config: add root dir to priv validator (#6585)

cmd/tendermint/commands/init.go

@@ -51,8 +51,8 @@ func initFilesWithConfig(config *cfg.Config) error {
 
 	if config.Mode == cfg.ModeValidator {
 		// private validator
-		privValKeyFile := config.PrivValidatorKeyFile()
-		privValStateFile := config.PrivValidatorStateFile()
+		privValKeyFile := config.PrivValidator.KeyFile()
+		privValStateFile := config.PrivValidator.StateFile()
 		if tmos.FileExists(privValKeyFile) {
 			pv, err = privval.LoadFilePV(privValKeyFile, privValStateFile)
 			if err != nil {

cmd/tendermint/commands/reset_priv_validator.go

@@ -41,14 +41,14 @@ var ResetPrivValidatorCmd = &cobra.Command{
 // XXX: this is totally unsafe.
 // it's only suitable for testnets.
 func resetAll(cmd *cobra.Command, args []string) error {
-	return ResetAll(config.DBDir(), config.P2P.AddrBookFile(), config.PrivValidatorKeyFile(),
-		config.PrivValidatorStateFile(), logger)
+	return ResetAll(config.DBDir(), config.P2P.AddrBookFile(), config.PrivValidator.KeyFile(),
+		config.PrivValidator.StateFile(), logger)
 }
 
 // XXX: this is totally unsafe.
 // it's only suitable for testnets.
 func resetPrivValidator(cmd *cobra.Command, args []string) error {
-	return resetFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile(), logger)
+	return resetFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile(), logger)
 }
 
 // ResetAll removes address book files plus all data, and resets the privValdiator data.

cmd/tendermint/commands/show_validator.go

@@ -33,7 +33,12 @@ func showValidator(cmd *cobra.Command, args []string) error {
 	protocol, _ := tmnet.ProtocolAndAddress(config.PrivValidator.ListenAddr)
 	switch protocol {
 	case "grpc":
-		pvsc, err := tmgrpc.DialRemoteSigner(config, config.ChainID(), logger)
+		pvsc, err := tmgrpc.DialRemoteSigner(
+			config.PrivValidator,
+			config.ChainID(),
+			logger,
+			config.Instrumentation.Prometheus,
+		)
 		if err != nil {
 			return fmt.Errorf("can't connect to remote validator %w", err)
 		}
@@ -47,12 +52,12 @@ func showValidator(cmd *cobra.Command, args []string) error {
 		}
 	default:
 
-		keyFilePath := config.PrivValidatorKeyFile()
+		keyFilePath := config.PrivValidator.KeyFile()
 		if !tmos.FileExists(keyFilePath) {
 			return fmt.Errorf("private validator file %s does not exist", keyFilePath)
 		}
 
-		pv, err := privval.LoadFilePV(keyFilePath, config.PrivValidatorStateFile())
+		pv, err := privval.LoadFilePV(keyFilePath, config.PrivValidator.StateFile())
 		if err != nil {
 			return err
 		}

config/config.go

@@ -125,34 +125,10 @@ func (cfg *Config) SetRoot(root string) *Config {
 	cfg.P2P.RootDir = root
 	cfg.Mempool.RootDir = root
 	cfg.Consensus.RootDir = root
+	cfg.PrivValidator.RootDir = root
 	return cfg
 }
 
-// PrivValidatorClientKeyFile returns the full path to the priv_validator_key.json file
-func (cfg Config) PrivValidatorClientKeyFile() string {
-	return rootify(cfg.PrivValidator.ClientKey, cfg.RootDir)
-}
-
-// PrivValidatorClientCertificateFile returns the full path to the priv_validator_key.json file
-func (cfg Config) PrivValidatorClientCertificateFile() string {
-	return rootify(cfg.PrivValidator.ClientCertificate, cfg.RootDir)
-}
-
-// PrivValidatorCertificateAuthorityFile returns the full path to the priv_validator_key.json file
-func (cfg Config) PrivValidatorRootCAFile() string {
-	return rootify(cfg.PrivValidator.RootCA, cfg.RootDir)
-}
-
-// PrivValidatorKeyFile returns the full path to the priv_validator_key.json file
-func (cfg Config) PrivValidatorKeyFile() string {
-	return rootify(cfg.PrivValidator.Key, cfg.RootDir)
-}
-
-// PrivValidatorFile returns the full path to the priv_validator_state.json file
-func (cfg Config) PrivValidatorStateFile() string {
-	return rootify(cfg.PrivValidator.State, cfg.RootDir)
-}
-
 // ValidateBasic performs basic validation (checking param bounds, etc.) and
 // returns an error if any check fails.
 func (cfg *Config) ValidateBasic() error {
@@ -311,19 +287,6 @@ func (cfg BaseConfig) DBDir() string {
 	return rootify(cfg.DBPath, cfg.RootDir)
 }
 
