prepare release

edgelesssys · Oct 22, 2021 · bda6308 · bda6308
1 parent ffc4e19
commit bda6308
Show file tree

Hide file tree

Showing 13 changed files with 35 additions and 33 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -1,5 +1,5 @@
 cmake_minimum_required(VERSION 3.11)
-project(edb VERSION 0.1.1)
+project(edb VERSION 0.2.0)
 
 if (NOT CMAKE_BUILD_TYPE)
   set(CMAKE_BUILD_TYPE Debug)
@@ -245,7 +245,7 @@ add_custom_command(
   OUTPUT edb-enclave.signed
   DEPENDS edb-enclave genkey
   COMMAND openenclave::oesign sign -e $<TARGET_FILE:edb-enclave> -c ${CMAKE_BINARY_DIR}/enclave.conf -k private.pem
-  COMMAND openenclave::oesign eradump -e edb-enclave.signed > edb-enclave.json)
+  COMMAND openenclave::oesign eradump -e edb-enclave.signed > edgelessdb-sgx.json)
 
 add_custom_target(sign-edb ALL DEPENDS edb-enclave.signed)
 

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:focal-20210827 AS build
+FROM ubuntu:focal-20211006 AS build
 
 RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y \
   bbe \
@@ -13,7 +13,7 @@ RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y \
   ninja-build=1.10.0-1build1 \
   zlib1g-dev=1:1.2.11.dfsg-2ubuntu1.2
 
-ARG erttag=v0.2.7 edbtag=v0.1.1
+ARG erttag=v0.2.7 edbtag=v0.2.0
 RUN git clone -b $erttag --depth=1 https://github.com/edgelesssys/edgelessrt \
   && git clone -b $edbtag --depth=1 https://github.com/edgelesssys/edgelessdb \
   && mkdir ertbuild edbbuild
@@ -38,8 +38,8 @@ RUN --mount=type=secret,id=signingkey,dst=/edbbuild/private.pem,required=true \
   && make sign-edb
 
 # deploy
-FROM ubuntu:focal-20210827
-ARG PSW_VERSION=2.13.103.1-focal1 DCAP_VERSION=1.10.103.1-focal1
+FROM ubuntu:focal-20211006
+ARG PSW_VERSION=2.15.100.3-focal1 DCAP_VERSION=1.12.100.3-focal1
 RUN apt update && apt install -y gnupg wget \
   && wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add \
   && echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' >> /etc/apt/sources.list \

diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@ EdgelessDB
 [![Discord Chat][discord-badge]][discord]
 ==
 
-<img src="logo.svg" alt="logo" width="40%">
+<img src="src/logo.svg" alt="logo" width="40%">
 
 [EdgelessDB](https://edgeless.systems/products/edgelessdb) is an open-source MySQL-compatible database for [confidential computing](https://confidentialcomputing.io). EdgelessDB runs entirely inside runtime-encrypted Intel SGX enclaves. In contrast to other databases, EdgelessDB ensures that all data is always encrypted—in memory as well as on disk. EdgelessDB has no storage constraints and delivers close to native performance.
 

diff --git a/ROADMAP.md b/ROADMAP.md
@@ -1,13 +1,13 @@
 # EdgelessDB roadmap
 
-## Recently completed
-* MarbleRun integration
+<!-- ## Recently completed -->
 
-## Near-term and mid-term
-* Azure Marketplace offering
-* Improve performance
+<!-- ## Near-term and mid-term -->
+
+<!-- ## Long-term -->
 
-## Long-term
+* Support InnoDB
+* Improve performance
 * Host migration without requiring to perform recovery
 * Rollback prevention
 * Database replication
diff --git a/charts/Chart.yaml b/charts/Chart.yaml
@@ -1,12 +1,12 @@
 apiVersion: v2
 name: edgelessdb
-description: EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control. 
+description: EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control.
 keywords:
 - database
 - confidential-computing
 type: application
-appVersion: v0.1.1
-version: v0.1.1
+appVersion: v0.2.0
+version: v0.2.0
 maintainers:
   - name: Edgeless Systems
     email: contact@edgeless.systems

diff --git a/charts/README.md b/charts/README.md
@@ -52,7 +52,7 @@ their default values.
 | `edb.simulation`              |bool   | Needs be set to `true` when running on systems without SGX1+FLC capabilities | `false` |
 | `edb.sqlApiHost`              |string | The network address of the MySQL interface | `"0.0.0.0"` |
 | `edb.sqlApiPort`              |int    | Port of the MySQL interface | `3306` |
-| `global.image`                |object | EdgelessDB image configuration | `{"pullPolicy":"IfNotPresent","version":" v0.1.1","repository":"ghcr.io/edgelesssys"}` |
+| `global.image`                |object | EdgelessDB image configuration | `{"pullPolicy":"IfNotPresent","version":" v0.2.0","repository":"ghcr.io/edgelesssys"}` |
 | `global.podAnnotations`       |object | Additional annotations to add to all pods | `{}`|
 | `global.podLabels`            |object | Additional labels to add to all pods | `{}` |
 | `nodeSelector`                |object | NodeSelector section, See the [K8S documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) for more information | `{"beta.kubernetes.io/os": "linux"}` |

