iExecBlockchainComputing
diff --git a/‎src/main/java/com/iexec/worker/compute/app/AppComputeService.java‎
Lines changed: 11 additions & 21 deletions b/‎src/main/java/com/iexec/worker/compute/app/AppComputeService.java‎
Lines changed: 11 additions & 21 deletions
diff --git a/‎src/main/java/com/iexec/worker/compute/post/PostComputeService.java‎
Lines changed: 17 additions & 27 deletions b/‎src/main/java/com/iexec/worker/compute/post/PostComputeService.java‎
Lines changed: 17 additions & 27 deletions
diff --git a/‎src/main/java/com/iexec/worker/compute/pre/PreComputeService.java‎
Lines changed: 17 additions & 24 deletions b/‎src/main/java/com/iexec/worker/compute/pre/PreComputeService.java‎
Lines changed: 17 additions & 24 deletions
diff --git a/‎src/main/java/com/iexec/worker/tee/TeeService.java‎
Lines changed: 6 additions & 9 deletions b/‎src/main/java/com/iexec/worker/tee/TeeService.java‎
Lines changed: 6 additions & 9 deletions
diff --git a/‎src/main/java/com/iexec/worker/tee/gramine/TeeGramineService.java‎
Lines changed: 18 additions & 4 deletions b/‎src/main/java/com/iexec/worker/tee/gramine/TeeGramineService.java‎
Lines changed: 18 additions & 4 deletions
@@ -23,12 +23,10 @@
 import com.iexec.commons.containers.DockerRunFinalStatus;
 import com.iexec.commons.containers.DockerRunRequest;
 import com.iexec.commons.containers.DockerRunResponse;
-import com.iexec.commons.containers.SgxDriverMode;
 import com.iexec.commons.poco.task.TaskDescription;
 import com.iexec.worker.config.WorkerConfigurationService;
 import com.iexec.worker.docker.DockerService;
 import com.iexec.worker.metric.ComputeDurationsService;
-import com.iexec.worker.sgx.SgxService;
 import com.iexec.worker.tee.TeeService;
 import com.iexec.worker.tee.TeeServicesManager;
 import com.iexec.worker.workflow.WorkflowError;
@@ -44,19 +42,15 @@ public class AppComputeService {
     private final WorkerConfigurationService workerConfigService;
     private final DockerService dockerService;
     private final TeeServicesManager teeServicesManager;
-    private final SgxService sgxService;
     private final ComputeDurationsService appComputeDurationsService;
 
-    public AppComputeService(
-            WorkerConfigurationService workerConfigService,
-            DockerService dockerService,
-            TeeServicesManager teeServicesManager,
-            SgxService sgxService,
-            ComputeDurationsService appComputeDurationsService) {
+    public AppComputeService(final WorkerConfigurationService workerConfigService,
+                             final DockerService dockerService,
+                             final TeeServicesManager teeServicesManager,
+                             final ComputeDurationsService appComputeDurationsService) {
         this.workerConfigService = workerConfigService;
         this.dockerService = dockerService;
         this.teeServicesManager = teeServicesManager;
-        this.sgxService = sgxService;
         this.appComputeDurationsService = appComputeDurationsService;
     }
 
@@ -67,25 +61,22 @@ public AppComputeResponse runCompute(final TaskDescription taskDescription) {
         binds.add(Bind.parse(dockerService.getInputBind(chainTaskId)));
         binds.add(Bind.parse(dockerService.getIexecOutBind(chainTaskId)));
 
-        final SgxDriverMode sgxDriverMode;
         final List<String> env;
+        final HostConfig hostConfig;
         if (taskDescription.requiresSgx()) {
             final TeeService teeService = teeServicesManager.getTeeService(taskDescription.getTeeFramework());
             env = teeService.buildComputeDockerEnv(taskDescription);
             binds.addAll(teeService.getAdditionalBindings().stream().map(Bind::parse).toList());
-            sgxDriverMode = sgxService.getSgxDriverMode();
+            hostConfig = HostConfig.newHostConfig()
+                    .withBinds(binds)
+                    .withDevices(teeService.getDevices())
+                    .withNetworkMode(workerConfigService.getDockerNetworkName());
         } else {
             env = IexecEnvUtils.getComputeStageEnvList(taskDescription);
-            sgxDriverMode = SgxDriverMode.NONE;
+            hostConfig = HostConfig.newHostConfig()
+                    .withBinds(binds);
         }
 
