From c00d8131c67834b9fb29df229672f38e00bb9e05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9goire=20Henry?= Date: Sun, 27 May 2018 13:27:29 +0200 Subject: [PATCH] Signer: allow to configure the signer with environment variables --- src/lib_client_base_unix/client_config.ml | 10 ++-- src/lib_signer_backends/https.ml | 3 + src/lib_signer_backends/https.mli | 2 + src/lib_signer_backends/remote.ml | 68 ++++++++++++++++++++++- src/lib_signer_backends/remote.mli | 3 + src/lib_signer_backends/socket.ml | 6 ++ src/lib_signer_backends/socket.mli | 3 + 7 files changed, 89 insertions(+), 6 deletions(-) diff --git a/src/lib_client_base_unix/client_config.ml b/src/lib_client_base_unix/client_config.ml index 9bf71f6e6..967cbf208 100644 --- a/src/lib_client_base_unix/client_config.ml +++ b/src/lib_client_base_unix/client_config.ml @@ -281,10 +281,7 @@ let remote_signer_arg () = ~placeholder:"uri" ~doc:"URI of the remote signer" (parameter - (fun _ x -> - (* TODO check scheme = 'unix/tcp/https' *) - try return (Uri.of_string x) - with _ -> fail (Invalid_remote_signer_argument x))) + (fun _ x -> Tezos_signer_backends.Remote.parse_base_uri x)) let read_config_file config_file = Lwt_utils_unix.Json.read_file config_file >>=? fun cfg_json -> @@ -424,7 +421,10 @@ let parse_config_args (ctx : #Client_context.full) argv = let tls = cfg.tls || tls in let node_addr = Option.unopt ~default:cfg.node_addr node_addr in let node_port = Option.unopt ~default:cfg.node_port node_port in - let remote_signer = Option.first_some remote_signer cfg.remote_signer in + Tezos_signer_backends.Remote.read_base_uri_from_env () >>=? fun remote_signer_env -> + let remote_signer = + Option.first_some remote_signer + (Option.first_some remote_signer_env cfg.remote_signer) in let confirmations = Option.unopt ~default:cfg.confirmations confirmations in let cfg = { cfg with tls ; node_port ; node_addr ; remote_signer ; confirmations } in diff --git a/src/lib_signer_backends/https.ml b/src/lib_signer_backends/https.ml index 3e9cbd767..d70f60fd9 100644 --- a/src/lib_signer_backends/https.ml +++ b/src/lib_signer_backends/https.ml @@ -57,3 +57,6 @@ let sign ?watermark uri msg = RPC_client.call_service Media_type.all_media_types ~base Signer_services.sign ((), pkh) () msg + +let make_base host port = + Uri.make ~scheme ~host ~port () diff --git a/src/lib_signer_backends/https.mli b/src/lib_signer_backends/https.mli index 36af65b63..c4da4d8f0 100644 --- a/src/lib_signer_backends/https.mli +++ b/src/lib_signer_backends/https.mli @@ -8,3 +8,5 @@ (**************************************************************************) include Client_keys.SIGNER + +val make_base: string -> int -> Uri.t diff --git a/src/lib_signer_backends/remote.ml b/src/lib_signer_backends/remote.ml index af2522260..2338d8314 100644 --- a/src/lib_signer_backends/remote.ml +++ b/src/lib_signer_backends/remote.ml @@ -21,7 +21,11 @@ module Make(S : sig val default : Uri.t end) = struct let description = "Valid locators are of this form: remote://tz1...