Design Session Agenda

# Design Session Agenda ###### tags: `Meetings` ## Upcoming meetings **Jan 26th** * Design of the digest and SANs * Deployment vs. Application * Application is the instance of the software * Deployment is the configuration of the application * The instance of the group of applications requires verification of the peer application * Proposal to have application digest and deployment digest * The problem is with versioning of the applications * Configuration of the applications * So the trust would be of the application not of its digest * When IO is enabled or raw TCP is enabled, the workload will be marked as insecure * Suggestion to not allow raw TCP and IO in the release build * Have a test Steward * Have a test command that always works with the test Steward * Specify test root CA for the enarx.toml `<conf> steward = "attest.profian.com" [test] use test steward = "localhost:1234"` two different commands: enarx deploy and enarx test enarx deploy would fail if anything is insecure Wasmtime has run command so preference is to have enarx run instead of deploy enarx run enarx run --test enarx run --unsafe :) just like Rust Allow overriding the config over enarx test can be a plugin to the enarx binary Have a plugin for testing Allow you to get logs from your application Will read toml and allow to override and will use test and you can use TCP Extract NIL back end int other test package Write down that we can extract NIL back end in future Maybe we can't d it because of the cargo test so maybe we should keep Enarx test is a separate binary Plugin - ability to overwrite Steward in the toml file For MVP we can make it a subcommand Summary The main enarx will have features that will be turned off by default. These features would allow (if turned on at compile time) IO or raw TCP. They will be not compiled. There will be another binary with those All will be in one binary with the release and debug versions Roman will create a summary in a ticket * Update cache command * Metacommand will be smart enough to run what command under the hood * We run registration on the boot * **Dec 22th** | Topic | Owner | Required Participants | | -------- | -------- | -------- | | Shared workflows | Dmitri | Roman, Ben, Patrick | | E2E Tests and automation | Dmitri | Ben, Roman, Patrick | | Network policy | Roman | Harald, Ben, Nathaniel | |   | | | Build a package and do enarx run Deploy the workload somewhere Then involve Steward Have a testing environment Or start the containers [Full transcript of the call.](https://docs.google.com/document/d/1djWCG-3XMAAxCPMJagaFu7J_K4RVzrf04cKkOPWQLqM/edit#heading=h.woc2pjnt60zl) ### Template **Date** | Topic | Owner | Required Participants | | -------- | -------- | -------- | | <Give a breif summary of the design topic to discuss> | <Your name> | <List people who are crucial for the discussion>| |   | | | ## Past meetings **Dec 15th** | Topic | Owner | Required Participants | | -------- | -------- | -------- | | Canceled | |