build-trust · adrianbenavides · Oct 2, 2023 · Sep 29, 2023 · Sep 29, 2023
@@ -153,13 +153,6 @@ impl PreTrustedIdentities {
         PreTrustedIdentities::Fixed(entries)
     }
 
-    pub fn get_trusted_identities(self) -> Result<HashMap<Identifier, AttributesEntry>> {
-        match self {
-            PreTrustedIdentities::Fixed(identities) => Ok(identities),
-            PreTrustedIdentities::ReloadFrom(path) => Self::parse_from_disk(&path),
-        }
-    }
-
     fn parse_from_disk(path: &PathBuf) -> Result<HashMap<Identifier, AttributesEntry>> {
         let contents = std::fs::read_to_string(path)
             .map_err(|e| ockam_core::Error::new(Origin::Other, Kind::Io, e))?;

@@ -90,7 +90,6 @@ pub struct NodeManager {
     api_transport_flow_control_id: FlowControlId,
     pub(crate) tcp_transport: TcpTransport,
     pub(crate) controller_identity_id: Identifier,
-    skip_defaults: bool,
     enable_credential_checks: bool,
     identifier: Identifier,
     pub(crate) secure_channels: Arc<SecureChannels>,
@@ -224,22 +223,22 @@ impl NodeManager {
 pub struct NodeManagerGeneralOptions {
     cli_state: CliState,
     node_name: String,
-    skip_defaults: bool,
     pre_trusted_identities: Option<PreTrustedIdentities>,
+    start_default_services: bool,
 }
 
 impl NodeManagerGeneralOptions {
     pub fn new(
         cli_state: CliState,
         node_name: String,
-        skip_defaults: bool,
         pre_trusted_identities: Option<PreTrustedIdentities>,
+        start_default_services: bool,
     ) -> Self {
         Self {
             cli_state,
             node_name,
-            skip_defaults,
             pre_trusted_identities,
+            start_default_services,
         }
     }
 }
@@ -339,7 +338,6 @@ impl NodeManager {
             api_transport_flow_control_id: transport_options.api_transport_flow_control_id,
             tcp_transport: transport_options.tcp_transport,
             controller_identity_id: Self::load_controller_identifier()?,
-            skip_defaults: general_options.skip_defaults,
             enable_credential_checks: trust_options.trust_context_config.is_some()
                 && trust_options
                     .trust_context_config
@@ -355,13 +353,13 @@ impl NodeManager {
             policies,
         };
 
-        if !general_options.skip_defaults {
-            debug!("starting default services");
-            if let Some(tc) = trust_options.trust_context_config {
-                debug!("configuring trust context");
-                s.configure_trust_context(&tc).await?;
-            }
+        if let Some(tc) = trust_options.trust_context_config {
+            debug!("configuring trust context");
+            s.configure_trust_context(&tc).await?;
         }
+
+        s.initialize_services(ctx, general_options.start_default_services)
+            .await?;
         info!("created a node manager for the node: {}", s.node_name);
 
         Ok(s)
@@ -381,7 +379,7 @@ impl NodeManager {
         Ok(())
     }
 
-    async fn initialize_defaults(
+    async fn initialize_default_services(
         &mut self,
         ctx: &Context,
         api_flow_control_id: &FlowControlId,
@@ -424,6 +422,33 @@ impl NodeManager {
         Ok(())
     }
 
+    async fn initialize_services(
+        &mut self,
+        ctx: &Context,
+        start_default_services: bool,
+    ) -> Result<()> {
+        let api_flow_control_id = self.api_transport_flow_control_id.clone();
+
+        if start_default_services {
+            self.initialize_default_services(ctx, &api_flow_control_id)
+                .await?;
+        }
+
+        // Always start the echoer service as ockam_api::Medic assumes it will be
+        // started unconditionally on every node. It's used for liveliness checks.
+        ctx.flow_controls()
+            .add_consumer(DefaultAddress::ECHO_SERVICE, &api_flow_control_id);
+        self.start_echoer_service_impl(ctx, DefaultAddress::ECHO_SERVICE.into())
+            .await?;
+
+        ctx.flow_controls()
+            .add_consumer(DefaultAddress::RPC_PROXY, &api_flow_control_id);
+        ctx.start_worker(DefaultAddress::RPC_PROXY, RpcProxyService::new())
+            .await?;
+
+        Ok(())
+    }
+
     /// Resolve project ID (if any), create secure channel (if needed) and create a tcp connection
     /// Returns [`ConnectionInstance`]
     pub(crate) async fn connect(
@@ -830,32 +855,6 @@ impl Worker for NodeManagerWorker {
     type Message = Vec<u8>;
     type Context = Context;
 
