Don't use keymanager to register w3s keys with Teku (#1530)

ethd

@@ -1466,8 +1466,8 @@ __i_haz_web3signer() {
     fi
 
     var="WEB3SIGNER"
-    value=$(sed -n -e "s/^${var}=\(.*\)/\1/p" ".env" || true)
-    if [ ! "${value}" = "true" ]; then
+    __w3s=$(sed -n -e "s/^${var}=\(.*\)/\1/p" ".env" || true)
+    if [ ! "${__w3s}" = "true" ]; then
         return
     fi
 
@@ -1571,6 +1571,7 @@ keys() {
     fi
 
     __i_haz_web3signer
+    __command="${1:-}"
 
     __owner_uid=$(id -u "${OWNER}")
     if [ "${1:-}" = "import" ]; then
@@ -1770,6 +1771,20 @@ keys() {
         #__i_haz_keys_service
         docompose run --rm -e OWNER_UID="${__owner_uid}" validator-keys "$@"
     fi
+    var="COMPOSE_FILE"
+    value=$(sed -n -e "s/^${var}=\(.*\)/\1/p" ".env" || true)
+
+    if [ "${__command}" = "import" ] || [ "${__command}" = "register" ] || [ "${__command}" = "delete" ]; then
+        # I do mean to match literally
+        # shellcheck disable=SC2076
+        if [[ "${__w3s}" = "true" ]] && [[ "${value}" =~ "teku.yml" ]]; then
+            echo "Sending SIGHUP to Teku to load web3signer keys"
+            docompose exec consensus kill -SIGHUP 1
+        elif [[ "${__w3s}" = "true" ]] && [[ "${value}" =~ "teku-vc-only.yml" ]]; then
+            echo "Sending SIGHUP to Teku to load web3signer keys"
+            docompose exec validator kill -SIGHUP 1
+        fi
+    fi
 }
 
 keyimport() {

teku.yml

@@ -134,6 +134,7 @@ services:
       - KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-}
       - KEY_API_PORT=${KEY_API_PORT:-7500}
       - WEB3SIGNER=${WEB3SIGNER:-false}
+      - W3S_NOREG=true
       - CL_NODE=${CL_NODE}
     depends_on:
       - consensus

vc-utils/keymanager.sh

@@ -444,8 +444,8 @@ validator-delete() {
                 exit 1
                 ;;
         esac
-        # Remove remote registration
-        if [ "${WEB3SIGNER}" = "true" ]; then
+        # Remove remote registration, but not for Teku
+        if [ -z "${W3S_NOREG+x}" ] && [ "${WEB3SIGNER}" = "true" ]; then
             __api_container=${__vc_api_container}
             __api_port=${__vc_api_port}
             __api_tls=${__vc_api_tls}
@@ -483,6 +483,8 @@ validator-delete() {
                     exit 1
                     ;;
             esac
+        else
+            echo "This client loads web3signer keys at startup, no registration to remove."
         fi
     done
 }
@@ -494,7 +496,8 @@ validator-import() {
 
     __num_dirs=$(find /validator_keys -maxdepth 1 -type d -name '0x*' | wc -l)
     if [ "$__pass" -eq 1 ] && [ "$__num_dirs" -gt 0 ]; then
-        echo "Found $__num_dirs directories starting with 0x. If these are from eth2-val-tools, please copy the keys and secrets directories into .eth/validator_keys instead."
+        echo "Found $__num_dirs directories starting with 0x. If these are from eth2-val-tools, please copy the keys \
+and secrets directories into .eth/validator_keys instead."
         echo
     fi
 
@@ -705,8 +708,8 @@ validator-import() {
                 exit 1
                 ;;
         esac
-        # Add remote registration
-        if [ "${WEB3SIGNER}" = "true" ]; then
+        # Add remote registration, but not for Teku
+        if [ -z "${W3S_NOREG+x}" ] && [ "${WEB3SIGNER}" = "true" ]; then
             __api_container=${__vc_api_container}
             __api_port=${__vc_api_port}
             __api_tls=${__vc_api_tls}
@@ -754,6 +757,8 @@ validator-import() {
                     exit 1
                     ;;
             esac
+        else
+            echo "This client loads web3signer keys at startup, skipping registration via keymanager."
         fi
         echo
     done < <(find "$__key_root_dir" -maxdepth "$__depth" -name '*keystore*.json')
@@ -784,6 +789,11 @@ validator-register() {
         exit 1
     fi
 
+    if [ "${W3S_NOREG:-false}" = "true" ]; then
+        echo "This client loads web3signer keys at startup, skipping registration via keymanager."
+        exit 0
+    fi
+
     __api_path=eth/v1/keystores
     __token=NIL
     __vc_api_container=${__api_container}