-
Notifications
You must be signed in to change notification settings - Fork 208
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'origin/compute-root-validation' into pr…
…oof-integration # Conflicts: # .github/workflows/go-lint.yml # .vscode/settings.json # app/app.go # cosmwasm/enclaves/Cargo.lock # cosmwasm/enclaves/execute/Cargo.toml # cosmwasm/enclaves/execute/Enclave.edl # cosmwasm/enclaves/execute/src/lib.rs # cosmwasm/enclaves/ffi-types/src/lib.rs # cosmwasm/enclaves/shared/block-verifier/Cargo.toml # cosmwasm/enclaves/shared/block-verifier/src/wasm_messages.rs # cosmwasm/enclaves/shared/contract-engine/Cargo.toml # cosmwasm/enclaves/shared/contract-engine/src/contract_operations.rs # cosmwasm/enclaves/shared/contract-engine/src/db.rs # cosmwasm/enclaves/shared/contract-engine/src/lib.rs # cosmwasm/enclaves/shared/contract-engine/src/wasm3/mod.rs # cosmwasm/packages/sgx-vm/src/lib.rs # cosmwasm/packages/sgx-vm/src/proofs.rs # deployment/dockerfiles/Dockerfile # go-cosmwasm/Cargo.lock # go-cosmwasm/api/bindings.h # go-cosmwasm/api/callbacks.go # go.mod # go.sum
- Loading branch information
Showing
354 changed files
with
47,115 additions
and
11,169 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,16 +6,16 @@ jobs: | |
Enclave-Unit-Tests: | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
name: Pull git submodules | ||
- name: Install Intel's SGX SDK | ||
run: | | ||
mkdir -p "$HOME/.sgxsdk" | ||
cd "$HOME/.sgxsdk" | ||
SDK_BIN=sgx_linux_x64_sdk_2.17.101.1.bin | ||
wget https://download.01.org/intel-sgx/sgx-linux/2.17.1/distro/ubuntu20.04-server/"$SDK_BIN" | ||
SDK_BIN=sgx_linux_x64_sdk_2.20.100.4.bin | ||
wget https://download.01.org/intel-sgx/sgx-linux/2.20/distro/ubuntu20.04-server/"$SDK_BIN" | ||
chmod +x "$SDK_BIN" | ||
echo yes | ./"$SDK_BIN" | ||
- name: Cache cargo registry | ||
|
@@ -43,35 +43,25 @@ jobs: | |
rustc --version | ||
cargo +stable install xargo --version 0.3.25 | ||
xargo --version | ||
- name: Download sccache | ||
run: | | ||
wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | ||
tar xf ./sccache-*.tar.gz | ||
mv ./sccache*/sccache "$HOME/sccache" | ||
- name: Test enclave | ||
run: | | ||
source "$HOME/.sgxsdk/sgxsdk/environment" | ||
export SGX_MODE=SW | ||
RUSTC_WRAPPER="$HOME/sccache" make enclave-tests | ||
make enclave-tests | ||
make clean-enclave | ||
Build-Contracts: | ||
runs-on: ubuntu-20.04 | ||
runs-on: ubuntu-22.04 | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Download sccache | ||
run: | | ||
wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | ||
tar xf ./sccache-*.tar.gz | ||
mv ./sccache*/sccache "$HOME/sccache" | ||
- uses: actions/checkout@v4 | ||
- name: Install Requirements | ||
run: | | ||
rustup target add wasm32-unknown-unknown | ||
chmod +x ./scripts/install-wasm-tools.sh | ||
./scripts/install-wasm-tools.sh | ||
- name: Build Contracts | ||
run: | | ||
make build-test-contract | ||
make build-test-contracts | ||
cp x/compute/internal/keeper/testdata/erc20.wasm . | ||
- uses: actions/upload-artifact@v3 | ||
with: | ||
|
@@ -81,6 +71,10 @@ jobs: | |
with: | ||
name: contract.wasm | ||
path: cosmwasm/contracts/v010/compute-tests/test-compute-contract/contract.wasm | ||
