forked from TrueCloudLab/frostfs-node
453 lines
11 KiB
Go
453 lines
11 KiB
Go
package container
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"os"
|
|
"slices"
|
|
"sort"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
|
|
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
|
"github.com/nspcc-dev/neo-go/pkg/crypto/hash"
|
|
"github.com/nspcc-dev/neo-go/pkg/io"
|
|
"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
|
|
"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
|
|
"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
|
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
|
|
"github.com/nspcc-dev/neo-go/pkg/util"
|
|
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
|
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
|
"github.com/spf13/cobra"
|
|
"github.com/spf13/viper"
|
|
)
|
|
|
|
var errInvalidContainerResponse = errors.New("invalid response from container contract")
|
|
|
|
func getContainerContractHash(cmd *cobra.Command, inv *invoker.Invoker) (util.Uint160, error) {
|
|
s, err := cmd.Flags().GetString(containerContractFlag)
|
|
var ch util.Uint160
|
|
if err == nil {
|
|
ch, err = util.Uint160DecodeStringLE(s)
|
|
}
|
|
if err != nil {
|
|
r := management.NewReader(inv)
|
|
nnsCs, err := helper.GetContractByID(r, 1)
|
|
if err != nil {
|
|
return util.Uint160{}, fmt.Errorf("can't get NNS contract state: %w", err)
|
|
}
|
|
ch, err = helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.ContainerContract))
|
|
if err != nil {
|
|
return util.Uint160{}, err
|
|
}
|
|
}
|
|
return ch, nil
|
|
}
|
|
|
|
func iterateContainerList(inv *invoker.Invoker, ch util.Uint160, f func([]byte) error) error {
|
|
sid, r, err := unwrap.SessionIterator(inv.Call(ch, "containersOf", ""))
|
|
if err != nil {
|
|
return fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
|
|
}
|
|
// Nothing bad, except live session on the server, do not report to the user.
|
|
defer func() { _ = inv.TerminateSession(sid) }()
|
|
|
|
items, err := inv.TraverseIterator(sid, &r, 0)
|
|
for err == nil && len(items) != 0 {
|
|
for j := range items {
|
|
b, err := items[j].TryBytes()
|
|
if err != nil {
|
|
return fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
|
|
}
|
|
if err := f(b); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
items, err = inv.TraverseIterator(sid, &r, 0)
|
|
}
|
|
return err
|
|
}
|
|
|
|
func dumpContainers(cmd *cobra.Command, _ []string) error {
|
|
filename, err := cmd.Flags().GetString(containerDumpFlag)
|
|
if err != nil {
|
|
return fmt.Errorf("invalid filename: %w", err)
|
|
}
|
|
|
|
c, err := helper.GetN3Client(viper.GetViper())
|
|
if err != nil {
|
|
return fmt.Errorf("can't create N3 client: %w", err)
|
|
}
|
|
|
|
inv := invoker.New(c, nil)
|
|
|
|
ch, err := getContainerContractHash(cmd, inv)
|
|
if err != nil {
|
|
return fmt.Errorf("unable to get contaract hash: %w", err)
|
|
}
|
|
|
|
isOK, err := getCIDFilterFunc(cmd)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
f, err := os.OpenFile(filename, os.O_RDWR|os.O_TRUNC|os.O_CREATE, 0o660)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer f.Close()
|
|
|
|
_, err = f.Write([]byte{'['})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
written := 0
|
|
enc := json.NewEncoder(f)
|
|
bw := io.NewBufBinWriter()
|
|
iterErr := iterateContainerList(inv, ch, func(id []byte) error {
|
|
if !isOK(id) {
|
|
return nil
|
|
}
|
|
|
|
cnt, err := dumpSingleContainer(bw, ch, inv, id)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Writing directly to the file is ok, because json.Encoder does no internal buffering.
