feat: add oasis rofl set-admin

Author: uniyalabhishek

cmd/rofl/machine/mgmt.go

@@ -113,9 +113,10 @@ var (
 	}
 
 	changeAdminCmd = &cobra.Command{
-		Use:   "change-admin [<machine-name> | <provider-address>:<machine-id>] <new-admin>",
-		Short: "Change the machine administrator",
-		Args:  cobra.RangeArgs(1, 2),
+		Use:     "change-admin [<machine-name> | <provider-address>:<machine-id>] <new-admin>",
+		Short:   "Change the machine administrator",
+		Aliases: []string{"set-admin"},
+		Args:    cobra.RangeArgs(1, 2),
 		Run: func(_ *cobra.Command, args []string) {
 			txCfg := common.GetTransactionConfig()
 			mCfg, err := resolveMachineCfg(args, &roflCommon.ManifestOptions{

cmd/rofl/rofl.go

@@ -29,6 +29,7 @@ func init() {
 	Cmd.AddCommand(identityCmd)
 	Cmd.AddCommand(secretCmd)
 	Cmd.AddCommand(upgradeCmd)
+	Cmd.AddCommand(setAdminCmd)
 	Cmd.AddCommand(provider.Cmd)
 	Cmd.AddCommand(machine.Cmd)
 }

cmd/rofl/set_admin.go

@@ -0,0 +1,107 @@
+package rofl
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/connection"
+	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/modules/rofl"
+
+	buildRofl "github.com/oasisprotocol/cli/build/rofl"
+	"github.com/oasisprotocol/cli/cmd/common"
+	roflCommon "github.com/oasisprotocol/cli/cmd/rofl/common"
+	cliConfig "github.com/oasisprotocol/cli/config"
+)
+
+var setAdminCmd = &cobra.Command{
+	Use:     "set-admin <new-admin>",
+	Short:   "Change the administrator of the application in ROFL",
+	Aliases: []string{"change-admin"},
+	Args:    cobra.ExactArgs(1),
+	Run: func(_ *cobra.Command, args []string) {
+		txCfg := common.GetTransactionConfig()
+
+		manifest, deployment, npa := roflCommon.LoadManifestAndSetNPA(&roflCommon.ManifestOptions{
+			NeedAppID: true,
+			NeedAdmin: true,
+		})
+
+		var appID rofl.AppID
+		if err := appID.UnmarshalText([]byte(deployment.AppID)); err != nil {
+			cobra.CheckErr(fmt.Errorf("malformed ROFL app ID: %w", err))
+		}
+
+		npa.MustHaveAccount()
+		npa.MustHaveParaTime()
+
+		if deployment.Policy == nil {
+			cobra.CheckErr("no policy configured in the manifest")
+		}
+
+		oldAdminAddr, _, err := common.ResolveLocalAccountOrAddress(npa.Network, deployment.Admin)
+		if err != nil {
+			cobra.CheckErr(fmt.Errorf("bad current administrator address: %w", err))
+		}
+
+		newAdminAddr, newAdminEthAddr, err := common.ResolveLocalAccountOrAddress(npa.Network, args[0])
+		if err != nil {
+			cobra.CheckErr(fmt.Errorf("invalid new admin address: %w", err))
+		}
+
+		if *oldAdminAddr == *newAdminAddr {
+			fmt.Println("New admin is the same as the current admin, nothing to do.")
+			return
+		}
+
+		// When not in offline mode, connect to the given network endpoint.
+		ctx := context.Background()
+		var conn connection.Connection
+		if !txCfg.Offline {
+			conn, err = connection.Connect(ctx, npa.Network)
+			cobra.CheckErr(err)
+		}
+
+		newAdminStr := newAdminAddr.String()
+		if newAdminEthAddr != nil {
+			newAdminStr = newAdminEthAddr.Hex()
+		}
+
+		fmt.Printf("App ID:    %s\n", deployment.AppID)
+		fmt.Printf("Old admin: %s\n", common.PrettyAddress(oldAdminAddr.String()))
+		fmt.Printf("New admin: %s\n", common.PrettyAddress(newAdminStr))
+
+		secrets := buildRofl.PrepareSecrets(deployment.Secrets)
+
+		tx := rofl.NewUpdateTx(nil, &rofl.Update{
+			ID:       appID,
+			Policy:   *deployment.Policy.AsDescriptor(),
+			Admin:    newAdminAddr,
+			Metadata: manifest.GetMetadata(roflCommon.DeploymentName),
+			Secrets:  secrets,
+		})
+
+		acc := common.LoadAccount(cliConfig.Global(), npa.AccountName)
+		sigTx, meta, err := common.SignParaTimeTransaction(ctx, npa, acc, conn, tx, nil)
+		cobra.CheckErr(err)
+
+		if !common.BroadcastOrExportTransaction(ctx, npa, conn, sigTx, meta, nil) {
+			return
+		}
+
+		// Transaction succeeded — update the manifest with the new admin.
+		deployment.Admin = args[0]
+		if err = manifest.Save(); err != nil {
+			cobra.CheckErr(fmt.Errorf("failed to update manifest: %w", err))
+		}
+
+		fmt.Printf("ROFL app admin changed to %s.\n", common.PrettyAddress(newAdminStr))
+	},
+}
+
+func init() {
+	common.AddAccountFlag(setAdminCmd)
+	setAdminCmd.Flags().AddFlagSet(common.RuntimeTxFlags)
+	setAdminCmd.Flags().AddFlagSet(roflCommon.DeploymentFlags)
+}

docs/rofl.md

@@ -198,6 +198,24 @@ The current on-chain policy, metadata and secrets will be replaced with the ones
 in the manifest file. Keep in mind that ROFL replicas need to be restarted in
 order for changes to take effect.
 
+## Change ROFL app administrator {#set-admin}
+
+Run `rofl set-admin` to transfer ownership of a ROFL app to a new
+administrator. The transaction is signed by the current admin and, on success,
+the manifest is updated with the new admin.
+
+![code shell](../examples/rofl/set-admin.in.static)
+
+:::info ROFL admin vs machine admin
+
+The **ROFL app admin** (changed via `oasis rofl set-admin`) owns the
+application — transfer ownership, upgrades, policy changes, removal.
+The **machine admin** (changed via `oasis rofl machine change-admin`) manages
+an individual machine instance — execution, restarts, stops.
+These are independent roles.
+
+:::
+
 ## Show ROFL information {#show}
 
 Run `rofl show` to obtain the information from the network on the ROFL admin

examples/rofl/set-admin.in.static

@@ -0,0 +1 @@
+oasis rofl set-admin <new-admin>