From d7be5b1f03df2805126cfea0d9341f023471faa4 Mon Sep 17 00:00:00 2001
From: Kefu Chai <kchai@redhat.com>
Date: Thu, 13 Jun 2019 22:48:48 +0800
Subject: [PATCH] crimson/osd: add --mkkey support

see qa/tasks/ceph.py for how it is used, and why we need it.

Signed-off-by: Kefu Chai <kchai@redhat.com>
---
 src/crimson/osd/main.cc | 48 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 44 insertions(+), 4 deletions(-)

diff --git a/src/crimson/osd/main.cc b/src/crimson/osd/main.cc
index 6fabf7f6cc3..48e3ae7155e 100644
--- a/src/crimson/osd/main.cc
+++ b/src/crimson/osd/main.cc
@@ -9,8 +9,11 @@
 #include <seastar/core/app-template.hh>
 #include <seastar/core/print.hh>
 #include <seastar/core/thread.hh>
+#include <seastar/util/std-compat.hh>
 
+#include "auth/KeyRing.h"
 #include "common/ceph_argparse.h"
+#include "crimson/common/buffer_io.h"
 #include "crimson/common/config_proxy.h"
 #include "crimson/net/SocketMessenger.h"
 #include "global/pidfile.h"
@@ -18,6 +21,7 @@
 #include "osd.h"
 
 using config_t = ceph::common::ConfigProxy;
+namespace fs = seastar::compat::filesystem;
 
 void usage(const char* prog) {
   std::cout << "usage: " << prog << " -i <ID>" << std::endl;
@@ -67,10 +71,41 @@ auto partition_args(seastar::app_template& app, char** argv_begin, char** argv_e
   return make_pair(std::move(ceph_args), std::move(app_args));
 }
 
+using ceph::common::local_conf;
+
+seastar::future<> make_keyring()
+{
+  const auto path = local_conf().get_val<string>("keyring");
+  return seastar::file_exists(path).then([path](bool exists) {
+    KeyRing keyring;
+    EntityName name{local_conf()->name};
+    EntityAuth auth;
+    if (exists &&
+        keyring.load(nullptr, path) == 0 &&
+        keyring.get_auth(name, auth)) {
+      seastar::fprint(std::cerr, "already have key in keyring: %s\n", path);
+      return seastar::now();
+    } else {
+      auth.key.create(std::make_unique<CephContext>().get(), CEPH_CRYPTO_AES);
+      keyring.add(name, auth);
+      bufferlist bl;
+      keyring.encode_plaintext(bl);
+      const auto permissions = (seastar::file_permissions::user_read |
+                              seastar::file_permissions::user_write);
+      return ceph::buffer::write_file(std::move(bl), path, permissions);
+    }
+  }).handle_exception_type([path](const fs::filesystem_error& e) {
+    seastar::fprint(std::cerr, "FATAL: writing new keyring to %s: %s\n", path, e.what());
+    throw e;
+  });
+}
+
 int main(int argc, char* argv[])
 {
   seastar::app_template app;
   app.add_options()
+    ("mkkey", "generate a new secret key. "
+              "This is normally used in combination with --mkfs")
     ("mkfs", "create a [new] data directory")
     ("debug", "enable debug output on all loggers");
 
@@ -92,7 +127,6 @@ int main(int argc, char* argv[])
   seastar::sharded<ceph::net::SocketMessenger> hb_front_msgr, hb_back_msgr;
   using ceph::common::sharded_conf;
   using ceph::common::sharded_perf_coll;
-  using ceph::common::local_conf;
   try {
     return app.run_deprecated(app_args.size(), const_cast<char**>(app_args.data()), [&] {
       auto& config = app.configuration();
@@ -142,14 +176,20 @@ int main(int argc, char* argv[])
                                            hb_front_msgr.stop(),
                                            hb_back_msgr.stop());
         });
+        if (config.count("mkkey")) {
+          make_keyring().handle_exception([](std::exception_ptr) {
+            seastar::engine().exit(1);
+          }).get();
+        }
         if (config.count("mkfs")) {
           osd.invoke_on(
 	    0,
 	    &OSD::mkfs,
 	    local_conf().get_val<uuid_d>("osd_uuid"),
-	    local_conf().get_val<uuid_d>("fsid")).then([] {
-	      seastar::engine().exit(0);
-	    }).get();
+	    local_conf().get_val<uuid_d>("fsid")).get();
+        }
+        if (config.count("mkkey") || config.count("mkfs")) {
+          seastar::engine().exit(0);
         } else {
           osd.invoke_on(0, &OSD::start).get();
         }
-- 
2.39.5