adm: Make NewLocalActor
receive accout name #1463
No reviewers
Labels
No labels
P0
P1
P2
P3
badger
frostfs-adm
frostfs-cli
frostfs-ir
frostfs-lens
frostfs-node
good first issue
triage
Infrastructure
blocked
bug
config
discussion
documentation
duplicate
enhancement
go
help wanted
internal
invalid
kludge
observability
perfomance
question
refactoring
wontfix
No milestone
No project
No assignees
5 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: TrueCloudLab/frostfs-node#1463
Loading…
Reference in a new issue
No description provided.
Delete branch "aarifullin/frostfs-node:fix/adm_local_actor"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Since,
Policy
contract getsconsensus
accounts whileNNS
getscommittee
accounts.Close #1393
78188afee6
to883b6327e3
Are you trying to solve #1393? I think the problem could be with the incorrect signature on the contract side.
In #1393 I've outlined that the fix could be either in
frostfs-adm
or in the contract. @alexvanin thinks we should fixfrostfs-adm
and not the contract (discussion in private chat)By itself this PR just introduces complexity for no reason. Could you solve #1393 so that we can review everything together?
@ -49,11 +58,13 @@ func NewLocalActor(cmd *cobra.Command, c actor.RPCActor) (*LocalActor, error) {
return nil, err
}
} else {
commonCmd.ExitOnErr(cmd, "%w", checkAccountName(accName))
Why do we have this check?
GetWalletAccount
already returns an error.Especially given that this
accName
is given statically.Good point. Fixed
@ -54,3 +65,3 @@
for _, w := range wallets {
acc, err := GetWalletAccount(w, constants.CommitteeAccountName)
acc, err := GetWalletAccount(w, accName) //constants.CommitteeAccountName)
Error message should be changed as well.
Fixed
🎉 I've just checked and this PR does solve the problem described in #1393:
Initially, I've created this PR rather to agree with @potyarkin to build
frostfs-adm
and check if it can changePolicy
contract state with these signatures. So, that's why I left it withWIP
prefix :) So, it seems it works out.For now, let's discuss the solution
Policy
contract has got this:So, I can ask you (because you're an author of this check) to understand the problem's context:
common.AlphabetAddress()
or policy contract state can be changed with a transaction signed bycommon.CommitteeAddress()
?common.CommitteeAddress()
andcommon.AlphabetAddress()
signers to change the state? Likeproxy
contract doesIf it actually means invocation can be verified only with
common.AlphabetAddress()
signers, then we need to selectconsensus
accounts from wallets like this PR doesFor what it's worth, this is the workaround I've been using for my cluster. Thought of it as a kludge. I don't quite understand the mechanics of policy contract though; a clarification from @fyrchik would be very welcome.
It's what we use in other contracts for data-path related operations, so you are right,
AlphabetAddress()
seems right there.883b6327e3
toe631c30309
WIP: adm: Maketo adm: MakeNewLocalActor
receive accout nameNewLocalActor
receive accout nameLet summarize our discussion in the PR:
AlphabetAddress()
is correct according to your comment above. So,frostfs-adm
should be changed by this reasonfrostfs-adm
should be able to choose accounts from wallets by a contract requirements:nns
requires to sign withCommitteeAccountName
whilepolicy
expects forConsensusAccountName
. I left a comment forNewLocalActor
to specify how to choose accounts before actor creation