feat: upload directory in launch config

- stream file upload - remove base 64 encoding - dtpm grpc compression - increase retry attempts while app deployment - improve ux while deploying with progress update - new actix static server package - updated config with directory sample - updated Dtpm client connection - remove mr_signer from connetion - reuse dtpm client connection
2025-04-10 10:33:22 +00:00 · 2025-04-10 10:33:22 +00:00 · 70edcb57e8
commit 70edcb57e8
parent 9a5387b931
9 changed files with 257 additions and 84 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -605,6 +605,26 @@ version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
 [[package]]
 name = "bincode"
 version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "36eaf5d7b090263e8150820482d5d93cd964a81e4019913c972f4edcc6edb740"
 dependencies = [
 "bincode_derive",
 "serde",
 "unty",
 ]
 [[package]]
 name = "bincode_derive"
 version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bf95709a440f45e986983918d0e8a1f30a9b1df04918fc828670606804ac3c09"
 dependencies = [
 "virtue",
 ]
 [[package]]
 name = "bindgen"
 version = "0.69.5"
@ -1099,7 +1119,6 @@ dependencies = [
 "detee-shared",
 "ed25519-dalek",
 "env_logger",
 "hex",
 "hyper",
 "hyper-rustls",
 "lazy_static",
@ -1163,15 +1182,17 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=main#3024c00b8e1c93e70902793385b92bc0a8d1f26a"
+source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=feat_dir_support_dtpm_config#20ba749427ac4453a06bc8a8ef3fb8f0ec6bb592"
 dependencies = [
- "base64",
+ "bincode",
 "prost",
 "serde",
 "serde_yaml",
 "tar",
 "thiserror 2.0.11",
 "tonic",
 "tonic-build",
 "zstd",
 ]
 [[package]]
@ -1369,6 +1390,18 @@ version = "0.2.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d"
 [[package]]
 name = "filetime"
 version = "0.2.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "35c0522e981e68cbfa8c3f978441a5f34b30b96e146b33cd3359176b50fe8586"
 dependencies = [
 "cfg-if",
 "libc",
 "libredox",
 "windows-sys 0.59.0",
 ]
 [[package]]
 name = "fixed-hash"
 version = "0.8.0"
@ -2169,6 +2202,17 @@ version = "0.2.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa"
 [[package]]
 name = "libredox"
 version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d"
 dependencies = [
 "bitflags",
 "libc",
 "redox_syscall",
 ]
 [[package]]
 name = "libz-sys"
 version = "1.1.22"
@ -2187,6 +2231,12 @@ version = "0.4.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89"
 [[package]]
 name = "linux-raw-sys"
 version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12"
 [[package]]
 name = "litemap"
 version = "0.7.4"
@ -2787,6 +2837,15 @@ dependencies = [
 "yasna",
 ]
 [[package]]
 name = "redox_syscall"
 version = "0.5.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d2f103c6d277498fbceb16e84d317e2a400f160f46904d5f5410848c829511a3"
 dependencies = [
 "bitflags",
 ]
 [[package]]
 name = "regex"
 version = "1.11.1"
@ -2988,10 +3047,23 @@ dependencies = [
 "bitflags",
 "errno",
 "libc",
- "linux-raw-sys",
+ "linux-raw-sys 0.4.14",
 "windows-sys 0.59.0",
 ]
 [[package]]
 name = "rustix"
 version = "1.0.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d97817398dd4bb2e6da002002db259209759911da105da92bec29ccb12cf58bf"
 dependencies = [
 "bitflags",
 "errno",
 "libc",
 "linux-raw-sys 0.9.4",
 "windows-sys 0.52.0",
 ]
 [[package]]
 name = "rustls"
 version = "0.23.23"
@ -3469,6 +3541,17 @@ version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
 [[package]]
 name = "tar"
 version = "0.4.44"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1d863878d212c87a19c1a610eb53bb01fe12951c0501cf5a0d65f724914a667a"
 dependencies = [
 "filetime",
 "libc",
 "xattr",
 ]
 [[package]]
 name = "tempfile"
 version = "3.17.1"
@ -3479,7 +3562,7 @@ dependencies = [
 "fastrand",
 "getrandom 0.3.1",
 "once_cell",
- "rustix",
+ "rustix 0.38.42",
