Browse Source

config: add root dir to priv validator (#6585)

pull/6591/head
Callum Waters 4 years ago
committed by GitHub
parent
commit
c0f7fb08c0
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 77 additions and 63 deletions
  1. +2
    -2
      cmd/tendermint/commands/init.go
  2. +3
    -3
      cmd/tendermint/commands/reset_priv_validator.go
  3. +8
    -3
      cmd/tendermint/commands/show_validator.go
  4. +41
    -38
      config/config.go
  5. +2
    -2
      internal/consensus/common_test.go
  6. +3
    -3
      internal/consensus/replay_test.go
  7. +2
    -2
      internal/consensus/wal_generator.go
  8. +7
    -2
      node/node.go
  9. +1
    -1
      node/public.go
  10. +7
    -6
      privval/grpc/util.go
  11. +1
    -1
      rpc/client/evidence_test.go

+ 2
- 2
cmd/tendermint/commands/init.go View File

@ -51,8 +51,8 @@ func initFilesWithConfig(config *cfg.Config) error {
if config.Mode == cfg.ModeValidator {
// private validator
privValKeyFile := config.PrivValidatorKeyFile()
privValStateFile := config.PrivValidatorStateFile()
privValKeyFile := config.PrivValidator.KeyFile()
privValStateFile := config.PrivValidator.StateFile()
if tmos.FileExists(privValKeyFile) {
pv, err = privval.LoadFilePV(privValKeyFile, privValStateFile)
if err != nil {


+ 3
- 3
cmd/tendermint/commands/reset_priv_validator.go View File

@ -41,14 +41,14 @@ var ResetPrivValidatorCmd = &cobra.Command{
// XXX: this is totally unsafe.
// it's only suitable for testnets.
func resetAll(cmd *cobra.Command, args []string) error {
return ResetAll(config.DBDir(), config.P2P.AddrBookFile(), config.PrivValidatorKeyFile(),
config.PrivValidatorStateFile(), logger)
return ResetAll(config.DBDir(), config.P2P.AddrBookFile(), config.PrivValidator.KeyFile(),
config.PrivValidator.StateFile(), logger)
}
// XXX: this is totally unsafe.
// it's only suitable for testnets.
func resetPrivValidator(cmd *cobra.Command, args []string) error {
return resetFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile(), logger)
return resetFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile(), logger)
}
// ResetAll removes address book files plus all data, and resets the privValdiator data.


+ 8
- 3
cmd/tendermint/commands/show_validator.go View File

@ -33,7 +33,12 @@ func showValidator(cmd *cobra.Command, args []string) error {
protocol, _ := tmnet.ProtocolAndAddress(config.PrivValidator.ListenAddr)
switch protocol {
case "grpc":
pvsc, err := tmgrpc.DialRemoteSigner(config, config.ChainID(), logger)
pvsc, err := tmgrpc.DialRemoteSigner(
config.PrivValidator,
config.ChainID(),
logger,
config.Instrumentation.Prometheus,
)
if err != nil {
return fmt.Errorf("can't connect to remote validator %w", err)
}
@ -47,12 +52,12 @@ func showValidator(cmd *cobra.Command, args []string) error {
}
default:
keyFilePath := config.PrivValidatorKeyFile()
keyFilePath := config.PrivValidator.KeyFile()
if !tmos.FileExists(keyFilePath) {
return fmt.Errorf("private validator file %s does not exist", keyFilePath)
}
pv, err := privval.LoadFilePV(keyFilePath, config.PrivValidatorStateFile())
pv, err := privval.LoadFilePV(keyFilePath, config.PrivValidator.StateFile())
if err != nil {
return err
}