|
|
if written != 0 {
|
|
_, err = f.Write([]byte{','})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
written++
|
|
return enc.Encode(cnt)
|
|
})
|
|
if iterErr != nil {
|
|
return iterErr
|
|
}
|
|
|
|
_, err = f.Write([]byte{']'})
|
|
return err
|
|
}
|
|
|
|
func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invoker, id []byte) (*Container, error) {
|
|
bw.Reset()
|
|
emit.AppCall(bw.BinWriter, ch, "get", callflag.All, id)
|
|
emit.AppCall(bw.BinWriter, ch, "eACL", callflag.All, id)
|
|
res, err := inv.Run(bw.Bytes())
|
|
if err != nil {
|
|
return nil, fmt.Errorf("can't get container info: %w", err)
|
|
}
|
|
if len(res.Stack) != 2 {
|
|
return nil, fmt.Errorf("%w: expected 2 items on stack", errInvalidContainerResponse)
|
|
}
|
|
|
|
cnt := new(Container)
|
|
err = cnt.FromStackItem(res.Stack[0])
|
|
if err != nil {
|
|
return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
|
|
}
|
|
|
|
ea := new(EACL)
|
|
err = ea.FromStackItem(res.Stack[1])
|
|
if err != nil {
|
|
return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
|
|
}
|
|
if len(ea.Value) != 0 {
|
|
cnt.EACL = ea
|
|
}
|
|
return cnt, nil
|
|
}
|
|
|
|
func listContainers(cmd *cobra.Command, _ []string) error {
|
|
c, err := helper.GetN3Client(viper.GetViper())
|
|
if err != nil {
|
|
return fmt.Errorf("can't create N3 client: %w", err)
|
|
}
|
|
|
|
inv := invoker.New(c, nil)
|
|
|
|
ch, err := getContainerContractHash(cmd, inv)
|
|
if err != nil {
|
|
return fmt.Errorf("unable to get contaract hash: %w", err)
|
|
}
|
|
|
|
return iterateContainerList(inv, ch, func(id []byte) error {
|
|
var idCnr cid.ID
|
|
err = idCnr.Decode(id)
|
|
if err != nil {
|
|
return fmt.Errorf("unable to decode container id: %w", err)
|
|
}
|
|
cmd.Println(idCnr)
|
|
return nil
|
|
})
|
|
}
|
|
|
|
func restoreContainers(cmd *cobra.Command, _ []string) error {
|
|
filename, err := cmd.Flags().GetString(containerDumpFlag)
|
|
if err != nil {
|
|
return fmt.Errorf("invalid filename: %w", err)
|
|
}
|
|
|
|
wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer wCtx.Close()
|
|
|
|
containers, err := parseContainers(filename)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
ch, err := fetchContainerContractHash(wCtx)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
isOK, err := getCIDFilterFunc(cmd)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = restoreOrPutContainers(containers, isOK, cmd, wCtx, ch)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return wCtx.AwaitTx()
|
|
}
|
|
|
|
func restoreOrPutContainers(containers []Container, isOK func([]byte) bool, cmd *cobra.Command, wCtx *helper.InitializeContext, ch util.Uint160) error {
|
|
bw := io.NewBufBinWriter()
|
|
for _, cnt := range containers {
|
|
hv := hash.Sha256(cnt.Value)
|
|
if !isOK(hv[:]) {
|
|
continue
|
|
}
|
|
bw.Reset()
|
|
restored, err := isContainerRestored(cmd, wCtx, ch, bw, hv)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if restored {
|
|
continue
|
|
}
|
|
|
|
bw.Reset()
|
|
|
|
putContainer(bw, ch, cnt)
|
|
|
|
if bw.Err != nil {
|
|
panic(bw.Err)
|
|
}
|
|
|
|
if err := wCtx.SendConsensusTx(bw.Bytes()); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func putContainer(bw *io.BufBinWriter, ch util.Uint160, cnt Container) {
|
|
emit.AppCall(bw.BinWriter, ch, "put", callflag.All,
|
|
cnt.Value, cnt.Signature, cnt.PublicKey, cnt.Token)
|
|
if ea := cnt.EACL; ea != nil {
|
|
emit.AppCall(bw.BinWriter, ch, "setEACL", callflag.All,
|
|
ea.Value, ea.Signature, ea.PublicKey, ea.Token)
|
|
}
|
|
}
|
|
|
|
func isContainerRestored(cmd *cobra.Command, wCtx *helper.InitializeContext, containerHash util.Uint160, bw *io.BufBinWriter, hashValue util.Uint256) (bool, error) {
|
|
emit.AppCall(bw.BinWriter, containerHash, "get", callflag.All, hashValue.BytesBE())
|
|
res, err := wCtx.Client.InvokeScript(bw.Bytes(), nil)
|
|
if err != nil {
|
|
return false, fmt.Errorf("can't check if container is already restored: %w", err)
|
|
}
|
|
if len(res.Stack) == 0 {
|
|
return false, errors.New("empty stack")
|
|
}
|
|
|
|
old := new(Container)
|
|
if err := old.FromStackItem(res.Stack[0]); err != nil {
|
|
return false, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
|
|
}
|
|
if len(old.Value) != 0 {
|
|
var id cid.ID
|
|
id.SetSHA256(hashValue)
|
|
cmd.Printf("Container %s is already deployed.\n", id)
|
|
return true, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
func parseContainers(filename string) ([]Container, error) {
|
|
data, err := os.ReadFile(filename)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("can't read dump file: %w", err)
|
|
}
|
|
|
|
var containers []Container
|
|
err = json.Unmarshal(data, &containers)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("can't parse dump file: %w", err)
|
|
}
|
|
return containers, nil
|
|
}
|
|
|
|
func fetchContainerContractHash(wCtx *helper.InitializeContext) (util.Uint160, error) {
|
|
r := management.NewReader(wCtx.ReadOnlyInvoker)
|
|
nnsCs, err := helper.GetContractByID(r, 1)
|
|
if err != nil {
|
|
return util.Uint160{}, fmt.Errorf("can't get NNS contract state: %w", err)
|
|
}
|
|
|
|
ch, err := helper.NNSResolveHash(wCtx.ReadOnlyInvoker, nnsCs.Hash, helper.DomainOf(constants.ContainerContract))
|
|
if err != nil {
|
|
return util.Uint160{}, fmt.Errorf("can't fetch container contract hash: %w", err)
|
|
}
|
|
return ch, nil
|
|
}
|
|
|
|
// Container represents container struct in contract storage.
