Fix the quickstart test in the CI.

veracruz-project · Dec 4, 2023 · 24d3f0c · 24d3f0c
1 parent 8b8c304
commit 24d3f0c
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 30 deletions.
diff --git a/crates/policy-utils/src/parsers.rs b/crates/policy-utils/src/parsers.rs
@@ -34,8 +34,8 @@ lalrpop_mod!(pipeline);
 #[cfg(feature = "std")]
 pub fn parse_renamable_path(s: &str) -> Result<(String, path::PathBuf)> {
     match s.splitn(2, '=').collect::<Vec<_>>().as_slice() {
-        [name, path] => Ok((String::from(*name), path::PathBuf::from(*path))),
-        [path] => Ok((String::from(*path), path::PathBuf::from(*path))),
+        [name, path] => Ok((String::from(name.trim()), path::PathBuf::from(path.trim()))),
+        [path] => Ok((String::from(path.trim()), path::PathBuf::from(path.trim()))),
         _ => unreachable!(),
     }
 }

diff --git a/crates/veracruz-client/src/cli.rs b/crates/veracruz-client/src/cli.rs
@@ -157,8 +157,8 @@ fn main() {
     };
     qprintln!(
         opt,
-        "Loaded policy {} {}",
-        opt.policy_path.to_string_lossy(),
+        "Loaded policy {:?} {}",
+        opt.policy_path,
         policy.policy_hash().unwrap_or("???")
     );
 
@@ -183,8 +183,7 @@ fn main() {
     for (program_name, program_path) in opt.program.iter().flatten() {
         qprintln!(
             opt,
-            "Submitting <enclave>/{} from {}",
-            program_name,
+            "Submitting <enclave>{program_name} from {}",
             match program_path.to_string_lossy().as_ref() {
                 "-" => "<stdout>",
                 path => path,
@@ -224,7 +223,7 @@ fn main() {
     for (data_name, data_path) in opt.data.iter().flatten() {
         qprintln!(
             opt,
-            "Submitting <enclave>/{} from {}",
+            "Submitting <enclave>{} from {}",
             data_name,
             match data_path.to_string_lossy().as_ref() {
                 "-" => "<stdout>",
@@ -263,7 +262,7 @@ fn main() {
 
     // request compute(s)?
     for compute_name in opt.compute {
-        qprintln!(opt, "Requesting compute of <enclave>/{}", compute_name);
+        qprintln!(opt, "Requesting compute of <enclave>{}", compute_name);
         did_something = true;
 
         match veracruz_client.request_compute(&compute_name) {
@@ -279,8 +278,7 @@ fn main() {
     for (output_name, output_path) in opt.output.iter().flatten() {
         qprintln!(
             opt,
-            "Reading <enclave>/{} into {}",
-            output_name,
+            "Reading <enclave>{output_name} into {}",
             match output_path.to_string_lossy().as_ref() {
                 "-" => "<stdout>",
                 path => path,

diff --git a/docs/CLI_QUICKSTART.md b/docs/CLI_QUICKSTART.md
@@ -63,6 +63,7 @@ Veracruz supports the direct execution of non-WebAssembly native code via the
 compile the example to WebAssembly, which Rust makes very easy for us:
 
 ``` bash
+$ rustup target add wasm32-wasi
 $ cargo build \
     --manifest-path=workspaces/applications/Cargo.toml \
     --target wasm32-wasi \
@@ -178,18 +179,12 @@ $ vc-pgen \
     --veracruz-server-ip 127.0.0.1:3017 \
     --certificate-expiry "$(date --rfc-2822 -d 'now + 100 days')" \
     --css-file workspaces/linux-runtime/target/debug/linux-runtime-manager \
-    --certificate example/example-program-cert.pem \
-    --capability "/program/:w" \
-    --certificate example/example-data0-cert.pem \
-    --capability "/input/:w" \
-    --certificate example/example-data1-cert.pem \
-    --capability "/input/:w" \
-    --certificate example/example-data2-cert.pem \
-    --capability "/input/:w" \
-    --certificate example/example-result-cert.pem \
-    --capability "/program/:x,/output/:r" \
-    --program-binary /program/example-binary.wasm=example/example-binary.wasm \
-    --capability "/input/:r,/output/:w" \
+    --certificate "example/example-program-cert.pem => ./program/:w" \
+    --certificate "example/example-data0-cert.pem => ./input/:w" \
+    --certificate "example/example-data1-cert.pem => ./input/:w" \
+    --certificate "example/example-data2-cert.pem => ./input/:w" \
+    --certificate "example/example-result-cert.pem => ./program/:x,./output/:r" \
+    --program-binary "./program/example-binary.wasm=example/example-binary.wasm => .:rw" \
     --output-policy-file example/example-policy.json \
     --max-memory-mib 256
 ```
@@ -235,7 +230,7 @@ Server in the background:
 ``` bash
 $ vc-server example/example-policy.json &
 Veracruz Server running on 127.0.0.1:3017
-$ sleep 10
+$ sleep 30
 ```
 