+ 41
- 38
config/config.go View File

@ -125,34 +125,10 @@ func (cfg *Config) SetRoot(root string) *Config {
cfg.P2P.RootDir = root
cfg.Mempool.RootDir = root
cfg.Consensus.RootDir = root
cfg.PrivValidator.RootDir = root
return cfg
}
// PrivValidatorClientKeyFile returns the full path to the priv_validator_key.json file
func (cfg Config) PrivValidatorClientKeyFile() string {
return rootify(cfg.PrivValidator.ClientKey, cfg.RootDir)
}
// PrivValidatorClientCertificateFile returns the full path to the priv_validator_key.json file
func (cfg Config) PrivValidatorClientCertificateFile() string {
return rootify(cfg.PrivValidator.ClientCertificate, cfg.RootDir)
}
// PrivValidatorCertificateAuthorityFile returns the full path to the priv_validator_key.json file
func (cfg Config) PrivValidatorRootCAFile() string {
return rootify(cfg.PrivValidator.RootCA, cfg.RootDir)
}
// PrivValidatorKeyFile returns the full path to the priv_validator_key.json file
func (cfg Config) PrivValidatorKeyFile() string {
return rootify(cfg.PrivValidator.Key, cfg.RootDir)
}
// PrivValidatorFile returns the full path to the priv_validator_state.json file
func (cfg Config) PrivValidatorStateFile() string {
return rootify(cfg.PrivValidator.State, cfg.RootDir)
}
// ValidateBasic performs basic validation (checking param bounds, etc.) and
// returns an error if any check fails.
func (cfg *Config) ValidateBasic() error {
@ -311,19 +287,6 @@ func (cfg BaseConfig) DBDir() string {
return rootify(cfg.DBPath, cfg.RootDir)
}
func (cfg Config) ArePrivValidatorClientSecurityOptionsPresent() bool {
switch {
case cfg.PrivValidator.RootCA == "":
return false
case cfg.PrivValidator.ClientKey == "":
return false
case cfg.PrivValidator.ClientCertificate == "":
return false
default:
return true
}
}
// ValidateBasic performs basic validation (checking param bounds, etc.) and
// returns an error if any check fails.
func (cfg BaseConfig) ValidateBasic() error {
@ -350,6 +313,8 @@ func (cfg BaseConfig) ValidateBasic() error {
// PrivValidatorConfig defines the configuration parameters for running a validator
type PrivValidatorConfig struct {
RootDir string `mapstructure:"home"`
// Path to the JSON file containing the private key to use as a validator in the consensus protocol
Key string `mapstructure:"key-file"`
@ -380,6 +345,44 @@ func DefaultPrivValidatorConfig() *PrivValidatorConfig {
}
}
// ClientKeyFile returns the full path to the priv_validator_key.json file
func (cfg *PrivValidatorConfig) ClientKeyFile() string {
return rootify(cfg.ClientKey, cfg.RootDir)
}
// ClientCertificateFile returns the full path to the priv_validator_key.json file
func (cfg *PrivValidatorConfig) ClientCertificateFile() string {
return rootify(cfg.ClientCertificate, cfg.RootDir)
}
// CertificateAuthorityFile returns the full path to the priv_validator_key.json file
func (cfg *PrivValidatorConfig) RootCAFile() string {
return rootify(cfg.RootCA, cfg.RootDir)
}
// KeyFile returns the full path to the priv_validator_key.json file
func (cfg *PrivValidatorConfig) KeyFile() string {
return rootify(cfg.Key, cfg.RootDir)
}
// StateFile returns the full path to the priv_validator_state.json file
func (cfg *PrivValidatorConfig) StateFile() string {
return rootify(cfg.State, cfg.RootDir)
}
func (cfg *PrivValidatorConfig) AreSecurityOptionsPresent() bool {
switch {
case cfg.RootCA == "":
return false
case cfg.ClientKey == "":
return false
case cfg.ClientCertificate == "":
return false
default:
return true
}
}
//-----------------------------------------------------------------------------
// RPCConfig


+ 2
- 2
internal/consensus/common_test.go View File

@ -432,9 +432,9 @@ func newStateWithConfigAndBlockStore(
}
func loadPrivValidator(config *cfg.Config) *privval.FilePV {
privValidatorKeyFile := config.PrivValidatorKeyFile()
privValidatorKeyFile := config.PrivValidator.KeyFile()
ensureDir(filepath.Dir(privValidatorKeyFile), 0700)
privValidatorStateFile := config.PrivValidatorStateFile()
privValidatorStateFile := config.PrivValidator.StateFile()
privValidator, err := privval.LoadOrGenFilePV(privValidatorKeyFile, privValidatorStateFile)
if err != nil {
panic(err)


+ 3
- 3
internal/consensus/replay_test.go View File

@ -706,7 +706,7 @@ func testHandshakeReplay(t *testing.T, sim *simulatorTestSuite, nBlocks int, mod
walFile := tempWALWithData(walBody)
config.Consensus.SetWalFile(walFile)
privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
require.NoError(t, err)
wal, err := NewWAL(walFile)
@ -939,7 +939,7 @@ func TestHandshakePanicsIfAppReturnsWrongAppHash(t *testing.T) {
// - 0x03
config := ResetConfig("handshake_test_")
t.Cleanup(func() { os.RemoveAll(config.RootDir) })
privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
require.NoError(t, err)
const appVersion = 0x0
pubKey, err := privVal.GetPubKey(context.Background())
@ -1230,7 +1230,7 @@ func TestHandshakeUpdatesValidators(t *testing.T) {
config := ResetConfig("handshake_test_")
t.Cleanup(func() { _ = os.RemoveAll(config.RootDir) })
privVal, err := privval.LoadFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
privVal, err := privval.LoadFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
require.NoError(t, err)
pubKey, err := privVal.GetPubKey(context.Background())
require.NoError(t, err)