|
|
type Container struct {
|
|
Value []byte `json:"value"`
|
|
Signature []byte `json:"signature"`
|
|
PublicKey []byte `json:"public_key"`
|
|
Token []byte `json:"token"`
|
|
EACL *EACL `json:"eacl"`
|
|
}
|
|
|
|
// EACL represents extended ACL struct in contract storage.
|
|
type EACL struct {
|
|
Value []byte `json:"value"`
|
|
Signature []byte `json:"signature"`
|
|
PublicKey []byte `json:"public_key"`
|
|
Token []byte `json:"token"`
|
|
}
|
|
|
|
// ToStackItem implements stackitem.Convertible.
|
|
func (c *Container) ToStackItem() (stackitem.Item, error) {
|
|
return stackitem.NewStruct([]stackitem.Item{
|
|
stackitem.NewByteArray(c.Value),
|
|
stackitem.NewByteArray(c.Signature),
|
|
stackitem.NewByteArray(c.PublicKey),
|
|
stackitem.NewByteArray(c.Token),
|
|
}), nil
|
|
}
|
|
|
|
// FromStackItem implements stackitem.Convertible.
|
|
func (c *Container) FromStackItem(item stackitem.Item) error {
|
|
arr, ok := item.Value().([]stackitem.Item)
|
|
if !ok || len(arr) != 4 {
|
|
return errors.New("invalid stack item type")
|
|
}
|
|
|
|
value, err := arr[0].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid container value")
|
|
}
|
|
|
|
sig, err := arr[1].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid container signature")
|
|
}
|
|
|
|
pub, err := arr[2].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid container public key")
|
|
}
|
|
|
|
tok, err := arr[3].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid container token")
|
|
}
|
|
|
|
c.Value = value
|
|
c.Signature = sig
|
|
c.PublicKey = pub
|
|
c.Token = tok
|
|
return nil
|
|
}
|
|
|
|
// ToStackItem implements stackitem.Convertible.
|
|
func (c *EACL) ToStackItem() (stackitem.Item, error) {
|
|
return stackitem.NewStruct([]stackitem.Item{
|
|
stackitem.NewByteArray(c.Value),
|
|
stackitem.NewByteArray(c.Signature),
|
|
stackitem.NewByteArray(c.PublicKey),
|
|
stackitem.NewByteArray(c.Token),
|
|
}), nil
|
|
}
|
|
|
|
// FromStackItem implements stackitem.Convertible.
|
|
func (c *EACL) FromStackItem(item stackitem.Item) error {
|
|
arr, ok := item.Value().([]stackitem.Item)
|
|
if !ok || len(arr) != 4 {
|
|
return errors.New("invalid stack item type")
|
|
}
|
|
|
|
value, err := arr[0].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid eACL value")
|
|
}
|
|
|
|
sig, err := arr[1].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid eACL signature")
|
|
}
|
|
|
|
pub, err := arr[2].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid eACL public key")
|
|
}
|
|
|
|
tok, err := arr[3].TryBytes()
|
|
if err != nil {
|
|
return errors.New("invalid eACL token")
|
|
}
|
|
|
|
c.Value = value
|
|
c.Signature = sig
|
|
c.PublicKey = pub
|
|
c.Token = tok
|
|
return nil
|
|
}
|
|
|
|
// getCIDFilterFunc returns filtering function for container IDs.
|
|
// Raw byte slices are used because it works with structures returned
|
|
// from contract.
|
|
func getCIDFilterFunc(cmd *cobra.Command) (func([]byte) bool, error) {
|
|
rawIDs, err := cmd.Flags().GetStringSlice(containerIDsFlag)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(rawIDs) == 0 {
|
|
return func([]byte) bool { return true }, nil
|
|
}
|
|
|
|
for i := range rawIDs {
|
|
err := new(cid.ID).DecodeString(rawIDs[i])
|
|
if err != nil {
|
|
return nil, fmt.Errorf("can't parse CID %s: %w", rawIDs[i], err)
|
|
}
|
|
}
|
|
sort.Strings(rawIDs)
|
|
return func(rawID []byte) bool {
|
|
var v [32]byte
|
|
copy(v[:], rawID)
|
|
|
|
var id cid.ID
|
|
id.SetSHA256(v)
|
|
idStr := id.EncodeToString()
|
|
_, found := slices.BinarySearch(rawIDs, idStr)
|
|
return found
|
|
}, nil
|
|
}
|