Commit graph

1966 commits

Author SHA1 Message Date
Leonard Lyubich
455fd952dd [#414] ir: Serve ControlService
Serve `ControlService` instance on configured endpoint (do not serve if not
specified). Read allowed keys from config.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-15 15:21:52 +03:00
Leonard Lyubich
4001ba2967 [#414] ir: Switch health status on application state transitions
Set health status to

  * `UNDEFINED` during Server construction;
  * `STARTING` on `Server.Start` call;
  * `READY` after successful `Server.Start` call;
  * `SHUTTING_DOWN` on `Server.Stop` call.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-15 15:21:52 +03:00
Leonard Lyubich
567421a9b5 [#414] ir: Implement HealthChecker on Server
`HealthChecker` interface is required to construct `ControlServiceServer`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-15 15:21:52 +03:00
Leonard Lyubich
dcfe9a6504 [#414] ir/control: Implement service server
Implement `ControlServiceServer` on `Server` type. The `Server` requires all
requests to be signed with keys from the so-called whitelist. To obtain
health status, it uses the abstraction in the form of `HealthChecker`
interface.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-15 15:21:52 +03:00
Leonard Lyubich
93803b1a90 [#414] ir: Define Control service
Define `ControlService` for IR similar to the one from storage node. Add
`HealthStatus` RPC which returns health status of the IR application.
Implement getters, setters and methods to sign/verify the messages.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-15 15:21:52 +03:00
Evgenii Stratonikov
41a30d6ec2 [#562] config/node: fallback to wallet if raw key is invalid
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
2f020a500d [#562] config: parse key on config load
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
9142c778c7 [#562] pkg: remove nspcc-dev/neofs-crypto dependency
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
5cab0026c3 [#562] pkg/morph: remove neofs-crypto uses
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
fcdef227e4 [#562] cmd/neofs-cli: use NEP-6 wallet for keys
Encrypted NEP-2 is still supported.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
3f07313604 [#562] cmd/neofs-node: use NEP-6 wallet for keys
Also use neo-go private key wrapper where possible, as it
already has methods for (un)marshaling.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Evgenii Stratonikov
1553967328 [#562] cmd/neofs-ir: use NEP-6 wallet for keys
Also remove neofs-crypto uses from `pkg/innerring`.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-06-15 14:49:59 +03:00
Alex Vanin
88b4fe009a [#605] config/testnet: Depend vmagent on storage node
Otherwise the race is possible and vmagent won't start.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-11 17:22:14 +03:00
Alex Vanin
6297bc8965 [#605] config/testnet: Update readme file
Replacing RC2 with RC3 and some rewording.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-11 17:22:14 +03:00
Leonard Lyubich
946d4c4253 [#603] cmd/node: Remove no longer used BootstrapType enum
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-11 15:36:17 +03:00
Leonard Lyubich
6279b6343f [#603] cmd/node: Separate configuration and netmap node info
Config `NodeInfo` should be used for bootstrap. Separete local node info and
netmap one. Return configured `NodeInfo` if structure from netmap is
missing.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-11 15:36:17 +03:00
Leonard Lyubich
5a4c3dfddf [#603] cmd/node: Parse node attributes when node info is constructed
Remove no longer needed `cfgNodeInfo.attributes` field.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-11 15:36:17 +03:00
Leonard Lyubich
4859bb2e1c [#603] cmd/node: Remove unused bootType field of cfgNodeInfo struct
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-11 15:36:17 +03:00
Alex Vanin
17ac85e091 Release v0.21.1
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-10 21:09:43 +03:00
Alex Vanin
b615943e7f Update N3 RC3 testnet config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-10 21:09:43 +03:00
Alex Vanin
9b598355a0 Update neofs-api-go to v1.27.1
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-10 21:09:43 +03:00
anastasia prasolova
4190383341 [#551] Add vmagent in neofs-storage testnet image
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2021-06-10 20:26:40 +03:00
Alex Vanin
5ee7d7efcb [#598] cmd/neofs-ir: Update default config values
In testnet and neofs-dev-env we use timers with these
settings and they are looking good. So it makes sense
to make them default.

