Concept Release (1.0) with versioned images & able out of the box to …

…run demo (#339)

* Update rocket chat

We got our own rocket chat channel! Please join us at

Signed-off-by: bur <bur@zurich.ibm.com>

* fix environment

Signed-off-by: lengyijun <sjtu5140809011@gmail.com>

* fix README.md

Signed-off-by: lengyijun <sjtu5140809011@gmail.com>

* Bump acorn from 6.4.0 to 6.4.1 in /demo/client/frontend

Bumps [acorn](https://github.com/acornjs/acorn) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](acornjs/acorn@6.4.0...6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Bump node deps

Update node deps in demo frontend/backend and docker utils

Signed-off-by: bur <bur@zurich.ibm.com>

* update CODEOWNERS (#263)

* update list

Signed-off-by: Michael Steiner <michael.steiner@intel.com>

* fixup! update list

Signed-off-by: Michael Steiner <michael.steiner@intel.com>

* disclaimer and explicit list of "official" releases

Signed-off-by: Michael Steiner <michael.steiner@intel.com>

* make avatar download a bit more robust and graceful

Signed-off-by: Michael Steiner <michael.steiner@intel.com>

* Docker dev run mounts FPC from local fs

This mounts the local FPC repository by default into a dev container
when `make run` is called. Before this was optional but turned out that
it should be the default.

Signed-off-by: bur <bur@zurich.ibm.com>

* Fix build for concept-release
- move both dev and peer to build from local HEAD commit
- (try to) minimize re-build of images
- add missing dependencies to dev container

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Version docker images

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Make FABRIC_VERSION arg/env in dockerfile consistent with vars used to get docker tag

Signed-off-by: michael steiner <michael.steiner@intel.com>

* More robust and precise handling of docker image cleanup

Signed-off-by: michael steiner <michael.steiner@intel.com>

* A more robust teardown

Signed-off-by: Michael Steiner <michael.steiner@intel.com>

* Make missing device error more explicit and make SGX_MODE=SIM default for build
- note this is already done for a number of scripts and makes it more fail-safe
  from usage-perspective (though not from security :-). Also note that cmake still
  has a HW default but that will be removed and referring to the config.mk default
  in a separate PR)

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Fix path so we can call make also via `make -C utils/docker run`

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Make rm failure abort make (Note rm -f does _not_ file if the files do not exist ..)

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Make docker-based tests run also inside dev(elopment) container
* make sure host network is also available inside
* for volume mounts, make sure the source path maps to a path
  understood by docker daemon

Signed-off-by: michael steiner <michael.steiner@intel.com>

* Build/Test only via dev container and not also directly on host

Signed-off-by: michael steiner <michael.steiner@intel.com>

Co-authored-by: bur <bur@zurich.ibm.com>
Co-authored-by: lyj <sjtu5140809011@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.travis.yml

@@ -65,7 +65,12 @@ before_install:
   - GO_TAGS=pluginsenabled make peer orderer cryptogen configtxgen && popd
 
 script:
-  # travis doesn't check out the branch itself but for our make to work we
-  # need a branch or alike. So check create a local one ...
-  - git checkout -b we-need-a-branch-for-below-to-work
-  - make
+  # * test directly on host
+  # - make all clobber
+  # NOTE: disabled as it will reach the 50 min limits. Testing inside dev container
+  # hopefully/presumably should hopefully be a super-set of the host build/test
+  #
+  # * test that it also runs properly in dev container  
+  - make -C utils/docker run DOCKER_DEV_OPTIONAL_CMD='make all clobber'
+  #   Note: travis of couse does an implicit clobber but adding it here makes sure
+  #   it works properly, also to make sure below is clean-slate

CODEOWNERS

@@ -1 +1,4 @@
-*       @mbrandenburger @bvavala @g2flyer @swetharepakula @sjanakir2015
+# SPDX-License-Identifier: Apache-2.0
+
+# FPC Maintainers
+*       @mbrandenburger @bvavala @g2flyer @jordy24

README.md

@@ -97,6 +97,16 @@ The system consists of the following components:
    ledger enclave, which crosschecks the decision before it finally commits
    the transaction to the ledger.
 
