Add secureConnect config for ioctl (iotexproject#1061)

Author: Frankonly

cli/ioctl/cmd/account/account.go

@@ -41,6 +41,8 @@ var AccountCmd = &cobra.Command{
 	Args:  cobra.MinimumNArgs(1),
 }
 
+var insecure bool
+
 func init() {
 	AccountCmd.AddCommand(accountBalanceCmd)
 	AccountCmd.AddCommand(accountCreateCmd)
@@ -54,8 +56,8 @@ func init() {
 	AccountCmd.AddCommand(accountUpdateCmd)
 	AccountCmd.PersistentFlags().StringVar(&config.ReadConfig.Endpoint, "endpoint",
 		config.ReadConfig.Endpoint, "set endpoint for once")
-	AccountCmd.PersistentFlags().BoolVar(&config.IsInsecure, "insecure",
-		false, "connect endpoint with insecure option")
+	AccountCmd.PersistentFlags().BoolVar(&config.Insecure, "insecure", config.Insecure,
+		"insecure connection for once")
 }
 
 // KsAccountToPrivateKey generates our PrivateKey interface from Keystore account
@@ -82,7 +84,7 @@ func KsAccountToPrivateKey(signer, password string) (keypair.PrivateKey, error)
 
 // GetAccountMeta gets account metadata
 func GetAccountMeta(addr string) (*iotextypes.AccountMeta, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return nil, err
 	}

cli/ioctl/cmd/action/action.go

@@ -45,6 +45,8 @@ var ActionCmd = &cobra.Command{
 	Args:  cobra.MinimumNArgs(1),
 }
 
+var insecure bool
+
 func init() {
 	ActionCmd.AddCommand(actionHashCmd)
 	ActionCmd.AddCommand(actionTransferCmd)
@@ -54,10 +56,10 @@ func init() {
 	ActionCmd.AddCommand(actionDepositCmd)
 	ActionCmd.PersistentFlags().StringVar(&config.ReadConfig.Endpoint, "endpoint",
 		config.ReadConfig.Endpoint, "set endpoint for once")
+	ActionCmd.PersistentFlags().BoolVar(&config.Insecure, "insecure", config.Insecure,
+		"insecure connection for once")
 	setActionFlags(actionTransferCmd, actionDeployCmd, actionInvokeCmd, actionClaimCmd,
 		actionDepositCmd)
-	ActionCmd.PersistentFlags().BoolVar(&config.IsInsecure, "insecure",
-		false, "connect endpoint with insecure option")
 }
 
 func setActionFlags(cmds ...*cobra.Command) {
@@ -78,7 +80,7 @@ func setActionFlags(cmds ...*cobra.Command) {
 
 // GetGasPrice gets the suggest gas price
 func GetGasPrice() (*big.Int, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return nil, err
 	}
@@ -128,7 +130,7 @@ func sendAction(elp action.Envelope) (string, error) {
 	fmt.Println()
 
 	request := &iotexapi.SendActionRequest{Action: selp}
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}

cli/ioctl/cmd/action/actionhash.go

@@ -46,7 +46,7 @@ var actionHashCmd = &cobra.Command{
 // getActionByHash gets action of IoTeX Blockchain by hash
 func getActionByHash(args []string) (string, error) {
 	hash := args[0]
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}

cli/ioctl/cmd/bc/bc.go

@@ -26,18 +26,20 @@ var BCCmd = &cobra.Command{
 	Args:  cobra.ExactArgs(1),
 }
 
+var insecure bool
+
 func init() {
 	BCCmd.AddCommand(bcBlockCmd)
 	BCCmd.AddCommand(bcInfoCmd)
 	BCCmd.PersistentFlags().StringVar(&config.ReadConfig.Endpoint, "endpoint",
 		config.ReadConfig.Endpoint, "set endpoint for once")
-	BCCmd.PersistentFlags().BoolVar(&config.IsInsecure, "insecure",
-		false, "connect endpoint with insecure option")
+	BCCmd.PersistentFlags().BoolVar(&config.Insecure, "insecure", config.Insecure,
+		"insecure connection for once")
 }
 