 "windows-sys 0.59.0",
 ]
@ -3717,6 +3800,7 @@ dependencies = [
 "tower-layer",
 "tower-service",
 "tracing",
 "zstd",
 ]
 [[package]]
@ -3918,6 +4002,12 @@ version = "0.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
 [[package]]
 name = "unty"
 version = "0.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6d49784317cd0d1ee7ec5c716dd598ec5b4483ea832a2dced265471cc0f690ae"
 [[package]]
 name = "ureq"
 version = "3.0.3"
@ -4002,6 +4092,12 @@ version = "0.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
 [[package]]
 name = "virtue"
 version = "0.0.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "051eb1abcf10076295e815102942cc58f9d5e3b4560e46e53c21e8ff6f3af7b1"
 [[package]]
 name = "wait-timeout"
 version = "0.2.1"
@ -4134,7 +4230,7 @@ dependencies = [
 "either",
 "home",
 "once_cell",
- "rustix",
+ "rustix 0.38.42",
 ]
 [[package]]
@ -4331,6 +4427,16 @@ dependencies = [
 "time",
 ]
 [[package]]
 name = "xattr"
 version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0d65cbf2f12c15564212d48f4e3dfb87923d25d611f2aed18f4cb23f0413d89e"
 dependencies = [
 "libc",
 "rustix 1.0.5",
 ]
 [[package]]
 name = "yasna"
 version = "0.5.2"
@ -4447,3 +4553,31 @@ dependencies = [
 "quote",
 "syn 2.0.91",
 ]
 [[package]]
 name = "zstd"
 version = "0.13.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e91ee311a569c327171651566e07972200e76fcfe2242a4fa446149a3881c08a"
 dependencies = [
 "zstd-safe",
 ]
 [[package]]
 name = "zstd-safe"
 version = "7.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8f49c4d5f0abb602a93fb8736af2a4f4dd9512e36f7f570d66e65ff867ed3b9d"
 dependencies = [
 "zstd-sys",
 ]
 [[package]]
 name = "zstd-sys"
 version = "2.0.15+zstd.1.5.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "eb81183ddd97d0c74cedf1d50d85c8d08c1b8b68ee863bdee9e706eedba1a237"
 dependencies = [
 "cc",
 "pkg-config",
 ]
--- a/Cargo.toml
+++ b/Cargo.toml
@ -19,13 +19,12 @@ serde_yaml = "0.9.34"
 tabled = "0.17.0"
 tokio-stream = "0.1.17"
 tokio = { version = "1.42.0", features = ["macros", "rt-multi-thread"] }
-tonic = { version = "0.12" }
+tonic = { version = "0.12", features = ["zstd"] }
 thiserror = "2.0.9"
 bs58 = "0.5.1"
 chrono = "0.4.39"
 reqwest = {version = "0.12.12", features = ["blocking"] }
 serde_json = "1.0.139"
 hex = "0.4.3"
 hyper = "1.6.0"
 rustls = "0.23.23"
 tower = "0.5.2"
--- a/samples/new_app/new_app_launch_config.yaml
+++ b/samples/new_app/new_app_launch_config.yaml
@ -1,15 +1,21 @@
 filesystems:
  # - path: /bin/actix-hello-world
  #   content: !path "./samples/new_app/binaries/actix-test-app.bin"
 environments:
  - name: APP_NAME
    value: actix-test
  - name: PORT
    value: 8080
 #  - name: STATIC_DIR
 #    value: "/static/html_doc"
 child_processes:
-  - path: /bin/actix-app-info
+  - path: /bin/actix-static-server
-    arguments: ["pg_1_arg_1", "pg_1_arg_2"]
+    arguments: []
    restart:
      max_retries: 2
      delay_seconds: 2
      policy: !OnNonZeroExit true
 filesystems:
  - path: /host
    content: !path "./src"
  - path: /host
    content: !path "./samples"
 #  - path: /static
 #    content: !path "./html_doc"
--- a/src/bin/detee-cli.rs
+++ b/src/bin/detee-cli.rs
@ -120,8 +120,8 @@ fn clap_cmd() -> Command {
                    .arg(
                        Arg::new("memory")
                        .long("memory")
-                        .default_value("500")
+                        .default_value("1000")
-                        .value_parser(clap::value_parser!(u32).range(200..4050))
+                        .value_parser(clap::value_parser!(u32).range(1000..8000))
                        .help("memory in MB")
                    )
                    .arg(
@ -144,7 +144,7 @@ fn clap_cmd() -> Command {
                        .long("package")
                        .help("Enclave package name")
                        .default_value("base-package")