-func (cfg Config) ArePrivValidatorClientSecurityOptionsPresent() bool {
-	switch {
-	case cfg.PrivValidator.RootCA == "":
-		return false
-	case cfg.PrivValidator.ClientKey == "":
-		return false
-	case cfg.PrivValidator.ClientCertificate == "":
-		return false
-	default:
-		return true
-	}
-}
-
 // ValidateBasic performs basic validation (checking param bounds, etc.) and
 // returns an error if any check fails.
 func (cfg BaseConfig) ValidateBasic() error {
@@ -350,6 +313,8 @@ func (cfg BaseConfig) ValidateBasic() error {
 
 // PrivValidatorConfig defines the configuration parameters for running a validator
 type PrivValidatorConfig struct {
+	RootDir string `mapstructure:"home"`
+
 	// Path to the JSON file containing the private key to use as a validator in the consensus protocol
 	Key string `mapstructure:"key-file"`
 
@@ -380,6 +345,44 @@ func DefaultPrivValidatorConfig() *PrivValidatorConfig {
 	}
 }
 
+// ClientKeyFile returns the full path to the priv_validator_key.json file
+func (cfg *PrivValidatorConfig) ClientKeyFile() string {
+	return rootify(cfg.ClientKey, cfg.RootDir)
+}
+
+// ClientCertificateFile returns the full path to the priv_validator_key.json file
+func (cfg *PrivValidatorConfig) ClientCertificateFile() string {
+	return rootify(cfg.ClientCertificate, cfg.RootDir)
+}
+
+// CertificateAuthorityFile returns the full path to the priv_validator_key.json file
+func (cfg *PrivValidatorConfig) RootCAFile() string {
+	return rootify(cfg.RootCA, cfg.RootDir)
+}
+
+// KeyFile returns the full path to the priv_validator_key.json file
+func (cfg *PrivValidatorConfig) KeyFile() string {
+	return rootify(cfg.Key, cfg.RootDir)
+}
+
+// StateFile returns the full path to the priv_validator_state.json file
+func (cfg *PrivValidatorConfig) StateFile() string {
+	return rootify(cfg.State, cfg.RootDir)
+}
+
+func (cfg *PrivValidatorConfig) AreSecurityOptionsPresent() bool {
+	switch {
+	case cfg.RootCA == "":
+		return false
+	case cfg.ClientKey == "":
+		return false
+	case cfg.ClientCertificate == "":
+		return false
+	default:
+		return true
+	}
+}
+
 //-----------------------------------------------------------------------------
 // RPCConfig
 

internal/consensus/common_test.go

@@ -432,9 +432,9 @@ func newStateWithConfigAndBlockStore(
 }
 
 func loadPrivValidator(config *cfg.Config) *privval.FilePV {
-	privValidatorKeyFile := config.PrivValidatorKeyFile()
+	privValidatorKeyFile := config.PrivValidator.KeyFile()
 	ensureDir(filepath.Dir(privValidatorKeyFile), 0700)
-	privValidatorStateFile := config.PrivValidatorStateFile()
+	privValidatorStateFile := config.PrivValidator.StateFile()
 	privValidator, err := privval.LoadOrGenFilePV(privValidatorKeyFile, privValidatorStateFile)
 	if err != nil {
 		panic(err)

internal/consensus/replay_test.go

@@ -706,7 +706,7 @@ func testHandshakeReplay(t *testing.T, sim *simulatorTestSuite, nBlocks int, mod
 		walFile := tempWALWithData(walBody)
 		config.Consensus.SetWalFile(walFile)
 
-		privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
+		privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
 		require.NoError(t, err)
 
 		wal, err := NewWAL(walFile)
@@ -939,7 +939,7 @@ func TestHandshakePanicsIfAppReturnsWrongAppHash(t *testing.T) {
 	//		- 0x03
 	config := ResetConfig("handshake_test_")
 	t.Cleanup(func() { os.RemoveAll(config.RootDir) })
-	privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
+	privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
 	require.NoError(t, err)
 	const appVersion = 0x0
 	pubKey, err := privVal.GetPubKey(context.Background())
@@ -1230,7 +1230,7 @@ func TestHandshakeUpdatesValidators(t *testing.T) {
 	config := ResetConfig("handshake_test_")
 	t.Cleanup(func() { _ = os.RemoveAll(config.RootDir) })
 
