--regex-kotlin=/^[ \t]*package[ \t]+([a-zA-Z0-9_.]+)/\1/p,packages/
--regex-kotlin=/^[ \t]*import[ \t]+([a-zA-Z0-9_.]+)/\1/p,imports/
--recurse=yes
--extra=+f
--exclude=.git
--exclude=bin
--exclude=obj
--exclude=build
--languages=java,kotlin,c,c++
--tag-relative=yes
EOF
}
ctags_cmd() {
cat<<EOF
#!/usr/bin/env bash
cd /code/${repo_base}
ctags \
--options=/root/.ctags.config \
-o /code/${repo_base}/tags \
\$@
EOF
}
generate_tags() {
ctags_config > ${HOME}/.container/.ctags.config
ctags_cmd > ${HOME}/.container/.ctags.cmd
${sx} containers exec core bash /root/.ctags.cmd "$@"
}
cmd_tags() {
local command="$1"
shift 1
case $command in
full) # tags: generate tags for remote attestation project (<project> and linux sgx sdk)
if [ -z "$1" ]; then
error "project not provided"
fi
generate_tags "$1" \
./linux-sgx/common \
./linux-sgx/psw \
./linux-sgx/sdk
;;
lean) # tags: generate tags for remote attestation project (<project>)
if [ -z "$1" ]; then
error "project not provided"
fi
generate_tags "$1"
;;
clean) # tags: remove generated tags file
rm -f ${repo_dir}/${repo_base}/tags
;;
*)
options "$@"
print_usage "tags" "NONE"
;;
esac
}
# }}} Command: Tags
# {{{ Command
docker_path=$(which docker)
if [ -z "$docker_path" ]; then
error "cannot find an active docker installation; please install"
fi
command=$1
shift 1
case $command in
build) # root: build project in container (<directory> <arguments>)
cmd_build "$@"
;;
containers) # root: actions related to containers
cmd_containers "$@"
;;
debug) # root: actions related to debugging
cmd_debug "$@"
;;
exec) # root: shorthand for `containers exec core`
${sx} containers exec core "$@"
;;
hsm) # root: actions related to the hsm simulator
cmd_hsm "$@"
;;
logs) # root: tail application logs
options "$@"
follow=""
if [ "${FORCE}" == "on" ]; then
follow="-f"
fi
find "${repo_dir}/${repo_base}" -type f \
\( \
-iname '*.log' -a \
! -iname '*build*' -a \
! -iname '*config*' -a \
! -iname '*cmake*' \
\)
-exec tail -v ${follow} -n ${LINES} {} \; 2> /dev/null
;;
reports) # root: actions related to reports
cmd_reports "$@"
;;
shell) # root: show information about shell commands
cmd_shell "$@"
;;
tags) # root: actions related to tag databases
cmd_tags "$@"
;;
get-started) # root: build containers and key components
${sx} containers build
${sx} containers install-sdk
${sx} debug config-defaults
;;
help) # root: show help information
options "$@"
print_usage "root" "."
;;
*)
if [ -z "${command}" ]; then
print_usage "root" "."
fi
error "invalid command ${blue}${command}${normal}, " \
"run ${magenta}sx help${normal} for a list of available commands"
;;
esac
# }}} Command