Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

org2 smoke test passes #3

Merged
merged 3 commits into from
Sep 26, 2020
Merged

org2 smoke test passes #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0e8e59c
attempt to centralized chaincode
rtang03 Sep 25, 2020
581f6b4
org2 smoke test pass
rtang03 Sep 25, 2020
c1c142a
org2 smoke test passes
rtang03 Sep 25, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion bootstrap.gcp.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ printMessage "pod/o0-hlf-ord" $res

# Currently, it seems that META-INFO is missing, and it will fail to init chaincode; if using couchdb
# while there is no real need for coudchdb, will fall back to goleveldb.
# DISABLED; CANNOT REMOVE
#helm install p0o1db -n n1 -f ./releases/org1/p0o1db-hlf-couchdb.gcp.yaml ./hlf-couchdb
#sleep 5
#set -x
Expand All @@ -187,7 +188,6 @@ printMessage "pod/p0o1-hlf-peer" $res

helm install g1 -n n1 -f ./releases/org1/g1-gupload.gcp.yaml ./gupload


export POD_CLI1=$(kubectl get pods --namespace n1 -l "app=orgadmin,release=admin1" -o jsonpath="{.items[0].metadata.name}")
preventEmptyValue "pod unavailable" $POD_CLI1

Expand Down
158 changes: 108 additions & 50 deletions bootstrap.org2.gcp.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

#!/bin/bash
. ./scripts/setup.sh

Expand All @@ -7,11 +6,6 @@ SECONDS=0
./scripts/rm-secret.n2.sh
rm ./download/*.crt

# Note: Manually deploy PV
#kubectl -n n2 create -f ../releases/org2/volumes/pvc-org2.gcp.yaml
#kubectl -n n2 create -f ../releases/org2/volumes/pvc-p0o2.gcp.yaml
# printMessage "create pv/pvc for org2" $?

helm install admin2 -n n2 -f ./releases/org2/admin2-orgadmin.gcp.yaml ./orgadmin
printMessage "install admin2" $?

Expand All @@ -26,7 +20,7 @@ export POD_PSQL2=$(kubectl get pods -n n2 -l "app.kubernetes.io/name=postgresql-
kubectl wait --for=condition=Ready --timeout 180s pod/$POD_PSQL2 -n n2
res=$?
set +x
printMessage "pod/$POD_PSQL1" $res
printMessage "pod/$POD_PSQL2" $res

sleep 30

Expand Down Expand Up @@ -74,6 +68,7 @@ printMessage "job/crypto-rca2-cryptogen" $res
./scripts/create-secret.rca2.sh
printMessage "create secret rca2" $?

# DISABLED; CANNOT REMOVE
#helm install p0o2db -n n2 -f ./releases/org2/p0o2db-hlf-couchdb.gcp.yaml ./hlf-couchdb
#set -x
#export POD_P0O2DB=$(kubectl get pods -n n2 -l "app=hlf-couchdb,release=p0o2db" -o jsonpath="{.items[0].metadata.name}")
Expand All @@ -87,89 +82,119 @@ preventEmptyValue "pod unavailable" $POD_CLI2

sleep 5

helm install g2 -n n2 -f ./releases/org2/g2-gupload.gcp.yaml ./gupload

#####################################################################
### OUT OF BAND
#####################################################################
echo "#####################################################################"
echo "### OUT OF BAND PROCESS"
echo "#####################################################################"
echo "# ORG1: Out-of-band process: Manually send p0o1.crt from org2 to org1"
export POD_RCA2=$(kubectl get pods -n n2 -l "app=hlf-ca,release=rca2" -o jsonpath="{.items[0].metadata.name}")
preventEmptyValue "pod unavailable" $POD_RCA2

set -x
kubectl -n n2 exec $POD_RCA2 -c ca -- cat ./Org2MSP/peer0.org2.net/tls-msp/signcerts/cert.pem > ./download/p0o2.crt
res=$?
set +x
printMessage "download /Org2MSP/peer0.org2.net/tls-msp/signcerts/cert.pem from n2" $res

