node-add: updated to set the secret prior to adding the node

Signed-off-by: Jeromy Cannon <[email protected]>

Author: jeromy-cannon

src/commands/node.mjs

@@ -1623,6 +1623,58 @@ export class NodeCommand extends BaseCommand {
           await this.freezeUpgradeNetworkNodes(config.freezeAdminPrivateKey, ctx.upgradeZipHash, config.nodeClient)
         }
       },
+      {
+        title: 'Prepare staging directory',
+        task: async (ctx, parentTask) => {
+          const subTasks = [
+            {
+              title: 'Copy Gossip keys to staging',
+              task: async (ctx, _) => {
+                const config = /** @type {NodeAddConfigClass} **/ ctx.config
+
+                await this.keyManager.copyGossipKeysToStaging(config.keyFormat, config.keysDir, config.stagingKeysDir, config.allNodeIds)
+              }
+            },
+            {
+              title: 'Copy gRPC TLS keys to staging',
+              task: async (ctx, _) => {
+                const config = /** @type {NodeAddConfigClass} **/ ctx.config
+                for (const nodeId of config.allNodeIds) {
+                  const tlsKeyFiles = self.keyManager.prepareTLSKeyFilePaths(nodeId, config.keysDir)
+                  await self.keyManager.copyNodeKeysToStaging(tlsKeyFiles, config.stagingKeysDir)
+                }
+              }
+            }
+          ]
+
+          return parentTask.newListr(subTasks, {
+            concurrent: false,
+            rendererOptions: constants.LISTR_DEFAULT_RENDERER_OPTION
+          })
+        }
+      },
+      {
+        title: 'Copy node keys to secrets',
+        task: async (ctx, parentTask) => {
+          const config = /** @type {NodeAddConfigClass} **/ ctx.config
+
+          const subTasks = []
+          for (const nodeId of config.allNodeIds) {
+            const podName = config.podNames[nodeId]
+            subTasks.push({
+              title: `Node: ${chalk.yellow(nodeId)}`,
+              task: () =>
+                self.platformInstaller.copyNodeKeys(podName, config.stagingDir, config.allNodeIds, config.keyFormat)
+            })
+          }
+
+          // set up the sub-tasks
+          return parentTask.newListr(subTasks, {
+            concurrent: true,
+            rendererOptions: constants.LISTR_DEFAULT_RENDERER_OPTION
+          })
+        }
+      },
       {
         title: 'Check network nodes are frozen',
         task: (ctx, task) => {
@@ -1669,7 +1721,6 @@ export class NodeCommand extends BaseCommand {
             valuesArg += this.prepareValuesFiles(this.profileValuesFile)
           }
 
-          // TODO: update the secrets with the new/updated key(s), platform installer: copyGossipKeys & copyTLSKeys
           await self.chartManager.upgrade(
             config.namespace,
             constants.FULLSTACK_DEPLOYMENT_CHART,
@@ -1718,36 +1769,6 @@ export class NodeCommand extends BaseCommand {
               })
             }
       },
-      {
-        title: 'Prepare staging directory',
-        task: async (ctx, parentTask) => {
-          const subTasks = [
-            {
-              title: 'Copy Gossip keys to staging',
-              task: async (ctx, _) => {
-                const config = /** @type {NodeAddConfigClass} **/ ctx.config
-
-                await this.keyManager.copyGossipKeysToStaging(config.keyFormat, config.keysDir, config.stagingKeysDir, config.allNodeIds)
-              }
-            },
-            {
-              title: 'Copy gRPC TLS keys to staging',
-              task: async (ctx, _) => {
-                const config = /** @type {NodeAddConfigClass} **/ ctx.config
-                for (const nodeId of config.allNodeIds) {
-                  const tlsKeyFiles = self.keyManager.prepareTLSKeyFilePaths(nodeId, config.keysDir)
-                  await self.keyManager.copyNodeKeysToStaging(tlsKeyFiles, config.stagingKeysDir)
-                }
-              }
-            }
-          ]
-
-          return parentTask.newListr(subTasks, {
-            concurrent: false,
-            rendererOptions: constants.LISTR_DEFAULT_RENDERER_OPTION
-          })
-        }
-      },
       {
         title: 'Fetch platform software into all network nodes',
         task:

src/core/platform_installer.mjs

@@ -139,7 +139,7 @@ export class PlatformInstaller {
     }
   }
 
-  // TODO: update to copy the keys to the k8s secrets
+  // TODO: update to remove the copyTo the nodes
   async copyGossipKeys (podName, stagingDir, nodeIds, keyFormat = constants.KEY_FORMAT_PEM) {
     const self = this
 
@@ -302,4 +302,44 @@ export class PlatformInstaller {
     }
     )
   }
+
+  /**
+   * Return a list of task to copy the node keys to the staging directory
+   *
+   * It assumes the staging directory has the following files and resources:
+   *   ${staging}/keys/s-<nodeId>.key: signing key for a node
+   *   ${staging}/keys/s-<nodeId>.crt: signing cert for a node
+   *   ${staging}/keys/a-<nodeId>.key: agreement key for a node
+   *   ${staging}/keys/a-<nodeId>.crt: agreement cert for a node
+   *   ${staging}/keys/hedera-<nodeId>.key: gRPC TLS key for a node
+   *   ${staging}/keys/hedera-<nodeId>.crt: gRPC TLS cert for a node
+   *
+   * @param podName name of the pod
+   * @param stagingDir staging directory path
+   * @param nodeIds list of node ids
+   * @param keyFormat key format (pfx or pem)
+   * @returns {Listr<ListrContext, ListrPrimaryRendererValue, ListrSecondaryRendererValue>}
+   */
+  copyNodeKeys (podName, stagingDir, nodeIds, keyFormat = constants.KEY_FORMAT_PEM) {
+    const self = this
+    return new Listr([
+      {
+        title: 'Copy Gossip keys',
+        task: (_, task) =>
+          self.copyGossipKeys(podName, stagingDir, nodeIds, keyFormat)
+      },
+      {
+        title: 'Copy TLS keys',
+        task: (_, task) =>
+          self.copyTLSKeys(podName, stagingDir, keyFormat)
+      }
+    ],
+    {
+      concurrent: false,
+      rendererOptions: {
+        collapseSubtasks: false
+      }
+    }
+    )
+  }
 }