-	privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
+	privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
 	require.NoError(t, err)
 	pubKey, err := privVal.GetPubKey(context.Background())
 	require.NoError(t, err)

internal/consensus/wal_generator.go

@@ -40,8 +40,8 @@ func WALGenerateNBlocks(t *testing.T, wr io.Writer, numBlocks int) (err error) {
 	// COPY PASTE FROM node.go WITH A FEW MODIFICATIONS
 	// NOTE: we can't import node package because of circular dependency.
 	// NOTE: we don't do handshake so need to set state.Version.Consensus.App directly.
-	privValidatorKeyFile := config.PrivValidatorKeyFile()
-	privValidatorStateFile := config.PrivValidatorStateFile()
+	privValidatorKeyFile := config.PrivValidator.KeyFile()
+	privValidatorStateFile := config.PrivValidator.StateFile()
 	privValidator, err := privval.LoadOrGenFilePV(privValidatorKeyFile, privValidatorStateFile)
 	if err != nil {
 		return err

node/node.go

@@ -104,7 +104,7 @@ func newDefaultNode(config *cfg.Config, logger log.Logger) (service.Service, err
 
 	var pval *privval.FilePV
 	if config.Mode == cfg.ModeValidator {
-		pval, err = privval.LoadOrGenFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
+		pval, err = privval.LoadOrGenFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
 		if err != nil {
 			return nil, err
 		}
@@ -1176,7 +1176,12 @@ func createAndStartPrivValidatorGRPCClient(
 	chainID string,
 	logger log.Logger,
 ) (types.PrivValidator, error) {
-	pvsc, err := tmgrpc.DialRemoteSigner(config, chainID, logger)
+	pvsc, err := tmgrpc.DialRemoteSigner(
+		config.PrivValidator,
+		chainID,
+		logger,
+		config.Instrumentation.Prometheus,
+	)
 	if err != nil {
 		return nil, fmt.Errorf("failed to start private validator: %w", err)
 	}

node/public.go

@@ -47,7 +47,7 @@ func New(conf *config.Config,
 
 	switch conf.Mode {
 	case config.ModeFull, config.ModeValidator:
-		pval, err := privval.LoadOrGenFilePV(conf.PrivValidatorKeyFile(), conf.PrivValidatorStateFile())
+		pval, err := privval.LoadOrGenFilePV(conf.PrivValidator.KeyFile(), conf.PrivValidator.StateFile())
 		if err != nil {
 			return nil, err
 		}

privval/grpc/util.go

@@ -88,21 +88,22 @@ func GenerateTLS(certPath, keyPath, ca string, log log.Logger) grpc.DialOption {
 
 // DialRemoteSigner is  a generalized function to dial the gRPC server.
 func DialRemoteSigner(
-	config *cfg.Config,
+	config *cfg.PrivValidatorConfig,
 	chainID string,
 	logger log.Logger,
+	usePrometheus bool,
 ) (*SignerClient, error) {
 	var transportSecurity grpc.DialOption
-	if config.ArePrivValidatorClientSecurityOptionsPresent() {
-		transportSecurity = GenerateTLS(config.PrivValidatorClientCertificateFile(),
-			config.PrivValidatorClientKeyFile(), config.PrivValidatorRootCAFile(), logger)
+	if config.AreSecurityOptionsPresent() {
+		transportSecurity = GenerateTLS(config.ClientCertificateFile(),
+			config.ClientKeyFile(), config.RootCAFile(), logger)
 	} else {
 		transportSecurity = grpc.WithInsecure()
 		logger.Info("Using an insecure gRPC connection!")
 	}
 
 	dialOptions := DefaultDialOptions()
-	if config.Instrumentation.Prometheus {
+	if usePrometheus {
 		grpcMetrics := grpc_prometheus.DefaultClientMetrics
 		dialOptions = append(dialOptions, grpc.WithUnaryInterceptor(grpcMetrics.UnaryClientInterceptor()))
 	}
@@ -110,7 +111,7 @@ func DialRemoteSigner(
 	dialOptions = append(dialOptions, transportSecurity)
 
 	ctx := context.Background()
-	_, address := tmnet.ProtocolAndAddress(config.PrivValidator.ListenAddr)
+	_, address := tmnet.ProtocolAndAddress(config.ListenAddr)
 	conn, err := grpc.DialContext(ctx, address, dialOptions...)
 	if err != nil {
 		logger.Error("unable to connect to server", "target", address, "err", err)

rpc/client/evidence_test.go

@@ -124,7 +124,7 @@ func TestBroadcastEvidence_DuplicateVoteEvidence(t *testing.T) {
 
 	chainID := config.ChainID()
 
-	pv, err := privval.LoadOrGenFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
+	pv, err := privval.LoadOrGenFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
 	require.NoError(t, err)
 
 	for i, c := range GetClients(t, n, config) {