set -x
kubectl -n n1 create secret generic peer0.org2.net-tls --from-file=tls.crt=./download/p0o2.crt
res=$?
set +x
printMessage "create secret peer0.org2.net-tls for n1" $res
# CAN REMOVE
# 0. peer0.org2.net-tls for n1
#set -x
#kubectl -n n2 exec $POD_RCA2 -c ca -- cat ./Org2MSP/peer0.org2.net/tls-msp/signcerts/cert.pem > ./download/p0o2.crt
#res=$?
#set +x
#printMessage "download /Org2MSP/peer0.org2.net/tls-msp/signcerts/cert.pem from n2" $res
#set -x
#kubectl -n n1 create secret generic peer0.org2.net-tls --from-file=tls.crt=./download/p0o2.crt
#res=$?
#set +x
#printMessage "create secret peer0.org2.net-tls for n1" $res

####
echo "# ORG2: Out-of-band process: Manually send p0o2.crt from org1 to org2"
export POD_RCA1=$(kubectl get pods -n n1 -l "app=hlf-ca,release=rca1" -o jsonpath="{.items[0].metadata.name}")
preventEmptyValue "pod unavailable" $POD_RCA1

set -x
kubectl -n n1 exec $POD_RCA1 -c ca -- cat ./Org1MSP/peer0.org1.net/tls-msp/signcerts/cert.pem > ./download/p0o1.crt
res=$?
set +x
printMessage "download Org1MSP/peer0.org1.net/tls-msp/signcerts/cert.pem from n1" $res

set -x
kubectl -n n2 create secret generic peer0.org1.net-tls --from-file=tls.crt=./download/p0o1.crt
res=$?
set +x
printMessage "create secret peer0.org1.net-tls for n2" $res
# CAN REMOVE
#set -x
#kubectl -n n1 exec $POD_RCA1 -c ca -- cat ./Org1MSP/peer0.org1.net/tls-msp/signcerts/cert.pem > ./download/p0o1.crt
#res=$?
#set +x
#printMessage "download Org1MSP/peer0.org1.net/tls-msp/signcerts/cert.pem from n1" $res
#
#set -x
#kubectl -n n2 create secret generic peer0.org1.net-tls --from-file=tls.crt=./download/p0o1.crt
#res=$?
#set +x
#printMessage "create secret peer0.org1.net-tls for n2" $res

export POD_RCA0=$(kubectl get pods -n n0 -l "app=hlf-ca,release=rca0" -o jsonpath="{.items[0].metadata.name}")
preventEmptyValue "pod unavailable" $POD_RCA0

echo "# 1. create orderer0.org0.com-tlssigncert for n2"
set -x
kubectl -n n0 exec $POD_RCA0 -c ca -- cat ./Org0MSP/orderer0.org0.com/tls-msp/signcerts/cert.pem > ./download/orderer0.crt
res=$?
set +x
printMessage "download Org0MSP/orderer0.org0.com/tls-msp/signcerts/cert.pem from n0" $res

set -x
kubectl -n n2 create secret generic orderer0.org0.com-tlssigncert --from-file=cert.pem=./download/orderer0.crt
res=$?
set +x
printMessage "create secret orderer0.org0.com-tlssigncert for n2" $res

echo "# 2. create orderer0.org0.com-tlsrootcert for n2"
set -x
kubectl -n n0 exec $POD_RCA0 -c ca -- cat ./Org0MSP/orderer0.org0.com/tls-msp/tlscacerts/tls-tlsca0-hlf-ca-7054.pem > ./download/orderer0-tlsroot.crt
res=$?
set +x
printMessage "download Org0MSP/orderer0.org0.com/tls-msp/tlscacerts/tls-tlsca0-hlf-ca-n0-svc-cluster-local-7054.pem from n0" $res

set -x
kubectl -n n2 create secret generic orderer0.org0.com-tlsrootcert --from-file=tlscacert.pem=./download/orderer0-tlsroot.crt
res=$?
set +x
printMessage "create secret orderer0.org0.com-tlsrootcert for n2" $res