- uses: actions/upload-artifact@v3 | ||
with: | ||
name: contract-v2.wasm | ||
path: cosmwasm/contracts/v010/compute-tests/test-compute-contract-v2/contract-v2.wasm | ||
- uses: actions/upload-artifact@v3 | ||
with: | ||
name: v1-contract.wasm | ||
|
@@ -106,18 +100,18 @@ jobs: | |
runs-on: ubuntu-20.04 | ||
needs: [Build-Contracts, Build-LocalSecret] | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
- uses: actions/setup-go@v4 | ||
with: | ||
go-version: 1.19 # The Go version to download (if necessary) and use. | ||
go-version: 1.21 # The Go version to download (if necessary) and use. | ||
- name: Install Intel's SGX SDK | ||
run: | | ||
mkdir -p "$HOME/.sgxsdk" | ||
cd "$HOME/.sgxsdk" | ||
SDK_BIN=sgx_linux_x64_sdk_2.17.101.1.bin | ||
wget https://download.01.org/intel-sgx/sgx-linux/2.17.1/distro/ubuntu20.04-server/"$SDK_BIN" | ||
SDK_BIN=sgx_linux_x64_sdk_2.20.100.4.bin | ||
wget https://download.01.org/intel-sgx/sgx-linux/2.20/distro/ubuntu20.04-server/"$SDK_BIN" | ||
chmod +x "$SDK_BIN" | ||
echo yes | ./"$SDK_BIN" | ||
- name: Download LocalSecret | ||
|
@@ -133,10 +127,14 @@ jobs: | |
docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/librust_cosmwasm_enclave.signed.so /opt/mount/librust_cosmwasm_enclave.signed.so | ||
docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/librandom_api.so /opt/mount/librandom_api.so | ||
docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/tendermint_enclave.signed.so /opt/mount/tendermint_enclave.signed.so | ||
- uses: actions/download-artifact@v3 | ||
with: | ||
name: contract.wasm | ||
path: ./x/compute/internal/keeper/testdata/ | ||
- uses: actions/download-artifact@v3 | ||
with: | ||
name: contract-v2.wasm | ||
path: ./x/compute/internal/keeper/testdata/ | ||
- uses: actions/download-artifact@v3 | ||
with: | ||
name: v1-contract.wasm | ||
|
@@ -148,23 +146,20 @@ jobs: | |
- uses: actions/download-artifact@v3 | ||
with: | ||
name: contract_with_floats.wasm | ||
path: ./x/compute/internal/keeper/testdata/ | ||
- uses: actions/download-artifact@v3 | ||
with: | ||
name: too-high-initial-memory.wasm | ||
path: ./x/compute/internal/keeper/testdata/ | ||
- uses: actions/download-artifact@v3 | ||
with: | ||
name: static-too-high-initial-memory.wasm | ||
path: ./x/compute/internal/keeper/testdata/ | ||
- name: Setup Files | ||
run: | | ||
find "$(pwd)" -name \*.wasm | ||
cp libgo_cosmwasm.so ./go-cosmwasm/api/libgo_cosmwasm.so | ||
cp librust_cosmwasm_enclave.signed.so ./go-cosmwasm/librust_cosmwasm_enclave.signed.so | ||
# cp /opt/mount/librandom_api.so /usr/lib/librandom_api.so | ||
# cp /opt/mount/tendermint_enclave.signed.so /usr/lib/tendermint_enclave.signed.so | ||
cp contract.wasm ./x/compute/internal/keeper/testdata/contract.wasm | ||
cp too-high-initial-memory.wasm ./x/compute/internal/keeper/testdata/too-high-initial-memory.wasm | ||
cp contract_with_floats.wasm ./x/compute/internal/keeper/testdata/contract_with_floats.wasm | ||
cp static-too-high-initial-memory.wasm ./x/compute/internal/keeper/testdata/static-too-high-initial-memory.wasm | ||
find "$(pwd)" -name \*.wasm | ||
- name: Test x/registration | ||
run: | | ||
|
@@ -175,17 +170,18 @@ jobs: | |
source "$HOME/.sgxsdk/sgxsdk/environment" | ||
