Add channel config policy ref to _lifecycle CLI

Also, similar refactor for collection config package creation. FAB-14517 #done Change-Id: I543302588cd4379c7b2cf6d79d6aa41268d56bb5 Signed-off-by: Will Lahti <wtlahti@us.ibm.com> Signed-off-by: Alessandro Sorniotti <ale.linux@sopit.net>
hyperledger · Mar 29, 2019 · 60534bc · 60534bc
1 parent aca23eb
commit 60534bc
Show file tree

Hide file tree

Showing 12 changed files with 223 additions and 185 deletions.
diff --git a/integration/nwo/commands/peer.go b/integration/nwo/commands/peer.go
@@ -193,19 +193,20 @@ func (c ChaincodeInstall) Args() []string {
 }
 
 type ChaincodeApproveForMyOrgLifecycle struct {
-	ChannelID         string
-	Orderer           string
-	Name              string
-	Version           string
-	PackageID         string
-	Sequence          string
-	EndorsementPlugin string
-	ValidationPlugin  string
-	Policy            string
-	InitRequired      bool
-	CollectionsConfig string
-	PeerAddresses     []string
-	WaitForEvent      bool
+	ChannelID           string
+	Orderer             string
+	Name                string
+	Version             string
+	PackageID           string
+	Sequence            string
+	EndorsementPlugin   string
+	ValidationPlugin    string
+	SignaturePolicy     string
+	ChannelConfigPolicy string
+	InitRequired        bool
+	CollectionsConfig   string
+	PeerAddresses       []string
+	WaitForEvent        bool
 }
 
 func (c ChaincodeApproveForMyOrgLifecycle) SessionName() string {
@@ -223,7 +224,8 @@ func (c ChaincodeApproveForMyOrgLifecycle) Args() []string {
 		"--sequence", c.Sequence,
 		"--escc", c.EndorsementPlugin,
 		"--vscc", c.ValidationPlugin,
-		"--policy", c.Policy,
+		"--signature-policy", c.SignaturePolicy,
+		"--channel-config-policy", c.ChannelConfigPolicy,
 	}
 
 	if c.InitRequired {
@@ -246,18 +248,19 @@ func (c ChaincodeApproveForMyOrgLifecycle) Args() []string {
 }
 
 type ChaincodeCommitLifecycle struct {
-	ChannelID         string
-	Orderer           string
-	Name              string
-	Version           string
-	Sequence          string
-	EndorsementPlugin string
-	ValidationPlugin  string
-	Policy            string
-	InitRequired      bool
-	CollectionsConfig string
-	PeerAddresses     []string
-	WaitForEvent      bool
+	ChannelID           string
+	Orderer             string
+	Name                string
+	Version             string
+	Sequence            string
+	EndorsementPlugin   string
+	ValidationPlugin    string
+	SignaturePolicy     string
+	ChannelConfigPolicy string
+	InitRequired        bool
+	CollectionsConfig   string
+	PeerAddresses       []string
+	WaitForEvent        bool
 }
 
 func (c ChaincodeCommitLifecycle) SessionName() string {
@@ -274,7 +277,8 @@ func (c ChaincodeCommitLifecycle) Args() []string {
 		"--sequence", c.Sequence,
 		"--escc", c.EndorsementPlugin,
 		"--vscc", c.ValidationPlugin,
-		"--policy", c.Policy,
+		"--signature-policy", c.SignaturePolicy,
+		"--channel-config-policy", c.ChannelConfigPolicy,
 	}
 	if c.InitRequired {
 		args = append(args, "--init-required")

diff --git a/integration/nwo/deploy.go b/integration/nwo/deploy.go
@@ -24,20 +24,22 @@ import (
 )
 
 type Chaincode struct {
-	Name              string
-	Version           string
-	Path              string
-	Ctor              string
-	Policy            string
-	Lang              string
-	CollectionsConfig string // optional
-	PackageFile       string
-	PackageID         string // if unspecified, chaincode won't be executable
-	Sequence          string
-	EndorsementPlugin string
-	ValidationPlugin  string
-	InitRequired      bool
-	Label             string
+	Name                string
+	Version             string
+	Path                string
+	Ctor                string
+	Policy              string
+	Lang                string
+	CollectionsConfig   string // optional
+	PackageFile         string
+	PackageID           string // if unspecified, chaincode won't be executable
+	Sequence            string
+	EndorsementPlugin   string
+	ValidationPlugin    string
+	InitRequired        bool
+	Label               string
+	SignaturePolicy     string
+	ChannelConfigPolicy string
 }
 