+ 2
- 2
internal/consensus/wal_generator.go View File

@ -40,8 +40,8 @@ func WALGenerateNBlocks(t *testing.T, wr io.Writer, numBlocks int) (err error) {
// COPY PASTE FROM node.go WITH A FEW MODIFICATIONS
// NOTE: we can't import node package because of circular dependency.
// NOTE: we don't do handshake so need to set state.Version.Consensus.App directly.
privValidatorKeyFile := config.PrivValidatorKeyFile()
privValidatorStateFile := config.PrivValidatorStateFile()
privValidatorKeyFile := config.PrivValidator.KeyFile()
privValidatorStateFile := config.PrivValidator.StateFile()
privValidator, err := privval.LoadOrGenFilePV(privValidatorKeyFile, privValidatorStateFile)
if err != nil {
return err


+ 7
- 2
node/node.go View File

@ -104,7 +104,7 @@ func newDefaultNode(config *cfg.Config, logger log.Logger) (service.Service, err
var pval *privval.FilePV
if config.Mode == cfg.ModeValidator {
pval, err = privval.LoadOrGenFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
pval, err = privval.LoadOrGenFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
if err != nil {
return nil, err
}
@ -1176,7 +1176,12 @@ func createAndStartPrivValidatorGRPCClient(
chainID string,
logger log.Logger,
) (types.PrivValidator, error) {
pvsc, err := tmgrpc.DialRemoteSigner(config, chainID, logger)
pvsc, err := tmgrpc.DialRemoteSigner(
config.PrivValidator,
chainID,
logger,
config.Instrumentation.Prometheus,
)
if err != nil {
return nil, fmt.Errorf("failed to start private validator: %w", err)
}


+ 1
- 1
node/public.go View File

@ -47,7 +47,7 @@ func New(conf *config.Config,
switch conf.Mode {
case config.ModeFull, config.ModeValidator:
pval, err := privval.LoadOrGenFilePV(conf.PrivValidatorKeyFile(), conf.PrivValidatorStateFile())
pval, err := privval.LoadOrGenFilePV(conf.PrivValidator.KeyFile(), conf.PrivValidator.StateFile())
if err != nil {
return nil, err
}


+ 7
- 6
privval/grpc/util.go View File

@ -88,21 +88,22 @@ func GenerateTLS(certPath, keyPath, ca string, log log.Logger) grpc.DialOption {
// DialRemoteSigner is a generalized function to dial the gRPC server.
func DialRemoteSigner(
config *cfg.Config,
config *cfg.PrivValidatorConfig,
chainID string,
logger log.Logger,
usePrometheus bool,
) (*SignerClient, error) {
var transportSecurity grpc.DialOption
if config.ArePrivValidatorClientSecurityOptionsPresent() {
transportSecurity = GenerateTLS(config.PrivValidatorClientCertificateFile(),
config.PrivValidatorClientKeyFile(), config.PrivValidatorRootCAFile(), logger)
if config.AreSecurityOptionsPresent() {
transportSecurity = GenerateTLS(config.ClientCertificateFile(),
config.ClientKeyFile(), config.RootCAFile(), logger)
} else {
transportSecurity = grpc.WithInsecure()
logger.Info("Using an insecure gRPC connection!")
}
dialOptions := DefaultDialOptions()
if config.Instrumentation.Prometheus {
if usePrometheus {
grpcMetrics := grpc_prometheus.DefaultClientMetrics
dialOptions = append(dialOptions, grpc.WithUnaryInterceptor(grpcMetrics.UnaryClientInterceptor()))
}
@ -110,7 +111,7 @@ func DialRemoteSigner(
dialOptions = append(dialOptions, transportSecurity)
ctx := context.Background()
_, address := tmnet.ProtocolAndAddress(config.PrivValidator.ListenAddr)
_, address := tmnet.ProtocolAndAddress(config.ListenAddr)
conn, err := grpc.DialContext(ctx, address, dialOptions...)
if err != nil {
logger.Error("unable to connect to server", "target", address, "err", err)


+ 1
- 1
rpc/client/evidence_test.go View File

@ -124,7 +124,7 @@ func TestBroadcastEvidence_DuplicateVoteEvidence(t *testing.T) {
chainID := config.ChainID()
pv, err := privval.LoadOrGenFilePV(config.PrivValidatorKeyFile(), config.PrivValidatorStateFile())
pv, err := privval.LoadOrGenFilePV(config.PrivValidator.KeyFile(), config.PrivValidator.StateFile())
require.NoError(t, err)
for i, c := range GetClients(t, n, config) {


Loading…
Cancel
Save