satellite/orders: add encryption keys flag to Service

Change-Id: Ie96e75bc96241b799d04654ef5e05b82e6a899bb

satellite/api.go

@@ -329,7 +329,7 @@ func NewAPI(log *zap.Logger, full *identity.FullIdentity, db DB,
 			peer.Overlay.Service,
 			peer.Orders.DB,
 			peer.DB.Buckets(),
-			config.Orders.Expiration,
+			config.Orders,
 			&pb.NodeAddress{
 				Transport: pb.NodeTransport_TCP_TLS_GRPC,
 				Address:   config.Contact.ExternalAddress,

satellite/core.go

@@ -269,7 +269,7 @@ func New(log *zap.Logger, full *identity.FullIdentity, db DB,
 			peer.Overlay.Service,
 			peer.Orders.DB,
 			peer.DB.Buckets(),
-			config.Orders.Expiration,
+			config.Orders,
 			&pb.NodeAddress{
 				Transport: pb.NodeTransport_TCP_TLS_GRPC,
 				Address:   config.Contact.ExternalAddress,

satellite/orders/encryptionkey.go

@@ -114,6 +114,9 @@ func (keys *EncryptionKeys) Set(s string) error {
 	if keys.KeyByID == nil {
 		keys.KeyByID = map[EncryptionKeyID]storj.Key{}
 	}
+	if s == "" {
+		return nil
+	}
 
 	for _, x := range strings.Split(s, ",") {
 		x = strings.TrimSpace(x)

satellite/orders/service.go

@@ -27,6 +27,7 @@ var ErrDownloadFailedNotEnoughPieces = errs.Class("not enough pieces for downloa
 
 // Config is a configuration struct for orders Service.
 type Config struct {
+	EncryptionKeys               EncryptionKeys             `help:"encryption keys to encrypt info in orders" default:""`
 	Expiration                   time.Duration              `help:"how long until an order expires" default:"48h"` // 2 days
 	SettlementBatchSize          int                        `help:"how many orders to batch per transaction" default:"250"`
 	FlushBatchSize               int                        `help:"how many items in the rollups write cache before they are flushed to the database" devDefault:"20" releaseDefault:"10000"`
@@ -46,31 +47,37 @@ type BucketsDB interface {
 //
 // architecture: Service
 type Service struct {
-	log              *zap.Logger
-	satellite        signing.Signer
-	overlay          *overlay.Service
-	orders           DB
-	buckets          BucketsDB
+	log       *zap.Logger
+	satellite signing.Signer
+	overlay   *overlay.Service
+	orders    DB
+	buckets   BucketsDB
+
+	encryptionKeys   EncryptionKeys
 	satelliteAddress *pb.NodeAddress
 	orderExpiration  time.Duration
-	rngMu            sync.Mutex
-	rng              *mathrand.Rand
+
+	rngMu sync.Mutex
+	rng   *mathrand.Rand
 }
 
 // NewService creates new service for creating order limits.
 func NewService(
 	log *zap.Logger, satellite signing.Signer, overlay *overlay.Service,
 	orders DB, buckets BucketsDB,
-	orderExpiration time.Duration, satelliteAddress *pb.NodeAddress,
+	config Config,
+	satelliteAddress *pb.NodeAddress,
 ) *Service {
 	return &Service{
-		log:              log,
-		satellite:        satellite,
-		overlay:          overlay,
-		orders:           orders,
-		buckets:          buckets,
+		log:       log,
+		satellite: satellite,
+		overlay:   overlay,
+		orders:    orders,
+		buckets:   buckets,
+
+		encryptionKeys:   config.EncryptionKeys,
 		satelliteAddress: satelliteAddress,
-		orderExpiration:  orderExpiration,
+		orderExpiration:  config.Expiration,
 
 		rng: mathrand.New(mathrand.NewSource(time.Now().UnixNano())),
 	}

satellite/repairer.go

@@ -156,7 +156,7 @@ func NewRepairer(log *zap.Logger, full *identity.FullIdentity,
 			peer.Overlay,
 			peer.Orders.DB,
 			bucketsDB,
-			config.Orders.Expiration,
+			config.Orders,
 			&pb.NodeAddress{
 				Transport: pb.NodeTransport_TCP_TLS_GRPC,
 				Address:   config.Contact.ExternalAddress,

scripts/testdata/satellite-config.yaml.lock

@@ -442,6 +442,9 @@ identity.key-path: /root/.local/share/storj/identity/satellite/identity.key
 # path to log for oom notices
 # monkit.hw.oomlog: /var/log/kern.log
 
+# encryption keys to encrypt info in orders
+# orders.encryption-keys: ""
+
 # how long until an order expires
 # orders.expiration: 48h0m0s