 // DeployChaincodeNewLifecycle is a helper that will install chaincode to all
@@ -201,18 +203,19 @@ func ApproveChaincodeForMyOrgNewLifecycle(n *Network, channel string, orderer *O
 	for _, p := range peers {
 		if _, ok := approvedOrgs[p.Organization]; !ok {
 			sess, err := n.PeerAdminSession(p, commands.ChaincodeApproveForMyOrgLifecycle{
-				ChannelID:         channel,
-				Orderer:           n.OrdererAddress(orderer, ListenPort),
-				Name:              chaincode.Name,
-				Version:           chaincode.Version,
-				PackageID:         chaincode.PackageID,
-				Sequence:          chaincode.Sequence,
-				EndorsementPlugin: chaincode.EndorsementPlugin,
-				ValidationPlugin:  chaincode.ValidationPlugin,
-				Policy:            chaincode.Policy,
-				InitRequired:      chaincode.InitRequired,
-				CollectionsConfig: chaincode.CollectionsConfig,
-				WaitForEvent:      true,
+				ChannelID:           channel,
+				Orderer:             n.OrdererAddress(orderer, ListenPort),
+				Name:                chaincode.Name,
+				Version:             chaincode.Version,
+				PackageID:           chaincode.PackageID,
+				Sequence:            chaincode.Sequence,
+				EndorsementPlugin:   chaincode.EndorsementPlugin,
+				ValidationPlugin:    chaincode.ValidationPlugin,
+				SignaturePolicy:     chaincode.SignaturePolicy,
+				ChannelConfigPolicy: chaincode.ChannelConfigPolicy,
+				InitRequired:        chaincode.InitRequired,
+				CollectionsConfig:   chaincode.CollectionsConfig,
+				WaitForEvent:        true,
 			})
 			Expect(err).NotTo(HaveOccurred())
 			Eventually(sess, n.EventuallyTimeout).Should(gexec.Exit(0))
@@ -234,18 +237,19 @@ func CommitChaincodeNewLifecycle(n *Network, channel string, orderer *Orderer, c
 	}
 
 	sess, err := n.PeerAdminSession(peer, commands.ChaincodeCommitLifecycle{
-		ChannelID:         channel,
-		Orderer:           n.OrdererAddress(orderer, ListenPort),
-		Name:              chaincode.Name,
-		Version:           chaincode.Version,
-		Sequence:          chaincode.Sequence,
-		EndorsementPlugin: chaincode.EndorsementPlugin,
-		ValidationPlugin:  chaincode.ValidationPlugin,
-		Policy:            chaincode.Policy,
-		InitRequired:      chaincode.InitRequired,
-		CollectionsConfig: chaincode.CollectionsConfig,
-		PeerAddresses:     peerAddresses,
-		WaitForEvent:      true,
+		ChannelID:           channel,
+		Orderer:             n.OrdererAddress(orderer, ListenPort),
+		Name:                chaincode.Name,
+		Version:             chaincode.Version,
+		Sequence:            chaincode.Sequence,
+		EndorsementPlugin:   chaincode.EndorsementPlugin,
+		ValidationPlugin:    chaincode.ValidationPlugin,
+		SignaturePolicy:     chaincode.SignaturePolicy,
+		ChannelConfigPolicy: chaincode.ChannelConfigPolicy,
+		InitRequired:        chaincode.InitRequired,
+		CollectionsConfig:   chaincode.CollectionsConfig,
+		PeerAddresses:       peerAddresses,
+		WaitForEvent:        true,
 	})
 	Expect(err).NotTo(HaveOccurred())
 	Eventually(sess, n.EventuallyTimeout).Should(gexec.Exit(0))

diff --git a/integration/nwo/network_test.go b/integration/nwo/network_test.go
@@ -97,18 +97,19 @@ var _ = Describe("Network", func() {
 			peer := network.Peer("org1", "peer2")
 