-                        .value_parser(["base-package", "actix-app-info", "go-app-info"])
+                        .value_parser(["base-package", "actix-static-server", "actix-app-info", "go-app-info"])
                    )
                    .arg(
                        Arg::new("name")
--- a/src/sgx/cli_handler.rs
+++ b/src/sgx/cli_handler.rs
@ -2,7 +2,7 @@ use crate::config::Config;
 use crate::name_generator::random_app_name;
 use crate::sgx::config::{validate_yaml, DeteeCliExt};
 use crate::sgx::grpc_brain::{delete_app, list_contracts};
-use crate::sgx::grpc_dtpm::{attest_and_send_config, get_config_from_enclave};
+use crate::sgx::grpc_dtpm::{get_config, update_config};
 use crate::sgx::packaging::package_enclave;
 use crate::sgx::utils::{
    deploy_new_app_and_update_config, fetch_config, override_envs_and_args_launch_config,
@ -227,7 +227,7 @@ fn handle_config_sub_update(
        (update_matche.get_one::<String>("config"), update_matche.get_one::<String>("uuid"))
    {
        let loaded_config = validate_yaml(file_path).unwrap();
-        match block_on(attest_and_send_config(loaded_config, uuid)) {
+        match block_on(update_config(uuid, loaded_config)) {
            Ok(_) => Ok(SimpleOutput::from("App launch config updated successfully")),
            Err(e) => Err(Box::new(std::io::Error::other(format!(
                "Could not attest and update app launch config due to error: {e}"
@ -244,7 +244,7 @@ fn handle_config_sub_get(
    if let (Some(file_path_to_save), Some(uuid)) =
        (get_matche.get_one::<String>("path"), get_matche.get_one::<String>("uuid"))
    {
-        match block_on(get_config_from_enclave(uuid)) {
+        match block_on(get_config(uuid)) {
            Ok(config) => {
                let config_yaml = serde_yaml::to_string(&config).unwrap();
                std::fs::write(file_path_to_save, config_yaml).unwrap();
--- a/src/sgx/grpc_dtpm.rs
+++ b/src/sgx/grpc_dtpm.rs
@ -1,13 +1,22 @@
 use detee_sgx::{prelude::*, HRaTlsConfigBuilder};
-use detee_shared::common_proto::Empty;
+use detee_shared::{
    common_proto::Empty,
    sgx::{pb::dtpm_proto::DtpmGetConfigRes, types::dtpm::FileEntry},
 };
 use hyper_rustls::HttpsConnectorBuilder;
 use rustls::ClientConfig;
 use std::sync::{Arc, RwLock};
-use tonic::transport::{Channel, Endpoint};
+use tokio::sync::mpsc;
 use tokio_stream::wrappers::ReceiverStream;
 use tonic::{
    codec::CompressionEncoding,
    transport::{Channel, Endpoint},
 };
 use detee_shared::sgx::{
    pb::dtpm_proto::{
-        dtpm_config_manager_client::DtpmConfigManagerClient, DtpmConfigData, DtpmSetConfigReq,
+        dtpm_config_manager_client::DtpmConfigManagerClient, DtpmSetConfigReq,
        FileEntry as FileEntryPb,
    },
    types::dtpm::DtpmConfig,
 };
@ -21,34 +30,26 @@ pub enum Error {
    DtpmConnection(#[from] tonic::transport::Error),
    #[error("Received error from DTPM: {}", _0.message())]
    ResponseStatus(#[from] tonic::Status),
    #[error("Hex: {0}")]
    HexDecode(#[from] hex::FromHexError),
    #[error("Disk access error: {0}")]
    DiskAccess(#[from] std::io::Error),
    #[error("HRatls: {0}")]
    SgxHRatls(#[from] detee_sgx::error::SgxError),
-    #[error("DtpmConfig: {0}")]
+    #[error("Dtpm: {0}")]
-    DtpmConfig(String),
+    Dtpm(String),
    #[error(transparent)]
    ConfigError(#[from] crate::config::Error),
 }
 type Result<T> = std::result::Result<T, Error>;
-pub async fn connect_dtpm_grpc_client(
+pub async fn connect_app_dtpm_client(app_uuid: &str) -> Result<DtpmConfigManagerClient<Channel>> {
    hratls_uri: String,
    package_mr_enclave: Option<[u8; 32]>,
 ) -> Result<DtpmConfigManagerClient<Channel>> {
    let private_key_pem = Config::get_hratls_private_key()?;
    let mut mr_signer = [0u8; 32];
    hex::decode_to_slice(Config::get_mrsigner()?, &mut mr_signer)?;
