Merge pull request 'Fix: enclave archive directory' (#1) from fix_enclave_directory into staging

Reviewed-on: #1

src/container.rs

@@ -28,9 +28,9 @@ pub fn deploy_enclave(
     // --storage-opt size={disk_mb}m
 
     let docker_deploy_str = format!(
-        r#"docker run -d --restart unless-stopped --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \
+        "docker run -d --restart unless-stopped --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \
         -v {enclave_path}:/enclave_package --device /dev/sgx/enclave --device /dev/sgx/provision \
-        {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"#
+        {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"
     );
 
     let mut child = Command::new("sh")

src/global.rs

@@ -10,8 +10,8 @@ pub const DETEE_ROOT_CA: &str = "/etc/detee/root_ca.pem";
 pub const BRAIN_STAGING: (&str, &str) = ("https://159.65.58.38:31337", "staging-brain");
 pub const BRAIN_TESTING: (&str, &str) = ("https://164.92.249.180:31337", "testnet-brain");
 pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_package.tar.gz";
-pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "./enclave_archives";
+pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "/var/lib/detee/archives";
-pub const PACKAGE_DIR_PATH: &str = "./enclaves";
+pub const PACKAGE_DIR_PATH: &str = "/var/lib/detee/enclaves";
 
 pub const APP_NAME_PREFIX: &str = "dtpm";
 
@@ -84,6 +84,7 @@ fn load_secret_key() -> Result<ed25519_dalek::SigningKey> {
         Ok(secret_key_pem) => secret_key_pem,
         Err(e) => {
             warn!("Could not load secret key due to error: {e:?}");
+            // TODO: fix this, if  new  node spawns its throwing error
             return create_secret_key();
         }
     };

src/main.rs

@@ -186,19 +186,19 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
     log::info!("Detee daemon running");
 
     loop {
-        if std::env::var("DAEMON_AUTO_UPGRADE") != Ok("OFF".to_string()) {
-            // This upgrade procedure will get replaced in prod. We need this for the testnet.
-            if let Err(e) = download_and_replace_binary().await {
-                log::error!("Failed to upgrade detee-sgx-daemon to newer version: {e}");
-            }
-        }
-
         let (brain_msg_tx, brain_msg_rx) = tokio::sync::mpsc::channel(6);
         let (daemon_msg_tx, daemon_msg_rx) = tokio::sync::mpsc::channel(6);
 
         let mut app_handler = AppHandler::new(brain_msg_rx, daemon_msg_tx.clone());
         let network = app_handler.host_config.network.clone();
 
+        if std::env::var("DAEMON_AUTO_UPGRADE") != Ok("OFF".to_string()) {
+            // This upgrade procedure will get replaced in prod. We need this for the testnet.
+            if let Err(e) = download_and_replace_binary(&network).await {
+                log::error!("Failed to upgrade detee-sgx-daemon to newer version: {e}");
+            }
+        }
+
         let mut contracts = vec![];
         match grpc::register_node(&app_handler.host_config).await {
             Ok(app_contracts) => {
@@ -244,12 +244,17 @@ fn set_logging() {
         .init();
 }
 
-async fn download_and_replace_binary() -> Result<()> {
+async fn download_and_replace_binary(network: &str) -> Result<()> {
     use reqwest::get;
     use std::os::unix::fs::PermissionsExt;
     const TMP_DAEMON: &str = "/usr/local/bin/detee/new-daemon";
     const BINARY: &str = "/usr/local/bin/detee-sgx-daemon";
-    let response = get("https://registry.detee.ltd/sgx/daemon/detee-sgx-daemon").await?;
+    let daemon_url = if network == "testnet" {
+        "https://registry.detee.ltd/sgx/daemon/detee-sgx-daemon"
+    } else {
+        "https://registry.detee.ltd/sgx/daemon_staging/detee-sgx-daemon"
+    };
+    let response = get(daemon_url).await?;
     if !response.status().is_success() {
         return Err(anyhow!("Failed to download file: {}", response.status()));
     }