Merge service binaries into a single binary.

Cargo.toml

@@ -2,6 +2,8 @@
 members = [
 	"aziot",
 
+	"aziotd",
+
 	"cert/aziot-cert-client-async",
 	"cert/aziot-cert-common",
 	"cert/aziot-cert-common-http",
@@ -25,6 +27,7 @@ members = [
 	"key/aziot-key-openssl-engine",
 	"key/aziot-key-openssl-engine-shared",
 	"key/aziot-keys",
+	"key/aziot-keys-common",
 
 	"openssl2",
 	"openssl-build",

Makefile

@@ -87,13 +87,20 @@ default:
 			$(BINDGEN_EXTRA_FLAGS); \
 		mv key/aziot-keyd/src/keys.generated.rs.tmp key/aziot-keyd/src/keys.generated.rs; \
 	fi
+
+	# aziot-keys must be built before aziot-keyd is, because aziot-keyd needs to link to it.
+	# But we can't do this with Cargo dependencies because of a cargo issue that causes spurious rebuilds.
+	# So instead we do it manually.
+	#
+	# See the doc header of the aziot-keys-common crate for more info.
+	$(CARGO) build \
+		-p aziot-keys \
+		$(CARGO_PROFILE) --target $(CARGO_TARGET) $(CARGO_VERBOSE)
+
 	$(CARGO) build \
 		-p aziot \
-		-p aziot-certd \
-		-p aziot-identityd \
-		-p aziot-keyd \
+		-p aziotd \
 		-p aziot-key-openssl-engine-shared \
-		-p aziot-keys \
 		$(CARGO_PROFILE) --target $(CARGO_TARGET) $(CARGO_VERBOSE)
 
 
@@ -145,7 +152,7 @@ test: default iotedged pkcs11-test
 test: target/openapi-schema-validated
 test:
 	set -o pipefail; \
-	$(CARGO) test --all --exclude aziot-key-openssl-engine-shared \
+	$(CARGO) test --all --exclude aziot-key-openssl-engine-shared --exclude aziot-keys \
 		$(CARGO_PROFILE) --target $(CARGO_TARGET) $(CARGO_VERBOSE) 2>&1 | \
 		grep -v 'running 0 tests' | grep -v '0 passed; 0 failed' | grep '.'
 
@@ -168,7 +175,7 @@ test:
 	$(CARGO) clippy --all --exclude aziot-key-openssl-engine-shared --tests $(CARGO_PROFILE) --target $(CARGO_TARGET) $(CARGO_VERBOSE)
 	$(CARGO) clippy --all --examples $(CARGO_PROFILE) --target $(CARGO_TARGET) $(CARGO_VERBOSE)
 
-	$(CARGO) fmt --all $(CARGO_VERBOSE) -- --check
+	$(CARGO) fmt --all -- --check
 
 	find . -name 'Makefile' -or -name '*.c' -or -name '*.md' -or -name '*.rs' -or -name '*.toml' -or -name '*.txt' | \
 		grep -v '^\./target/' | \
@@ -203,7 +210,7 @@ dist:
 
 	# Copy source files
 	cp -R \
-		./aziot ./cert ./http-common ./identity ./iotedged ./key ./openssl-build ./openssl-sys2 ./openssl2 ./pkcs11 \
+		./aziot ./aziotd ./cert ./http-common ./identity ./iotedged ./key ./openssl-build ./openssl-sys2 ./openssl2 ./pkcs11 \
 		/tmp/aziot-identity-service-$(PACKAGE_VERSION)
 	cp ./Cargo.toml ./Cargo.lock ./CODE_OF_CONDUCT.md ./CONTRIBUTING.md ./LICENSE ./Makefile ./README.md ./rust-toolchain ./SECURITY.md /tmp/aziot-identity-service-$(PACKAGE_VERSION)
 
@@ -292,18 +299,25 @@ install-common:
 	# Ref: https://www.gnu.org/software/make/manual/html_node/DESTDIR.html
 
 	# Binaries
-	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/aziot-certd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-certd
-	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/aziot-keyd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-keyd
-	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/aziot-identityd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-identityd
+	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/aziotd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziotd
+	ln -s $(libexecdir)/aziot-identity-service/aziotd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-certd
+	ln -s $(libexecdir)/aziot-identity-service/aziotd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-identityd
+	ln -s $(libexecdir)/aziot-identity-service/aziotd $(DESTDIR)$(libexecdir)/aziot-identity-service/aziot-keyd
+
 	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/aziot $(DESTDIR)$(bindir)/aziot
 
 	# libaziot-keys
 	$(INSTALL_PROGRAM) -D target/$(CARGO_TARGET)/$(CARGO_PROFILE_DIRECTORY)/libaziot_keys.so $(DESTDIR)$(libdir)/libaziot_keys.so
 
