From 2854397efa5e08165aa1c29738b782f5d70cef33 Mon Sep 17 00:00:00 2001 From: Noor Date: Wed, 2 Apr 2025 13:47:31 +0000 Subject: [PATCH] Fix: enclave archive directory update enclaves paths daemon for staging network enhanced docker command formatting --- src/container.rs | 4 ++-- src/global.rs | 5 +++-- src/main.rs | 23 ++++++++++++++--------- 3 files changed, 19 insertions(+), 13 deletions(-) diff --git a/src/container.rs b/src/container.rs index 5c4ee6f..c440174 100644 --- a/src/container.rs +++ b/src/container.rs @@ -28,9 +28,9 @@ pub fn deploy_enclave( // --storage-opt size={disk_mb}m let docker_deploy_str = format!( - r#"docker run -d --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \ + "docker run -d --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \ -v {enclave_path}:/enclave_package --device /dev/sgx/enclave --device /dev/sgx/provision \ - {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"# + {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}" ); let mut child = Command::new("sh") diff --git a/src/global.rs b/src/global.rs index 8e64d61..fbb078e 100644 --- a/src/global.rs +++ b/src/global.rs @@ -10,8 +10,8 @@ pub const DETEE_ROOT_CA: &str = "/etc/detee/root_ca.pem"; pub const BRAIN_STAGING: (&str, &str) = ("https://159.65.58.38:31337", "staging-brain"); pub const BRAIN_TESTING: (&str, &str) = ("https://164.92.249.180:31337", "testnet-brain"); pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_package.tar.gz"; -pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "./enclave_archives"; -pub const PACKAGE_DIR_PATH: &str = "./enclaves"; +pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "/var/lib/detee/archives"; +pub const PACKAGE_DIR_PATH: &str = "/var/lib/detee/enclaves"; pub const APP_NAME_PREFIX: &str = "dtpm"; @@ -84,6 +84,7 @@ fn load_secret_key() -> Result { Ok(secret_key_pem) => secret_key_pem, Err(e) => { warn!("Could not load secret key due to error: {e:?}"); + // TODO: fix this, if new node spawns its throwing error return create_secret_key(); } }; diff --git a/src/main.rs b/src/main.rs index 6435e1a..1245378 100644 --- a/src/main.rs +++ b/src/main.rs @@ -186,19 +186,19 @@ async fn main() -> Result<(), Box> { log::info!("Detee daemon running"); loop { - if std::env::var("DAEMON_AUTO_UPGRADE") != Ok("OFF".to_string()) { - // This upgrade procedure will get replaced in prod. We need this for the testnet. - if let Err(e) = download_and_replace_binary().await { - log::error!("Failed to upgrade detee-sgx-daemon to newer version: {e}"); - } - } - let (brain_msg_tx, brain_msg_rx) = tokio::sync::mpsc::channel(6); let (daemon_msg_tx, daemon_msg_rx) = tokio::sync::mpsc::channel(6); let mut app_handler = AppHandler::new(brain_msg_rx, daemon_msg_tx.clone()); let network = app_handler.host_config.network.clone(); + if std::env::var("DAEMON_AUTO_UPGRADE") != Ok("OFF".to_string()) { + // This upgrade procedure will get replaced in prod. We need this for the testnet. + if let Err(e) = download_and_replace_binary(&network).await { + log::error!("Failed to upgrade detee-sgx-daemon to newer version: {e}"); + } + } + let mut contracts = vec![]; match grpc::register_node(&app_handler.host_config).await { Ok(app_contracts) => { @@ -244,12 +244,17 @@ fn set_logging() { .init(); } -async fn download_and_replace_binary() -> Result<()> { +async fn download_and_replace_binary(network: &str) -> Result<()> { use reqwest::get; use std::os::unix::fs::PermissionsExt; const TMP_DAEMON: &str = "/usr/local/bin/detee/new-daemon"; const BINARY: &str = "/usr/local/bin/detee-sgx-daemon"; - let response = get("https://registry.detee.ltd/sgx/daemon/detee-sgx-daemon").await?; + let daemon_url = if network == "testnet" { + "https://registry.detee.ltd/sgx/daemon/detee-sgx-daemon" + } else { + "https://registry.detee.ltd/sgx/daemon_staging/detee-sgx-daemon" + }; + let response = get(daemon_url).await?; if !response.status().is_success() { return Err(anyhow!("Failed to download file: {}", response.status())); }