-        final HostConfig hostConfig = HostConfig.newHostConfig()
-                .withBinds(binds)
-                .withDevices(sgxService.getSgxDevices());
-        // Enclave should be able to connect to the LAS
-        if (taskDescription.requiresSgx()) {
-            hostConfig.withNetworkMode(workerConfigService.getDockerNetworkName());
-        }
         final DockerRunRequest runRequest = DockerRunRequest.builder()
                 .hostConfig(hostConfig)
                 .chainTaskId(chainTaskId)
@@ -94,7 +85,6 @@ public AppComputeResponse runCompute(final TaskDescription taskDescription) {
                 .cmd(taskDescription.getDealParams().getIexecArgs())
                 .env(env)
                 .maxExecutionTime(taskDescription.getMaxExecutionTime())
-                .sgxDriverMode(sgxDriverMode)
                 .build();
         final DockerRunResponse dockerResponse = dockerService.run(runRequest);
         final Duration executionDuration = dockerResponse.getExecutionDuration();
 
@@ -26,15 +26,13 @@
 import com.iexec.commons.containers.DockerRunRequest;
 import com.iexec.commons.containers.DockerRunResponse;
 import com.iexec.commons.poco.task.TaskDescription;
-import com.iexec.sms.api.TeeSessionGenerationResponse;
 import com.iexec.sms.api.config.TeeAppProperties;
 import com.iexec.sms.api.config.TeeServicesProperties;
 import com.iexec.worker.compute.ComputeExitCauseService;
 import com.iexec.worker.compute.ComputeStage;
 import com.iexec.worker.config.WorkerConfigurationService;
 import com.iexec.worker.docker.DockerService;
 import com.iexec.worker.metric.ComputeDurationsService;
-import com.iexec.worker.sgx.SgxService;
 import com.iexec.worker.tee.TeeService;
 import com.iexec.worker.tee.TeeServicesManager;
 import com.iexec.worker.tee.TeeServicesPropertiesService;
@@ -47,7 +45,6 @@
 import java.nio.file.attribute.BasicFileAttributes;
 import java.time.Duration;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -61,23 +58,19 @@ public class PostComputeService {
     private final WorkerConfigurationService workerConfigService;
     private final DockerService dockerService;
     private final TeeServicesManager teeServicesManager;
-    private final SgxService sgxService;
     private final ComputeExitCauseService computeExitCauseService;
     private final TeeServicesPropertiesService teeServicesPropertiesService;
     private final ComputeDurationsService postComputeDurationsService;
 
-    public PostComputeService(
-            WorkerConfigurationService workerConfigService,
-            DockerService dockerService,
-            TeeServicesManager teeServicesManager,
-            SgxService sgxService,
-            ComputeExitCauseService computeExitCauseService,
-            TeeServicesPropertiesService teeServicesPropertiesService,
-            ComputeDurationsService postComputeDurationsService) {
+    public PostComputeService(final WorkerConfigurationService workerConfigService,
+                              final DockerService dockerService,
+                              final TeeServicesManager teeServicesManager,
+                              final ComputeExitCauseService computeExitCauseService,
+                              final TeeServicesPropertiesService teeServicesPropertiesService,
+                              final ComputeDurationsService postComputeDurationsService) {
         this.workerConfigService = workerConfigService;
         this.dockerService = dockerService;
         this.teeServicesManager = teeServicesManager;
-        this.sgxService = sgxService;
         this.computeExitCauseService = computeExitCauseService;
         this.teeServicesPropertiesService = teeServicesPropertiesService;
         this.postComputeDurationsService = postComputeDurationsService;
@@ -162,45 +155,42 @@ public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) {
     }
 
     public PostComputeResponse runTeePostCompute(final TaskDescription taskDescription) {
-        String chainTaskId = taskDescription.getChainTaskId();
+        final String chainTaskId = taskDescription.getChainTaskId();
 
