[#18] Support custom wallets

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
This commit is contained in:
Alexey Vanin 2023-07-27 19:41:23 +03:00
parent c442116c4a
commit 5f183d3582
6 changed files with 34 additions and 2 deletions

View file

@ -71,6 +71,15 @@ s3cred:
--container-placement-policy "REP 1" \ --container-placement-policy "REP 1" \
--bearer-rules $(S3_BEARER_RULES) --bearer-rules $(S3_BEARER_RULES)
# Generate S3 credentials based on imported wallets
s3cred-custom:
@docker exec aio /usr/bin/frostfs-s3-authmate issue-secret \
--wallet /wallets/$(wallet) \
--peer localhost:8080 \
--gate-public-key $(S3_GATE_PUBLIC_KEY) \
--container-placement-policy "REP 1" \
--bearer-rules $(S3_BEARER_RULES)
# Tick new epoch in side chain # Tick new epoch in side chain
tick.epoch: tick.epoch:
@docker exec aio /usr/bin/frostfs-adm --config /config/frostfs-adm.yml morph force-new-epoch @docker exec aio /usr/bin/frostfs-adm --config /config/frostfs-adm.yml morph force-new-epoch

View file

@ -191,6 +191,25 @@ $ aws s3api --endpoint http://localhost:8084 list-objects --bucket koty
} }
``` ```
### S3 credentials from custom wallets
Credentials made by `make s3cred` command are based on the private key from
`s3-gw/user-wallet.json` file. If you need to create credential for different
users, use wallets from `wallets` dir.
```sh
$ make s3cred-custom wallet=wallet2.json
{
"access_key_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys904W7xXFNKqem2ACvTRWRYJsZMCUikYFSokN7pPJziWyDi",
"secret_access_key": "21bb64fafa32c82417fd8b97ac56cc8a085998a3852632d52fe7042453daa440",
"owner_private_key": "10f6f9d7a47bb0bf68363ad8a99fe69f1493f8b6e1665b3e4e83feb2d5c7ee39",
"wallet_public_key": "03e38759973a6bb722baabc2dd84036a39f0b2f53d32fec45a4dacde8a50fe4b70",
"container_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys9"
}
```
To get credentials from custom wallet, place it in `wallets` dir before start.
Make sure that wallet account has empty password.
## frostfs-cli interface ## frostfs-cli interface

View file

@ -17,6 +17,7 @@ services:
timeout: 2s timeout: 2s
volumes: volumes:
- data:/data - data:/data
- ./wallets:/wallets
ports: ports:
- "8081:8081" # HTTP Gateway - "8081:8081" # HTTP Gateway
- "30333:30333" # RPC - "30333:30333" # RPC

1
wallets/wallet1.json Normal file
View file

@ -0,0 +1 @@
{"version":"1.0","accounts":[{"address":"NhCHDEtGgSph1v6PmjFC1gtzJWNKtNSadk","key":"6PYQVTyo4PHBvegpRzSCNijGw6Zj2qN4wLVxTj5CM8nvsoYxkzBHqPzjzq","label":"wallet1","contract":{"script":"DCEDsJuqv/P2EHx+msuHIab8VhjUW1AkejFNguVIcCzOjNVBVuezJw==","parameters":[{"name":"parameter0","type":"Signature"}],"deployed":false},"lock":false,"isDefault":false}],"scrypt":{"n":16384,"r":8,"p":8},"extra":{"Tokens":null}}

1
wallets/wallet2.json Normal file
View file

@ -0,0 +1 @@
{"version":"1.0","accounts":[{"address":"NivQRezLwGP8xFPr87DD5XaYGUKK3BMsTa","key":"6PYWJrGbrRmY9eTagWhNaucN2PfuPmi1G3QStUwNX8uAtCjTs6UYj1V1J9","label":"wallet2","contract":{"script":"DCED44dZlzprtyK6q8LdhANqOfCy9T0y/sRaTazeilD+S3BBVuezJw==","parameters":[{"name":"parameter0","type":"Signature"}],"deployed":false},"lock":false,"isDefault":false}],"scrypt":{"n":16384,"r":8,"p":8},"extra":{"Tokens":null}}

1
wallets/wallet3.json Normal file
View file

@ -0,0 +1 @@
{"version":"1.0","accounts":[{"address":"NR8qvrREk1eCeQJce9zBaDyPE3PHGZfT6t","key":"6PYWLJ3VAUcE8xLPnCbMp561b411u6qWoErdkx3hJugFZXrSckH9wTKRhe","label":"wallet3","contract":{"script":"DCECPwTRyxo1hHzMtjFAr5qmm8+WMm6X1qnlLX2lRkoSY+1BVuezJw==","parameters":[{"name":"parameter0","type":"Signature"}],"deployed":false},"lock":false,"isDefault":false}],"scrypt":{"n":16384,"r":8,"p":8},"extra":{"Tokens":null}}