 			chaincode := nwo.Chaincode{
-				Name:              "mycc",
-				Version:           "0.0",
-				Path:              "github.com/hyperledger/fabric/integration/chaincode/simple/cmd",
-				Lang:              "golang",
-				PackageFile:       filepath.Join(tempDir, "simplecc.tar.gz"),
-				Ctor:              `{"Args":["init","a","100","b","200"]}`,
-				EndorsementPlugin: "escc",
-				ValidationPlugin:  "vscc",
-				Policy:            `AND ('Org1ExampleCom.member','Org2ExampleCom.member')`,
-				Sequence:          "1",
-				InitRequired:      true,
-				Label:             "my_simple_chaincode",
+				Name:                "mycc",
+				Version:             "0.0",
+				Path:                "github.com/hyperledger/fabric/integration/chaincode/simple/cmd",
+				Lang:                "golang",
+				PackageFile:         filepath.Join(tempDir, "simplecc.tar.gz"),
+				Ctor:                `{"Args":["init","a","100","b","200"]}`,
+				EndorsementPlugin:   "escc",
+				ValidationPlugin:    "vscc",
+				Policy:              `AND ('Org1ExampleCom.member','Org2ExampleCom.member')`,
+				ChannelConfigPolicy: "/Channel/Application/Endorsement",
+				Sequence:            "1",
+				InitRequired:        true,
+				Label:               "my_simple_chaincode",
 			}
 
 			network.CreateAndJoinChannels(orderer)
@@ -264,7 +265,7 @@ var _ = Describe("Network", func() {
 				Ctor:              `{"Args":["init","a","100","b","200"]}`,
 				EndorsementPlugin: "escc",
 				ValidationPlugin:  "vscc",
-				Policy:            `AND ('Org1ExampleCom.member','Org2ExampleCom.member')`,
+				SignaturePolicy:   `AND ('Org1ExampleCom.member','Org2ExampleCom.member')`,
 				Sequence:          "1",
 				InitRequired:      true,
 				Label:             "my_simple_chaincode",

diff --git a/integration/pvtdata/pvtdata_test.go b/integration/pvtdata/pvtdata_test.go
@@ -665,7 +665,7 @@ var _ bool = Describe("PrivateData", func() {
 				Lang:              "golang",
 				PackageFile:       filepath.Join(testDir, "marbles-pvtdata.tar.gz"),
 				Label:             "marbles-private-2.0",
-				Policy:            `OR ('Org1MSP.member','Org2MSP.member', 'Org3MSP.member')`,
+				SignaturePolicy:   `OR ('Org1MSP.member','Org2MSP.member', 'Org3MSP.member')`,
 				CollectionsConfig: filepath.Join("testdata", "collection_configs", "collections_config2.json"),
 				Sequence:          "1",
 			}
@@ -691,7 +691,7 @@ var _ bool = Describe("PrivateData", func() {
 
 			By("upgrading chaincode to remove org3 from collectionMarbles")
 			chaincode.Sequence = "2"
-			chaincode.Policy = `OR ('Org1MSP.member','Org2MSP.member')`
+			chaincode.SignaturePolicy = `OR ('Org1MSP.member','Org2MSP.member')`
 			chaincode.CollectionsConfig = filepath.Join("testdata", "collection_configs", "collections_config1.json")
 
 			maxLedgerHeight := nwo.GetMaxLedgerHeight(network, "testchannel", peerAllThreeOrgs...)

diff --git a/internal/peer/lifecycle/chaincode/approveformyorg.go b/internal/peer/lifecycle/chaincode/approveformyorg.go
@@ -13,7 +13,6 @@ import (
 	"time"
 
 	"github.com/golang/protobuf/proto"
-	"github.com/hyperledger/fabric/common/cauthdsl"
 	"github.com/hyperledger/fabric/internal/peer/chaincode"
 	"github.com/hyperledger/fabric/internal/peer/common"
 	"github.com/hyperledger/fabric/internal/peer/common/api"
@@ -77,14 +76,6 @@ func (a *ApproveForMyOrgInput) Validate() error {
 		return errors.New("The required parameter 'sequence' is empty. Rerun the command with --sequence flag")
 	}
 
-	if a.EndorsementPlugin == "" {
-		a.EndorsementPlugin = "escc"
-	}
-
-	if a.ValidationPlugin == "" {
-		a.ValidationPlugin = "vscc"
-	}
-
 	return nil
 }
 
