From 906f12903a7c96db43ba05b6c98c0bdef591a4a0 Mon Sep 17 00:00:00 2001
From: Daniel Trick <daniel.trick@sit.fraunhofer.de>
Date: Tue, 27 Aug 2024 20:22:27 +0200
Subject: [PATCH] Initial commit.

---
 .github/workflows/docker-publish.yml | 58 ++++++++++++++++++++++++++++
 CHANGELOG.md                         |  9 +++++
 Dockerfile                           | 55 ++++++++++++++++++++++++++
 LICENSE                              | 24 ++++++++++++
 README.md                            | 15 +++++++
 bin/install_packages.sh              | 24 ++++++++++++
 6 files changed, 185 insertions(+)
 create mode 100644 .github/workflows/docker-publish.yml
 create mode 100644 CHANGELOG.md
 create mode 100644 Dockerfile
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100755 bin/install_packages.sh

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
new file mode 100644
index 0000000..f8872e9
--- /dev/null
+++ b/.github/workflows/docker-publish.yml
@@ -0,0 +1,58 @@
+name: Publish Docker image
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    name: build & push
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: danieltrick/ms-tpm2sim-docker
+
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          no-cache: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  release:
+    name: GitHub release
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Pull and save the Docker image
+        run: |
+          docker image pull danieltrick/ms-tpm2sim-docker:${{ github.ref_name }}
+          docker image save danieltrick/ms-tpm2sim-docker:${{ github.ref_name }} | xz -9v > mssim_docker-${{ github.ref_name }}.tar.xz
+
+      - name: Upload image to GitHub release
+        uses: Roang-zero1/github-upload-release-artifacts-action@v2
+        with:
+          args: mssim_docker-${{ github.ref_name }}.tar.xz
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..3ba12b7
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,9 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/).
+
+## r1 - 2024-11-21
+
+- This is the first public release of this project.
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..3d84bae
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,55 @@
+# Debian Version
+ARG DEBIAN_VERSION=bookworm-20241111-slim
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# Stage #1
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+FROM debian:$DEBIAN_VERSION AS build
+
+# MSSIM Version
+ARG MSSIM_COMMIT=ee21db0a941decd3cac67925ea3310873af60ab3
+
+# Provide the 'install_packages' helper script
+COPY bin/install_packages.sh /usr/sbin/install_packages
+
+# Install build dependencies
+RUN install_packages \
+    autoconf-archive \
+    automake \
+    build-essential \
+    ca-certificates \
+    curl \
+    gcc \
+    git \
+    libssl-dev \
+    pkg-config
+
+# Build ms-tpm-20-ref
+RUN mkdir -p /tmp/ms-tpm-20-ref/TPMCmd \
+    && curl --tlsv1.2 -sSfL https://github.com/microsoft/ms-tpm-20-ref/archive/${MSSIM_COMMIT}.tar.gz | tar -C /tmp/ms-tpm-20-ref --strip-components=1 -xzv \
+    && cd /tmp/ms-tpm-20-ref/TPMCmd \
+    && ./bootstrap \
+    && ./configure --prefix=/opt/mssim \
+    && make \
+    && make install \
+    && cd - \
+    && rm -vfr /tmp/ms-tpm-20-ref
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# Stage #2
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+FROM debian:$DEBIAN_VERSION
+
+# Provide the 'install_packages' helper script
+COPY bin/install_packages.sh /usr/sbin/install_packages
+
+# Install runtime dependencies
+RUN install_packages \
+    libssl3
+
+# Copy the built binaries
+COPY --from=build /opt/mssim/bin/tpm2-simulator /usr/bin/
+
+# Start TPM simulator
+ENTRYPOINT ["/usr/bin/tpm2-simulator"]
+CMD ["2321"]
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..fdddb29
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <https://unlicense.org>
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b5f9252
--- /dev/null
+++ b/README.md
@@ -0,0 +1,15 @@
+MS TPM 2.0 Simulator Docker
+===========================
+
+The purpose of this repository is to provide ready to use Docker images of [ms-tpm-20-ref](https://github.com/microsoft/ms-tpm-20-ref).
+
+**Docker Hub page:**  
+<https://hub.docker.com/r/danieltrick/ms-tpm2sim-docker>
+
+
+Version history
+---------------
+
+| **Release** | **Date**   | **Base system**       | **TPM Simulator Version** | **Commit**                                                                       |
+| ------------| ---------- | --------------------- | ------------------------- |--------------------------------------------------------------------------------- |
+| r1          | 2024-11-21 | Debian 12, 2024-11-11 | 1.62.0                    | [`ee21db0a941d`](https://github.com/microsoft/ms-tpm-20-ref/commit/ee21db0a941d) |
diff --git a/bin/install_packages.sh b/bin/install_packages.sh
new file mode 100755
index 0000000..c957764
--- /dev/null
+++ b/bin/install_packages.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+set -u
+export DEBIAN_FRONTEND=noninteractive
+n=0
+max=2
+until [ $n -gt $max ]; do
+    set +e
+    (
+      apt-get update -qq &&
+      apt-get install -y --no-install-recommends "$@"
+    )
+    CODE=$?
+    set -e
+    if [ $CODE -eq 0 ]; then
+        break
+    fi
+    if [ $n -eq $max ]; then
+        exit $CODE
+    fi
+    echo "apt failed, retrying"
+    n=$(($n + 1))
+done
+rm -r /var/lib/apt/lists /var/cache/apt/archives