diff --git a/deploy/charts/firefly/README.md b/deploy/charts/firefly/README.md index 5c8d16663b..a8bc6d3574 100644 --- a/deploy/charts/firefly/README.md +++ b/deploy/charts/firefly/README.md @@ -18,7 +18,7 @@ for simple, private messaging using HTTPS backed with mTLS. $ helm install acme-firefly ./deploy/charts/firefly \ --set dataexchange.tlsSecret.name=acme-dx-tls \ --set config.organizationName=acme \ - --set config.organizationIdentity="0xeb7284ce905e0665b7d42cabe31c76c45da1d331" \ + --set config.organizationKey="0xeb7284ce905e0665b7d42cabe31c76c45da1d331" \ --set config.fireflyContractAddress="0xeb7284ce905e0665b7d42cabe31c76c45da1d254" ``` diff --git a/deploy/charts/firefly/ci/it-values.yaml b/deploy/charts/firefly/ci/it-values.yaml index 79d627388b..a661806d14 100644 --- a/deploy/charts/firefly/ci/it-values.yaml +++ b/deploy/charts/firefly/ci/it-values.yaml @@ -4,7 +4,7 @@ config: preInit: true organizationName: "firefly-os" - organizationIdentity: "0xeb7284ce905e0665b7d42cabe31c76c45da1d331" + organizationKey: "0xeb7284ce905e0665b7d42cabe31c76c45da1d331" fireflyContractAddress: "0xeb7284ce905e0665b7d42cabe31c76c45da1d254" ethconnectUrl: "http://ethconnect.firefly-os" diff --git a/deploy/charts/firefly/scripts/ff-db-migrations.sh b/deploy/charts/firefly/scripts/ff-db-migrations.sh new file mode 100644 index 0000000000..2699dc4243 --- /dev/null +++ b/deploy/charts/firefly/scripts/ff-db-migrations.sh @@ -0,0 +1,42 @@ +#!/bin/sh + +# Install deps +apk add postgresql-client curl jq + +# Extract the database name from the end of the PSQL URL, and check it's there +DB_NAME=`echo ${PSQL_URL} | sed 's/^.*\///'` +COLONS=`echo -n $DB_NAME | sed 's/[^:]//g'` +echo "Database name: '${DB_NAME}'" +if [ -z "${DB_NAME}" ] || [ -n "${COLONS}" ] +then + echo "Postgres URL does not appear to contain a database name" + exit 1 +fi + +# Build a URL that doesn't have the database name +PSQL_URL_NO_DB=`echo ${PSQL_URL} | sed "s/\/${DB_NAME}//"` + +# Check we can connect to the PSQL Server +until psql -c "SELECT 1;" ${PSQL_URL_NO_DB}; do + echo "Waiting for database..." + sleep 1 +done + +# Create the database if it doesn't exist +if ! psql -c "SELECT datname FROM pg_database WHERE datname = '${DB_NAME}';" ${PSQL_URL_NO_DB} | grep ${DB_NAME} +then + psql -c "CREATE DATABASE ${DB_NAME};" ${PSQL_URL_NO_DB} +fi + +# Wait for the database itself to be available +until psql -c "SELECT 1;" ${PSQL_URL}; do + echo "Waiting for database..." + sleep 1 +done + +# Download the latest migration tool +MIGRATE_RELEASE=$(curl -sL https://api.github.com/repos/golang-migrate/migrate/releases/latest | jq -r '.name') +curl -sL https://github.com/golang-migrate/migrate/releases/download/${MIGRATE_RELEASE}/migrate.linux-amd64.tar.gz | tar xz + +# Do the migrations +./migrate -database ${PSQL_URL} -path db/migrations/postgres up diff --git a/deploy/charts/firefly/scripts/ff-registration.sh b/deploy/charts/firefly/scripts/ff-registration.sh new file mode 100644 index 0000000000..46bfd265ca --- /dev/null +++ b/deploy/charts/firefly/scripts/ff-registration.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +apk add curl jq + +until STATUS=$(curl ${FF_URL}/api/v1/status); do + echo "Waiting for FireFly..." + sleep 5 +done + +if [ `echo $STATUS | jq -r .org.registered` != "true" ]; then + + echo "Registering organization" + HTTP_CODE=`curl --silent --output /dev/stderr --write-out "%{http_code}" \ + -X POST -d '{}' -H 'Content-Type: application/json' \ + "${FF_URL}/api/v1/network/organizations/self?confirm"` + if [ "$HTTP_CODE" -ne 200 ]; then + echo "Failed to register with code ${HTTP_CODE}" + exit 1 + fi + +fi + +if [ `echo $STATUS | jq -r .node.registered` != "true" ]; then + + echo "Registering node" + HTTP_CODE=`curl --silent --output /dev/stderr --write-out "%{http_code}" \ + -X POST -d '{}' -H 'Content-Type: application/json' \ + "${FF_URL}/api/v1/network/nodes/self?confirm"` + if [ "$HTTP_CODE" -ne 200 ]; then + echo "Failed to register with code ${HTTP_CODE}" + exit 1 + fi + +else + + echo "Already registered. Nothing to do" + +fi diff --git a/deploy/charts/firefly/templates/_helpers.tpl