edb debug: Persist credentials unsealed before initialisation

ten-protocol · Nov 5, 2024 · c2bab24 · c2bab24
1 parent fd0a45e
commit c2bab24
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/go/enclave/storage/init/edgelessdb/edgelessdb.go b/go/enclave/storage/init/edgelessdb/edgelessdb.go
@@ -93,7 +93,7 @@ const (
 	//  	- verbose logging on EDB
 	//		- write the edb.pem file out for connecting to Edgeless DB services manually
 	//		- versions of files created with a '.unsealed' suffix that can be used to connect to the database using mysql-client
-	debugMode = false
+	debugMode = true // DO NOT MERGEz
 
 	initFile = "001_init.sql"
 
@@ -258,12 +258,8 @@ func performHandshake(enclaveConfig enclaveconfig.EnclaveConfig, edbCfg *Config,
 	if err != nil {
 		return nil, fmt.Errorf("failed to marshal manifest to json - %w", err)
 	}
-	logger.Info("Initialise edgelessdb with script", "script", string(manifestJSON))
-	err = initialiseEdgelessDB(edbCfg.Host, manifest, edbHTTPClient, logger)
-	if err != nil {
-		return nil, err
-	}
 
+	// persist the credentials before we initialise the edgeless DB
 	edbCreds := &Credentials{
 		EDBCACertPEM: edbPEM,
 		CACertPEM:    caCertPEM,
@@ -289,6 +285,12 @@ func performHandshake(enclaveConfig enclaveconfig.EnclaveConfig, edbCfg *Config,
 		_ = unsealedFile.Close()
 	}
 
+	logger.Info("Initialise edgelessdb with script", "script", string(manifestJSON))
+	err = initialiseEdgelessDB(edbCfg.Host, manifest, edbHTTPClient, logger)
+	if err != nil {
+		return nil, err
+	}
+
 	return edbCreds, nil
 }