Merge pull request #7101 from paritytech/secretstore_kovan
SecretStore: Kovan integration initial version
This commit is contained in:
Marek Kotewicz
GitHub
@@ -555,6 +555,10 @@ usage! {
|
||||
"--no-acl-check",
|
||||
"Disable ACL check (useful for test environments).",
|
||||
|
||||
ARG arg_secretstore_contract: (String) = "none", or |c: &Config| otry!(c.secretstore).service_contract.clone(),
|
||||
"--secretstore-contract=[SOURCE]",
|
||||
"Secret Store Service contract address source: none, registry (contract address is read from registry) or address.",
|
||||
|
||||
ARG arg_secretstore_nodes: (String) = "", or |c: &Config| otry!(c.secretstore).nodes.as_ref().map(|vec| vec.join(",")),
|
||||
"--secretstore-nodes=[NODES]",
|
||||
"Comma-separated list of other secret store cluster nodes in form NODE_PUBLIC_KEY_IN_HEX@NODE_IP_ADDR:NODE_PORT.",
|
||||
@@ -1093,6 +1097,7 @@ struct SecretStore {
|
||||
disable: Option<bool>,
|
||||
disable_http: Option<bool>,
|
||||
disable_acl_check: Option<bool>,
|
||||
service_contract: Option<String>,
|
||||
self_secret: Option<String>,
|
||||
admin_public: Option<String>,
|
||||
nodes: Option<Vec<String>>,
|
||||
@@ -1494,6 +1499,7 @@ mod tests {
|
||||
flag_no_secretstore: false,
|
||||
flag_no_secretstore_http: false,
|
||||
flag_no_secretstore_acl_check: false,
|
||||
arg_secretstore_contract: "none".into(),
|
||||
arg_secretstore_secret: None,
|
||||
arg_secretstore_admin_public: None,
|
||||
arg_secretstore_nodes: "".into(),
|
||||
@@ -1737,6 +1743,7 @@ mod tests {
|
||||
disable: None,
|
||||
disable_http: None,
|
||||
disable_acl_check: None,
|
||||
service_contract: None,
|
||||
self_secret: None,
|
||||
admin_public: None,
|
||||
nodes: None,
|
||||
|
||||
@@ -80,6 +80,7 @@ pass = "test_pass"
|
||||
disable = false
|
||||
disable_http = false
|
||||
disable_acl_check = false
|
||||
service_contract = "none"
|
||||
nodes = []
|
||||
http_interface = "local"
|
||||
http_port = 8082
|
||||
|
||||
@@ -46,7 +46,7 @@ use ethcore_logger::Config as LogConfig;
|
||||
use dir::{self, Directories, default_hypervisor_path, default_local_path, default_data_path};
|
||||
use dapps::Configuration as DappsConfiguration;
|
||||
use ipfs::Configuration as IpfsConfiguration;
|
||||
use secretstore::{Configuration as SecretStoreConfiguration, NodeSecretKey};
|
||||
use secretstore::{NodeSecretKey, Configuration as SecretStoreConfiguration, ContractAddress as SecretStoreContractAddress};
|
||||
use updater::{UpdatePolicy, UpdateFilter, ReleaseTrack};
|
||||
use run::RunCmd;
|
||||
use blockchain::{BlockchainCmd, ImportBlockchain, ExportBlockchain, KillBlockchain, ExportState, DataFormat};
|
||||
@@ -608,6 +608,7 @@ impl Configuration {
|
||||
enabled: self.secretstore_enabled(),
|
||||
http_enabled: self.secretstore_http_enabled(),
|
||||
acl_check_enabled: self.secretstore_acl_check_enabled(),
|
||||
service_contract_address: self.secretstore_service_contract_address()?,
|
||||
self_secret: self.secretstore_self_secret()?,
|
||||
nodes: self.secretstore_nodes()?,
|
||||
interface: self.secretstore_interface(),
|
||||
@@ -1085,6 +1086,14 @@ impl Configuration {
|
||||
!self.args.flag_no_secretstore_acl_check
|
||||
}
|
||||
|
||||
fn secretstore_service_contract_address(&self) -> Result<Option<SecretStoreContractAddress>, String> {
|
||||
Ok(match self.args.arg_secretstore_contract.as_ref() {
|
||||
"none" => None,
|
||||
"registry" => Some(SecretStoreContractAddress::Registry),
|
||||
a => Some(SecretStoreContractAddress::Address(a.parse().map_err(|e| format!("{}", e))?)),
|
||||
})
|
||||
}
|
||||
|
||||
fn ui_enabled(&self) -> bool {
|
||||
if self.args.flag_force_ui {
|
||||
return true;
|
||||
|
||||
@@ -785,6 +785,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
|
||||
// secret store key server
|
||||
let secretstore_deps = secretstore::Dependencies {
|
||||
client: client.clone(),
|
||||
sync: sync_provider.clone(),
|
||||
account_provider: account_provider,
|
||||
accounts_passwords: &passwords,
|
||||
};
|
||||
|
||||
@@ -20,11 +20,12 @@ use dir::default_data_path;
|
||||
use ethcore::account_provider::AccountProvider;
|
||||
use ethcore::client::Client;
|
||||
use ethkey::{Secret, Public};
|
||||
use ethsync::SyncProvider;
|
||||
use helpers::replace_home;
|
||||
use util::Address;
|
||||
|
||||
#[derive(Debug, PartialEq, Clone)]
|
||||
/// This node secret key.