 // GetChainMeta gets block chain metadata
 func GetChainMeta() (*iotextypes.ChainMeta, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return nil, err
 	}

cli/ioctl/cmd/bc/bcblock.go

@@ -84,7 +84,7 @@ func getBlock(args []string) (string, error) {
 
 // GetBlockMetaByHeight gets block metadata by height
 func GetBlockMetaByHeight(height uint64) (*iotextypes.BlockMeta, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return nil, err
 	}
@@ -115,7 +115,7 @@ func GetBlockMetaByHeight(height uint64) (*iotextypes.BlockMeta, error) {
 
 // GetBlockMetaByHash gets block metadata by hash
 func GetBlockMetaByHash(hash string) (*iotextypes.BlockMeta, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return nil, err
 	}

cli/ioctl/cmd/config/config.go

@@ -43,16 +43,17 @@ var ConfigCmd = &cobra.Command{
 
 // Config defines the config schema
 type Config struct {
-	Endpoint string            `yaml:"endpoint"`
-	Wallet   string            `yaml:"wallet"`
-	Aliases  map[string]string `yaml:"aliases"`
+	Wallet        string            `yaml:"wallet"`
+	Endpoint      string            `yaml:"endpoint"`
+	SecureConnect bool              `yaml:"secureConnect"`
+	Aliases       map[string]string `yaml:"aliases"`
 }
 
 var (
 	// ReadConfig represents the current config read from local
 	ReadConfig Config
-	// IsInsecure represents the connect option of grpc dial
-	IsInsecure bool
+	// Insecure represents the insecure connect option of grpc dial, default is false
+	Insecure = false
 )
 
 func init() {
@@ -63,19 +64,22 @@ func init() {
 	DefaultConfigFile = ConfigDir + "/config.default"
 	var err error
 	ReadConfig, err = LoadConfig()
-	if err != nil || ReadConfig.Wallet == "" {
-		if !os.IsNotExist(err) || ReadConfig.Wallet == "" {
-			ReadConfig.Wallet = ConfigDir
-			out, err := yaml.Marshal(&ReadConfig)
-			if err != nil {
-				log.L().Panic(err.Error())
-			}
-			if err := ioutil.WriteFile(DefaultConfigFile, out, 0600); err != nil {
-				log.L().Panic(fmt.Sprintf("Failed to write to config file %s.", DefaultConfigFile))
-			}
-		} else {
+	if err != nil || len(ReadConfig.Wallet) == 0 {
+		if err != nil && !os.IsNotExist(err) {
+			log.L().Panic(err.Error()) // Config file exists but error occurs
+		}
+		ReadConfig.Wallet = ConfigDir
+		if os.IsNotExist(err) {
+			ReadConfig.SecureConnect = true
+		}
+		out, err := yaml.Marshal(&ReadConfig)
+		if err != nil {
 			log.L().Panic(err.Error())
 		}
+		if err := ioutil.WriteFile(DefaultConfigFile, out, 0600); err != nil {
+			log.L().Panic(fmt.Sprintf("Failed to write to config file %s.", DefaultConfigFile))
+		}
+
 	}
 	ConfigCmd.AddCommand(configGetCmd)
 	ConfigCmd.AddCommand(configSetCmd)

cli/ioctl/cmd/config/configsetget.go

@@ -62,6 +62,11 @@ var configSetCmd = &cobra.Command{
 	},
 }
 
+func init() {
+	configSetCmd.Flags().BoolVar(&Insecure, "insecure", false,
+		"set insecure connection as default")
+}
+
 // Get gets config variable
 func Get(arg string) (string, error) {
 	switch arg {
@@ -71,10 +76,10 @@ func Get(arg string) (string, error) {
 		if ReadConfig.Endpoint == "" {
 			return "", ErrEmptyEndpoint
 		}
-		return ReadConfig.Endpoint, nil
+		return fmt.Sprint(ReadConfig.Endpoint, "    secure connect(TLS):",
+			ReadConfig.SecureConnect), nil
 	case "wallet":
 		return ReadConfig.Wallet, nil
-
 	}
 }
 