    let mr_signers = vec![mr_signer];
-    let hratls_config = Arc::new(RwLock::new(
+    let (hratls_uri, package_mr_enclave) = hratls_url_and_mr_enclave_from_app_id(app_uuid).await?;
-        HRaTlsConfig::new()
+    log::info!("hratls uri: {}\nmr_enclave: {:?}", &hratls_uri, &package_mr_enclave);
-            .allow_instance_measurement(InstanceMeasurement::new().with_mrsigners(mr_signers))
+
-            .with_hratls_private_key_pem(private_key_pem),
+    let hratls_config =
-    ));
+        Arc::new(RwLock::new(HRaTlsConfig::new().with_hratls_private_key_pem(private_key_pem)));
    if let Some(mr_enclave) = package_mr_enclave {
        hratls_config.write().unwrap().allow_more_instance_measurement(
@ -65,45 +66,60 @@ pub async fn connect_dtpm_grpc_client(
    let channel = Endpoint::from_shared(hratls_uri)?.connect_with_connector(connector).await?;
-    Ok(DtpmConfigManagerClient::new(channel))
+    Ok(DtpmConfigManagerClient::new(channel).send_compressed(CompressionEncoding::Zstd))
 }
-pub async fn attest_and_send_config(loaded_config: DtpmConfig, uuid: &str) -> Result<()> {
+pub async fn update_config(app_uuid: &str, config: DtpmConfig) -> Result<()> {
-    let config_data = Some(DtpmConfigData::from(loaded_config));
+    let dtpm_client = connect_app_dtpm_client(app_uuid).await?;
    let req_data = DtpmSetConfigReq { config_data, ..Default::default() };
-    log::trace!("Decoded the configuration... {:?}", req_data);
+    upload_files_pb(config.filesystems.clone(), &dtpm_client).await?;
    let req = DtpmSetConfigReq { config_data: Some(config.into()), ..Default::default() };
    set_config_pb(req, &dtpm_client).await?;
    Ok(())
 }
-    let (hratls_uri, mr_enclave) = hratls_url_and_mr_enclave_from_app_id(uuid).await;
+pub async fn get_config(app_uuid: &str) -> Result<DtpmConfig> {
-    log::info!("hratls uri: {}\nmr_enclave: {:?}", &hratls_uri, &mr_enclave);
+    let dtpm_client = connect_app_dtpm_client(app_uuid).await?;
    let config_res = get_config_pb(&dtpm_client).await?;
    let config: DtpmConfig =
        config_res.config_data.ok_or(Error::Dtpm("config data not found".to_string()))?.into();
    Ok(config)
 }
-    let client = connect_dtpm_grpc_client(hratls_uri, mr_enclave).await?;
+pub async fn upload_files_pb(
    reqs: Vec<FileEntry>,
    client: &DtpmConfigManagerClient<Channel>,
 ) -> Result<()> {
    let (tx, rx) = mpsc::channel(6);
    tokio::spawn(async move {
        for file in reqs {
            let file_pb: FileEntryPb = file.into();
            let _ = tx.send(file_pb).await;
        }
    });
-    let response = client
+    let fs_stream = ReceiverStream::new(rx);
-        .max_decoding_message_size(10240000)
+
-        .set_config(tonic::Request::new(req_data))
+    let _ = client.clone().upload_files(tonic::Request::new(fs_stream)).await?;
-        .await?;
+
    Ok(())
 }
 pub(crate) async fn set_config_pb(
    req: DtpmSetConfigReq,
    client: &DtpmConfigManagerClient<Channel>,
 ) -> Result<()> {
    let response = client.clone().set_config(tonic::Request::new(req)).await?;
    log::trace!("Received respose from the server...{:?}", response.into_inner());
    Ok(())
 }
-pub async fn get_config_from_enclave(uuid: &str) -> Result<DtpmConfig> {
+pub(crate) async fn get_config_pb(
-    let (hratls_uri, mr_enclave) = hratls_url_and_mr_enclave_from_app_id(uuid).await;
+    client: &DtpmConfigManagerClient<Channel>,
-    log::info!("hratls uri: {}\nmr_enclave: {:?}", &hratls_uri, &mr_enclave);
+) -> Result<DtpmGetConfigRes> {
-
+    let mgr_config_pb =
-    let client = connect_dtpm_grpc_client(hratls_uri, None).await?;
+        client.clone().get_config(tonic::Request::new(Empty {})).await?.into_inner();
-
+    Ok(mgr_config_pb)
    let mgr_config_pb = client
        .max_decoding_message_size(10240000)
        .get_config(tonic::Request::new(Empty {}))
        .await?