-    async fn initialize(&mut self, ctx: &mut Context) -> Result<()> {
-        let mut node_manager = self.node_manager.write().await;
-        let api_flow_control_id = node_manager.api_transport_flow_control_id.clone();
-
-        if !node_manager.skip_defaults {
-            node_manager
-                .initialize_defaults(ctx, &api_flow_control_id)
-                .await?;
-        }
-
-        // Always start the echoer service as ockam_api::Medic assumes it will be
-        // started unconditionally on every node. It's used for liveliness checks.
-        ctx.flow_controls()
-            .add_consumer(DefaultAddress::ECHO_SERVICE, &api_flow_control_id);
-        node_manager
-            .start_echoer_service_impl(ctx, DefaultAddress::ECHO_SERVICE.into())
-            .await?;
-
-        ctx.flow_controls()
-            .add_consumer(DefaultAddress::RPC_PROXY, &api_flow_control_id);
-        ctx.start_worker(DefaultAddress::RPC_PROXY, RpcProxyService::new())
-            .await?;
-
-        Ok(())
-    }
-
     async fn shutdown(&mut self, ctx: &mut Self::Context) -> Result<()> {
         let node_manager = self.node_manager.read().await;
         node_manager.medic_handle.stop_medic(ctx).await

@@ -444,7 +444,7 @@ pub mod test_utils {
 
         let node_manager = NodeManager::create(
             context,
-            NodeManagerGeneralOptions::new(cli_state.clone(), node_name, false, None),
+            NodeManagerGeneralOptions::new(cli_state.clone(), node_name, None, true),
             NodeManagerTransportOptions::new(
                 FlowControls::generate_flow_control_id(), // FIXME
                 tcp.async_try_clone().await?,

@@ -314,7 +314,7 @@ pub(crate) async fn make_node_manager_worker(
 
     let node_manager = NodeManager::create(
         &ctx,
-        NodeManagerGeneralOptions::new(cli_state.clone(), NODE_NAME.to_string(), false, None),
+        NodeManagerGeneralOptions::new(cli_state.clone(), NODE_NAME.to_string(), None, true),
         NodeManagerTransportOptions::new(listener.flow_control_id().clone(), tcp),
         NodeManagerTrustOptions::new(trust_context_config),
     )

@@ -307,8 +307,8 @@ async fn run_foreground_node(
         NodeManagerGeneralOptions::new(
             opts.state.clone(),
             cmd.node_name.clone(),
-            cmd.launch_config.is_some(),
             pre_trusted_identities,
+            cmd.launch_config.is_none(),
         ),
         NodeManagerTransportOptions::new(
             listener.flow_control_id().clone(),
@@ -318,8 +318,8 @@ async fn run_foreground_node(
     )
     .await
     .into_diagnostic()?;
-    let node_manager_worker = NodeManagerWorker::new(node_man);
 
+    let node_manager_worker = NodeManagerWorker::new(node_man);
     ctx.flow_controls()
         .add_consumer(NODEMANAGER_ADDR, listener.flow_control_id());
     ctx.start_worker(NODEMANAGER_ADDR, node_manager_worker)

@@ -73,12 +73,7 @@ pub async fn start_embedded_node_with_vault_and_identity(
 
     let node_man = NodeManager::create(
         ctx,
-        NodeManagerGeneralOptions::new(
-            cli_state.clone(),
-            cmd.node_name.clone(),
-            cmd.launch_config.is_some(),
-            None,
-        ),
+        NodeManagerGeneralOptions::new(cli_state.clone(), cmd.node_name.clone(), None, true),
         NodeManagerTransportOptions::new(listener.flow_control_id().clone(), tcp),
         NodeManagerTrustOptions::new(trust_context_config),
     )