@@ -85,9 +90,9 @@ func set(args []string) (string, error) {
 		return "", ErrConfigNotMatch
 	case "endpoint":
 		ReadConfig.Endpoint = args[1]
+		ReadConfig.SecureConnect = !Insecure
 	case "wallet":
 		ReadConfig.Wallet = args[1]
-
 	}
 	out, err := yaml.Marshal(&ReadConfig)
 	if err != nil {

cli/ioctl/cmd/node/node.go

@@ -18,11 +18,13 @@ var NodeCmd = &cobra.Command{
 	Args:  cobra.ExactArgs(1),
 }
 
+var insecure bool
+
 func init() {
 	NodeCmd.AddCommand(nodeDelegateCmd)
 	NodeCmd.AddCommand(nodeRewardCmd)
 	NodeCmd.PersistentFlags().StringVar(&config.ReadConfig.Endpoint, "endpoint",
 		config.ReadConfig.Endpoint, "set endpoint for once")
-	NodeCmd.PersistentFlags().BoolVar(&config.IsInsecure, "insecure",
-		false, "connect endpoint with insecure option")
+	NodeCmd.PersistentFlags().BoolVar(&config.Insecure, "insecure", config.Insecure,
+		"insecure connection for once")
 }

cli/ioctl/cmd/node/nodedelegate.go

@@ -69,7 +69,7 @@ func delegates() (string, error) {
 		}
 		epochNum = chainMeta.Epoch.Num
 	}
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}
@@ -126,7 +126,7 @@ func nextDelegates() (string, error) {
 		return "", err
 	}
 	epochNum = chainMeta.Epoch.Num + 1
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}

cli/ioctl/cmd/node/nodereward.go

@@ -43,7 +43,7 @@ var nodeRewardCmd = &cobra.Command{
 }
 
 func rewardPool() (string, error) {
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}
@@ -92,7 +92,7 @@ func reward(args []string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}

cli/ioctl/cmd/version/version.go

@@ -35,11 +35,13 @@ var VersionCmd = &cobra.Command{
 	},
 }
 
+var insecure bool
+
 func init() {
 	VersionCmd.PersistentFlags().StringVar(&config.ReadConfig.Endpoint, "endpoint",
 		config.ReadConfig.Endpoint, "set endpoint for once")
-	VersionCmd.PersistentFlags().BoolVar(&config.IsInsecure, "insecure",
-		false, "connect endpoint with insecure option")
+	VersionCmd.PersistentFlags().BoolVar(&config.Insecure, "insecure", config.Insecure,
+		"insecure connection for once")
 }
 
 func version() (string, error) {
@@ -51,7 +53,7 @@ func version() (string, error) {
 		BuildTime:       ver.BuildTime,
 	}
 	fmt.Printf("Client:\n%+v\n\n", versionInfo)
-	conn, err := util.ConnectToEndpoint(config.IsInsecure)
+	conn, err := util.ConnectToEndpoint(config.ReadConfig.SecureConnect && !config.Insecure)
 	if err != nil {
 		return "", err
 	}

cli/ioctl/util/util.go

@@ -30,12 +30,12 @@ const (
 )
 
 // ConnectToEndpoint starts a new connection
-func ConnectToEndpoint(isInsecure bool) (*grpc.ClientConn, error) {
+func ConnectToEndpoint(secure bool) (*grpc.ClientConn, error) {
 	endpoint := config.ReadConfig.Endpoint
 	if endpoint == "" {
 		return nil, fmt.Errorf(`use "ioctl config set endpoint" to config endpoint first`)
 	}
-	if isInsecure {
+	if !secure {
 		return grpc.Dial(endpoint, grpc.WithInsecure())
 	}
 	return grpc.Dial(endpoint, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})))