        .into_inner();
    let config: DtpmConfig = mgr_config_pb
        .config_data
        .ok_or(Error::DtpmConfig("config data not found".to_string()))?
        .into();
    Ok(config)
 }
--- a/src/sgx/mod.rs
+++ b/src/sgx/mod.rs
@ -71,24 +71,29 @@ pub struct PackageElement {
 pub static PACKAGES_INDEX: LazyLock<PublicIndex> = LazyLock::new(|| {
    PublicIndex {
        packages: vec![
            PackageElement{
                package_name: "actix-static-server".to_string(),
                package_url: "https://registry.detee.ltd/sgx/packages/actix-static-server_package_2025-04-16_21-27-07.tar.gz".to_string(),
                launch_config_url: "https://registry.detee.ltd/sgx/launch_configs/actix-static-server-launch-config_001.yaml".to_string(),
                mr_enclave: [97, 9, 55, 254, 254, 21, 143, 123, 239, 36, 47, 228, 8, 224, 114, 237, 159, 40, 32, 244, 54, 253, 126, 19, 13, 86, 42, 142, 248, 20, 89, 58],
            },
            PackageElement{
                package_name: "base-package".to_string(),
-                package_url: "https://registry.detee.ltd/sgx/packages/base-package_2025-03-25_13-54-06.tar.gz".to_string(),
+                package_url: "https://registry.detee.ltd/sgx/packages/base_package_2025-04-17_11-01-08.tar.gz".to_string(),
                launch_config_url: "https://registry.detee.ltd/sgx/launch_configs/base-package-launch-config_001.yaml".to_string(),
-                mr_enclave: [47, 58, 112, 8, 157, 109, 224, 80, 78, 225, 47, 55, 103, 53, 71, 234, 97, 11, 16, 22, 231, 77, 113, 52, 203, 97, 136, 109, 178, 240, 128, 169],
+                mr_enclave: [52, 183, 102, 210, 251, 219, 218, 140, 168, 118, 10, 193, 98, 240, 147, 124, 240, 189, 46, 95, 138, 172, 15, 246, 227, 114, 70, 159, 232, 212, 9, 234],
            },
            PackageElement{
                package_name: "actix-app-info".to_string(),
-                package_url: "https://registry.detee.ltd/sgx/packages/actix-app-info_package_2025-03-19_13-49-56.tar.gz".to_string(),
+                package_url: "https://registry.detee.ltd/sgx/packages/actix-app-info_package_2025-04-16_21-59-38.tar.gz".to_string(),
                launch_config_url: "https://registry.detee.ltd/sgx/launch_configs/actix-app-info-launch-config_001.yaml".to_string(),
-                mr_enclave: [ 139, 208, 253, 40, 81, 80, 225, 137, 106, 182, 27, 200, 25, 128, 212, 235, 76, 153, 215, 42, 160, 69, 26, 132, 77, 223, 182, 180, 136, 218, 173, 184 ],
+                mr_enclave: [128, 0, 97, 103, 165, 103, 68, 203, 240, 145, 153, 254, 34, 129, 75, 140, 8, 186, 63, 226, 144, 129, 201, 187, 175, 66, 80, 1, 151, 114, 183, 159],
            },
            PackageElement{
                package_name: "go-app-info".to_string(),
-                package_url: "https://registry.detee.ltd/sgx/packages/go-gin-app-info_01_package_2025-03-26_11-30-45.tar.gz".to_string(),
+                package_url: "https://registry.detee.ltd/sgx/packages/go-app-info_package_2025-04-16_21-39-18.tar.gz".to_string(),
                launch_config_url: "https://registry.detee.ltd/sgx/launch_configs/go-gin-app-info-launch-config_001.yaml".to_string(),
-                mr_enclave: [239, 153, 28, 180, 45, 214, 226, 253, 140, 243, 34, 120, 146, 198, 75, 43, 205, 229, 33, 160, 62, 22, 244, 123, 213, 37, 186, 93, 177, 8, 129, 170],
+                mr_enclave: [188, 233, 211, 196, 237, 6, 46, 236, 229, 173, 239, 94, 99, 172, 233, 37, 255, 20, 54, 212, 172, 30, 182, 71, 219, 76, 78, 11, 72, 68, 46, 204],
            }
        ],
    }
--- a/src/sgx/packaging.rs
+++ b/src/sgx/packaging.rs
@ -18,7 +18,7 @@ pub fn package_enclave(
        format!(
            r#"docker run --rm -it -v ./:/app/ \
