native image instructions

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

build.sbt

@@ -55,7 +55,7 @@ Universal / mappings := (Universal / mappings).value.filter {
   case (_, path) => !path.contains("org.scala-lang.scala3-compiler") && !path.contains("io.get-coursier") && !path.contains("com.michaelpollmeier.scala-repl-pp")
 }
 
-enablePlugins(JavaAppPackaging, ClasspathJarPlugin)
+enablePlugins(JavaAppPackaging, ClasspathJarPlugin, GraalVMNativeImagePlugin)
 
 lazy val AstgenWin      = "astgen-win.exe"
 lazy val AstgenLinux    = "astgen-linux"
@@ -182,3 +182,7 @@ credentials +=
     "appthreat",
     sys.env.getOrElse("GITHUB_TOKEN", "N/A")
   )
+
+// Adher to the terms of this license when building and using the native-image https://www.oracle.com/downloads/licenses/graal-free-license.html
+containerBuildImage := Some("container-registry.oracle.com/graalvm/jdk:21")
+graalVMNativeImageOptions := Seq("-H:+UnlockExperimentalVMOptions", "--no-fallback", "--strict-image-heap", "-march=native", "--gc=G1", "--enable-sbom")

ci/native-image.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+echo "Applying Java 21 patch"
+git apply --ignore-space-change --ignore-whitespace contrib/java21.patch
+if [ $? != 0 ]; then
+    echo "Unable to patch the codebase correctly. Please file a bug report for atom."
+fi
+echo "About to build the native image. This would take a few minutes ..."
+sbt clean stage scalafmt "GraalVMNativeImage / packageBin"
+
+if [ -f "target/graalvm-native-image/atom" ]; then
+    chmod +x target/graalvm-native-image/atom
+    target/graalvm-native-image/atom --help
+    echo "atom native-image was built successfully"
+    echo "Adhere to the terms of the license for Oracle GraalVM 21 - https://www.oracle.com/downloads/licenses/graal-free-license.html"
+else
+    echo "atom native-image was not built correctly. Check if you have Oracle GraalVM 21 installed."
+fi

contrib/Dockerfile-graalvm21

@@ -0,0 +1,70 @@
+# https://www.oracle.com/downloads/licenses/graal-free-license.html
+FROM container-registry.oracle.com/graalvm/jdk:21
+
+LABEL maintainer="appthreat" \
+      org.opencontainers.image.authors="Team AppThreat <cloud@appthreat.com>" \
+      org.opencontainers.image.source="https://github.com/appthreat/chen" \
+      org.opencontainers.image.url="https://github.com/appthreat/atom" \
+      org.opencontainers.image.version="1.6.0" \
+      org.opencontainers.image.vendor="appthreat" \
+      org.opencontainers.image.licenses="Apache-2.0" \
+      org.opencontainers.image.title="atom" \
+      org.opencontainers.image.description="Container image for testing AppThreat atom with Oracle GraalVM" \
+      org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom"
+
+ARG MAVEN_VERSION=3.9.5
+
+ENV MAVEN_VERSION=$MAVEN_VERSION \
+    MAVEN_HOME="/opt/maven/${MAVEN_VERSION}" \
+    JAVA_OPTS="-XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1" \
+    ANDROID_HOME=/opt/android-sdk-linux \
+    JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8"
+
+ENV PATH=${PATH}:/opt/bin:${MAVEN_HOME}/bin:/usr/local/bin/:/root/.local/bin:${ANDROID_HOME}/cmdline-tools/latest/bin:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools:
+
+WORKDIR /opt
+
+RUN set -e; \
+    ARCH_NAME="$(rpm --eval '%{_arch}')"; \
+    url=; \
+    case "${ARCH_NAME##*-}" in \
+        'x86_64') \
+            OS_ARCH_SUFFIX=''; \
+            ;; \
+        'aarch64') \
+            OS_ARCH_SUFFIX='-aarch64'; \
+            ;; \
+        *) echo >&2 "error: unsupported architecture: '$ARCH_NAME'"; exit 1 ;; \
+    esac; \
+    echo -e "[nodejs]\nname=nodejs\nstream=21\nprofiles=\nstate=enabled\n" > /etc/dnf/modules.d/nodejs.module \
+    && microdnf install -y gcc git-core wget bash glibc-common glibc-all-langpacks \
+        pcre2 findutils which tar gzip zip unzip sudo nodejs \
+    && curl -s "https://get.sdkman.io" | bash \
+    && source "$HOME/.sdkman/bin/sdkman-init.sh" \
+    && echo -e "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true" >> $HOME/.sdkman/etc/config \
+    && sdk install maven $MAVEN_VERSION \
+    && sdk offline enable \
+    && mv /root/.sdkman/candidates/* /opt/ \
+    && rm -rf /root/.sdkman \
+    && mkdir -p ${ANDROID_HOME}/cmdline-tools \
+    && curl -L https://dl.google.com/android/repository/commandlinetools-linux-10406996_latest.zip -o ${ANDROID_HOME}/cmdline-tools/android_tools.zip \
+    && unzip ${ANDROID_HOME}/cmdline-tools/android_tools.zip -d ${ANDROID_HOME}/cmdline-tools/ \
+    && rm ${ANDROID_HOME}/cmdline-tools/android_tools.zip \
+    && mv ${ANDROID_HOME}/cmdline-tools/cmdline-tools ${ANDROID_HOME}/cmdline-tools/latest \
+    && yes | /opt/android-sdk-linux/cmdline-tools/latest/bin/sdkmanager --licenses --sdk_root=/opt/android-sdk-linux \
+    && /opt/android-sdk-linux/cmdline-tools/latest/bin/sdkmanager 'platform-tools' --sdk_root=/opt/android-sdk-linux \
+    && /opt/android-sdk-linux/cmdline-tools/latest/bin/sdkmanager 'platforms;android-34' --sdk_root=/opt/android-sdk-linux \
+    && /opt/android-sdk-linux/cmdline-tools/latest/bin/sdkmanager 'build-tools;34.0.0' --sdk_root=/opt/android-sdk-linux \
+    && sudo npm install -g @cyclonedx/cdxgen --omit=optional
+
+ENV LC_ALL=en_US.UTF-8 \
+    LANG=en_US.UTF-8 \
+    LANGUAGE=en_US.UTF-8
+COPY ./target/atom.zip .
+COPY ./wrapper .    
+RUN unzip -q atom.zip \
+    && sudo npm install -g /opt/nodejs \
+    && rm -rf atom.zip nodejs \
+    && microdnf clean all
+
+ENTRYPOINT ["atom"]