+## Releases
+
+- [Concept Release - March 2, 2020](https://github.com/hyperledger-labs/fabric-private-chaincode/tree/concept-release-1.0)
+
+*WARNING: This project is in continous development and the `master`
+ branch will not always be stable. Unless you want to actively
+ contribute to the project itself, we advice you to use one of above releases*
+
+
+
 ## Getting started
 
 The following steps guide you through the build phase and configuration, for
@@ -197,7 +207,6 @@ A few notes:
   `/dev/isgx` and your PSW daemon listens to `/var/run/aesmd`, then the docker image will be sgx-enabled and your settings from `./config/ias` will be used. You will have to manually set `SGX_MODE=HW` before building anything to use HW mode.
 * if you want additional apt packages in your container image, add to the `<absolute-project-path>/fabric-private-chaincode/config.override.mk` file in the fabric-private-chaincode directory. In that file, define `DOCKER_DEV_IMAGE_APT_ADD__PKGS` with a
   list of packages you want. They will then be automatically added to the docker image
-* docker images do not persist between runs and there are setup files that will be needed in the docker container. Therefore, map the local cloned filesystem as a volume to `/project/src/github.com/hyperledger-labs/fabric-private-chaincode` within the docker container. To achieve this, add `DOCKER_DEV_RUN_OPTS= -v <absolute-project-path>/fabric-private-chaincode:/project/src/github.com/hyperledger-labs/fabric-private-chaincode` to your `<absolute-project-path>/fabric-private-chaincode/config.override.mk`, where <absolute-project-path> is where you have cloned the FPC project on your local machine.
 * due to the way the peer's port for chaincode connection is managed,
   you will be able to run only a single FPC development container on a
   particular host.
@@ -214,6 +223,9 @@ This will open a shell inside the FPC development container, with
 environment variables like GOPATH appropriately defined and all
 dependencies like fabric built, ready to build and run FPC.
 
+Note that by default the dev container mounts your local cloned FPC project as a volume to `/project/src/github.com/hyperledger-labs/fabric-private-chaincode` within the docker container.
+This allows you to edit the content of the repository using your favorite editor in your system and the changes inside the docker container. Additionally, you are also not loosing changes inside the container when you reboot or the container gets stopped for other reasons.
+
 Optional: to do a clean build do the following within the container
 ```
 <docker-root>:project/src/github.com/hyperledger-labs/fabric-private-chaincode# make clean
@@ -377,7 +389,7 @@ The current code should work behind a proxy assuming
 If you run Ubuntu 18.04, make sure you run docker 18.09 or later. Otherwise you will run into problems with DNS resolution inside the container.
 
 You will also require a recent version of docker-compose. In particular, the docker-compose from ubuntu 18.04
-(docker-compose 1.17) is _not_ recent enough to understand `~/.docker/config.js` and related proxy options.
+(docker-compose 1.17) is _not_ recent enough to understand `~/.docker/config.json` and related proxy options.
 To upgrade, install a recent version following the instructions from [docker.com](https://docs.docker.com/compose/install/), e.g.,
 for version 1.25.4 execute
 ```
@@ -419,10 +431,10 @@ export SGX_MODE=HW
 # The attestation type is ignored when SGX_MODE=SIM is set.
 
 # IAS attestation (unlinkable)
-export FPC_ATTESTATION_TYPE = epid_unlinkable
+export FPC_ATTESTATION_TYPE=epid_unlinkable
 