        -v {signing_key_path}:/keys/app_signing_key.pem:ro \
-        noormohammedb/enclave_packager_01:pub_v3 {package_items}"#
+        noormohammedb/enclave_packager_01:pub_v5 {package_items}"#
        )
    } else {
        format!(
--- a/src/sgx/utils.rs
+++ b/src/sgx/utils.rs
@ -1,9 +1,12 @@
 use crate::constants::HRATLS_APP_PORT;
 use crate::sgx::get_one_contract;
 use crate::sgx::grpc_brain::new_app;
-use crate::sgx::grpc_dtpm::attest_and_send_config;
+use crate::sgx::grpc_dtpm::connect_app_dtpm_client;
 use crate::sgx::grpc_dtpm::set_config_pb;
 use crate::sgx::grpc_dtpm::upload_files_pb;
 use crate::sgx::package_entry_from_name;
 use detee_shared::app_proto::NewAppRes;
 use detee_shared::sgx::pb::dtpm_proto::DtpmSetConfigReq;
 use detee_shared::sgx::types::brain::AppDeployConfig;
 use detee_shared::sgx::types::dtpm::DtpmConfig;
 use detee_shared::sgx::types::dtpm::EnvironmentEntry;
@ -17,7 +20,7 @@ pub enum Error {
    #[error(transparent)]
    Serde(#[from] serde_yaml::Error),
    #[error("{0}")]
-    PublicPackage(std::string::String),
+    Package(std::string::String),
    #[error("{0}")]
    Brain(#[from] crate::sgx::grpc_brain::Error),
    #[error("{0}")]
@ -26,7 +29,9 @@ pub enum Error {
    Deployment(String),
 }
-pub async fn hratls_url_and_mr_enclave_from_app_id(app_id: &str) -> (String, Option<[u8; 32]>) {
+pub async fn hratls_url_and_mr_enclave_from_app_id(
    app_id: &str,
 ) -> Result<(String, Option<[u8; 32]>), crate::sgx::grpc_dtpm::Error> {
    let app_contract = get_one_contract(app_id).await;
    if app_contract.is_err() {
        eprintln!("Could not find App contract with ID: {}", app_id);
@ -44,15 +49,15 @@ pub async fn hratls_url_and_mr_enclave_from_app_id(app_id: &str) -> (String, Opt
        .mapped_ports
        .iter()
        .find(|port| port.app_port == HRATLS_APP_PORT)
-        .unwrap()
+        .ok_or(crate::sgx::grpc_dtpm::Error::Dtpm("Could not find DTMP port".to_string()))?
        .host_port;
-    (format!("https://{public_ip}:{dtpm_port}"), mr_enclave)
+    Ok((format!("https://{public_ip}:{dtpm_port}"), mr_enclave))
 }
 pub async fn fetch_config(package_name: &str) -> Result<DtpmConfig, Error> {
    let index_package_entry = package_entry_from_name(package_name)
-        .ok_or(Error::PublicPackage("package not found for ".to_string() + package_name))?;
+        .ok_or(Error::Package("package not found for ".to_string() + package_name))?;
    let launch_config_url = index_package_entry.launch_config_url.clone();
@ -126,13 +131,21 @@ pub async fn deploy_new_app_and_update_config(
    if new_app_res.error.is_empty() {
        if let Some(launch_config) = launch_config {
-            eprintln!("Deploying...");
+            eprint!("Deploying...");
            tokio::time::sleep(tokio::time::Duration::from_millis(2500)).await;
-            Retry::spawn(FixedInterval::from_millis(1000).take(10), || {
+            let dtpm_client = Retry::spawn(FixedInterval::from_millis(1000).take(30), || {
                log::debug!("retrying attestation and launch config update");
-                attest_and_send_config(launch_config.clone(), &new_app_res.uuid)
+                eprint!(".");
                connect_app_dtpm_client(&new_app_res.uuid)
            })
            .await?;
            println!("");
            upload_files_pb(launch_config.filesystems.clone(), &dtpm_client).await?;
            let config_data = Some(launch_config.into());
            log::trace!("Decoded the configuration... {:?}", config_data);
            let req = DtpmSetConfigReq { config_data, ..Default::default() };
            set_config_pb(req, &dtpm_client).await?;
            Ok(new_app_res)
        } else {
            Ok(new_app_res)