echo "# 3. create secret org0-tls-ca-cert for n2"
set -x
kubectl -n n0 exec $POD_RCA0 -c ca -- sh -c "cat ./Org0MSP/msp/tlscacerts/tls-ca-cert.pem" > ./download/org0tlscacert.crt
res=$?
set +x
printMessage "download Org0MSP/msp/tlscacerts/tls-ca-cert.pem from n0" $res

set -x
kubectl -n n2 create secret generic org0-tls-ca-cert --from-file=tlscacert.pem=./download/org0tlscacert.crt
res=$?
set +x
printMessage "create secret org0-tls-ca-cert for n2" $res
#####################################################################
### END: OUT OF BAND
#####################################################################

echo "# 4. create org1-tls-ca-cert for n2"
set -x
kubectl -n n1 exec $POD_RCA1 -c ca -- cat ./Org1MSP/msp/tlscacerts/tls-ca-cert.pem > ./download/org1tlscacert.crt
res=$?
set +x
printMessage "download Org1MSP/msp/tlscacerts/tls-ca-cert.pem from n1" $res
set -x
kubectl -n n2 create secret generic org1-tls-ca-cert --from-file=tls.crt=./download/org1tlscacert.crt
res=$?
set +x
printMessage "create secret org1-tls-ca-cert for n2" $res

echo "# 5. create org2-tls-ca-cert for n2"
set -x
kubectl -n n2 exec $POD_RCA2 -c ca -- cat ./Org2MSP/msp/tlscacerts/tls-ca-cert.pem > ./download/org2tlscacert.crt
res=$?
set +x
printMessage "download Org2MSP/msp/tlscacerts/tls-ca-cert.pem from n2" $res
set -x
kubectl -n n1 create secret generic org2-tls-ca-cert --from-file=tls.crt=./download/org2tlscacert.crt
res=$?
set +x
printMessage "create secret org2-tls-ca-cert for n1" $res
set -x
kubectl -n n2 create secret generic org2-tls-ca-cert --from-file=tls.crt=./download/org2tlscacert.crt
res=$?
set +x
printMessage "create secret org2-tls-ca-cert for n2" $res
echo "#####################################################################"
echo "### END: OUT OF BAND"
echo "#####################################################################"

echo "### Install g2-gupload"
helm install g2 -n n2 -f ./releases/org2/g2-gupload.gcp.yaml ./gupload

# After all secrets are available
helm install p0o2 -n n2 -f ./releases/org2/p0o2-hlf-peer.gcp.yaml ./hlf-peer

set -x
export POD_P0O2=$(kubectl get pods -n n2 -l "app=hlf-peer,release=p0o2" -o jsonpath="{.items[0].metadata.name}")
kubectl wait --for=condition=Ready --timeout 180s pod/$POD_P0O2 -n n2
Expand All @@ -179,10 +204,9 @@ printMessage "pod/p0o2-hlf-peer" $res

sleep 10

### MULTIPLE ORGS WORKFLOW
## org1 admin tasks
echo "###### MULTIPLE ORGS WORKFLOW ###"
echo "### Org1 fetch current block"
helm install fetch1 -n n1 -f ./releases/org1/fetchsend-hlf-operator.yaml ./hlf-operator

set -x
kubectl wait --for=condition=complete --timeout 120s job/fetch1-hlf-operator--fetch-send -n n1
res=$?
Expand All @@ -191,7 +215,7 @@ printMessage "job/fetch1-hlf-operator" $res

sleep 10

## org2 admin tasks
echo "### Org2 prepares add-org update-channel-envelope"
helm install neworg2 -n n2 -f ./releases/org2/neworgsend-hlf-operator.yaml ./hlf-operator

set -x
Expand All @@ -202,9 +226,8 @@ printMessage "job/neworg2-hlf-operator" $res