 # IAS attestation (linkable)
-export FPC_ATTESTATION_TYPE = epid_linkable
+export FPC_ATTESTATION_TYPE=epid_linkable
 
 ```
 ##### Clang-format
@@ -474,7 +486,7 @@ By running the following command you can generate the documentation.
 ## Getting Help
 
 Found a bug? Need help to fix an issue? You have a great idea for a new feature? Talk to us! You can reach us on
-[RocketChat](https://chat.hyperledger.org/) in #private-data-objects. 
+[RocketChat](https://chat.hyperledger.org/) in #fabric-private-chaincode. 
 
 We also have a weekly meeting every Tuesday at 3 pm GMT on [Zoom](https://zoom.us/my/hyperledger.community.3). Please
 see the Hyperledger [community calendar](https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings) for

config.mk

@@ -10,11 +10,19 @@ DOCKER := docker $(DOCKERFLAGS)
 
 PROJECT_NAME=fabric-private-chaincode
 
-export SGX_MODE ?= HW
+export FPC_VERSION := cr1.0.1
+
+export SGX_MODE ?= SIM
 export SGX_BUILD ?= PRERELEASE
 
 export FABRIC_PATH ?= ${GOPATH}/src/github.com/hyperledger/fabric
 
+export FPC_PATH=$(abspath $(TOP))
+# to allow volume mounts from within a dev(elopment) container, 
+# below variable is used for volume mounts and can hence be
+# re-defined to point to the FPC path as seen by the docker daemon
+export DOCKERD_FPC_PATH ?= $(FPC_PATH)
+
 JAVA ?= java
 PLANTUML_JAR ?= plantuml.jar
 PLANTUML_CMD ?= $(JAVA) -jar $(PLANTUML_JAR)

demo/Makefile

@@ -7,9 +7,9 @@ include $(TOP)/build.mk
 
 SUB_DIRS = chaincode client
 
-build test clean clobber:
+build test clean:
 	$(foreach DIR, $(SUB_DIRS), $(MAKE) -C $(DIR) $@ || exit;)
 
-
 clobber:
 	./scripts/teardown.sh --clean-slate
+	$(foreach DIR, $(SUB_DIRS), $(MAKE) -C $(DIR) $@ || exit;)

demo/chaincode/fpc/Makefile

@@ -4,12 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 #ifneq ($(FPC_PATH), '')
-ifdef FPC_PATH
-	TOP = $(FPC_PATH)
-else
-	TOP = ../../../
-	export FPC_PATH = $(abspath $(TOP))
-endif
+TOP = ../../../
 
 include $(TOP)/build.mk
 
@@ -26,7 +21,7 @@ build: $(BUILD_DIR)
 	$(MAKE) --directory=$<
 
 clean:
-	-rm -rf $(BUILD_DIR)
+	rm -rf $(BUILD_DIR)
 
 
 HW_EXTENSION=$(shell if [ "${SGX_MODE}" = "HW" ]; then echo "-hw"; fi)
@@ -39,7 +34,7 @@ docker-build: clean
 		|| { cd $(TOP)/utils/docker && make cc-builder; }
 	$(DOCKER) run \
 		-u $$(id -u):$$(id -g)\
-		-v ${PWD}:/project/src/github.com/hyperledger-labs/fabric-private-chaincode/demo/chaincode/fpc\
+		-v "$(DOCKERD_FPC_PATH)/demo/chaincode/fpc":/project/src/github.com/hyperledger-labs/fabric-private-chaincode/demo/chaincode/fpc\
 		-w /project/src/github.com/hyperledger-labs/fabric-private-chaincode/demo/chaincode/fpc\
 		$(FPC_DOCKER_CC_BUILDER_NAME)\
 		sh -c 'make build'

demo/client/backend/fabric-gateway/Makefile

@@ -5,7 +5,8 @@
 TOP = ../../../..
 include $(TOP)/build.mk
 
-DOCKER_IMAGE=auction_client_backend
+FPC_DOCKER_NAMESPACE := hyperledger/fabric-private-chaincode
+DOCKER_IMAGE = ${FPC_DOCKER_NAMESPACE}-auction_client_backend
 
 # Note:
 # - docker images are not necessarily rebuild if they exist but are outdated.
@@ -25,9 +26,16 @@ docker:
 	# this image is usually built by docker-compose but we still add a
 	# convenience target ere until proxy issues with docker-compose are resolved
 	$(DOCKER) build $(DOCKER_BUILD_OPTS) -t ${DOCKER_IMAGE} .
+	$(DOCKER) tag $(DOCKER_IMAGE) $(DOCKER_IMAGE):${FPC_VERSION}
 
 clobber:
-	IMAGE=$$(${DOCKER} images ${DOCKER_IMAGE} -q); \
-        if [ ! -z "$${IMAGE}" ]; then ${DOCKER} rmi ${IMAGE}; fi
+	for tag in \
+	    ${FPC_VERSION} \
+	    latest \
+	; do \
+	    if [ ! -z "$$(docker images -q ${DOCKER_IMAGE}:$${tag} 2> /dev/null)" ]; then \
+		docker rmi $(DOCKER_IMAGE):$${tag}; \
+	    fi \
+	done
 	# make clobber in demo/ also would take care but better safe than sorry