|
||||
#[derive(Debug, PartialEq, Clone)]
|
||||
pub enum NodeSecretKey {
|
||||
/// Stored as plain text in configuration file.
|
||||
Plain(Secret),
|
||||
@@ -32,6 +33,15 @@ pub enum NodeSecretKey {
|
||||
KeyStore(Address),
|
||||
}
|
||||
|
||||
/// Secret store service contract address.
|
||||
#[derive(Debug, PartialEq, Clone)]
|
||||
pub enum ContractAddress {
|
||||
/// Contract address is read from registry.
|
||||
Registry,
|
||||
/// Contract address is specified.
|
||||
Address(Address),
|
||||
}
|
||||
|
||||
#[derive(Debug, PartialEq, Clone)]
|
||||
/// Secret store configuration
|
||||
pub struct Configuration {
|
||||
@@ -41,6 +51,8 @@ pub struct Configuration {
|
||||
pub http_enabled: bool,
|
||||
/// Is ACL check enabled.
|
||||
pub acl_check_enabled: bool,
|
||||
/// Service contract address.
|
||||
pub service_contract_address: Option<ContractAddress>,
|
||||
/// This node secret.
|
||||
pub self_secret: Option<NodeSecretKey>,
|
||||
/// Other nodes IDs + addresses.
|
||||
@@ -63,6 +75,8 @@ pub struct Configuration {
|
||||
pub struct Dependencies<'a> {
|
||||
/// Blockchain client.
|
||||
pub client: Arc<Client>,
|
||||
/// Sync provider.
|
||||
pub sync: Arc<SyncProvider>,
|
||||
/// Account provider.
|
||||
pub account_provider: Arc<AccountProvider>,
|
||||
/// Passed accounts passwords.
|
||||
@@ -90,7 +104,7 @@ mod server {
|
||||
use ethcore_secretstore;
|
||||
use ethkey::KeyPair;
|
||||
use ansi_term::Colour::Red;
|
||||
use super::{Configuration, Dependencies, NodeSecretKey};
|
||||
use super::{Configuration, Dependencies, NodeSecretKey, ContractAddress};
|
||||
|
||||
/// Key server
|
||||
pub struct KeyServer {
|
||||
@@ -134,6 +148,10 @@ mod server {
|
||||
address: conf.http_interface.clone(),
|
||||
port: conf.http_port,
|
||||
}) } else { None },
|
||||
service_contract_address: conf.service_contract_address.map(|c| match c {
|
||||
ContractAddress::Registry => ethcore_secretstore::ContractAddress::Registry,
|
||||
ContractAddress::Address(address) => ethcore_secretstore::ContractAddress::Address(address),
|
||||
}),
|
||||
data_path: conf.data_path.clone(),
|
||||
acl_check_enabled: conf.acl_check_enabled,
|
||||
cluster_config: ethcore_secretstore::ClusterConfiguration {
|
||||
@@ -153,7 +171,7 @@ mod server {
|
||||
|
||||
cconf.cluster_config.nodes.insert(self_secret.public().clone(), cconf.cluster_config.listener_address.clone());
|
||||
|
||||
let key_server = ethcore_secretstore::start(deps.client, self_secret, cconf)
|
||||
let key_server = ethcore_secretstore::start(deps.client, deps.sync, self_secret, cconf)
|
||||
.map_err(|e| format!("Error starting KeyServer {}: {}", key_server_name, e))?;
|
||||
|
||||
Ok(KeyServer {
|
||||
@@ -172,6 +190,7 @@ impl Default for Configuration {
|
||||
enabled: true,
|
||||
http_enabled: true,
|
||||
acl_check_enabled: true,
|
||||
service_contract_address: None,
|
||||
self_secret: None,
|
||||
admin_public: None,
|
||||
nodes: BTreeMap::new(),
|
||||
|
||||
Reference in New Issue
Block a user