Add password migrate command

2026-03-21 22:04:44 +00:00 · 2022-09-05 11:35:58 +10:00
parent 9dfea42513
commit 2abb4a7703
3 changed files with 45 additions and 3 deletions
--- a/common/account_utils/src/validator_definitions.rs
+++ b/common/account_utils/src/validator_definitions.rs
@@ -16,7 +16,7 @@ use std::fs::{self, File};
 use std::io;
 use std::path::{Path, PathBuf};
 use types::{graffiti::GraffitiString, Address, PublicKey};
-use validator_dir::VOTING_KEYSTORE_FILE;
+use validator_dir::{write_password_to_file, VOTING_KEYSTORE_FILE};

 /// The file name for the serialized `ValidatorDefinitions` struct.
 pub const CONFIG_FILENAME: &str = "validator_definitions.yml";
@@ -47,6 +47,7 @@ pub enum Error {
    UnableToCreateValidatorDir(PathBuf),
    UnableToReadKeystorePassword(String),
    KeystoreWithoutPassword,
+    UnableToCreatePassword(validator_dir::BuilderError),
 }

 /// Defines how a password for a validator keystore will be persisted.
@@ -350,6 +351,42 @@ impl ValidatorDefinitions {
        Ok(new_defs_count)
    }

+    // TODO(paul): remove this
+    pub fn migrate_passwords_to_secrets_dir<P: AsRef<Path>>(
+        &mut self,
+        validators_dir: P,
+        secrets_dir: P,
+    ) -> Result<(), Error> {
+        for def in &mut self.0 {
+            match &mut def.signing_definition {
+                SigningDefinition::LocalKeystore {
+                    voting_keystore_path,
+                    voting_keystore_password_path,
+                    voting_keystore_password,
+                } => {
+                    if voting_keystore_password_path.is_some() {
+                        continue;
+                    }
+
+                    let keystore = Keystore::from_json_file(&voting_keystore_path)
+                        .map_err(Error::UnableToOpenKeystore)?;
+
+                    if let Some(password) = voting_keystore_password {
+                        let password_path = default_keystore_password_path(&keystore, &secrets_dir);
+                        if !password_path.exists() {
+                            write_password_to_file(&password_path, password.as_ref())
+                                .map_err(Error::UnableToCreatePassword)?;
+                            *voting_keystore_password_path = Some(password_path);
+                            *voting_keystore_password = None;
+                        }
+                    }
+                }
+                SigningDefinition::Web3Signer { .. } => (),
+            }
+        }
+        self.save(validators_dir)
+    }
+
    /// Encodes `self` as a YAML string and atomically writes it to the `CONFIG_FILENAME` file in
    /// the `validators_dir` directory.
    ///
--- a/common/validator_dir/src/lib.rs
+++ b/common/validator_dir/src/lib.rs
@@ -15,6 +15,6 @@ pub use crate::validator_dir::{
    ETH1_DEPOSIT_TX_HASH_FILE,
 };
 pub use builder::{
-    keystore_password_path, Builder, Error as BuilderError, ETH1_DEPOSIT_DATA_FILE,
-    VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE,
+    keystore_password_path, write_password_to_file, Builder, Error as BuilderError,
+    ETH1_DEPOSIT_DATA_FILE, VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE,
 };
--- a/validator_client/src/lib.rs
+++ b/validator_client/src/lib.rs
@@ -162,6 +162,11 @@ impl<T: EthSpec> ProductionValidatorClient<T> {
        let mut validator_defs = ValidatorDefinitions::open_or_create(&config.validator_dir)
            .map_err(|e| format!("Unable to open or create validator definitions: {:?}", e))?;

+        // TODO(paul): remove this
+        validator_defs
+            .migrate_passwords_to_secrets_dir(&config.validator_dir, &config.secrets_dir)
+            .map_err(|e| format!("Unable to migrate passwords: {:?}", e))?;
+
        if !config.disable_auto_discover {
            let new_validators = validator_defs
                .discover_local_keystores(&config.validator_dir, &config.secrets_dir, &log)