[#793] adm: Always use committee as FrostFS ID owner
All checks were successful
DCO action / DCO (pull_request) Successful in 2m34s
Build / Build Components (1.20) (pull_request) Successful in 4m15s
Build / Build Components (1.21) (pull_request) Successful in 4m14s
Vulncheck / Vulncheck (pull_request) Successful in 3m41s
Tests and linters / Staticcheck (pull_request) Successful in 5m43s
Tests and linters / Lint (pull_request) Successful in 6m8s
Tests and linters / Tests (1.21) (pull_request) Successful in 6m8s
Tests and linters / Tests (1.20) (pull_request) Successful in 7m52s
Tests and linters / Tests with -race (pull_request) Successful in 7m50s
All checks were successful
DCO action / DCO (pull_request) Successful in 2m34s
Build / Build Components (1.20) (pull_request) Successful in 4m15s
Build / Build Components (1.21) (pull_request) Successful in 4m14s
Vulncheck / Vulncheck (pull_request) Successful in 3m41s
Tests and linters / Staticcheck (pull_request) Successful in 5m43s
Tests and linters / Lint (pull_request) Successful in 6m8s
Tests and linters / Tests (1.21) (pull_request) Successful in 6m8s
Tests and linters / Tests (1.20) (pull_request) Successful in 7m52s
Tests and linters / Tests with -race (pull_request) Successful in 7m50s
Committee should be able to authorize everything, there are no other usecases for the frostfs-adm currently. Also, it somewhat eases configuration, because committee hash depends on the protocol configuration. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This commit is contained in:
parent
6ea4bb290d
commit
2d954dfacf
3 changed files with 12 additions and 7 deletions
|
@ -13,8 +13,9 @@ import (
|
||||||
// neo-go doesn't support []util.Uint160 type:
|
// neo-go doesn't support []util.Uint160 type:
|
||||||
// https://github.com/nspcc-dev/neo-go/blob/v0.103.0/pkg/smartcontract/parameter.go#L262
|
// https://github.com/nspcc-dev/neo-go/blob/v0.103.0/pkg/smartcontract/parameter.go#L262
|
||||||
// Thus, return []smartcontract.Parameter.
|
// Thus, return []smartcontract.Parameter.
|
||||||
func getFrostfsIDAuthorizedKeys(v *viper.Viper) ([]smartcontract.Parameter, error) {
|
func getFrostfsIDAuthorizedKeys(v *viper.Viper, defaultOwner util.Uint160) ([]smartcontract.Parameter, error) {
|
||||||
var res []smartcontract.Parameter
|
var res []smartcontract.Parameter
|
||||||
|
res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: defaultOwner})
|
||||||
|
|
||||||
ks := v.GetStringSlice(frostfsIDAuthorizedKeysConfigKey)
|
ks := v.GetStringSlice(frostfsIDAuthorizedKeysConfigKey)
|
||||||
for i := range ks {
|
for i := range ks {
|
||||||
|
|
|
@ -7,6 +7,7 @@ import (
|
||||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||||
"github.com/spf13/viper"
|
"github.com/spf13/viper"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
@ -27,19 +28,22 @@ func TestFrostfsIDConfig(t *testing.T) {
|
||||||
hex.EncodeToString(pks[3].PublicKey().Bytes()),
|
hex.EncodeToString(pks[3].PublicKey().Bytes()),
|
||||||
})
|
})
|
||||||
|
|
||||||
actual, err := getFrostfsIDAuthorizedKeys(v)
|
comm := util.Uint160{1, 2, 3}
|
||||||
|
actual, err := getFrostfsIDAuthorizedKeys(v, comm)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
require.Equal(t, len(pks), len(actual))
|
require.Equal(t, len(pks)+1, len(actual))
|
||||||
|
require.Equal(t, smartcontract.Hash160Type, actual[0].Type)
|
||||||
|
require.Equal(t, comm, actual[0].Value)
|
||||||
for i := range pks {
|
for i := range pks {
|
||||||
require.Equal(t, smartcontract.Hash160Type, actual[i].Type)
|
require.Equal(t, smartcontract.Hash160Type, actual[i+1].Type)
|
||||||
require.Equal(t, pks[i].GetScriptHash(), actual[i].Value)
|
require.Equal(t, pks[i].GetScriptHash(), actual[i+1].Value)
|
||||||
}
|
}
|
||||||
|
|
||||||
t.Run("bad key", func(t *testing.T) {
|
t.Run("bad key", func(t *testing.T) {
|
||||||
v := viper.New()
|
v := viper.New()
|
||||||
v.Set("frostfsid.authorized_keys", []string{"abc"})
|
v.Set("frostfsid.authorized_keys", []string{"abc"})
|
||||||
|
|
||||||
_, err := getFrostfsIDAuthorizedKeys(v)
|
_, err := getFrostfsIDAuthorizedKeys(v, comm)
|
||||||
require.Error(t, err)
|
require.Error(t, err)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -538,7 +538,7 @@ func (c *initializeContext) getContractDeployData(ctrName string, keysParam []an
|
||||||
nnsCs.Hash,
|
nnsCs.Hash,
|
||||||
"container")
|
"container")
|
||||||
case frostfsIDContract:
|
case frostfsIDContract:
|
||||||
hs, err := getFrostfsIDAuthorizedKeys(viper.GetViper())
|
hs, err := getFrostfsIDAuthorizedKeys(viper.GetViper(), c.CommitteeAcc.PublicKey().GetScriptHash())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue