Improve identity cli ux: (#1142)

2019-01-25 17:55:45 +01:00 · 2019-01-25 17:55:45 +01:00 · 7bed8050aa
commit 7bed8050aa
parent 5397efe5c1
3 changed files with 31 additions and 12 deletions
--- a/cmd/identity/main.go
+++ b/cmd/identity/main.go
@ -9,6 +9,7 @@ import (
 	"fmt"
 	"path/filepath"

+	"github.com/fatih/color"
 	"github.com/spf13/cobra"
 	"github.com/zeebo/errs"

@ -38,11 +39,11 @@ var (
 		Annotations: map[string]string{"type": "setup"},
 	}

-	csrCmd = &cobra.Command{
+	authorizeCmd = &cobra.Command{
 		Use:         "authorize <service> <auth-token>",
 		Short:       "Send a certificate signing request for a service's CA certificate",
 		Args:        cobra.ExactArgs(2),
-		RunE:        cmdCSR,
+		RunE:        cmdAuthorize,
 		Annotations: map[string]string{"type": "setup"},
 	}

@ -60,13 +61,18 @@ var (
 )

 func init() {
+	identityDirParam := cfgstruct.FindIdentityDirParam()
+	if identityDirParam != "" {
+		defaultIdentityDir = identityDirParam
+	}
+
 	rootCmd.PersistentFlags().StringVar(&identityDir, "identity-dir", defaultIdentityDir, "root directory for identity output")

 	rootCmd.AddCommand(newServiceCmd)
-	rootCmd.AddCommand(csrCmd)
+	rootCmd.AddCommand(authorizeCmd)

 	cfgstruct.Bind(newServiceCmd.Flags(), &config, cfgstruct.IdentityDir(defaultIdentityDir))
-	cfgstruct.Bind(csrCmd.Flags(), &config, cfgstruct.IdentityDir(defaultIdentityDir))
+	cfgstruct.Bind(authorizeCmd.Flags(), &config, cfgstruct.IdentityDir(defaultIdentityDir))
 }

 func main() {
@ -118,10 +124,12 @@ func cmdNewService(cmd *cobra.Command, args []string) error {
 	}

 	fmt.Printf("Unsigned identity is located in %q\n", serviceDir)
+	fmt.Println(color.CyanString("Please *move* CA key to secure storage - it is only needed for identity management!"))
+	fmt.Println(color.CyanString("\t%s", caConfig.KeyPath))
 	return nil
 }

-func cmdCSR(cmd *cobra.Command, args []string) error {
+func cmdAuthorize(cmd *cobra.Command, args []string) error {
 	ctx := process.Ctx(cmd)

 	serviceDir := serviceDirectory(args[0])
@ -191,7 +199,8 @@ func cmdCSR(cmd *cobra.Command, args []string) error {
 		return err
 	}

-	fmt.Printf("Signed identity is in %q\n", serviceDir)
+	fmt.Println("Identity successfully authorized using single use authorization token.")
+	fmt.Printf("Please back-up \"%s\" to a safe location.\n", serviceDir)
 	return nil
 }

--- a/go.sum
+++ b/go.sum
@ -96,8 +96,6 @@ github.com/go-redis/redis v6.14.1+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8w
 github.com/go-sql-driver/mysql v1.4.0 h1:7LxgVwFb2hIQtMm87NdgAVfXjnt4OePseqT1tKx+opk=
 github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/gocql/gocql v0.0.0-20180913072538-864d5908455a/go.mod h1:4Fw1eo5iaEhDUs8XyuhSVCVy52Jq3L+/3GJgYkwc+/0=
-github.com/gogo/protobuf v1.1.2-0.20181116123445-07eab6a8298c h1:c8VQNu/587ErbVKJSz6kKVdrf3kS18Sn50UShPyJ7Wc=
-github.com/gogo/protobuf v1.1.2-0.20181116123445-07eab6a8298c/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.0 h1:xU6/SpYbvkNYiptHJYEDRseDLvYE7wSqhYYNy0QSUzI=
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/golang-migrate/migrate/v3 v3.5.2 h1:SUWSv6PD8Lr2TGx1lmVW7W2lRoQiVny3stM4He6jczQ=
--- a/pkg/identity/certificate_authority.go
+++ b/pkg/identity/certificate_authority.go
@ -11,8 +11,8 @@ import (
 	"crypto/rand"
 	"crypto/x509"
 	"encoding/pem"
+	"fmt"
 	"io/ioutil"
-	"log"
 	"sync"
 	"sync/atomic"

@ -85,6 +85,7 @@ func NewCA(ctx context.Context, opts NewCAOptions) (_ *FullCertificateAuthority,
 	defer mon.Task()(&ctx)(&err)
 	var (
 		highscore = new(uint32)
+		i         = new(uint32)

 		mu          sync.Mutex
 		selectedKey *ecdsa.PrivateKey
@ -95,9 +96,19 @@ func NewCA(ctx context.Context, opts NewCAOptions) (_ *FullCertificateAuthority,
 		opts.Concurrency = 1
 	}

-	log.Printf("Generating a certificate matching a difficulty of %d\n", opts.Difficulty)
+	fmt.Printf("Generating key with a minimum a difficulty of %d...\n", opts.Difficulty)
+	logStatus := func() {
+		count := atomic.LoadUint32(i)
+		hs := atomic.LoadUint32(highscore)
+		fmt.Printf("\rGenerated %d keys; best difficulty so far: %d", count, hs)
+	}
 	err = GenerateKeys(ctx, minimumLoggableDifficulty, int(opts.Concurrency),
 		func(k *ecdsa.PrivateKey, id storj.NodeID) (done bool, err error) {
+			count := atomic.AddUint32(i, 1)
+			if count%100 == 0 {
+				logStatus()
+			}
+
 			difficulty, err := id.Difficulty()
 			if err != nil {
 				return false, err
@ -105,11 +116,12 @@ func NewCA(ctx context.Context, opts NewCAOptions) (_ *FullCertificateAuthority,
 			if difficulty >= opts.Difficulty {
 				mu.Lock()
 				if selectedKey == nil {
-					log.Printf("Found a certificate matching difficulty of %d\n", difficulty)
+					logStatus()
 					selectedKey = k
 					selectedID = id
 				}
 				mu.Unlock()
+				fmt.Printf("\nFound a key with difficulty %d!\n", difficulty)
 				return true, nil
 			}
 			for {
@ -118,7 +130,7 @@ func NewCA(ctx context.Context, opts NewCAOptions) (_ *FullCertificateAuthority,
 					return false, nil
 				}
 				if atomic.CompareAndSwapUint32(highscore, hs, uint32(difficulty)) {
-					log.Printf("Found a certificate matching difficulty of %d\n", difficulty)
+					logStatus()
 					return false, nil
 				}
 			}