diff --git a/charts/values.yaml b/charts/values.yaml
@@ -3,7 +3,7 @@
 global:
   image:
     pullPolicy: IfNotPresent
-    version: v0.1.1
+    version: v0.2.0
     repository: ghcr.io/edgelesssys
 
   createdBy: Helm

diff --git a/demo/README.md b/demo/README.md
@@ -41,7 +41,7 @@ When you initialize EdgelessDB with this manifest, EdgelessDB will use `ca` to v
 Get the attested EdgelessDB root certificate and initialize EdgelessDB with the manifest:
 ```
 cd owner
-era -c ../edb-enclave.json -h localhost:8080 -output-root edb.pem
+era -c ../edgelessdb-sgx.json -h localhost:8080 -output-root edb.pem
 curl --cacert edb.pem --data-binary @../manifest.json https://localhost:8080/manifest
 ```
 
@@ -50,7 +50,7 @@ Get the attested EdgelessDB root certificate and verify the manifest signature:
 ```
 $ cd ../writer
 
-$ era -c ../edb-enclave.json -h localhost:8080 -output-root edb.pem
+$ era -c ../edgelessdb-sgx.json -h localhost:8080 -output-root edb.pem
 Root certificate written to edb.pem
 
 $ curl --cacert edb.pem https://localhost:8080/signature
@@ -82,7 +82,7 @@ First, get the attested EdgelessDB root certificate and verify the manifest sign
 ```
 $ cd ../reader
 
-$ era -c ../edb-enclave.json -h localhost:8080 -output-root edb.pem
+$ era -c ../edgelessdb-sgx.json -h localhost:8080 -output-root edb.pem
 
 [... manifest verification ...]
 

diff --git a/demo/edb-enclave.json → demo/edgelessdb-sgx.json b/demo/edb-enclave.json → demo/edgelessdb-sgx.json
@@ -1,5 +1,5 @@
 {
-	"SecurityVersion": 1,
+	"SecurityVersion": 2,
 	"ProductID": 16,
 	"SignerID": "67d7b00741440d29922a15a9ead427b6faf1d610238ae9826da345cea4fee0fe"
 }
diff --git a/go.mod b/go.mod
@@ -6,9 +6,9 @@ require (
 	github.com/edgelesssys/ego v0.3.2
 	github.com/edgelesssys/era v0.3.1
 	github.com/edgelesssys/marblerun v0.5.0
-	github.com/fatih/color v1.12.0
+	github.com/fatih/color v1.13.0
 	github.com/go-sql-driver/mysql v1.6.0
 	github.com/spf13/afero v1.6.0
 	github.com/stretchr/testify v1.7.0
-	google.golang.org/grpc v1.40.0
+	google.golang.org/grpc v1.41.0
 )
diff --git a/go.sum b/go.sum
@@ -108,7 +108,7 @@ github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
 github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM=
@@ -187,7 +187,7 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
+github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ=
 github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
@@ -197,8 +197,8 @@ github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZM
 github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
-github.com/fatih/color v1.12.0 h1:mRhaKNwANqRgUBGKmnI5ZxEk7QXmjQeCcuYFMX2bfcc=
-github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
+github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
+github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
 github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
@@ -460,12 +460,14 @@ github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7
 github.com/markbates/pkger v0.17.1/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQDXbLhiuI=
 github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
-github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
 github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-colorable v0.1.9 h1:sqDoxXbdeALODt0DAeJCVp38ps9ZogZEAXjus69YV3U=
+github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
-github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
 github.com/mattn/go-oci8 v0.0.7/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI=
 github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
@@ -1034,8 +1036,8 @@ google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8
 google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
 google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
 google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.40.0 h1:AGJ0Ih4mHjSeibYkFGh1dD9KJ/eOtZ93I6hoHhukQ5Q=
-google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
+google.golang.org/grpc v1.41.0 h1:f+PlOh7QV4iIJkPrx5NQ7qaNGFQ3OTse67yaDHfju4E=
+google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=

diff --git a/src/enclave.conf b/src/enclave.conf
@@ -3,4 +3,4 @@ NumHeapPages=@ENCLAVECONF_NUMHEAPPAGES@
 NumStackPages=1024
 NumTCS=64
 ProductID=16
-SecurityVersion=1
+SecurityVersion=2
diff --git a/logo.svg → src/logo.svg b/logo.svg → src/logo.svg