From bf4fa3f8b5aba403a102e7a7d4f1cac61b49183a Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Mon, 28 Aug 2023 20:54:04 +0300 Subject: [PATCH 01/11] Fix release CI --- .github/workflows/release.yaml | 53 ++-------------------------------- check-hw/Cargo.lock | 4 +-- 2 files changed, 5 insertions(+), 52 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 51874b215..d80393167 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,7 +15,7 @@ jobs: strategy: fail-fast: false matrix: - db_backend: [rocksdb, goleveldb] + db_backend: [goleveldb] runs-on: ubuntu-20.04 env: # Or as an environment variable SPID: ${{ secrets.SPID_TESTNET }} @@ -38,10 +38,6 @@ jobs: - name: Get the version id: get_version run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\/v/} - - name: Sets env vars for rocksdb - if: ${{ matrix.db_backend == 'rocksdb' }} - run: | - echo "DOCKER_CGO_LDFLAGS=-L/usr/lib/x86_64-linux-gnu/ -lrocksdb -lstdc++ -llz4 -lm -lz -lbz2 -lsnappy" >> $GITHUB_ENV - name: Build .deb Package Image uses: docker/build-push-action@v4 with: @@ -220,53 +216,10 @@ jobs: docker run -e VERSION=${{ steps.get_version.outputs.VERSION }} -v $GITHUB_WORKSPACE/build:/build check_hw_tool_build cp build/check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz - # 1. Untar the archive - tar -xzf check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz - - # 2. Rename the files - mv check_hw check_hw_testnet - mv check_hw_enclave.so check_hw_testnet_enclave.so - - # 3. Retar the renamed files - tar -czf check_hw_${{ steps.get_version.outputs.VERSION }}_testnet.tar.gz check_hw_testnet check_hw_testnet_enclave.so - - uses: actions/upload-artifact@v3 with: - name: check_hw_${{ steps.get_version.outputs.VERSION }}_testnet.tar.gz - path: check_hw_${{ steps.get_version.outputs.VERSION }}_testnet.tar.gz - -# check-hw-tool-mainnet: -# runs-on: ubuntu-20.04 -# steps: -# - uses: actions/checkout@v3 -# with: -# submodules: recursive -# - name: Get the version -# id: get_version -# run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\/v/} -# - name: Build check-hw-tool image -# uses: docker/build-push-action@v4 -# with: -# file: deployment/dockerfiles/Dockerfile -# context: . -# load: true -# tags: check_hw_tool_build -# secrets: | -# API_KEY=${{ secrets.API_KEY_MAINNET }} -# SPID=${{ secrets.SPID_MAINNET }} -# build-args: | -# BUILD_VERSION=${{ steps.get_version.outputs.VERSION }} -# SGX_MODE=HW -# FEATURES=production -# target: compile-check-hw-tool -# - name: Run check-hw-tool image -# run: | -# docker run -e VERSION=${{ steps.get_version.outputs.VERSION }} -v $GITHUB_WORKSPACE/build:/build check_hw_tool_build -# cp build/check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz -# - uses: actions/upload-artifact@v3 -# with: -# name: check_hw_${{ steps.get_version.outputs.VERSION }}_mainnet.tar.gz -# path: check_hw_${{ steps.get_version.outputs.VERSION }}_mainnet.tar.gz + name: check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz + path: check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz publish-localsecret: runs-on: ubuntu-20.04 diff --git a/check-hw/Cargo.lock b/check-hw/Cargo.lock index c7e46b238..7361771ae 100644 --- a/check-hw/Cargo.lock +++ b/check-hw/Cargo.lock @@ -297,11 +297,11 @@ dependencies = [ [[package]] name = "sgx_types" -version = "1.1.5" +version = "1.1.6" [[package]] name = "sgx_urts" -version = "1.1.5" +version = "1.1.6" dependencies = [ "libc", "sgx_types", From e1ed02869fe0988f42b8d67d1c872c9ad7253267 Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Mon, 28 Aug 2023 21:56:51 +0300 Subject: [PATCH 02/11] Fix release CI --- .github/workflows/release.yaml | 2 +- deployment/dockerfiles/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d80393167..c3fbe8d90 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -70,7 +70,7 @@ jobs: strategy: fail-fast: false matrix: - db_backend: [goleveldb, rocksdb] + db_backend: [goleveldb] env: # Or as an environment variable SPID: ${{ secrets.SPID_MAINNET }} API_KEY: ${{ secrets.API_KEY_MAINNET }} diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index ba4cc52ef..30eae9afa 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -80,7 +80,7 @@ RUN git submodule update --remote RUN rustup component add rust-src RUN cargo install xargo --version 0.3.25 -RUN . /opt/sgxsdk/environment && env && LD_LIBRARY_PATH=/opt/sgxsdk/lib64 FEATURES=${FEATURES} MITIGATION_CVE_2020_0551=${MITIGATION_CVE_2020_0551} SGX_MODE=${SGX_MODE} FEATURES_U="$(echo \"${FEATURES_U}\" | perl -pe 's/go-tests|debug-print//g')" make build +RUN . /opt/sgxsdk/environment && env && LD_LIBRARY_PATH=/opt/sgxsdk/lib64 FEATURES="$(echo \"${FEATURES}\" | perl -pe 's/go-tests|debug-print//g')" MITIGATION_CVE_2020_0551=${MITIGATION_CVE_2020_0551} SGX_MODE=${SGX_MODE} FEATURES_U="$(echo \"${FEATURES_U}\" | perl -pe 's/go-tests|debug-print//g')" make build # ***************** COMPILE SECRETD ************** # FROM $SCRT_BASE_IMAGE_ENCLAVE AS compile-secretd From d7910ad02265c2565a40e86c417db4c6144dd898 Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Mon, 28 Aug 2023 21:59:20 +0300 Subject: [PATCH 03/11] Added 1.11 upgrade handler --- app/app.go | 2 ++ app/upgrades/v1.11/upgrade.go | 43 +++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 app/upgrades/v1.11/upgrade.go diff --git a/app/app.go b/app/app.go index 38c3b3a03..77fc5a32b 100644 --- a/app/app.go +++ b/app/app.go @@ -32,6 +32,7 @@ import ( ibckeeper "github.com/cosmos/ibc-go/v4/modules/core/keeper" "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" + v1_11 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.11" v1_10 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.10" v1_3 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.3" v1_4 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.4" @@ -103,6 +104,7 @@ var ( v1_8.Upgrade, v1_9.Upgrade, v1_10.Upgrade, + v1_11.Upgrade, } ) diff --git a/app/upgrades/v1.11/upgrade.go b/app/upgrades/v1.11/upgrade.go new file mode 100644 index 000000000..6f6596ace --- /dev/null +++ b/app/upgrades/v1.11/upgrade.go @@ -0,0 +1,43 @@ +package v1_11 + +import ( + "fmt" + + store "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/module" + upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + "github.com/scrtlabs/SecretNetwork/app/keepers" + "github.com/scrtlabs/SecretNetwork/app/upgrades" + ibchookstypes "github.com/scrtlabs/SecretNetwork/x/ibc-hooks/types" +) + +const upgradeName = "v1.11" + +var Upgrade = upgrades.Upgrade{ + UpgradeName: upgradeName, + CreateUpgradeHandler: createUpgradeHandler, + StoreUpgrades: store.StoreUpgrades{ + Added: []string{ + ibchookstypes.StoreKey, + }, + }, +} + +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, +) upgradetypes.UpgradeHandler { + return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { + ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) + ctx.Logger().Info(`| | | | __ \ / ____| __ \ /\ | __ \| ____|`) + ctx.Logger().Info(`| | | | |__) | | __| |__) | / \ | | | | |__ `) + ctx.Logger().Info(`| | | | ___/| | |_ | _ / / /\ \ | | | | __| `) + ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) + ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) + + // WASM Hooks doesn't require any initialization code: + // https://github.com/osmosis-labs/osmosis/blob/8b4c62a26/app/upgrades/v14/upgrades.go#L12-L21 + + ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) + return mm.RunMigrations(ctx, configurator, vm) + } +} From 0da11518a97b3571bdacfecd70271d8ab20567dc Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Tue, 29 Aug 2023 00:21:08 +0300 Subject: [PATCH 04/11] Added 1.11 upgrade handler --- .github/workflows/release.