b/deploy/charts/firefly/templates/_helpers.tpl index eef8e1fc0f..f32f690d17 100644 --- a/deploy/charts/firefly/templates/_helpers.tpl +++ b/deploy/charts/firefly/templates/_helpers.tpl @@ -101,7 +101,7 @@ ui: path: ./frontend org: name: {{ .Values.config.organizationName }} - identity: {{ .Values.config.organizationIdentity }} + key: {{ .Values.config.organizationKey }} {{- if .Values.config.blockchainOverride }} blockchain: {{- toYaml (tpl .Values.config.blockchainOverride .) | nindent 2 }} diff --git a/deploy/charts/firefly/templates/core/migration-job.yaml b/deploy/charts/firefly/templates/core/migration-job.yaml new file mode 100644 index 0000000000..860761b7ba --- /dev/null +++ b/deploy/charts/firefly/templates/core/migration-job.yaml @@ -0,0 +1,26 @@ +{{- if .Values.config.postgresMigrationJob -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ template "firefly.fullname" . }}-{{ .Values.core.image.tag }}-migrations" +spec: + backoffLimit: 5 + activeDeadlineSeconds: 12000 + template: + spec: + containers: + - name: migration + image: "{{ .Values.core.image.repository }}:{{ .Values.core.image.tag | default .Chart.AppVersion }}" + command: + - sh + - -ce + - | +{{ .Files.Get "scripts/ff-db-migrations.sh" | indent 10 }} + env: + - name: PSQL_URL + valueFrom: + secretKeyRef: + name: {{ include "firefly.fullname" . }}-config + key: psql_url + restartPolicy: Never +{{- end }} diff --git a/deploy/charts/firefly/templates/core/registration-job.yaml b/deploy/charts/firefly/templates/core/registration-job.yaml new file mode 100644 index 0000000000..51968bb741 --- /dev/null +++ b/deploy/charts/firefly/templates/core/registration-job.yaml @@ -0,0 +1,23 @@ +{{- if .Values.config.registrationJob -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ template "firefly.fullname" . }}-{{ .Values.config.organizationName | lower }}-registration" +spec: + backoffLimit: 5 + activeDeadlineSeconds: 12000 + template: + spec: + containers: + - name: registration + image: "{{ .Values.core.image.repository }}:{{ .Values.core.image.tag | default .Chart.AppVersion }}" + command: + - sh + - -ce + - | +{{ .Files.Get "scripts/ff-registration.sh" | indent 10 }} + env: + - name: FF_URL + value: "http://{{ include "firefly.fullname" . }}:{{ .Values.core.service.httpPort }}" + restartPolicy: Never +{{- end }} diff --git a/deploy/charts/firefly/values.yaml b/deploy/charts/firefly/values.yaml index 1ba08214ef..73cb9f88d1 100644 --- a/deploy/charts/firefly/values.yaml +++ b/deploy/charts/firefly/values.yaml @@ -13,8 +13,8 @@ config: # The name of the organization the FireFly node belongs to organizationName: "" - # The blockchain identity of the organization e.g. the Ethereum account address - organizationIdentity: "" + # The blockchain signing key of the organization e.g. the Ethereum account address + organizationKey: "" # The Ethereum address of the pre-deployed FireFly smart contract fireflyContractAddress: "/instances/contractAddress" @@ -25,6 +25,9 @@ config: # Whether or not to apply schema migrations automatically on startup, not recommended for production postgresAutomigrate: false + # Whether to create a migration job to perform migrations each time a new tag is pushed for the FireFly image (supports DB creation) + postgresMigrationJob: false + # The URL of the HTTPS DataExchange for the node to use for the dataexchange plugin i.e. private messaging, only needed if `dataexchange.enabled` is set to false dataexchangeUrl: "" @@ -64,6 +67,10 @@ config: # The long prefix FireFly will prepend to certain headers it sends to Ethconnect i.e. FireFly or Kaleido ethconnectPrefixLong: "" + # Whether to use a Job to perform auto-registration of the FireFly runtime. + # Note registration will not be successful until the new node has caught up with the head of the chain. + registrationJob: false + # The following values can be used to override the templating of specific plugin sections, in the case where # the user wants greater control to template the sections using global values, additional helpers, etc. OR if they # want to use other plugin types i.e. `fabric` which currently do not exist at the time of writing.