Storage node now can't configure bootstrap healthcheck
length and can't disable it. Inner ring default values
now adopt these changes too.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:20:37 +03:00
Alex Vanin
0368d5f2b2 [#598] cmd/neofs-ir: Print debug message in --version
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:20:37 +03:00
Alex Vanin
caafd973e4 [#598] misc: Remove global prefixes
New config package in storage node does not use
application prefix from misc package. Therefore
inner ring node can define prefix in local scope.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:20:37 +03:00
Alex Vanin
e50abeab0c [#598] innerring/config: Override global config only in debug build
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:20:37 +03:00
Alex Vanin
b55a2959c5 [#599] Run go mod tidy
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:15:00 +03:00
Alex Vanin
c973aac891 [#599] Makefile: Remove test_dep target
Flag `-i` is deprecated in go1.16 and it
has pretty much no effect since go1.10 when
build cache was introduced. Read more about
this at https://golang.org/doc/go1.16

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-09 16:15:00 +03:00
Leonard Lyubich
68e85e4b33 [#412] ir/locode: Disallow explicit setting of LOCODE-derived attributes
Make `Validator.VerifyAndUpdate` method to return an error if at least one
of LOCODE-derived attributes is set explicitly. Thus, IR will not confirm
the candidates for the network map who independently set these attributes.

Cover `Validator.VerifyAndUpdate` method with unit tests.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-09 15:08:12 +03:00
Leonard Lyubich
75d6702d2e [#412] ir/locode: Fix docs of the VerifyAndUpdate method
`Validator.VerifyAndUpdate` method does not add location code attribute.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-09 15:08:12 +03:00
Leonard Lyubich
096acb2a44 [#580] v2/object/put: Check payload size of the relayed objects
NeoFS network dictates the limitation of the maximum size of the "finished"
objects. The payload size of an object is recorded in its header. When
writing finished objects, the nodes must check:

  * satisfying the constraint;
  * matching the value in the header to the number of payload bytes.

Provide value returned by `MaxSizeSource` component to `validatingTarget`.
Check max size value during the stream of the "finished" objects. Check
header value during the streaming and on-close. Check payload size in v2
relay scenario.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-09 12:08:37 +03:00
Leonard Lyubich
2f38fef31a [#589] ir/container: Verify session token lifetime
Session tokens have limited lifetime in NeoFS. Container processor should
verify lifetime of the incoming tokens.

Define `NetworkState` interface with `Epoch` method to get number of the
current epoch. Use Netmap contract client's wrapper as `NetworkState` of
Container `Processor`. Check values of token lifetime, and deny if:

  * NBF value is gt the current epoch;
  * IAT is gt the current epoch;
  * EXP is le the current epoch.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-09 10:17:49 +03:00
Alex Vanin
0bfa2dc88f Release v0.21.0 - Seongmodo (석모도, 席毛島)
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 19:49:10 +03:00
Alex Vanin
8d7881d9ad Specify neofs-contract version at release.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 19:49:10 +03:00
Alex Vanin
1cf629f811 config/testnet: Update version of public testnet image
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 19:49:10 +03:00
Alex Vanin
fda0e49681 Update neofs-api-go to v1.27.0
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 19:49:10 +03:00
Alex Vanin
e1ac2fe2e5 [#588] Fix go fmt linter errors
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 18:59:07 +03:00
Alex Vanin
ff6e95d017 [#588] Run go mod tidy
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 18:59:07 +03:00
Alex Vanin
79b2392a0a [#588] config/testnet: Update config after refactor in storage node
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 18:59:07 +03:00
Alex Vanin
b8c8bf4ba2 [#587] cmd/neofs-cli: Add sign session-token command
Container commands in NeoFS CLI can use signed session token
to create, delete container and change extended ACL table.
This token should be signed the same way we sign bearer tokens.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 18:40:31 +03:00
Alex Vanin
bce92168c1 [#587] cmd/neofs-cli: Make session token parser reusable
containerSessionToken() actually parses any session token.
We can reuse this function to resign session token when it
takes filepath as an argument, instead of public variable.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-03 18:40:31 +03:00
Pavel Karpy
752efc6f8c [#584] pkg/innerring: Delete using deprecated methods
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2021-06-03 13:59:59 +03:00
Pavel Karpy
057ebf9d51 [#584] pkg/innerring: Stop using deprecated methods
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2021-06-03 13:59:59 +03:00
Leonard Lyubich
91f010e0a9 [#582] Update NEO Go library to v0.95.1
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-06-02 17:06:58 +03:00
Alex Vanin
a2547da5ae [#493] cmd/node: Fix linter errors in config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00
Alex Vanin
e9e986ac71 [#493] cmd/node: Remove viper from storage node
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00
Alex Vanin
cd947bb580 [#493] cmd/node: Add object service section to config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00
Alex Vanin
f40b84c99e [#493] cmd/node: Add replicator section to config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00
Alex Vanin
8c96494da0 [#493] cmd/node: Add policer section to config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00
Alex Vanin
27b4781e95 [#493] cmd/node: Add apiclient section to config
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-06-02 16:07:42 +03:00