PENV-69: add cert out dir configuration to bootstrap config

certificates output directory should be configurable from config file as other bootstrap parameters, this simplifies things and make bootstrap configuration more consistent. flag --certificates-out-dir marked as depricated (it stays until dependent code is updated)
insolar · Feb 17, 2020 · 9c0d25a · 9c0d25a
1 parent d9474de
commit 9c0d25a
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 17 deletions.
diff --git a/application/cmd/insolar/bootstrap.go b/application/cmd/insolar/bootstrap.go
@@ -28,16 +28,22 @@ func bootstrapCommand() *cobra.Command {
 			contractsConfig, err := bootstrap.CreateGenesisContractsConfig(ctx, configPath)
 			check("failed to create genesis contracts config", err)
 
-			gen, err := basebootstrap.NewGenerator(configPath, certificatesOutDir, contractsConfig)
-			check("base bootstrap failed to start", err)
+			config, err := basebootstrap.ParseConfig(configPath)
+			check("bootstrap config error", err)
+			if certificatesOutDir != "" {
+				config.CertificatesOutDir = certificatesOutDir
+			}
 
-			err = gen.Run(ctx)
-			check("base bootstrap failed", err)
+			err = basebootstrap.NewGeneratorWithConfig(config, contractsConfig).Run(ctx)
+			check("base bootstrap failed to start", err)
 		},
 	}
 	c.Flags().StringVarP(
 		&configPath, "config", "c", "bootstrap.yaml", "path to bootstrap config")
+
 	c.Flags().StringVarP(
 		&certificatesOutDir, "certificates-out-dir", "o", "", "dir with certificate files")
+	c.Flags().MarkDeprecated("certificates-out-dir", "please switch to 'certificates_out_dir:' in config")
+
 	return c
 }
diff --git a/applicationbase/bootstrap/bootstrap.go b/applicationbase/bootstrap/bootstrap.go
@@ -11,12 +11,13 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
+	"os"
 	"path"
 	"strconv"
 
-	"github.com/insolar/insolar/applicationbase/genesis"
 	"github.com/pkg/errors"
 
+	"github.com/insolar/insolar/applicationbase/genesis"
 	"github.com/insolar/insolar/applicationbase/genesisrefs"
 	"github.com/insolar/insolar/certificate"
 	"github.com/insolar/insolar/insolar"
@@ -25,27 +26,25 @@ import (
 
 // Generator is a component for generating bootstrap files required for discovery nodes bootstrap and heavy genesis.
 type Generator struct {
-	config             *Config
-	certificatesOutDir string
-	contractsConfig    map[string]interface{}
+	config          *Config
+	contractsConfig map[string]interface{}
 }
 
 // NewGenerator parses config file and creates new generator on success.
-func NewGenerator(configFile, certificatesOutDir string, contractsConfig map[string]interface{}) (*Generator, error) {
+func NewGenerator(configFile string, contractsConfig map[string]interface{}) (*Generator, error) {
 	config, err := ParseConfig(configFile)
 	if err != nil {
 		return nil, err
 	}
 
-	return NewGeneratorWithConfig(config, certificatesOutDir, contractsConfig), nil
+	return NewGeneratorWithConfig(config, contractsConfig), nil
 }
 
 // NewGeneratorWithConfig creates new Generator with provided config.
-func NewGeneratorWithConfig(config *Config, certificatesOutDir string, contractsConfig map[string]interface{}) *Generator {
+func NewGeneratorWithConfig(config *Config, contractsConfig map[string]interface{}) *Generator {
 	return &Generator{
-		config:             config,
-		certificatesOutDir: certificatesOutDir,
-		contractsConfig:    contractsConfig,
+		config:          config,
+		contractsConfig: contractsConfig,
 	}
 }
 
@@ -145,7 +144,11 @@ func (g *Generator) makeCertificates(ctx context.Context, nodesInfo []nodeInfo,
 		certs = append(certs, c)
 	}
 
-	var err error
+	err := os.MkdirAll(g.config.CertificatesOutDir, 0700)
+	if err != nil && !os.IsNotExist(err) {
+		return errors.Wrapf(err, "failed create dir %v: %v", g.config.CertificatesOutDir, err)
+	}
+
 	for i, node := range nodesInfo {
 		for j := range g.config.DiscoveryNodes {
 			dn := discoveryNodes[j]
@@ -173,7 +176,8 @@ func (g *Generator) makeCertificates(ctx context.Context, nodesInfo []nodeInfo,
 			return errors.New("cert_name must not be empty for node number " + strconv.Itoa(i+1))
 		}
 
-		certFile := path.Join(g.certificatesOutDir, node.certName)
+		certFile := path.Join(g.config.CertificatesOutDir, node.certName)
+
 		err = ioutil.WriteFile(certFile, cert, 0600)
 		if err != nil {
 			return errors.Wrapf(err, "failed to create certificate: %v", certFile)

diff --git a/applicationbase/bootstrap/config.go b/applicationbase/bootstrap/config.go
@@ -29,6 +29,8 @@ type Config struct {
 	DiscoveryKeysDir string `mapstructure:"discovery_keys_dir" yaml:"discovery_keys_dir"`
 	// NotDiscoveryKeysDir is a default directory where save keys for discovery nodes.
 	NotDiscoveryKeysDir string `mapstructure:"not_discovery_keys_dir" yaml:"not_discovery_keys_dir"`
+	// CertificatesOutDir is a directory where to save generated cert files.
+	CertificatesOutDir string `mapstructure:"certificates_out_dir" yaml:"certificates_out_dir"`
 	// KeysNameFormat is the default key file name format for discovery nodes.
 	KeysNameFormat string `mapstructure:"keys_name_format" yaml:"keys_name_format"`
 	// ReuseKeys is a flag to reuse discovery nodes keys (don't use if your not understand how it works)

diff --git a/scripts/insolard/bootstrap_template.yaml b/scripts/insolard/bootstrap_template.yaml
@@ -1,5 +1,6 @@
 members_keys_dir: "{{ .BaseDir }}/configs/"
 discovery_keys_dir: "{{ .BaseDir }}/reusekeys/discovery/"
+certificates_out_dir: "{{ .BaseDir }}/discoverynodes/certs/"
 not_discovery_keys_dir: "{{ .BaseDir }}/reusekeys/nodes/"
 keys_name_format: "/node_%02d.json"
 reuse_keys: false

diff --git a/scripts/insolard/launchnet.sh b/scripts/insolard/launchnet.sh
@@ -411,7 +411,7 @@ bootstrap()
     generate_migration_addresses
 
     echo "start bootstrap ..."
-    CMD="${INSOLAR_CLI} bootstrap --config=${BOOTSTRAP_CONFIG} --certificates-out-dir=${DISCOVERY_NODES_DATA}certs"
+    CMD="${INSOLAR_CLI} bootstrap --config=${BOOTSTRAP_CONFIG}"
 
     GENESIS_EXIT_CODE=0
     set +e