\n\ The key will be queried to current remote signer, which can be \ - configured with the `--remote-signer` or `-R` options" + configured with the `--remote-signer` or `-R` options, \ + or by defining the following environment variables:\n \ + - $TEZOS_SIGNER_UNIX_PATH,\n\ + - $TEZOS_SIGNER_TCP_HOST and $TEZOS_SIGNER_TCP_PORT (default: 7732),\n\ + - $TEZOS_SIGNER_HTTPS_HOST and $TEZOS_SIGNER_HTTPS_PORT (default: 443)." let get_remote () = match Uri.scheme S.default with @@ -75,3 +79,65 @@ let make_sk sk = let make_pk pk = Client_keys.make_pk_uri (Uri.make ~scheme ~path:(Signature.Public_key.to_b58check pk) ()) + +let read_base_uri_from_env () = + match Sys.getenv_opt "TEZOS_SIGNER_UNIX_PATH", + Sys.getenv_opt "TEZOS_SIGNER_TCP_HOST", + Sys.getenv_opt "TEZOS_SIGNER_HTTPS_HOST" with + | None, None, None -> return None + | Some path, None, None -> + return (Some (Socket.make_unix_base path)) + | None, Some host, None -> begin + try + let port = + match Sys.getenv_opt "TEZOS_SIGNER_TCP_PORT" with + | None -> 7732 + | Some port -> int_of_string port in + return (Some (Socket.make_tcp_base host port)) + with Invalid_argument _ -> + failwith "Failed to parse TEZOS_SIGNER_TCP_PORT.@." + end + | None, None, Some host -> begin + try + let port = + match Sys.getenv_opt "TEZOS_SIGNER_HTTPS_PORT" with + | None -> 443 + | Some port -> int_of_string port in + return (Some (Https.make_base host port)) + with Invalid_argument _ -> + failwith "Failed to parse TEZOS_SIGNER_HTTPS_PORT.@." + end + | _, _, _ -> + failwith + "Only one the following environment variable must be defined: \ + TEZOS_SIGNER_UNIX_PATH, \ + TEZOS_SIGNER_TCP_HOST, \ + TEZOS_SIGNER_HTTPS_HOST@." + +type error += Invalid_remote_signer of string + +let () = + register_error_kind + `Branch + ~id: "invalid_remote_signer" + ~title: "Unexpected URI fot remote signer" + ~description: "The provided remote signer is invalid." + ~pp: + (fun ppf s -> + Format.fprintf ppf "Value '%s' is not a valid URI for a remote signer" s) + Data_encoding.(obj1 (req "uri" string)) + (function Invalid_remote_signer s -> Some s | _ -> None) + (fun s -> Invalid_remote_signer s) + +let parse_base_uri s = + trace (Invalid_remote_signer s) @@ + try + let uri = Uri.of_string s in + match Uri.scheme uri with + | Some "https" -> return uri + | Some "tcp" -> return uri + | Some "unix" -> return uri + | Some scheme -> failwith "Unknown scheme: %s" scheme + | None -> failwith "Unknown scheme: " + with Invalid_argument msg -> failwith "Malformed URI: %s" msg + diff --git a/src/lib_signer_backends/remote.mli b/src/lib_signer_backends/remote.mli index b34a33362..3fff32ddc 100644 --- a/src/lib_signer_backends/remote.mli +++ b/src/lib_signer_backends/remote.mli @@ -11,3 +11,6 @@ module Make(S : sig val default : Uri.t end) : Client_keys.SIGNER val make_pk: Signature.public_key -> Client_keys.pk_uri val make_sk: Signature.secret_key -> Client_keys.sk_uri + +val read_base_uri_from_env: unit -> Uri.t option tzresult Lwt.t +val parse_base_uri: string -> Uri.t tzresult Lwt.t diff --git a/src/lib_signer_backends/socket.ml b/src/lib_signer_backends/socket.ml index 38f4b04f7..b4a096231 100644 --- a/src/lib_signer_backends/socket.ml +++ b/src/lib_signer_backends/socket.ml @@ -109,3 +109,9 @@ module Tcp = struct sign ?watermark path pkh msg end + +let make_unix_base path = + Uri.make ~scheme:Unix.scheme ~path () + +let make_tcp_base host port = + Uri.make ~scheme:Tcp.scheme ~host ~port () diff --git a/src/lib_signer_backends/socket.mli b/src/lib_signer_backends/socket.mli index 41cc3417d..86dabb587 100644 --- a/src/lib_signer_backends/socket.mli +++ b/src/lib_signer_backends/socket.mli @@ -9,3 +9,6 @@ module Unix : Client_keys.SIGNER module Tcp : Client_keys.SIGNER + +val make_unix_base: string -> Uri.t +val make_tcp_base: string -> int -> Uri.t