docs(validator-info): clarify ACLs for extra metrics

design/validator_info.md

@@ -65,14 +65,19 @@ This file is updated by node once a minute and contains following information:
 ```
 
 ## Modification - New Read Command
-Validator_info accessible as read command, available for Steward and Trustee. New command VALIDATOR_INFO provide info from
-all the connected nodes without need of consensus (similar to force=True flag in upgrade cmd).
+Validator_info is accessible as an authenticated read command for Trustee, Steward, and Network Monitor roles.
+The VALIDATOR_INFO command provides info from all the connected nodes without need of consensus
+(similar to force=True flag in upgrade cmd).
 Command allow requesting all parameters or some subset of parameters.
 
 The client sends a command with some parameters to each node. There are only one parameter now - node alias for get its info. But parameters list will expanded later.
 After receiving the request, each node get data from its field, and then sends the Json result without compression to the client.
 The client should not wait for the consensus of the all node, but should handle the response from each node separately.
 
+The local `validator-info` command on the node and the authenticated `get-validator-info`
+transaction are expected to expose the same additional metrics set. Access to the remote
+transaction is controlled through the auth rules for `VALIDATOR_INFO`.
+
 For reference: [INDY-1184](https://jira.hyperledger.org/browse/INDY-1184)
 
 

docs/source/requests.md

@@ -4381,7 +4381,9 @@ The command to restart all nodes at the time specified in field "datetime"(sent
 ```
 
 ### VALIDATOR_INFO
-Command provide info from all the connected nodes without need of consensus.
+Authenticated command that provides info from all the connected nodes without need of consensus.
+By default it is available to Trustee, Steward, and Network Monitor roles through the
+`VALIDATOR_INFO` auth rule.
 
 *Request Example*:
 ```

docs/source/troubleshooting.md

@@ -41,7 +41,7 @@ However if more than _f_ nodes become affected then pool will not be able to do
 
 Most useful places get info are the following:
 - [Indy CLI](https://github.com/hyperledger/indy-sdk/tree/master/cli) can be used for sending read and write requests to pool, as well as checking general connectivity.
-- Either VALIDATOR_INFO command sent through Indy CLI (in case of Sovrin network you'll need to have keys for priveleged DID to do so), or [validator-info](https://github.com/hyperledger/indy-node/blob/master/design/validator_info.md) script run on validator node.
+- Either the authenticated VALIDATOR_INFO command sent through Indy CLI (by default available to Trustee, Steward, and Network Monitor DIDs), or the local [validator-info](https://github.com/hyperledger/indy-node/blob/master/design/validator_info.md) script run on the validator node.
   These tools provide important information like how many nodes are connected to each other, when last write happened (due to freshness check it should happen at least once per 5 minutes), whether a view change is in progress now or other important data, which is useful to assess pool current health and can be a starting point for further investigation, when needed.
 - `journalctl` logs can be useful because they contain tracebacks of indy-node crashes, if they happened, and these logs are really easy to check.
   Sometime crashes can be due to some bugs in code, but also they can be caused by insufficient resource (either memory or disk space), and if this is the case `journalctl` logs can provide a quick answer.

indy_node/test/validator_info/test_validator_info_handler.py

@@ -36,3 +36,39 @@ def _comparison_reply(resp, req_obj):
     assert resp.result[DATA] is not None
 
 
+def test_validator_info_handler_includes_authenticated_extra_metrics(monkeypatch,
+                                                                     sdk_wallet_trustee,
+                                                                     txnPoolNodeSet,
+                                                                     looper):
+    op = {
+        TXN_TYPE: VALIDATOR_INFO
+    }
+    req_obj = sdk_gen_request(op, identifier=sdk_wallet_trustee[1])
+    req_obj.signature = "signature"
+
+    expected_software = {"Software": {"indy-node": "test-version"}}
+    expected_extractions = {"Extractions": {"cpu": "details"}}
+    expected_disk = {"Disk": {"node": "100G"}}
+
+    node = txnPoolNodeSet[0]
+    info_tool = node._info_tool
+    monkeypatch.setattr(info_tool, "info", {"Node_info": {"Name": "Alpha"}})
+    monkeypatch.setattr(info_tool, "_generate_software_info", lambda: expected_software)
+    monkeypatch.setattr(info_tool, "extractions", expected_extractions)
+    monkeypatch.setattr(info_tool, "node_disk_size", expected_disk)
+
+    def is_ack(req_key, frm):
+        assert (req_obj.identifier, req_obj.reqId) == req_key
+
+    def is_reply_correct(resp, frm):
+        _comparison_reply(resp, req_obj)
+        assert resp.result[DATA]["Node_info"]["Name"] == "Alpha"
+        assert resp.result[DATA]["Software"] == expected_software["Software"]
+        assert resp.result[DATA]["Extractions"] == expected_extractions["Extractions"]
+        assert resp.result[DATA]["Disk"] == expected_disk["Disk"]
+        assert resp.result[DATA]["Memory_profiler"] == []
+
+    monkeypatch.setattr(node, 'transmitToClient', is_reply_correct)
+    monkeypatch.setattr(node, 'send_ack_to_client', is_ack)
+    node.process_action(req_obj, None)
+