datachainlab
diff --git a/‎.github/dependabot.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/dependabot.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 103 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 13 additions & 5 deletions b/‎.github/workflows/test.yml‎
Lines changed: 13 additions & 5 deletions
diff --git a/‎Dockerfile‎
Lines changed: 4 additions & 2 deletions b/‎Dockerfile‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 1 deletion b/‎README.md‎
Lines changed: 2 additions & 1 deletion
@@ -1,7 +1,7 @@
 version: 2
 updates:
   - package-ecosystem: "cargo"
-    directories: ["/enclaves/**"]
+    directories: ["/enclaves/**/*"]
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 3
 
@@ -0,0 +1,103 @@
+name: Release
+on:
+  workflow_dispatch:
+    inputs:
+      enclave:
+        type: string
+        required: true
+        description: 'Enclave to be released'
+        options:
+          - ethereum
+          - optimism
+          - parlia
+      network:
+        type: string
+        required: true
+        default: mainnet
+        options:
+          - testnet
+          - mainnet
+        description: 'The network on which the enclave runs.'
+      tag:
+        type: string
+        required: true
+        description: 'Tag Name(e.g. v1.2.3)'
+      draft:
+        type: boolean
+        required: true
+        default: false
+        description: 'create a release as draft'
+      prerelease:
+        type: boolean
+        required: true
+        default: false
+        description: 'create a release as prerelease'
+
+jobs:
+  release:
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: write # Push Tag and Create Release
+      packages: write # Push Docker Image to ghcr.io
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Check if tag exists
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER: ${{ github.repository_owner }}
+          REPO: ${{ github.event.repository.name }}
+          TAG: ${{ github.event.inputs.enclave }}-${{ github.event.inputs.network }}-${{ github.event.inputs.tag }}
+        run: |
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+            -H "Authorization: token ${GITHUB_TOKEN}" \
+            "https://api.github.com/repos/${OWNER}/${REPO}/git/refs/tags/${TAG}")
+          if [ "$STATUS" = "200" ]; then
+            echo "🚫 Tag '${TAG}' already exists."
+            exit 1
+          fi
+      - name: Configure Git user
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+      - uses: docker/setup-buildx-action@v3
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+          logout: true
+      - id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}/${{ github.event.inputs.enclave }}/${{ github.event.inputs.network }}
+          tags: |
+            type=sha,prefix=,format=long
+            ${{ github.event.inputs.tag }}
+      - name: Build and Release
+        uses: docker/build-push-action@v5
+        id: docker_build_and_push
+        with:
+          context: .
+          push: true
+          build-args: |
+            LCP_ELC_TYPE=${{ github.event.inputs.enclave }}
+            DEPLOYMENT_NETWORK=${{ github.event.inputs.network }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/${{ github.event.inputs.enclave }}/${{ github.event.inputs.network }}:buildCache
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository }}/${{ github.event.inputs.enclave }}/${{ github.event.inputs.network }}:buildCache,mode=max
+      - name: Create Release
+        uses: softprops/action-gh-release@v2
+        with:
+          name: ${{ github.event.inputs.enclave }}/${{ github.event.inputs.network }}/${{ github.event.inputs.tag }}
+          tag_name: ${{ github.event.inputs.enclave }}-${{ github.event.inputs.network }}-${{ github.event.inputs.tag }}
+          draft: ${{ github.event.inputs.draft }}
+          prerelease: ${{ github.event.inputs.prerelease }}
+          generate_release_notes: true
+          append_body: true
+          body: |
+            ## Docker Image
+            1. Image Digest: ${{ steps.docker_build_and_push.outputs.imageid }}
+            2. [Link to Docker Image](https://github.com/${{ github.repository }}/pkgs/container/${{ github.event.repository.name }}%2F${{ github.event.inputs.enclave }}%2F${{ github.event.inputs.network }}?sha256=${{ steps.docker_build_and_push.outputs.digest }})
@@ -1,4 +1,4 @@
-name: Build enclave images
+name: Test
 on:
   pull_request:
 
@@ -51,8 +51,8 @@ jobs:
       - id: meta
         uses: docker/metadata-action@v5
         with:
-          images: ghcr.io/${{ github.repository }}
-          tags: ${{ matrix.enclave }}-${{ matrix.network }}-${{ github.event.pull_request.head.sha }}
+          images: ghcr.io/${{ github.repository }}/${{ matrix.enclave }}/${{ matrix.network }}
+          tags: ${{ github.event.pull_request.head.sha }}
       - uses: docker/build-push-action@v5
         with:
           context: .
@@ -62,5 +62,13 @@ jobs:
             DEPLOYMENT_NETWORK=${{ matrix.network }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=registry,ref=ghcr.io/${{ github.repository }}:${{ matrix.enclave }}-${{ matrix.network }}-buildCache
-          cache-to: type=registry,ref=ghcr.io/${{ github.repository }}:${{ matrix.enclave }}-${{ matrix.network }}-buildCache,mode=max
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/${{ matrix.enclave }}/${{ matrix.network }}:buildCache
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository }}/${{ matrix.enclave }}/${{ matrix.network }}:buildCache,mode=max
+      - name: Output MRENCLAVE
+        run: |
+          mkdir -p tests/mrenclave
+          docker run -it --rm -v $(pwd)/tests/mrenclave:/tests/mrenclave ghcr.io/${{ github.repository }}/${{ github.event.inputs.enclave }}/${{ github.event.inputs.network }}:${{ github.sha }} \
+          bash -c "/app/scripts/mrenclave.sh /out /tests/mrenclave"
+      - name: Show MRENCLAVE
+        run: |
+          cat tests/mrenclave/mrenclave.txt
@@ -1,4 +1,4 @@
-FROM ubuntu:noble-20250415.1
+FROM ubuntu:noble-20250529
 
 ARG INTEL_SGX_SDK_VERSION=2.25.100.3
 LABEL com.intel.sgx.sdk.version=$INTEL_SGX_SDK_VERSION
@@ -17,7 +17,9 @@ ENV DEBIAN_FRONTEND=noninteractive
 WORKDIR /app
 
 # ref: https://github.com/intel/linux-sgx/blob/sgx_2.25/README.md#install-the-intelr-sgx-sdk
-RUN apt update && apt install -y build-essential curl file python-is-python3 && \
+RUN apt update && apt install -y \
+    build-essential=12.10ubuntu1 \
+    curl file python-is-python3 && \
     rm -rf /var/lib/apt/lists/*
 
 ENV INTEL_SGX_SDK_VERSION=$INTEL_SGX_SDK_VERSION
 
@@ -1 +1,2 @@
-# toki-bridge-lcp-encalves
+# toki-bridge-lcp-enclaves
+
Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`		`-# toki-bridge-lcp-encalves`
	`1`	`+# toki-bridge-lcp-enclaves`
	`2`	`+`