Signer: allow to configure the signer with environment variables

src/lib_client_base_unix/client_config.ml

@@ -281,10 +281,7 @@ let remote_signer_arg () =
     ~placeholder:"uri"
     ~doc:"URI of the remote signer"
     (parameter
-       (fun _ x ->
+       (fun _ x -> Tezos_signer_backends.Remote.parse_base_uri x))
-          (* TODO check scheme = 'unix/tcp/https' *)
-          try return (Uri.of_string x)
-          with _ -> fail (Invalid_remote_signer_argument x)))
 
 let read_config_file config_file =
   Lwt_utils_unix.Json.read_file config_file >>=? fun cfg_json ->
@@ -424,7 +421,10 @@ let parse_config_args (ctx : #Client_context.full) argv =
   let tls = cfg.tls || tls in
   let node_addr = Option.unopt ~default:cfg.node_addr node_addr in
   let node_port = Option.unopt ~default:cfg.node_port node_port in
-  let remote_signer = Option.first_some remote_signer cfg.remote_signer in
+  Tezos_signer_backends.Remote.read_base_uri_from_env () >>=? fun remote_signer_env ->
+  let remote_signer =
+    Option.first_some remote_signer
+      (Option.first_some remote_signer_env cfg.remote_signer) in
   let confirmations = Option.unopt ~default:cfg.confirmations confirmations in
   let cfg = { cfg with tls ; node_port ; node_addr ;
                        remote_signer ; confirmations } in

src/lib_signer_backends/https.ml

@@ -57,3 +57,6 @@ let sign ?watermark uri msg =
   RPC_client.call_service
     Media_type.all_media_types
     ~base Signer_services.sign ((), pkh) () msg
+
+let make_base host port =
+  Uri.make ~scheme ~host ~port ()

src/lib_signer_backends/https.mli

@@ -8,3 +8,5 @@
 (**************************************************************************)
 
 include Client_keys.SIGNER
+
+val make_base: string -> int -> Uri.t

src/lib_signer_backends/remote.ml

@@ -21,7 +21,11 @@ module Make(S : sig val default : Uri.t end) = struct
   let description =
     "Valid locators are of this form: remote://tz1...\n\
      The key will be queried to current remote signer, which can be \
-     configured with the `--remote-signer` or `-R` options"
+     configured with the `--remote-signer` or `-R` options, \
+     or by defining the following environment variables:\n \
+     - $TEZOS_SIGNER_UNIX_PATH,\n\
+     - $TEZOS_SIGNER_TCP_HOST and $TEZOS_SIGNER_TCP_PORT (default: 7732),\n\
+     - $TEZOS_SIGNER_HTTPS_HOST and $TEZOS_SIGNER_HTTPS_PORT (default: 443)."
 
   let get_remote () =
     match Uri.scheme S.default with
@@ -75,3 +79,65 @@ let make_sk sk =
 let make_pk pk =
   Client_keys.make_pk_uri
     (Uri.make ~scheme ~path:(Signature.Public_key.to_b58check pk) ())
+
+let read_base_uri_from_env () =
+  match Sys.getenv_opt "TEZOS_SIGNER_UNIX_PATH",
+        Sys.getenv_opt "TEZOS_SIGNER_TCP_HOST",
+        Sys.getenv_opt "TEZOS_SIGNER_HTTPS_HOST" with
+  | None, None, None -> return None
+  | Some path, None, None ->
+      return (Some (Socket.make_unix_base path))
+  | None, Some host, None -> begin
+      try
+        let port =
+          match Sys.getenv_opt "TEZOS_SIGNER_TCP_PORT" with
+          | None -> 7732
+          | Some port -> int_of_string port in
+        return (Some (Socket.make_tcp_base host port))
+      with Invalid_argument _ ->
+        failwith "Failed to parse TEZOS_SIGNER_TCP_PORT.@."
+    end
+  | None, None, Some host -> begin
+      try
+        let port =
+          match Sys.getenv_opt "TEZOS_SIGNER_HTTPS_PORT" with
+          | None -> 443
+          | Some port -> int_of_string port in
+        return (Some (Https.make_base host port))
+      with Invalid_argument _ ->
+        failwith "Failed to parse TEZOS_SIGNER_HTTPS_PORT.@."
+    end
+  | _, _, _ ->
+      failwith
+        "Only one the following environment variable must be defined: \
+         TEZOS_SIGNER_UNIX_PATH, \
+         TEZOS_SIGNER_TCP_HOST, \
+         TEZOS_SIGNER_HTTPS_HOST@."
+
+type error += Invalid_remote_signer of string
+
+let () =
+  register_error_kind
+    `Branch
+    ~id: "invalid_remote_signer"
+    ~title: "Unexpected URI fot remote signer"
+    ~description: "The provided remote signer is invalid."
+    ~pp:
+      (fun ppf s ->
+         Format.fprintf ppf "Value '%s' is not a valid URI for a remote signer" s)
+    Data_encoding.(obj1 (req "uri" string))
+    (function Invalid_remote_signer s -> Some s | _ -> None)
+    (fun s -> Invalid_remote_signer s)
+
+let parse_base_uri s =
+  trace (Invalid_remote_signer s) @@
+  try
+    let uri = Uri.of_string s in
+    match Uri.scheme uri with
+    | Some "https" -> return uri
+    | Some "tcp" -> return uri
+    | Some "unix" -> return uri
+    | Some scheme -> failwith "Unknown scheme: %s" scheme
+    | None -> failwith "Unknown scheme: <empty>"
+  with Invalid_argument msg -> failwith "Malformed URI: %s" msg
+

src/lib_signer_backends/remote.mli

@@ -11,3 +11,6 @@ module Make(S : sig val default : Uri.t end) : Client_keys.SIGNER
 
 val make_pk: Signature.public_key -> Client_keys.pk_uri
 val make_sk: Signature.secret_key -> Client_keys.sk_uri
+
+val read_base_uri_from_env: unit -> Uri.t option tzresult Lwt.t
+val parse_base_uri: string -> Uri.t tzresult Lwt.t

src/lib_signer_backends/socket.ml

@@ -109,3 +109,9 @@ module Tcp = struct
     sign ?watermark path pkh msg
 
 end
+
+let make_unix_base path =
+  Uri.make ~scheme:Unix.scheme ~path ()
+
+let make_tcp_base host port =
+  Uri.make ~scheme:Tcp.scheme ~host ~port ()

src/lib_signer_backends/socket.mli

@@ -9,3 +9,6 @@
 
 module Unix : Client_keys.SIGNER
 module Tcp : Client_keys.SIGNER
+
+val make_unix_base: string -> Uri.t
+val make_tcp_base: string -> int -> Uri.t