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c3fbe8d90..9a1922bb1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -305,15 +305,9 @@ jobs: - uses: actions/download-artifact@v3 with: name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_goleveldb_amd64.deb - - uses: actions/download-artifact@v3 - with: - name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_rocksdb_amd64.deb - uses: actions/download-artifact@v3 with: name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_goleveldb_amd64.deb - - uses: actions/download-artifact@v3 - with: - name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_rocksdb_amd64.deb - uses: actions/download-artifact@v3 with: name: check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz @@ -326,9 +320,7 @@ jobs: prerelease: true files: | secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_goleveldb_amd64.deb - secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_rocksdb_amd64.deb secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_goleveldb_amd64.deb - secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_rocksdb_amd64.deb secretcli-macOS secretcli-Windows secretcli-Linux From 5a811042c30df336db43f4e78af5f96623f6c8ac Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Tue, 29 Aug 2023 00:25:21 +0300 Subject: [PATCH 05/11] gofumpt --- app/app.go | 2 +- app/upgrades/v1.10/upgrade.go | 12 ++---------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/app/app.go b/app/app.go index 77fc5a32b..0635496f6 100644 --- a/app/app.go +++ b/app/app.go @@ -32,8 +32,8 @@ import ( ibckeeper "github.com/cosmos/ibc-go/v4/modules/core/keeper" "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" - v1_11 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.11" v1_10 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.10" + v1_11 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.11" v1_3 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.3" v1_4 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.4" v1_5 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.5" diff --git a/app/upgrades/v1.10/upgrade.go b/app/upgrades/v1.10/upgrade.go index d4e4c26a9..3d0597339 100644 --- a/app/upgrades/v1.10/upgrade.go +++ b/app/upgrades/v1.10/upgrade.go @@ -9,7 +9,6 @@ import ( upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" - ibchookstypes "github.com/scrtlabs/SecretNetwork/x/ibc-hooks/types" ) const upgradeName = "v1.10" @@ -17,14 +16,10 @@ const upgradeName = "v1.10" var Upgrade = upgrades.Upgrade{ UpgradeName: upgradeName, CreateUpgradeHandler: createUpgradeHandler, - StoreUpgrades: store.StoreUpgrades{ - Added: []string{ - ibchookstypes.StoreKey, - }, - }, + StoreUpgrades: store.StoreUpgrades{}, } -func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, +func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, ) upgradetypes.UpgradeHandler { return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) @@ -34,9 +29,6 @@ func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, confi ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) - // WASM Hooks doesn't require any initialization code: - // https://github.com/osmosis-labs/osmosis/blob/8b4c62a26/app/upgrades/v14/upgrades.go#L12-L21 - ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) return mm.RunMigrations(ctx, configurator, vm) } From 7b2758df87ca5d012f4b4a0f308f40bb5ed58c05 Mon Sep 17 00:00:00 2001 From: Itzik Grossman Date: Tue, 29 Aug 2023 00:26:54 +0300 Subject: [PATCH 06/11] gofumpt --- app/upgrades/v1.10/upgrade.