Acloud over secure webrtc openssl command implementation.
Use openssl tool instead of mkcert.
Bug: 214337220
Test: acloud-dev create
acloud-dev create --local-image
acloud-dev create --local-instance
acloud-dev create --local-instance --local-image
acloud-dev setup
Change-Id: I01ea06b2ee30b69683f645c4b0b1b2f0d365d9cd
diff --git a/setup/host_setup_runner.py b/setup/host_setup_runner.py
index e6b4dc2..fef6b41 100644
--- a/setup/host_setup_runner.py
+++ b/setup/host_setup_runner.py
@@ -32,6 +32,7 @@
from acloud.internal.lib import utils
from acloud.setup import base_task_runner
from acloud.setup import setup_common
+from acloud.setup import mkcert
logger = logging.getLogger(__name__)
@@ -46,17 +47,6 @@
"yes | sudo mk-build-deps -i -r -B",
"dpkg-buildpackage -uc -us",
"sudo apt-get install -y -f ../cuttlefish-common_*_amd64.deb"]
-_MKCERT_URL = "https://github.com/FiloSottile/mkcert"
-_MKCERT_VERSION = "v1.4.3"
-_MKCERT_INSTALL_PATH = os.path.join(os.path.expanduser("~"), ".config",
- constants.TOOL_NAME, "mkcert")
-_MKCERT_CAROOT_CMD = "%s/mkcert -install" % _MKCERT_INSTALL_PATH
-_MKCERT_DOWNLOAD_CMD = ("wget -O %(mkcert_install_path)s/mkcert "
- "%(mkcert_url)s/releases/download/"
- "%(mkcert_ver)s/mkcert-%(mkcert_ver)s-linux-amd64" %
- {"mkcert_install_path": _MKCERT_INSTALL_PATH,
- "mkcert_url": _MKCERT_URL,
- "mkcert_ver": _MKCERT_VERSION})
class BasePkgInstaller(base_task_runner.BaseTaskRunner):
@@ -160,49 +150,44 @@
shutil.rmtree(os.path.dirname(cf_common_path))
logger.info("Cuttlefish-common package installed now.")
-class MkcertPkgInstaller(base_task_runner.BaseTaskRunner):
- """Subtask base runner class for installing mkcert."""
- WELCOME_MESSAGE_TITLE = "Install mkcert package on the host"
- WELCOME_MESSAGE = ("This step will walk you through the mkcert "
- "package installation to your host for "
- "assuring a secure localhost url connection "
- "when launching an AVD over webrtc")
+class LocalCAHostSetup(base_task_runner.BaseTaskRunner):
+ """Subtask class that setup host for setup local CA."""
+
+ WELCOME_MESSAGE_TITLE = "Local CA Host Environment Setup"
+ WELCOME_MESSAGE = ("This step will walk you through the local CA setup "
+ "to your host for assuring a secure localhost url "
+ "connection when launching an AVD over webrtc.")
def ShouldRun(self):
- """Check if mkcert package is installed.
+ """Check if the local CA is setup or not.
Returns:
- Boolean, True if mkcert is not installed.
+ Boolean, True if local CA is ready.
"""
if not utils.IsSupportedPlatform():
return False
- if not os.path.exists(os.path.join(_MKCERT_INSTALL_PATH, "mkcert")):
- return True
- return False
+ return not mkcert.IsRootCAReady()
def _Run(self):
- """Install mkcert packages."""
- if not utils.GetUserAnswerYes("\nStart to install mkcert :\n%s"
+ """Setup host environment for the local CA."""
+ if not utils.GetUserAnswerYes("\nStart to setup the local CA:\n"
"\nEnter 'y' to continue, otherwise N or "
- "enter to exit: " % _MKCERT_DOWNLOAD_CMD):
+ "enter to exit: "):
sys.exit(constants.EXIT_BY_USER)
- if not os.path.isdir(_MKCERT_INSTALL_PATH):
- os.mkdir(_MKCERT_INSTALL_PATH)
- setup_common.CheckCmdOutput(_MKCERT_DOWNLOAD_CMD, shell=True)
- utils.SetExecutable(os.path.join(_MKCERT_INSTALL_PATH, "mkcert"))
- utils.CheckOutput(_MKCERT_CAROOT_CMD, shell=True)
- logger.info("Mkcert package is installed at \"%s\" now.",
- _MKCERT_INSTALL_PATH)
+ mkcert.Install()
+ logger.info("The local CA '%s.pem' is installed now.",
+ constants.SSL_CA_NAME)
+
class CuttlefishHostSetup(base_task_runner.BaseTaskRunner):
"""Subtask class that setup host for cuttlefish."""
- WELCOME_MESSAGE_TITLE = "Host Enviornment Setup"
+ WELCOME_MESSAGE_TITLE = "Host Environment Setup"
WELCOME_MESSAGE = (
- "This step will help you to setup enviornment for running Android "
+ "This step will help you to setup environment for running Android "
"cuttlefish devices on your host. That includes adding user to kvm "
"related groups and checking required linux modules."
)