Accept seed secret key from a file

radicle-dev / radicle-bins

Collection of radicle binaries.

Other

21 stars 9 forks source link

Accept seed secret key from a file #117

Closed adaszko closed 3 years ago

adaszko commented 3 years ago

What: Adds the ability to pass the seed secret key as a regular file (before this, it was possible only via stdin)

Why: For deployment purposes, it's much more convenient to accept the key from a file as it doesn't require an additional shell process that's not available in "distroless" minimalistic Docker images

Compat:

~~!Requires small changes from seed node operators!~~
~~cargo run -p radicle-seed-node --release -- [...] < ~/.radicle-seed/secret.key now becomes either~~

~~cargo run -p radicle-seed-node --release -- [...] track-everything < ~/.radicle-seed/secret.key~~

~~or without the redirection:~~

~~cargo run -p radicle-seed-node --release -- [...] track-everything ~/.radicle-seed/secret.key depending on what's more convenient.~~

adaszko commented 3 years ago

The secret key handling looks good now and least invasive. What I find surprising given the declared goal of the PR are the changes to track, which seem unrelated, could it be avoided to change those?

Is it worse that those names have been made more explicit? Is succinctness preferable in this context over clarity?

xla commented 3 years ago

Is it worse that those names have been made more explicit? Is succinctness preferable in this context over clarity?

The change can happen if desired, my point is that it's unrelated to the secret changes and therefore should not be part of this PR.

adaszko commented 3 years ago

Thanks for the review 👍

I've gpg-signed all the commits as per contribution requirement but gonna need someone else to merge the PR for me as I don't have the write access to the repo:

FintanH commented 3 years ago

Actually, we also require you to sign-off on all commits, but you've only done that on your first one (note that this is different from GPG signing). Would you be able to do that? And since we're going to have to do that anyway, could you perhaps clean up the commits during the rebase/squash to have more meaningful descriptions? It'd be much appreciated :bow:

adaszko commented 3 years ago

Actually, we also require you to sign-off on all commits, but you've only done that on your first one (note that this is different from GPG signing). Would you be able to do that? And since we're going to have to do that anyway, could you perhaps clean up the commits during the rebase/squash to have more meaningful descriptions? It'd be much appreciated 🙇

Done ✅