Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(dre): embedding default version excluded subnets #703

Merged
merged 4 commits into from
Aug 9, 2024
Merged

refactor(dre): embedding default version excluded subnets #703

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ae7522a
refactoring update auth subnets
NikolaMilosa Aug 9, 2024
c7fd548
fixing bazel
NikolaMilosa Aug 9, 2024
6a6f2be
nits
NikolaMilosa Aug 9, 2024
9463c83
Merge branch 'main' into nm-refactoring-setting-auth-subnets
NikolaMilosa Aug 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions facts-db/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
filegroup(
name = "non_public_subnets",
srcs = [ "non_public_subnets.csv" ],
visibility = [ "//visibility:public" ],
)
8 changes: 6 additions & 2 deletions rs/cli/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,11 @@ cargo_build_script(
srcs = ["src/build.rs"],
deps = all_crate_deps(
build = True
)
),
build_script_env = {
"NON_PUBLIC_SUBNETS": "$(execpath //facts-db:non_public_subnets)"
},
data = [ "//facts-db:non_public_subnets" ]
)

rust_binary(
Expand All @@ -44,7 +48,7 @@ rust_library(
),
deps = all_crate_deps(
normal = True,
) + DEPS,
) + DEPS + [ ":build_script" ],
)

rust_test(
Expand Down
7 changes: 7 additions & 0 deletions rs/cli/src/build.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,11 @@ fn main() {
option_env!("CARGO_PKG_VERSION").map(|v| format!("{}-{}", v, git_rev)).unwrap_or_default()
);
}

let out_dir = std::env::var("OUT_DIR").unwrap();
let path_to_non_public_subnets =
std::fs::canonicalize(option_env!("NON_PUBLIC_SUBNETS").unwrap_or("../../facts-db/non_public_subnets.csv")).unwrap();

std::fs::copy(&path_to_non_public_subnets, format!("{}/non_public_subnets.csv", out_dir))
.unwrap_or_else(|e| panic!("Error with file {}: {:?}", path_to_non_public_subnets.display(), e));
}
45 changes: 22 additions & 23 deletions rs/cli/src/commands/update_authorized_subnets.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
use std::{
collections::BTreeMap,
fs::File,
io::{BufRead, BufReader},
path::PathBuf,
sync::Arc,
};
use std::{collections::BTreeMap, path::PathBuf, sync::Arc};

use clap::{error::ErrorKind, Args};
use ic_management_types::Subnet;
Expand All @@ -20,11 +14,13 @@ use super::ExecutableCommand;
const DEFAULT_CANISTER_LIMIT: u64 = 60_000;
const DEFAULT_STATE_SIZE_BYTES_LIMIT: u64 = 322_122_547_200; // 300GB

const DEFAULT_AUTHORIZED_SUBNETS_CSV: &str = include_str!(concat!(env!("OUT_DIR"), "/non_public_subnets.csv"));

#[derive(Args, Debug)]
pub struct UpdateAuthorizedSubnets {
/// Path to csv file containing the blacklist.
#[clap(default_value = "./facts-db/non_public_subnets.csv")]
path: PathBuf,
#[clap(long)]
path: Option<PathBuf>,

/// Canister num limit for marking a subnet as non public
#[clap(default_value_t = DEFAULT_CANISTER_LIMIT)]
Expand All @@ -41,16 +37,14 @@ impl ExecutableCommand for UpdateAuthorizedSubnets {
}

fn validate(&self, cmd: &mut clap::Command) {
if !self.path.exists() {
cmd.error(ErrorKind::InvalidValue, format!("Path `{}` not found", self.path.display()))
.exit();
}
if let Some(path) = &self.path {
if !path.exists() {
cmd.error(ErrorKind::InvalidValue, format!("Path `{}` not found", path.display())).exit();
}

if !self.path.is_file() {
cmd.error(
ErrorKind::InvalidValue,
format!("Path `{}` found, but is not a file", self.path.display()),
);
if !path.is_file() {
cmd.error(ErrorKind::InvalidValue, format!("Path `{}` found, but is not a file", path.display()));
}
}
}

Expand All @@ -73,7 +67,7 @@ impl ExecutableCommand for UpdateAuthorizedSubnets {

let subnet_principal_string = subnet.principal.to_string();
if let Some((_, description)) = csv_contents.iter().find(|(short_id, _)| subnet_principal_string.starts_with(short_id)) {
excluded_subnets.insert(subnet.principal, description.to_owned());
excluded_subnets.insert(subnet.principal, format!("[Explicitly removed] {}", description));
continue;
}

Expand Down Expand Up @@ -115,16 +109,21 @@ impl ExecutableCommand for UpdateAuthorizedSubnets {

impl UpdateAuthorizedSubnets {
fn parse_csv(&self) -> anyhow::Result<Vec<(String, String)>> {
let contents = BufReader::new(File::open(&self.path)?);
let contents = match &self.path {
Some(p) => std::fs::read_to_string(p)?,
None => {
info!("Using embedded version of authorized subnets csv that is added during build time");
DEFAULT_AUTHORIZED_SUBNETS_CSV.to_string()
}
};
let mut ret = vec![];
for line in contents.lines() {
let content = line?;
if content.starts_with("subnet id") {
if line.starts_with("subnet id") {
info!("Skipping header line in csv");
continue;
}

let (id, desc) = content.split_once(',').ok_or(anyhow::anyhow!("Failed to parse line: {}", content))?;
let (id, desc) = line.split_once(',').ok_or(anyhow::anyhow!("Failed to parse line: {}", line))?;
ret.push((id.to_string(), desc.to_string()))
}

Expand Down
Loading