new-vault wip

fluencelabs · Feb 21, 2024 · cd0a858 · cd0a858
1 parent 33e3ce0
commit cd0a858
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 7 deletions.
diff --git a/particle-execution/src/lib.rs b/particle-execution/src/lib.rs
@@ -7,7 +7,7 @@ pub use particle_function::{
     ParticleFunctionStatic, ServiceFunction, ServiceFunctionImmut, ServiceFunctionMut,
 };
 pub use particle_params::ParticleParams;
-pub use particle_vault::{ParticleVault, VaultError, VIRTUAL_PARTICLE_VAULT_PREFIX};
+pub use particle_vault::{ParticleVault, VaultError, VIRTUAL_PARTICLE_HOST_VAULT_PREFIX};
 
 mod function_outcome;
 mod particle_function;

diff --git a/particle-execution/src/particle_vault.rs b/particle-execution/src/particle_vault.rs
@@ -22,12 +22,15 @@ use std::path::{Path, PathBuf};
 use thiserror::Error;
 
 use fs_utils::create_dir;
+use types::peer_scope::PeerScope;
 
 use crate::ParticleParams;
 use crate::VaultError::WrongVault;
 use VaultError::{CleanupVault, CreateVault, InitializeVault};
 
-pub const VIRTUAL_PARTICLE_VAULT_PREFIX: &str = "/tmp/vault";
+// TODO: how to make read-only for workers?
+pub const VIRTUAL_PARTICLE_HOST_VAULT_PREFIX: &str = "/tmp/vault";
+pub const VIRTUAL_PARTICLE_WORKER_VAULT_PREFIX: &str = "/tmp/worker_vault";
 
 #[derive(Debug, Clone)]
 pub struct ParticleVault {
@@ -46,7 +49,7 @@ impl ParticleVault {
 
     /// Returns Particle File Vault path on Marine's filesystem (ie how it would look like inside service)
     pub fn virtual_particle_vault(&self, particle_id: &str) -> PathBuf {
-        Path::new(VIRTUAL_PARTICLE_VAULT_PREFIX).join(particle_id)
+        Path::new(VIRTUAL_PARTICLE_HOST_VAULT_PREFIX).join(particle_id)
     }
 
     pub async fn initialize(&self) -> Result<(), VaultError> {
@@ -57,6 +60,13 @@ impl ParticleVault {
         Ok(())
     }
 
+    pub async fn initialize_scoped(&self, peer_scope: &PeerScope) -> Result<(), VaultError> {
+        match peer_scope {
+            PeerScope::Host => self.initialize().await,
+            PeerScope::WorkerId(_worker_id) => {}
+        }
+    }
+
     pub fn create(&self, particle: &ParticleParams) -> Result<(), VaultError> {
         let path = self.particle_vault(&particle.id);
         create_dir(path).map_err(CreateVault)?;
@@ -164,19 +174,28 @@ impl ParticleVault {
 
     /// Map `vault_dir` to `/tmp/vault` inside the service.
     /// Particle File Vaults will be available as `/tmp/vault/$particle_id`
-    pub fn inject_vault(&self, module: &mut ModuleDescriptor) {
+    pub fn inject_vault(&self, peer_scope: &PeerScope, module: &mut ModuleDescriptor) {
         let wasi = &mut module.config.wasi;
         if wasi.is_none() {
             *wasi = Some(MarineWASIConfig::default());
         }
         // SAFETY: set wasi to Some in the code above
         let wasi = wasi.as_mut().unwrap();
 
+        // TODO: host path
         let vault_dir = self.vault_dir.to_path_buf();
 
         wasi.preopened_files.insert(vault_dir.clone());
         wasi.mapped_dirs
-            .insert(VIRTUAL_PARTICLE_VAULT_PREFIX.into(), vault_dir);
+            .insert(VIRTUAL_PARTICLE_HOST_VAULT_PREFIX.into(), vault_dir);
+        if let PeerScope::WorkerId(_worker_id) = peer_scope {
+            // TODO: worker path
+            let worker_vault_dir = self.vault_dir.to_path_buf();
+            wasi.mapped_dirs.insert(
+                VIRTUAL_PARTICLE_WORKER_VAULT_PREFIX.into(),
+                worker_vault_dir,
+            );
+        }
     }
 }
 

diff --git a/particle-services/src/app_services.rs b/particle-services/src/app_services.rs
@@ -933,7 +933,7 @@ impl ParticleAppServices {
     ) -> Result<Option<Arc<Service>>, ServiceError> {
         let creation_start_time = Instant::now();
         let service = self
-            .create_app_service(blueprint_id.clone(), service_id.clone())
+            .create_app_service(&peer_scope, blueprint_id.clone(), service_id.clone())
             .inspect_err(|_| {
                 if let Some(metrics) = self.metrics.as_ref() {
                     metrics.observe_created_failed();
@@ -993,13 +993,14 @@ impl ParticleAppServices {
 
     fn create_app_service(
         &self,
+        peer_scope: &PeerScope,
         blueprint_id: String,
         service_id: String,
     ) -> Result<AppService, ServiceError> {
         let mut modules_config = self.modules.resolve_blueprint(&blueprint_id)?;
         modules_config
             .iter_mut()
-            .for_each(|module| self.vault.inject_vault(module));
+            .for_each(|module| self.vault.inject_vault(peer_scope, module));
 
         let app_config = AppServiceConfig {
             service_working_dir: self.config.workdir.join(&service_id),