Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Keymanager passphrase with special characters cannot be parsed #4686

Closed
tsudmi opened this issue Jan 29, 2020 · 6 comments
Closed

Keymanager passphrase with special characters cannot be parsed #4686

tsudmi opened this issue Jan 29, 2020 · 6 comments

Comments

@tsudmi
Copy link
Contributor

tsudmi commented Jan 29, 2020

I'm passing keystore parameters to the validator in the following way:

--keymanager=keystore
--keymanageropts="{'path':'/etc/validators','passphrase':\"$(KEYSTORE_PASSWORD)\"}"

When I start the validator, I get the following output:

The keystore key manager generates keys and stores them in a local encrypted store.  The options are:
  - path This is the filesystem path to where keys will be stored.  Defaults to the user's home directory if not supplied
  - passphrase This is the passphrase used to encrypt keys.  Will be asked for if not supplied
A sample set of options are:
  {
    "path":   "/home/me/keys", // Store the keys in '/home/me/keys'
    "passphrase": "secret"     // Use the passphrase 'secret' to encrypt and decrypt keys
  }
time="2020-01-28 20:00:49" level=error msg="invalid character 'G' after top-level value" prefix=main

Latest commit: 3e9bf58d81a986881de9d2d0fcbe565b3fe83ef2
@mcdee
Copy link
Contributor

mcdee commented Jan 29, 2020

Can you try this with:

--keymanageropts='{"path":"/etc/validators","passphrase":"'"${KEYSTORE_PASSWORD}"'"}'

@tsudmi
Copy link
Contributor Author

tsudmi commented Jan 29, 2020

@mcdee thanks for the reply.

In such case I'm getting:

time="2020-01-29 19:33:08" level=error msg="invalid character '\'' looking for beginning of value" prefix=main

@mcdee
Copy link
Contributor

mcdee commented Jan 29, 2020

Please could you paste your entire command line? I just double-checked and the above works on my local machine.

@tsudmi
Copy link
Contributor Author

tsudmi commented Feb 1, 2020

Hi @mcdee ,
I'm running the validator in Kubernetes, so I have to pass these parameters in yaml file.
Here is a snippet of the POD container:

- name: validator
   image: "gcr.io/prysmaticlabs/prysm/validator:latest"
   imagePullPolicy: Always
   args:
     - --monitoring-port=9090
     - --datadir=/data
     - --keymanager=keystore
     - --keymanageropts="{'path':'/etc/validators','passphrase':\"$(KEYSTORE_PASSWORD)\"}"
   env:
     - name: KEYSTORE_PASSWORD
       value: "some_long_and_complex_password"

@prestonvanloon did you manage to pass those parameters inside your deployment files?

@mcdee
Copy link
Contributor

mcdee commented Feb 1, 2020

The keymanager options need to be JSON so single quotes around strings won't work. Possibly something like:

--keymanageropts='{"path":"/etc/validators","passphrase":"'"${KEYSTORE_PASSWORD}"'"}'

could do the trick, although it depends on how yaml files treat quotes. If not, there's a patch #4687 that has yet to be merged but when it has it will allow you to specify a path in keymanageropts instead; this may be a better long-term solution for you.

@rauljordan
Copy link
Contributor

Closing for now unless @tsudmi still has failures with the suggested solutions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mcdee @rauljordan @tsudmi