Skip to content

feat(deploy_tee)!: merge network manifest into config at POST time#44

Merged
samlaf merged 1 commit into
mainfrom
configure-merge-manifest
Jun 30, 2026
Merged

feat(deploy_tee)!: merge network manifest into config at POST time#44
samlaf merged 1 commit into
mainfrom
configure-merge-manifest

Conversation

@samlaf

@samlaf samlaf commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

seismic-tee configure gains a required --manifest. It merges the network-wide manifest into the per-node TOML (as [network].manifest_base64) and POSTs the result, replacing the old flow where the operator pre-embedded [network] into each node.toml. The manifest is one shared artifact across the cohort, so keeping it out of per-node tomls avoids copy-paste and drift. Pairs with tdx-init now requiring [network] (a manifest-less POST 400s).

build_merged_config rejects a node.toml that already carries [network] (single source of truth) and validates the manifest schema before POSTing, so bad bytes fail locally instead of at the node. node.toml stays manifest-free ([domain] + [enclave]); the merge writes a throwaway temp config.

Drop the now-obsolete manifest embed subcommand + embed_into_config: it mutated node.toml to carry [network], which configure now rejects — a subcommand whose output the pipeline refuses. configure merges instead, reusing render_network_section / validate_manifest_schema.

Docs: update README command sequences + schema section and the seismic_node README (also fix its backwards "tdx-init waits for luks-setup" note); fix stale SeismicSystems/tdx-init references to the enclave crate (tdx-init now lives at enclave/crates/tdx-init).

Add test_configure.py (merge / reject-pre-existing-[network] / reject-invalid-manifest); trim the embed test from test_manifest.py.

`seismic-tee configure` gains a required --manifest. It merges the
network-wide manifest into the per-node TOML (as [network].manifest_base64)
and POSTs the result, replacing the old flow where the operator pre-embedded
[network] into each node.toml. The manifest is one shared artifact across
the cohort, so keeping it out of per-node tomls avoids copy-paste and drift.
Pairs with tdx-init now requiring [network] (a manifest-less POST 400s).

build_merged_config rejects a node.toml that already carries [network]
(single source of truth) and validates the manifest schema before POSTing,
so bad bytes fail locally instead of at the node. node.toml stays
manifest-free ([domain] + [enclave]); the merge writes a throwaway temp
config.

Drop the now-obsolete `manifest embed` subcommand + embed_into_config: it
mutated node.toml to carry [network], which configure now rejects — a
subcommand whose output the pipeline refuses. configure merges instead,
reusing render_network_section / validate_manifest_schema.

Docs: update README command sequences + schema section and the seismic_node
README (also fix its backwards "tdx-init waits for luks-setup" note); fix
stale SeismicSystems/tdx-init references to the enclave crate (tdx-init now
lives at enclave/crates/tdx-init).

Add test_configure.py (merge / reject-pre-existing-[network] /
reject-invalid-manifest); trim the embed test from test_manifest.py.
@samlaf samlaf merged commit cb0e5ca into main Jun 30, 2026
1 check passed
@samlaf samlaf deleted the configure-merge-manifest branch June 30, 2026 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant