From 82e83e42a6e72f4c384712fa452f3813eef4ab7c Mon Sep 17 00:00:00 2001 From: "Andres D. Molins" Date: Tue, 28 May 2024 21:01:20 +0200 Subject: [PATCH 1/2] Problem: The server don't have a directory to save the platform certificates generated by sevctl. Solution: Set that directory field on settings class and ensure to create the folder on initialization step. --- src/aleph/vm/conf.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/aleph/vm/conf.py b/src/aleph/vm/conf.py index ef69ffb14..9a5c938ba 100644 --- a/src/aleph/vm/conf.py +++ b/src/aleph/vm/conf.py @@ -267,6 +267,11 @@ class Settings(BaseSettings): "with SEV and SEV-ES", ) + CONFIDENTIAL_DIRECTORY: Path = Field( + None, + description="Confidential Computing default directory. Default to EXECUTION_ROOT/confidential", + ) + # Tests on programs FAKE_DATA_PROGRAM: Optional[Path] = None @@ -409,6 +414,7 @@ def setup(self): os.makedirs(self.EXECUTION_LOG_DIRECTORY, exist_ok=True) os.makedirs(self.PERSISTENT_VOLUMES_DIR, exist_ok=True) + os.makedirs(self.CONFIDENTIAL_DIRECTORY, exist_ok=True) self.API_SERVER = self.API_SERVER.rstrip("/") @@ -467,6 +473,8 @@ def __init__( self.EXECUTION_LOG_DIRECTORY = self.EXECUTION_ROOT / "executions" if not self.JAILER_BASE_DIR: self.JAILER_BASE_DIR = self.EXECUTION_ROOT / "jailer" + if not self.CONFIDENTIAL_DIRECTORY: + self.CONFIDENTIAL_DIRECTORY = self.EXECUTION_ROOT / "confidential" class Config: env_prefix = "ALEPH_VM_" From ff5d87bea9960ec2ec8513b0f97e506a77f42306 Mon Sep 17 00:00:00 2001 From: "Andres D. Molins" Date: Tue, 4 Jun 2024 18:36:03 +0200 Subject: [PATCH 2/2] Fix: Changed confidential path to be on cache namespace. --- src/aleph/vm/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/aleph/vm/conf.py b/src/aleph/vm/conf.py index 9a5c938ba..17e1d23e7 100644 --- a/src/aleph/vm/conf.py +++ b/src/aleph/vm/conf.py @@ -474,7 +474,7 @@ def __init__( if not self.JAILER_BASE_DIR: self.JAILER_BASE_DIR = self.EXECUTION_ROOT / "jailer" if not self.CONFIDENTIAL_DIRECTORY: - self.CONFIDENTIAL_DIRECTORY = self.EXECUTION_ROOT / "confidential" + self.CONFIDENTIAL_DIRECTORY = self.CACHE_ROOT / "confidential" class Config: env_prefix = "ALEPH_VM_"