contrib/README.md

@@ -6,3 +6,5 @@ Atom works better under Java 21 with virtual threads. Use the provided patch for
 git apply --ignore-space-change --ignore-whitespace contrib/java21.patch
 sbt clean stage createDistribution
 ```
+
+When using Oracle GraalVM 21, adhere to the terms of the [license](https://www.oracle.com/downloads/licenses/graal-free-license.html)

src/main/resources/META-INF/native-image/jni-config.json

@@ -0,0 +1,28 @@
+[
+{
+  "name":"[Lcom.sun.management.internal.DiagnosticCommandArgumentInfo;"
+},
+{
+  "name":"[Lcom.sun.management.internal.DiagnosticCommandInfo;"
+},
+{
+  "name":"com.sun.management.internal.DiagnosticCommandArgumentInfo",
+  "methods":[{"name":"<init>","parameterTypes":["java.lang.String","java.lang.String","java.lang.String","java.lang.String","boolean","boolean","boolean","int"] }]
+},
+{
+  "name":"com.sun.management.internal.DiagnosticCommandInfo",
+  "methods":[{"name":"<init>","parameterTypes":["java.lang.String","java.lang.String","java.lang.String","java.lang.String","java.lang.String","java.lang.String","boolean","java.util.List"] }]
+},
+{
+  "name":"java.lang.Boolean",
+  "methods":[{"name":"getBoolean","parameterTypes":["java.lang.String"] }]
+},
+{
+  "name":"java.util.Arrays",
+  "methods":[{"name":"asList","parameterTypes":["java.lang.Object[]"] }]
+},
+{
+  "name":"sun.management.VMManagementImpl",
+  "fields":[{"name":"compTimeMonitoringSupport"}, {"name":"currentThreadCpuTimeSupport"}, {"name":"objectMonitorUsageSupport"}, {"name":"otherThreadCpuTimeSupport"}, {"name":"remoteDiagnosticCommandsSupport"}, {"name":"synchronizerUsageSupport"}, {"name":"threadAllocatedMemorySupport"}, {"name":"threadContentionMonitoringSupport"}]
+}
+]

src/main/resources/META-INF/native-image/predefined-classes-config.json

@@ -0,0 +1,8 @@
+[
+  {
+    "type":"agent-extracted",
+    "classes":[
+    ]
+  }
+]
+

src/main/resources/META-INF/native-image/proxy-config.json

@@ -0,0 +1,2 @@
+[
+]