@@ -144,7 +135,8 @@ func ApproveForMyOrgCmd(a *ApproverForMyOrg) *cobra.Command {
 		"sequence",
 		"escc",
 		"vscc",
-		"policy",
+		"signature-policy",
+		"channel-config-policy",
 		"init-required",
 		"collections-config",
 		"peerAddresses",
@@ -254,31 +246,14 @@ func (a *ApproverForMyOrg) Approve() error {
 
 // createInput creates the input struct based on the CLI flags
 func (a *ApproverForMyOrg) createInput() (*ApproveForMyOrgInput, error) {
-	var (
-		policyBytes []byte
-		ccp         *cb.CollectionConfigPackage
-	)
-
-	if policy != "" {
-		signaturePolicyEnvelope, err := cauthdsl.FromString(policy)
-		if err != nil {
-			return nil, errors.Errorf("invalid signature policy: %s", policy)
-		}
-
-		applicationPolicy := &pb.ApplicationPolicy{
-			Type: &pb.ApplicationPolicy_SignaturePolicy{
-				SignaturePolicy: signaturePolicyEnvelope,
-			},
-		}
-		policyBytes = protoutil.MarshalOrPanic(applicationPolicy)
+	policyBytes, err := createPolicyBytes(signaturePolicy, channelConfigPolicy)
+	if err != nil {
+		return nil, err
 	}
 
-	if collectionsConfigFile != "" {
-		var err error
-		ccp, _, err = chaincode.GetCollectionConfigFromFile(collectionsConfigFile)
-		if err != nil {
-			return nil, errors.WithMessagef(err, "invalid collection configuration in file %s", collectionsConfigFile)
-		}
+	ccp, err := createCollectionConfigPackage(collectionsConfigFile)
+	if err != nil {
+		return nil, err
 	}
 
 	input := &ApproveForMyOrgInput{

diff --git a/internal/peer/lifecycle/chaincode/approveformyorg_test.go b/internal/peer/lifecycle/chaincode/approveformyorg_test.go
@@ -327,7 +327,7 @@ var _ = Describe("ApproverForMyOrg", func() {
 				"--sequence=1",
 				"--peerAddresses=querypeer1",
 				"--tlsRootCertFiles=tls1",
-				"--policy=AND ('Org1MSP.member','Org2MSP.member')",
+				"--signature-policy=AND ('Org1MSP.member','Org2MSP.member')",
 			})
 		})
 
@@ -341,10 +341,54 @@ var _ = Describe("ApproverForMyOrg", func() {
 			Expect(err.Error()).To(ContainSubstring("failed to retrieve endorser client"))
 		})
 
-		Context("when the policy is invalid", func() {
+		Context("when the channel config policy is specified", func() {
 			BeforeEach(func() {
+				approveForMyOrgCmd = chaincode.ApproveForMyOrgCmd(nil)
 				approveForMyOrgCmd.SetArgs([]string{
-					"--policy=notapolicy",
+					"--channel-config-policy=/Channel/Application/Readers",
+					"--channelID=testchannel",
+					"--name=testcc",
+					"--version=testversion",
+					"--package-id=testpackageid",
+					"--sequence=1",
+					"--peerAddresses=querypeer1",
+					"--tlsRootCertFiles=tls1",
+				})
+			})
+
+			It("sets up the approver for my org and attempts to approve the chaincode definition", func() {
+				err := approveForMyOrgCmd.Execute()
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("failed to retrieve endorser client"))
+			})
+		})
+
+		Context("when a signature policy and channel config policy are both specified", func() {
+			BeforeEach(func() {
+				approveForMyOrgCmd.SetArgs([]string{
+					"--signature-policy=a_policy",
+					"--channel-config-policy=anotha_policy",
+					"--channelID=testchannel",
+					"--name=testcc",
+					"--version=testversion",
+					"--package-id=testpackageid",
+					"--sequence=1",
+					"--peerAddresses=querypeer1",
+					"--tlsRootCertFiles=tls1",
+				})
+			})
+
+			It("returns an error", func() {
+				err := approveForMyOrgCmd.Execute()
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(Equal("cannot specify both \"--signature-policy\" and \"--channel-config-policy\""))
+			})
+		})
+
+		Context("when the signature policy is invalid", func() {
+			BeforeEach(func() {
+				approveForMyOrgCmd.SetArgs([]string{
+					"--signature-policy=notapolicy",
 					"--channelID=testchannel",
 					"--name=testcc",
 					"--version=testversion",