export SGX_MODE=SW | ||
cp librust_cosmwasm_enclave.signed.so ./x/compute/internal/keeper | ||
# cp tendermint_enclave.signed.so ./x/compute/internal/keeper | ||
mkdir -p ias_keys/develop | ||
mkdir -p /opt/secret/.sgx_secrets/ | ||
echo "not_a_key" > ias_keys/develop/spid.txt | ||
echo "not_a_key" > ias_keys/develop/api_key.txt | ||
LOG_LEVEL=ERROR go test -v -tags "test" ./x/compute/client/... | ||
LOG_LEVEL=ERROR go test -p 1 -timeout 90m -v -tags "test" ./x/compute/internal/... | ||
LOG_LEVEL=ERROR SKIP_LIGHT_CLIENT_VALIDATION=TRUE go test -p 1 -timeout 90m -v -tags "test" ./x/compute/internal/... | ||
Clippy: | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
- name: Install Intel's SGX SDK | ||
|
@@ -224,28 +220,23 @@ jobs: | |
rustc --version | ||
cargo +stable install xargo --version 0.3.25 | ||
xargo --version | ||
- name: Download sccache | ||
run: | | ||
wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | ||
tar xf ./sccache-*.tar.gz | ||
mv ./sccache*/sccache "$HOME/sccache" | ||
- name: Clippy | ||
run: | | ||
source "$HOME/.sgxsdk/sgxsdk/environment" | ||
mkdir -p ias_keys/production | ||
echo "not_a_key" > ias_keys/production/api_key.txt | ||
cp ias_keys/develop/api_key.txt ias_keys/production/api_key.txt | ||
SGX_MODE=SW make clippy | ||
SGX_MODE=HW make clippy | ||
MacOS-ARM64-CLI: | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
- uses: actions/setup-go@v4 | ||
with: | ||
go-version: 1.19 # The Go version to download (if necessary) and use. | ||
go-version: 1.21 # The Go version to download (if necessary) and use. | ||
- name: Install xgo | ||
run: | | ||
go install github.com/crazy-max/[email protected] | ||
|
@@ -260,7 +251,7 @@ jobs: | |
uses: docker/setup-buildx-action@v2 | ||
with: | ||
driver-opts: network=host | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
- name: Build LocalSecret | ||
|
@@ -276,11 +267,11 @@ jobs: | |
build-args: | | ||
SECRET_NODE_TYPE=BOOTSTRAP | ||
CHAIN_ID=secretdev-1 | ||
FEATURES=debug-print,random | ||
FEATURES_U=debug-print,random,light-client-validation,go-tests | ||
SGX_MODE=SW | ||
target: build-localsecret | ||
cache-from: type=gha | ||
cache-to: type=gha,mode=max | ||
# cache-from: type=gha | ||
# cache-to: type=gha,mode=max | ||
outputs: type=docker,dest=/tmp/localsecret.tar | ||
- name: Upload Image | ||
uses: actions/upload-artifact@v3 | ||
|
@@ -293,7 +284,7 @@ jobs: | |
steps: | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
- name: Build Hermes Image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
|
@@ -315,7 +306,7 @@ jobs: | |
runs-on: ubuntu-20.04 | ||
needs: [Build-LocalSecret, Build-Hermes] | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
- name: Download Hermes | ||
|
@@ -336,6 +327,7 @@ jobs: | |
run: | | ||
cd integration-tests | ||
yarn | ||
perl -i -pe 's/localsecret:.+?"/localsecret:v0.0.0"/' ../deployment/dockerfiles/ibc/docker-compose.yml | ||
docker compose -f ../deployment/dockerfiles/ibc/docker-compose.yml up -d > docker-compose.log 2>&1 | ||
yarn test || { cat docker-compose.log; exit 1; } | ||
make kill-localsecret # next step needs the localsecret ports | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.