Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to newer aws-nitro-enclaves-cli #505

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Upgrade to newer aws-nitro-enclaves-cli #505

wants to merge 1 commit into from

Conversation

cr-tk
Copy link
Collaborator

@cr-tk cr-tk commented Feb 28, 2025

Summary & Motivation (Problem vs. Solution)

We rely on several AWS NSM crates. After a long break, AWS released a new version of aws-nitro-enclaves-cli that we should adopt, see here for changelog information.

Along the way

  • update the aws-nitro-enclaves-nsm-api, which is basically just a MSRV update
  • harmonize the libc minimum version, which doesn't change any Cargo.lock entries

These changes move us closer to getting rid of the unmaintained atty crate, which is now removed in most places through a switch to clap 4.x that doesn't depend on it anymore. Unfortunately, one usage site remains with aws-nitro-enclaves-image-format, which still depends on clap 3.x even in a recent version.

The dependency changes bring a lot of review tasks:

review tasks: 40 crates, of which 23 are full and 17 are partial

17 of the completely new crates are aws-* crates, which helps a bit to establish trustworthiness.
At the moment, aws-nitro-enclaves-cli doesn't have Cargo features we can disable, so this dependency load is hard to reduce from my perspective.

How I Tested These Changes

Local unit tests.

This change needs thorough testing in various testing environments.

Pre merge check list

  • Update CHANGELOG.MD

@cr-tk cr-tk force-pushed the christian/aws-nitro-cli-bump1 branch from d3cbce5 to 4017517 Compare February 28, 2025 16:57
@cr-tk
Copy link
Collaborator Author

cr-tk commented Feb 28, 2025
edited
Loading

Rebased on top of the now-merged #504 to fix build problems. Ready for review - still working on the build problems.

@cr-tk cr-tk marked this pull request as ready for review February 28, 2025 16:58
@cr-tk cr-tk requested a review from a team as a code owner February 28, 2025 16:58
@cr-tk
Switch to newer aws-nitro-enclaves-cli, aws-nitro-enclaves-nsm-api mi…
eee0eab 
…nor versions

Additional steps:
harmonize the libc minimum version
@cr-tk cr-tk force-pushed the christian/aws-nitro-cli-bump1 branch from 4017517 to eee0eab Compare March 12, 2025 15:30
@cr-tk cr-tk added the enhancement New feature or request label Mar 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cr-tk