fix:fix some wrong situation and update dockerfile for ceseal

Cargo.toml

@@ -8,7 +8,7 @@ members = [
     "pallets/mq/runtime-api",
     "standalone/chain/*",
     "standalone/teeworker/cifrost",
-    "standalone/handover",
+    "standalone/teeworker/handover",
 ]
 
 resolver = "2"

Makefile

@@ -19,7 +19,7 @@ node:
 cifrost:
 	cargo build -p cifrost ${XARGS}
 handover:
-	cargo build -p handover  ${XARGS}
+	cargo build -p handover --release
 ceseal:
 	make -C standalone/teeworker/ceseal
 test:

scripts/docker/ceseal/gramine/handover.Dockerfile

@@ -22,7 +22,7 @@ RUN <<EOF
   mkdir prebuilt
 EOF
 
-COPY ./scripts/docker/cargo-config.toml /usr/local/cargo/config
+# COPY ./scripts/docker/cargo-config.toml /usr/local/cargo/config
 COPY pallets ./cess-code/pallets
 COPY crates ./cess-code/crates
 COPY standalone ./cess-code/standalone
@@ -32,8 +32,11 @@ ENV VERGEN_GIT_SHA=${GIT_SHA}
 
 RUN <<EOF
   set -e
-  cd cess-code/standalone/teeworker/ceseal/gramine-build
   PATH=$PATH:/root/.cargo/bin
+  cd /root/cess-code
+  make handover
+  cp ./target/release/handover /root/prebuilt
+  cd /root/cess-code/standalone/teeworker/ceseal/gramine-build
   make dist PREFIX=/root/prebuilt
   make clean
   rm -rf /root/.cargo/registry
@@ -42,7 +45,7 @@ EOF
 
 # ====== runtime ======
 
-FROM cesslab/intel-sgx-deno-env:latest AS runtime
+FROM cesslab/intel-sgx-env:latest AS runtime
 
 ARG https_proxy
 ARG http_proxy
@@ -56,15 +59,14 @@ ARG REAL_CESEAL_DATA_DIR=${CESEAL_HOME}/data/${CESEAL_VERSION}
 COPY --from=builder /root/prebuilt/ ${CESEAL_DIR}
 ADD --chmod=0755 ./scripts/docker/ceseal/gramine/start.sh ${CESEAL_DIR}/start.sh
 ADD --chmod=0755 ./scripts/docker/ceseal/gramine/start-with-handover.sh ${CESEAL_HOME}/start.sh
-ADD ./scripts/docker/ceseal/gramine/handover.ts ${CESEAL_HOME}/handover.ts
+
 
 RUN <<EOF
   set -e
   ln -s ${CESEAL_DIR} ${CESEAL_HOME}/releases/current
   mkdir -p ${REAL_CESEAL_DATA_DIR}
   rm -rf ${CESEAL_DIR}/data
   ln -s ${REAL_CESEAL_DATA_DIR} ${CESEAL_DIR}/data
-  deno cache --reload ${CESEAL_HOME}/handover.ts
 EOF
 
 WORKDIR ${CESEAL_HOME}/releases/current

scripts/docker/ceseal/gramine/start-with-handover.sh

@@ -21,10 +21,5 @@ if [ "$SGX" -eq 1 ] && [ "$SKIP_AESMD" -eq 0 ]; then
   fi
 fi
 
-cd /opt/ceseal && deno run --allow-all handover.ts
-if [ $? -eq 0 ]
-then
-  cd /opt/ceseal/releases/current && SKIP_AESMD=1 ./start.sh
-else
-  exit 1
-fi
+./handover
+cd /opt/ceseal/releases/current && SKIP_AESMD=1 ./start.sh

standalone/handover/src/main.rs → standalone/teeworker/handover/src/main.rs

@@ -109,10 +109,9 @@ async fn main() {
 	.expect("wait for previous ceseal log fail");
 	log(format!("previous ceseal started!"));
 
-	let current_ceseal_storage_path =
-		Path::new(&args.current_version_ceseal_path).join(&args.ceseal_storage_files_path);
-	let previous_ceseal_storage_path = previous_ceseal_path.join(&args.ceseal_storage_files_path);
-	ensure_data_dir(current_ceseal_storage_path.parent().unwrap().to_str().unwrap())
+	let current_ceseal_real_storage_path =
+		Path::new(&args.ceseal_data_path).join(&current_version.to_string());
+	ensure_data_dir(&current_ceseal_real_storage_path)
 		.await
 		.expect("ensure current data dir fail");
 
@@ -141,6 +140,9 @@ async fn main() {
 	old_process.kill().await.expect("old ceseal stop fail");
 	kill_previous_ceseal(previous_version).await;
 
+	let current_ceseal_storage_path =
+		Path::new(&args.current_version_ceseal_path).join(&args.ceseal_storage_files_path);
+	let previous_ceseal_storage_path = previous_ceseal_path.join(&args.ceseal_storage_files_path);
 	match tokio::fs::remove_dir_all(&current_ceseal_storage_path).await {
 		Ok(_) => log("Removed current storage successfully.".to_string()),
 		Err(e) => eprintln!("Error removing previous storage: {}", e),
@@ -300,19 +302,19 @@ pub async fn confirm_previous_ceseal_version(
 	Ok(previous_version)
 }
 
-async fn ensure_data_dir(data_dir: &str) -> Result<(), std::io::Error> {
-	if !Path::new(data_dir).exists() {
+async fn ensure_data_dir(data_dir: &Path) -> Result<(), std::io::Error> {
+	if !data_dir.exists() {
 		tokio::fs::create_dir_all(data_dir).await?;
 	}
 
 	// Create the protected_files subdirectory if it does not exist
-	let protected_files_dir = Path::new(data_dir).join("protected_files");
+	let protected_files_dir = data_dir.join("protected_files");
 	if !protected_files_dir.exists() {
 		tokio::fs::create_dir_all(&protected_files_dir).await?;
 		log("create protected file for current ceseal...".to_string())
 	}
 
-	let storage_files_dir = Path::new(data_dir).join("storage_files");
+	let storage_files_dir = data_dir.join("storage_files");
 	if !storage_files_dir.exists() {
 		tokio::fs::create_dir_all(&storage_files_dir).await?;
 		log("create storage file for current ceseal...".to_string())