KM upgrade E2E test

[ptrus]

Closes: #2517

TODO:

• instead of using the OASIS_UNSAFE_KM_POLICY_THRESHOLD build-time-flag to ensure different binaries, just duplicate the test-keymanager crate with a change, it will make the code simpler
• will be done in a separate PR. Last part of the test (running the client again with the new km), is not working yet, requires: Notify runtimes of its key manager policy updates #2919 (potentially do it as part of this PR)
  • will be handled in a separate PR
• address the remaining todo: https://github.com/oasislabs/oasis-core/pull/2920/files#diff-59b3c0087bae96951be3b7509d5cd9b7R560-R563

[codecov]

Codecov Report

Merging #2920 into master will increase coverage by 0.35%.
The diff coverage is 78.57%.

@@            Coverage Diff             @@
##           master    #2920      +/-   ##
==========================================
+ Coverage   68.13%   68.48%   +0.35%     
==========================================
  Files         360      360              
  Lines       34934    34947      +13     
==========================================
+ Hits        23802    23935     +133     
+ Misses       8041     7933     -108     
+ Partials     3091     3079      -12     

Impacted Files	Coverage Δ
go/worker/keymanager/worker.go	65.95% <76.92%> (+0.65%)	⬆️
go/worker/keymanager/init.go	70.21% <100.00%> (+0.64%)	⬆️
go/common/cbor/codec.go	77.14% <0.00%> (-5.72%)	⬇️
go/runtime/tagindexer/tagindexer.go	68.47% <0.00%> (-4.35%)	⬇️
go/worker/common/committee/group.go	79.27% <0.00%> (-1.32%)	⬇️
go/storage/mkvs/iterator.go	84.37% <0.00%> (-1.25%)	⬇️
go/runtime/transaction/transaction.go	75.75% <0.00%> (-1.22%)	⬇️
go/worker/compute/merge/committee/node.go	75.87% <0.00%> (-0.75%)	⬇️
go/runtime/client/client.go	72.99% <0.00%> (ø)
...o/consensus/tendermint/apps/staking/state/state.go	57.87% <0.00%> (+0.40%)	⬆️
... and 29 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6ccba9c...92b62f2. Read the comment docs.

[ptrus]

If the "register as a keymanager on the first status update" fix is ok (see changelog fragment), i'll fix this properly by waiting for KM initialization, but didn't want to implement that before the fix is acked, as it might not be needed if we decide for a different fix (e.g. maybe just retrying the initialization)

[kostko]

Wouldn't something be needed in either case with the "key manager always registers"? E.g., even if you retry, the retry could happen later than the key manager actually registering with correct ExtraInfo? So maybe we should do #2130 and then you could call WaitReady on the key manager node(s) to check if they are really ready?

[ptrus]

Yeah would be, but if i revert the "km always registers" and only replace it it with retrying the initialization no changes are needed here - so i think i'll do just that.

[ptrus]

Once we have #2130 we should change the code here to wait for ready, and we can also bring back the "km always registers" fix, since i think is generally a bit nicer than the current "hack" to only register after initial failure :-)

[kostko]

Maybe mention this in #2130 (and add a comment in the code) so that we don't forget about it?

[ptrus]

done, i'll mention on the issue once this is merged so i can permalink to code

[kostko]

Wouldn't something be needed in either case with the "key manager always registers"? E.g., even if you retry, the retry could happen later than the key manager actually registering with correct ExtraInfo? So maybe we should do #2130 and then you could call WaitReady on the key manager node(s) to check if they are really ready?

[Yawning]

At some point, we probably should get rid of the hack that sets the threshold to 2 when using test keys. Also either leave a comment here, or pick a different way to force the MRENCLAVE to change.

[ptrus]

thx for the reviews