-        TeeServicesProperties properties =
-                teeServicesPropertiesService.getTeeServicesProperties(chainTaskId);
+        final TeeServicesProperties properties = teeServicesPropertiesService.getTeeServicesProperties(chainTaskId);
 
         final TeeAppProperties postComputeProperties = properties.getPostComputeProperties();
-        String postComputeImage = postComputeProperties.getImage();
+        final String postComputeImage = postComputeProperties.getImage();
         if (!dockerService.getClient().isImagePresent(postComputeImage)) {
             log.error("Tee post-compute image not found locally [chainTaskId:{}]",
                     chainTaskId);
             return PostComputeResponse.builder()
                     .exitCauses(List.of(new WorkflowError(ReplicateStatusCause.POST_COMPUTE_IMAGE_MISSING)))
                     .build();
         }
-        TeeService teeService = teeServicesManager.getTeeService(taskDescription.getTeeFramework());
-        List<String> env = teeService
-                .buildPostComputeDockerEnv(taskDescription);
-        List<Bind> binds = Stream.of(
-                        Collections.singletonList(dockerService.getIexecOutBind(chainTaskId)),
+        final TeeService teeService = teeServicesManager.getTeeService(taskDescription.getTeeFramework());
+        final List<String> env = teeService.buildPostComputeDockerEnv(taskDescription);
+        final List<Bind> binds = Stream.of(
+                        List.of(dockerService.getIexecOutBind(chainTaskId)),
                         teeService.getAdditionalBindings())
                 .flatMap(Collection::stream)
                 .map(Bind::parse)
                 .toList();
 
-        HostConfig hostConfig = HostConfig.newHostConfig()
+        final HostConfig hostConfig = HostConfig.newHostConfig()
                 .withBinds(binds)
-                .withDevices(sgxService.getSgxDevices())
+                .withDevices(teeService.getDevices())
                 .withNetworkMode(workerConfigService.getDockerNetworkName());
-        DockerRunRequest request = DockerRunRequest.builder()
+        final DockerRunRequest request = DockerRunRequest.builder()
                 .hostConfig(hostConfig)
                 .chainTaskId(chainTaskId)
                 .containerName(getTaskTeePostComputeContainerName(chainTaskId))
                 .imageUri(postComputeImage)
                 .entrypoint(postComputeProperties.getEntrypoint())
                 .maxExecutionTime(taskDescription.getMaxExecutionTime())
                 .env(env)
-                .sgxDriverMode(sgxService.getSgxDriverMode())
                 .build();
-        DockerRunResponse dockerResponse = dockerService.run(request);
+        final DockerRunResponse dockerResponse = dockerService.run(request);
         final Duration executionDuration = dockerResponse.getExecutionDuration();
         if (executionDuration != null) {
             postComputeDurationsService.addDurationForTask(chainTaskId, executionDuration.toMillis());
 
@@ -31,7 +31,7 @@
 import com.iexec.worker.config.WorkerConfigurationService;
 import com.iexec.worker.docker.DockerService;
 import com.iexec.worker.metric.ComputeDurationsService;
-import com.iexec.worker.sgx.SgxService;
+import com.iexec.worker.tee.TeeService;
 import com.iexec.worker.tee.TeeServicesManager;
 import com.iexec.worker.tee.TeeServicesPropertiesService;
 import com.iexec.worker.workflow.WorkflowError;
@@ -40,7 +40,6 @@
 import org.springframework.util.unit.DataSize;
 
 import java.time.Duration;
-import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.TimeoutException;
 
@@ -51,23 +50,19 @@ public class PreComputeService {
     private final DockerService dockerService;
     private final TeeServicesManager teeServicesManager;
     private final WorkerConfigurationService workerConfigService;
-    private final SgxService sgxService;
     private final ComputeExitCauseService computeExitCauseService;
     private final TeeServicesPropertiesService teeServicesPropertiesService;
     private final ComputeDurationsService preComputeDurationsService;
 