 ## Running the Veracruz Client
@@ -252,7 +247,7 @@ identity with the "ProgramProvider" role:
 $ vc-client example/example-policy.json \
     --identity example/example-program-cert.pem \
     --key example/example-program-key.pem \
-    --program /program/example-binary.wasm=example/example-binary.wasm
+    --program ./program/example-binary.wasm=example/example-binary.wasm
 Loaded policy example/example-policy.json 645ae94ea86eaf15cfc04c07a17bd9b6a3b3b6c3558fae6fb93d8ee4c3e71241
 Connecting to 127.0.0.1:3017
 Submitting <enclave>/example-binary.wasm from example/example-binary.wasm
@@ -267,23 +262,23 @@ different devices:
 $ vc-client example/example-policy.json \
     --identity example/example-data0-cert.pem \
     --key example/example-data0-key.pem \
-    --data /input/shamir-0.dat=<(echo "01dc061a7bdaf77616dd5915f3b4" | xxd -r -p)
+    --data ./input/shamir-0.dat=<(echo "01dc061a7bdaf77616dd5915f3b4" | xxd -r -p)
 Loaded policy example/example-policy.json 645ae94ea86eaf15cfc04c07a17bd9b6a3b3b6c3558fae6fb93d8ee4c3e71241
 Connecting to 127.0.0.1:3017
 Submitting <enclave>/input/shamir-0.dat from /dev/fd/63
 
 $ vc-client example/example-policy.json \
     --identity example/example-data1-cert.pem \
     --key example/example-data1-key.pem \
-    --data /input/shamir-1.dat=<(echo "027f38e27b5a02a288d064965364" | xxd -r -p)
+    --data ./input/shamir-1.dat=<(echo "027f38e27b5a02a288d064965364" | xxd -r -p)
 Loaded policy example/example-policy.json 645ae94ea86eaf15cfc04c07a17bd9b6a3b3b6c3558fae6fb93d8ee4c3e71241
 Connecting to 127.0.0.1:3017
 Submitting <enclave>/input/shamir-1.dat from /dev/fd/63
 
 $ vc-client example/example-policy.json \
     --identity example/example-data2-cert.pem \
     --key example/example-data2-key.pem \
-    --data /input/shamir-2.dat=<(echo "03eb5b946cefd583f17f51e781da" | xxd -r -p)
+    --data ./input/shamir-2.dat=<(echo "03eb5b946cefd583f17f51e781da" | xxd -r -p)
 Loaded policy example/example-policy.json 645ae94ea86eaf15cfc04c07a17bd9b6a3b3b6c3558fae6fb93d8ee4c3e71241
 Connecting to 127.0.0.1:3017
 Submitting <enclave>/input/shamir-2.dat from /dev/fd/63
@@ -296,8 +291,8 @@ with the "RequestResult" role:
 $ vc-client example/example-policy.json \
     --identity example/example-result-cert.pem \
     --key example/example-result-key.pem \
-    --compute /program/example-binary.wasm \
-    --result /output/shamir.dat=-
+    --compute ./program/example-binary.wasm \
+    --result ./output/shamir.dat=-
 Loaded policy example/example-policy.json 645ae94ea86eaf15cfc04c07a17bd9b6a3b3b6c3558fae6fb93d8ee4c3e71241
 Connecting to 127.0.0.1:3017
 Requesting compute of <enclave>/example-binary.wasm

diff --git a/workspaces/shared.mk b/workspaces/shared.mk
@@ -154,7 +154,7 @@ DEFAULT_FLAGS = --proxy-attestation-server-ip 127.0.0.1:3010 \
 $(OUT_DIR)/single_client.json: $(PGEN) $(CREDENTIALS) $(WASM_PROG_FILES) $(RUNTIME_ENCLAVE_BINARY_PATH)
 	cd $(OUT_DIR) ; $(PGEN) --certificate "$(CLIENT_CRT) => $(CLIENT_WRITE_PROG_CAPABILITY)" \
 	    $(DEFAULT_PROGRAM_LIST) \
-	    --pipeline "$(PROGRAM_DIR)random-u32-list.wasm ; if ./output/unsorted_numbers.txt { $(PROGRAM_DIR)sort-numbers.wasm ; } => ./input/:$(READ_RIGHT),./output/:$(READ_WRITE_RIGHT),./services/:$(READ_WRITE_RIGHT)" \
+	    --pipeline "$(PROGRAM_DIR)random-u32-list.wasm ; if ./output/unsorted_numbers.txt { $(PROGRAM_DIR)sort-numbers.wasm ; } => ./input/:$(READ_RIGHT),./output/:$(READ_WRITE_RIGHT),/tmp/:$(READ_WRITE_RIGHT)" \
 		$(DEFAULT_NATIVE_MODULE_LIST) \
         --veracruz-server-ip 127.0.0.1:3011 \
 		$(DEFAULT_FLAGS) \