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/upgrades/v1.10/upgrade.go b/app/upgrades/v1.10/upgrade.go index 3d0597339..bc6232108 100644 --- a/app/upgrades/v1.10/upgrade.go +++ b/app/upgrades/v1.10/upgrade.go @@ -19,7 +19,7 @@ var Upgrade = upgrades.Upgrade{ StoreUpgrades: store.StoreUpgrades{}, } -func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, ) upgradetypes.UpgradeHandler { return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) From e7f57e603236ae878cfd684886f649a0a1f5711c Mon Sep 17 00:00:00 2001 From: Cashmaney Date: Tue, 29 Aug 2023 10:23:27 +0300 Subject: [PATCH 07/11] Update Dockerfile --- deployment/dockerfiles/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index 30eae9afa..4f1c89759 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -74,6 +74,8 @@ RUN git clone --branch main --depth 1 https://github.com/scrtlabs/tm-secret-encl WORKDIR tm-secret-enclave +RUN git checkout v1.11.1 + RUN git submodule init RUN git submodule update --remote From 33e4cf66537fad24c87c2cadc278665c8d5b63be Mon Sep 17 00:00:00 2001 From: Cashmaney Date: Tue, 29 Aug 2023 10:49:00 +0300 Subject: [PATCH 08/11] Update Dockerfile --- deployment/dockerfiles/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index 4f1c89759..ccbadcaa0 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -74,7 +74,7 @@ RUN git clone --branch main --depth 1 https://github.com/scrtlabs/tm-secret-encl WORKDIR tm-secret-enclave -RUN git checkout v1.11.1 +RUN git fetch && git checkout v1.11.1 RUN git submodule init RUN git submodule update --remote From a57771991c30a83e86969f1de9a49751bda2323c Mon Sep 17 00:00:00 2001 From: Cashmaney Date: Tue, 29 Aug 2023 11:17:54 +0300 Subject: [PATCH 09/11] Update Dockerfile --- deployment/dockerfiles/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index ccbadcaa0..f620b3a9d 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -74,7 +74,7 @@ RUN git clone --branch main --depth 1 https://github.com/scrtlabs/tm-secret-encl WORKDIR tm-secret-enclave -RUN git fetch && git checkout v1.11.1 +RUN git fetch --tags && git checkout v1.11.1 RUN git submodule init RUN git submodule update --remote From 60b1866d8baa74f3f1d45febc8fa8b6731f17f67 Mon Sep 17 00:00:00 2001 From: Cashmaney Date: Tue, 29 Aug 2023 12:02:07 +0300 Subject: [PATCH 10/11] Update Dockerfile --- deployment/dockerfiles/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index f620b3a9d..178cd289a 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -74,7 +74,7 @@ RUN git clone --branch main --depth 1 https://github.com/scrtlabs/tm-secret-encl WORKDIR tm-secret-enclave -RUN git fetch --tags && git checkout v1.11.1 +RUN git fetch --tags && git checkout v1.11.2 RUN git submodule init RUN git submodule update --remote From d9268063de55f745ac553f427b7c6668393419c2 Mon Sep 17 00:00:00 2001 From: Cashmaney Date: Tue, 29 Aug 2023 14:11:46 +0300 Subject: [PATCH 11/11] Update Dockerfile --- deployment/dockerfiles/Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/deployment/dockerfiles/Dockerfile b/deployment/dockerfiles/Dockerfile index 178cd289a..9311c487f 100644 --- a/deployment/dockerfiles/Dockerfile +++ b/deployment/dockerfiles/Dockerfile @@ -70,12 +70,10 @@ ENV FEATURES=${FEATURES} ENV FEATURES_U=${FEATURES_U} ENV MITIGATION_CVE_2020_0551=${MITIGATION_CVE_2020_0551} -RUN git clone --branch main --depth 1 https://github.com/scrtlabs/tm-secret-enclave.git +RUN git clone --branch v1.11.3 --depth 1 https://github.com/scrtlabs/tm-secret-enclave.git WORKDIR tm-secret-enclave -RUN git fetch --tags && git checkout v1.11.2 - RUN git submodule init RUN git submodule update --remote