Skip to content

Create enclave ami for enclave test #277

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: celo-integration-rebase-14.1
Choose a base branch
from
Open

Create enclave ami for enclave test #277

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ed6c20d
create enclave ami
dailinsubjam Nov 14, 2025
a8d9059
use new ami and restore the ci workflow and update enclave prepare am…
dailinsubjam Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/espresso-enclave.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ jobs:
- name: Launch EC2 Instance
id: ec2
run: |
AMI_ID=ami-0ff5662328e9bbc2f
AMI_ID=ami-088107b1b9cba4cbf
INSTANCE_ID=$(aws ec2 run-instances \
--image-id "$AMI_ID" \
--count 1 \
Expand Down
2 changes: 1 addition & 1 deletion README_ESPRESSO.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -401,7 +401,7 @@ In order to run the tests for the enclave in EC2 via github actions one must cre
}
```

Currently, the github workflow in `.github/workflows/enclave.yaml` relies on a custom AWS AMI with id `ami-0ff5662328e9bbc2f`.
Currently, the github workflow in `.github/workflows/enclave.yaml` relies on a custom AWS AMI with id `ami-088107b1b9cba4cbf`.
In order to refresh this AMI one needs to:
1. Create an AWS EC2 instance with the characteristics described in (see `.github/workflows/enclave.yaml` *Launch EC2 Instance* job).
2. Copy the script `espresso/scrips/enclave-prepare-ami.sh` in the EC2 instance (e.g. using scp) and run it.
Expand Down
20 changes: 11 additions & 9 deletions espresso/scripts/enclave-prepare-ami.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,26 @@ set -euo pipefail
set -x

echo "[*] Setting up Nix"
sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --daemon --no-confirm
sh <(curl --proto '=https' --tlsv1.2 -sSfL https://nixos.org/nix/install) --daemon --yes
source /etc/profile.d/nix.sh
nix-env -iA cachix -f https://cachix.org/api/v1/install
mkdir -p ~/.config/nix
echo "trusted-users = root ec2-user" | sudo tee -a /etc/nix/nix.conf && sudo pkill nix-daemon


echo "[*] Installing dependencies..."
sudo yum update -y
sudo yum install -y git docker
sudo amazon-linux-extras enable aws-nitro-enclaves-cli
sudo yum install -y aws-nitro-enclaves-cli-1.4.2
sudo dnf update -y
sudo dnf install -y git docker gcc

# Nitro Enclaves CLI for Amazon Linux 2023
sudo dnf install -y aws-nitro-enclaves-cli aws-nitro-enclaves-cli-devel
sudo systemctl enable docker
sudo systemctl start docker
sudo usermod -aG ne ec2-user || true
sudo usermod -aG docker ec2-user || true

# Workaround due to https://github.com/foundry-rs/foundry/issues/4736
sudo yum install -y gcc
# Rust + svm workaround
curl https://sh.rustup.rs -sSf | sh -s -- -y
. $HOME/.cargo/env
. "$HOME/.cargo/env"
cargo install svm-rs
svm install 0.8.15
svm install 0.8.19
Expand Down
Loading