-    public PreComputeService(
-            DockerService dockerService,
-            TeeServicesManager teeServicesManager,
-            WorkerConfigurationService workerConfigService,
-            SgxService sgxService,
-            ComputeExitCauseService computeExitCauseService,
-            TeeServicesPropertiesService teeServicesPropertiesService,
-            ComputeDurationsService preComputeDurationsService) {
+    public PreComputeService(final DockerService dockerService,
+                             final TeeServicesManager teeServicesManager,
+                             final WorkerConfigurationService workerConfigService,
+                             final ComputeExitCauseService computeExitCauseService,
+                             final TeeServicesPropertiesService teeServicesPropertiesService,
+                             final ComputeDurationsService preComputeDurationsService) {
         this.dockerService = dockerService;
         this.teeServicesManager = teeServicesManager;
         this.workerConfigService = workerConfigService;
-        this.sgxService = sgxService;
         this.computeExitCauseService = computeExitCauseService;
         this.teeServicesPropertiesService = teeServicesPropertiesService;
         this.preComputeDurationsService = preComputeDurationsService;
@@ -159,38 +154,36 @@ private List<WorkflowError> getExitCauses(final String chainTaskId, final Intege
      * @return pre-compute exit code
      */
     private Integer prepareTeeInputData(final TaskDescription taskDescription) throws TimeoutException {
-        String chainTaskId = taskDescription.getChainTaskId();
+        final String chainTaskId = taskDescription.getChainTaskId();
         log.info("Preparing tee input data [chainTaskId:{}]", chainTaskId);
 
-        TeeServicesProperties properties =
-                teeServicesPropertiesService.getTeeServicesProperties(chainTaskId);
+        final TeeServicesProperties properties = teeServicesPropertiesService.getTeeServicesProperties(chainTaskId);
 
         // check that docker image is present
         final TeeAppProperties preComputeProperties = properties.getPreComputeProperties();
-        String preComputeImage = preComputeProperties.getImage();
+        final String preComputeImage = preComputeProperties.getImage();
         if (!dockerService.getClient().isImagePresent(preComputeImage)) {
             log.error("Tee pre-compute image not found locally [chainTaskId:{}]", chainTaskId);
             return null;
         }
         // run container
-        List<String> env = teeServicesManager.getTeeService(taskDescription.getTeeFramework())
-                .buildPreComputeDockerEnv(taskDescription);
-        List<Bind> binds = Collections.singletonList(Bind.parse(dockerService.getInputBind(chainTaskId)));
-        HostConfig hostConfig = HostConfig.newHostConfig()
+        final TeeService teeService = teeServicesManager.getTeeService(taskDescription.getTeeFramework());
+        final List<String> env = teeService.buildPreComputeDockerEnv(taskDescription);
+        final List<Bind> binds = List.of(Bind.parse(dockerService.getInputBind(chainTaskId)));
+        final HostConfig hostConfig = HostConfig.newHostConfig()
                 .withBinds(binds)
-                .withDevices(sgxService.getSgxDevices())
+                .withDevices(teeService.getDevices())
                 .withNetworkMode(workerConfigService.getDockerNetworkName());
-        DockerRunRequest request = DockerRunRequest.builder()
+        final DockerRunRequest request = DockerRunRequest.builder()
                 .hostConfig(hostConfig)
                 .chainTaskId(chainTaskId)
                 .containerName(getTeePreComputeContainerName(chainTaskId))
                 .imageUri(preComputeImage)
                 .entrypoint(preComputeProperties.getEntrypoint())
                 .maxExecutionTime(taskDescription.getMaxExecutionTime())
                 .env(env)
-                .sgxDriverMode(sgxService.getSgxDriverMode())
                 .build();
-        DockerRunResponse dockerResponse = dockerService.run(request);
+        final DockerRunResponse dockerResponse = dockerService.run(request);
         final Duration executionDuration = dockerResponse.getExecutionDuration();
         if (executionDuration != null) {
             preComputeDurationsService.addDurationForTask(chainTaskId, executionDuration.toMillis());
 