-	# Default configs
+	# Default configs and config directories
 	$(INSTALL_DATA) -D cert/aziot-certd/config/unix/default.toml $(DESTDIR)$(sysconfdir)/aziot/certd/config.toml.default
+	$(INSTALL) -d -m 0700 $(DESTDIR)$(sysconfdir)/aziot/certd/config.d
+
 	$(INSTALL_DATA) -D identity/aziot-identityd/config/unix/default.toml $(DESTDIR)$(sysconfdir)/aziot/identityd/config.toml.default
+	$(INSTALL) -d -m 0700 $(DESTDIR)$(sysconfdir)/aziot/identityd/config.d
+
 	$(INSTALL_DATA) -D key/aziot-keyd/config/unix/default.toml $(DESTDIR)$(sysconfdir)/aziot/keyd/config.toml.default
+	$(INSTALL) -d -m 0700 $(DESTDIR)$(sysconfdir)/aziot/keyd/config.d
 
 	# Home directories
 	$(INSTALL) -d -m 0700 $(DESTDIR)$(localstatedir)/lib/aziot/certd

aziot/Cargo.toml

@@ -4,6 +4,7 @@ version = "0.1.0"
 authors = ["Azure IoT Edge Devs"]
 edition = "2018"
 
+
 [dependencies]
 backtrace = "0.3"
 base64 = "0.12"
@@ -17,7 +18,8 @@ url = "2"
 aziot-certd = { path = "../cert/aziot-certd" }
 aziot-identityd = { path = "../identity/aziot-identityd" }
 aziot-keyd = { path = "../key/aziot-keyd" }
-aziot-keys = { path = "../key/aziot-keys" }
+aziot-keys-common = { path = "../key/aziot-keys-common" }
+
 
 [dev-dependencies]
 bytes = "0.5"

aziot/src/init.rs

@@ -318,7 +318,7 @@ fn run_inner(stdin: &mut impl Reader) -> Result<RunOutput, crate::Error> {
         }
 
         if preloaded_device_id_pk_bytes.is_some() {
-            let device_id_pk_uri = aziot_keys::PreloadedKeyLocation::Filesystem {
+            let device_id_pk_uri = aziot_keys_common::PreloadedKeyLocation::Filesystem {
                 path: "/var/secrets/aziot/keyd/device-id".into(),
             };
             keyd_config
@@ -935,8 +935,8 @@ fn parse_manual_connection_string(
     ))
 }
 
-fn parse_preloaded_key_location(value: &str) -> Option<aziot_keys::PreloadedKeyLocation> {
-    match value.parse::<aziot_keys::PreloadedKeyLocation>() {
+fn parse_preloaded_key_location(value: &str) -> Option<aziot_keys_common::PreloadedKeyLocation> {
+    match value.parse::<aziot_keys_common::PreloadedKeyLocation>() {
         Ok(value) => Some(value),
 
         Err(err) => {
@@ -947,7 +947,7 @@ fn parse_preloaded_key_location(value: &str) -> Option<aziot_keys::PreloadedKeyL
                 .and_then(|value| {
                     value
                         .to_string()
-                        .parse::<aziot_keys::PreloadedKeyLocation>()
+                        .parse::<aziot_keys_common::PreloadedKeyLocation>()
                 });
             match value {
                 Ok(value) => Some(value),
@@ -1065,6 +1065,7 @@ fn write_file(
     Ok(())
 }
 
+#[cfg(debug_assertions)]
 #[cfg(test)]
 mod tests {
     struct Stdin(std::io::BufReader<std::fs::File>);

aziotd/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "aziotd"
+version = "0.1.0"
+authors = ["Azure IoT Edge Devs"]
+edition = "2018"
+
+
+[dependencies]
+backtrace = "0.3"
+env_logger = "0.8"
+hyper = "0.13"
+log = "0.4"
+serde = "1"
+tokio = { version = "0.2", features = ["macros"] }
+toml = "0.5"
+
+aziot-certd = { path = "../cert/aziot-certd" }
+aziot-identityd = { path = "../identity/aziot-identityd" }
+aziot-keyd = { path = "../key/aziot-keyd" }
+http-common = { path = "../http-common" }

aziotd/src/error.rs

@@ -0,0 +1,41 @@
+// Copyright (c) Microsoft. All rights reserved.
+
+#[derive(Debug)]
+pub(crate) struct Error(pub(crate) ErrorKind, pub(crate) backtrace::Backtrace);
+
+#[derive(Debug)]
+pub(crate) enum ErrorKind {
+    GetProcessName(std::borrow::Cow<'static, str>),
+    ReadConfig(Option<std::path::PathBuf>, Box<dyn std::error::Error>),
+    Service(Box<dyn std::error::Error>),
+}
+
+impl std::fmt::Display for ErrorKind {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            ErrorKind::GetProcessName(message) => write!(f, "could not read argv[0]: {}", message),
+            ErrorKind::ReadConfig(Some(path), _) => {
+                write!(f, "could not read config from {}", path.display())
+            }
+            ErrorKind::ReadConfig(None, _) => f.write_str("could not read config"),
+            ErrorKind::Service(_) => f.write_str("service encountered an error"),
+        }
+    }
+}
+
+impl std::error::Error for ErrorKind {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        #[allow(clippy::match_same_arms)]
+        match self {
+            ErrorKind::GetProcessName(_) => None,
+            ErrorKind::ReadConfig(_, err) => Some(&**err),
+            ErrorKind::Service(err) => Some(&**err),
+        }
+    }
+}
+
+impl From<ErrorKind> for Error {
+    fn from(err: ErrorKind) -> Self {
+        Error(err, Default::default())
+    }
+}