chore: remove notary crates

.github/workflows/ci.yml

@@ -11,7 +11,6 @@ on:
 permissions:
   id-token: write
   contents: read
-  attestations: write
 
 env:
   CARGO_TERM_COLOR: always
@@ -22,7 +21,6 @@ env:
   #   - https://github.com/privacy-scaling-explorations/mpz/issues/178
   # 32 seems to be big enough for the foreseeable future
   RAYON_NUM_THREADS: 32
-  GIT_COMMIT_HASH: ${{ github.event.pull_request.head.sha || github.sha }}
   RUST_VERSION: 1.88.0
 
 jobs:
@@ -159,9 +157,6 @@ jobs:
       - name: Use caching
         uses: Swatinem/[email protected]
 
-      - name: Add custom DNS entry to /etc/hosts for notary TLS test
-        run: echo "127.0.0.1 tlsnotaryserver.io" | sudo tee -a /etc/hosts
-
       - name: Run integration tests
         run: cargo test  --locked --profile tests-integration --workspace --exclude tlsn-tls-client --exclude tlsn-tls-core --no-fail-fast -- --include-ignored
 
@@ -186,201 +181,9 @@ jobs:
           files: lcov.info
           fail_ci_if_error: true
 
-  build-sgx:
-    runs-on: ubuntu-latest
-    needs: build-and-test
-    container:
-      image: rust:latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Install Clang
-        run: |
-          apt update
-          apt install -y clang
-
-      - name: Use caching
-        uses: Swatinem/[email protected]
-
-      - name: Build Rust Binary
-        run: |
-          cargo build  --locked --bin notary-server --release --features tee_quote
-          cp --verbose target/release/notary-server $GITHUB_WORKSPACE
-
-      - name: Upload Binary for use in the Gramine Job
-        uses: actions/upload-artifact@v4
-        with:
-          name: notary-server
-          path: notary-server
-          if-no-files-found: error
-
-  gramine-sgx:
-    runs-on: ubuntu-latest
-    needs: build-sgx
-    container:
-      image: gramineproject/gramine:latest
-    if: github.ref == 'refs/heads/dev' || (startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '.'))
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Restore SGX signing key from secrets
-        run: |
-          mkdir -p "${HOME}/.config/gramine/"
-          echo "${{ secrets.SGX_SIGNING_KEY }}" > "${HOME}/.config/gramine/enclave-key.pem"
-          # verify key
-          openssl rsa -in "${HOME}/.config/gramine/enclave-key.pem" -check -noout
-
-      - name: Download notary-server binary from build job
-        uses: actions/download-artifact@v4
-        with:
-          name: notary-server
-          path: crates/notary/server/tee
-
-      - name: Install jq
-        run: |
-          apt update
-          apt install -y jq
-
-      - name: Use Gramine to calculate measurements
-        run: |
-          cd crates/notary/server/tee
-
-          chmod +x notary-server
-
-          gramine-manifest \
-            -Dlog_level=debug \
-            -Darch_libdir=/lib/x86_64-linux-gnu \
-            -Dself_exe=notary-server \
-            notary-server.manifest.template \
-            notary-server.manifest
-
-          gramine-sgx-sign \
-            --manifest notary-server.manifest \
-            --output notary-server.manifest.sgx
-
-          gramine-sgx-sigstruct-view --verbose --output-format=json notary-server.sig | tee >> notary-server-sigstruct.json
-
-          cat notary-server-sigstruct.json
-
-          mr_enclave=$(jq -r '.mr_enclave' notary-server-sigstruct.json)
-          mr_signer=$(jq -r '.mr_signer' notary-server-sigstruct.json)
-
-          echo "mrenclave=$mr_enclave" >>"$GITHUB_OUTPUT"
-          echo "#### sgx mrenclave" | tee >>$GITHUB_STEP_SUMMARY
-          echo "\`\`\`mr_enclave: ${mr_enclave}\`\`\`" | tee >>$GITHUB_STEP_SUMMARY
-          echo "\`\`\`mr_signer: ${mr_signer}\`\`\`" | tee >>$GITHUB_STEP_SUMMARY
-
-      - name: Upload notary-server and signatures
-        id: upload-notary-server-sgx
-        uses: actions/upload-artifact@v4
-        with:
-          name: notary-server-sgx.zip
-          path: |
-            crates/notary/server/tee/notary-server
-            crates/notary/server/tee/notary-server-sigstruct.json
-            crates/notary/server/tee/notary-server.sig
-            crates/notary/server/tee/notary-server.manifest
-            crates/notary/server/tee/notary-server.manifest.sgx
-            crates/notary/server/tee/README.md
-          if-no-files-found: error
-
-      - name: Attest Build Provenance
-        if: startsWith(github.ref, 'refs/tags/') || github.ref == 'refs/heads/dev'
-        uses: actions/attest-build-provenance@v2
-        with:
-            subject-name: notary-server-sgx.zip
-            subject-digest: sha256:${{ steps.upload-notary-server-sgx.outputs.artifact-digest }}
-
-      - uses: geekyeggo/delete-artifact@v5 # Delete notary-server from the build job, It is part of the zipfile with the signature
-        with:
-          name: notary-server
-
-  gramine-sgx-docker:
-    runs-on: ubuntu-latest
-    needs: gramine-sgx
-    permissions:
-      contents: read
-      packages: write
-    env:
-      CONTAINER_REGISTRY: ghcr.io
-    if: github.ref == 'refs/heads/dev' || (startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '.'))
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          sparse-checkout: './crates/notary/server/tee/notary-server-sgx.Dockerfile'
-
-      - name: Download notary-server-sgx.zip from gramine-sgx job
-        uses: actions/download-artifact@v4
-        with:
-          name: notary-server-sgx.zip
-          path: ./notary-server-sgx
-
-      - name: Log in to the Container registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.CONTAINER_REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker image of notary server
-        id: meta-notary-server-sgx
-        uses: docker/metadata-action@v4
-        with:
-          images: ${{ env.CONTAINER_REGISTRY }}/${{ github.repository }}/notary-server-sgx
-
-      - name: Build and push Docker image of notary server
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.meta-notary-server-sgx.outputs.tags }}
-          labels: ${{ steps.meta-notary-server-sgx.outputs.labels }}
-          file: ./crates/notary/server/tee/notary-server-sgx.Dockerfile
-
-  build_and_publish_notary_server_image:
-    name: Build and publish notary server's image
-    runs-on: ubuntu-latest
-    needs: build-and-test
-    permissions:
-      contents: read
-      packages: write
-    env:
-      CONTAINER_REGISTRY: ghcr.io
-    if: github.ref == 'refs/heads/dev' || (startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '.'))
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Log in to the Container registry
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ env.CONTAINER_REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker image of notary server
-        id: meta-notary-server
-        uses: docker/metadata-action@v4
-        with:
-          images: ${{ env.CONTAINER_REGISTRY }}/${{ github.repository }}/notary-server
-
-      - name: Build and push Docker image of notary server
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.meta-notary-server.outputs.tags }}
-          labels: ${{ steps.meta-notary-server.outputs.labels }}
-          file: ./crates/notary/server/notary-server.Dockerfile
-
   create-release-draft:
     name: Create Release Draft
-    needs: build_and_publish_notary_server_image
+    needs: build-and-test
     runs-on: ubuntu-latest
     permissions:
       contents: write