@@ -16,12 +16,12 @@
 
 package com.iexec.worker.tee;
 
+import com.github.dockerjava.api.model.Device;
 import com.iexec.commons.poco.chain.WorkerpoolAuthorization;
 import com.iexec.commons.poco.task.TaskDescription;
 import com.iexec.sms.api.SmsClientCreationException;
 import com.iexec.sms.api.TeeSessionGenerationError;
 import com.iexec.sms.api.TeeSessionGenerationResponse;
-import com.iexec.worker.sgx.SgxService;
 import com.iexec.worker.sms.SmsService;
 import com.iexec.worker.sms.TeeSessionGenerationException;
 import com.iexec.worker.workflow.WorkflowError;
@@ -36,24 +36,17 @@
 
 @Slf4j
 public abstract class TeeService {
-    private final SgxService sgxService;
     private final SmsService smsService;
     protected final TeeServicesPropertiesService teeServicesPropertiesService;
 
     private final Map<String, TeeSessionGenerationResponse> teeSessions = new ConcurrentHashMap<>();
 
-    protected TeeService(final SgxService sgxService,
-                         final SmsService smsService,
+    protected TeeService(final SmsService smsService,
                          final TeeServicesPropertiesService teeServicesPropertiesService) {
-        this.sgxService = sgxService;
         this.smsService = smsService;
         this.teeServicesPropertiesService = teeServicesPropertiesService;
     }
 
-    public boolean isTeeEnabled() {
-        return sgxService.isSgxEnabled();
-    }
-
     public List<WorkflowError> areTeePrerequisitesMetForTask(final String chainTaskId) {
         if (!isTeeEnabled()) {
             return List.of(new WorkflowError(TEE_NOT_SUPPORTED));
@@ -98,6 +91,8 @@ public TeeSessionGenerationResponse getTeeSession(final String chainTaskId) {
         return teeSessions.get(chainTaskId);
     }
 
+    public abstract boolean isTeeEnabled();
+
     /**
      * Start any required service(s) to use TEE with selected technology for given task.
      *
@@ -114,6 +109,8 @@ public TeeSessionGenerationResponse getTeeSession(final String chainTaskId) {
 
     public abstract Collection<String> getAdditionalBindings();
 
+    public abstract List<Device> getDevices();
+
     // region Purge
 
     /**
 
@@ -16,6 +16,7 @@
 
 package com.iexec.worker.tee.gramine;
 
+import com.github.dockerjava.api.model.Device;
 import com.iexec.common.lifecycle.purge.Purgeable;
 import com.iexec.commons.poco.task.TaskDescription;
 import com.iexec.sms.api.TeeSessionGenerationResponse;
@@ -38,10 +39,18 @@ public class TeeGramineService extends TeeService implements Purgeable {
     private static final String SPS_SESSION_ENV_VAR = "session";
     private static final String AESMD_SOCKET = "/var/run/aesmd/aesm.socket";
 
-    public TeeGramineService(SgxService sgxService,
-                             SmsService smsService,
-                             TeeServicesPropertiesService teeServicesPropertiesService) {
-        super(sgxService, smsService, teeServicesPropertiesService);
+    private final SgxService sgxService;
+
+    public TeeGramineService(final SgxService sgxService,
+                             final SmsService smsService,
+                             final TeeServicesPropertiesService teeServicesPropertiesService) {
+        super(smsService, teeServicesPropertiesService);
+        this.sgxService = sgxService;
+    }
+
+    @Override
+    public boolean isTeeEnabled() {
+        return sgxService.isSgxEnabled();
     }
 
     @Override
@@ -72,6 +81,11 @@ public Collection<String> getAdditionalBindings() {
         return bindings;
     }
 
+    @Override
+    public List<Device> getDevices() {
+        return sgxService.getSgxDevices();
+    }
+
     private List<String> getDockerEnv(final TeeSessionGenerationResponse session) {
         return List.of(
                 SPS_URL_ENV_VAR + "=" + session.getSecretProvisioningUrl(),