sleep 10

## org1 admin tasks
echo "### Org1 sign the updatechannel block"
helm install upch1 -n n1 -f ./releases/org1/upch1-hlf-operator.yaml ./hlf-operator

set -x
kubectl wait --for=condition=complete --timeout 120s job/upch1-hlf-operator--updatechannel -n n1
res=$?
Expand All @@ -213,14 +236,49 @@ printMessage "job/upch1-hlf-operator" $res

sleep 10

## org2 admin tasks
echo "### Org2 join channel"
helm install joinch2 -n n2 -f ./releases/org2/joinch2-hlf-operator.yaml ./hlf-operator

set -x
kubectl wait --for=condition=complete --timeout 120s job/joinch2-hlf-operator--joinchannel -n n2
res=$?
set +x
printMessage "job/joinch2-hlf-operator" $res

export POD_CLI2=$(kubectl get pods --namespace n2 -l "app=orgadmin,release=admin2" -o jsonpath="{.items[0].metadata.name}")
preventEmptyValue "pod unavailable" $POD_CLI1

echo "### Update anchor peer; package & install chaincode"
helm install installcc2a -n n2 -f ./releases/org2/installcc-a.hlf-operator.yaml ./hlf-operator
set -x
kubectl wait --for=condition=complete --timeout 300s job/installcc2a-hlf-operator--bootstrap -n n2
res=$?
set +x
printMessage "job/install chaincode part1" $res

set -x
export CCID=$(kubectl -n n2 exec $POD_CLI2 -- cat /var/hyperledger/crypto-config/channel-artifacts/packageid.txt)
res=$?
set +x
printMessage "retrieve CCID" $res

echo "### Launch chaincode container"
helm install eventstore -n n2 --set ccid=$CCID -f ./releases/org2/eventstore-hlf-cc.gcp.yaml ./hlf-cc
set -x
export POD_CC2=$(kubectl get pods -n n2 -l "app=hlf-cc,release=eventstore" -o jsonpath="{.items[0].metadata.name}")
kubectl wait --for=condition=Ready --timeout 180s pod/$POD_CC2 -n n2
res=$?
set +x
printMessage "pod/eventstore chaincode" $res

sleep 10

echo "### Approach chaincode and run smoke test"
helm install installcc2b -n n2 -f ./releases/org2/installcc-b.hlf-operator.yaml ./hlf-operator
set -x
kubectl wait --for=condition=complete --timeout 180s job/installcc2b-hlf-operator--bootstrap -n n2
res=$?
set +x
printMessage "job/install chaincode part2" $res

duration=$SECONDS
printf "${GREEN}$(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed.\n\n${NC}"
12 changes: 12 additions & 0 deletions hlf-operator/templates/NOTES.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,16 @@
Job will perform:
{{-if .Values.fetchSend.enabled }}
- fetch current channel config, and send config.json to other org
{{- end }}
{{-if .Values.neworgSend.enabled }}
- create new org update, and send to other org
{{- end }}
{{-if .Values.updateChannel.enabled }}
- update channel
{{- end }}
{{-if .Values.joinChannel.enabled }}
- join channel
{{- end }}
{{- if .Values.bootstrap.tasks.create_channel.enabled }}
- create channel
{{- end }}
Expand Down
22 changes: 21 additions & 1 deletion hlf-operator/templates/job--bootstrap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,18 @@ spec:
- name: org0-tls-ca-cert
secret:
secretName: {{ .Values.bootstrap.secret.tlscacert }}
{{- if .Values.bootstrap.tasks.dev_invoke.enabled }}
{{- range .Values.bootstrap.tasks.dev_invoke.targets }}
- name: {{ .name }}
secret:
secretName: {{ .name }}
{{- end }}
{{- end }}
{{- if .Values.bootstrap.secret.channeltx }}
- name: channel-tx
secret:
secretName: {{ .Values.bootstrap.secret.channeltx }}
{{- end }}
- name: collection-json
configMap:
name: {{ include "hlf-operator.fullname" . }}--cli
Expand Down Expand Up @@ -129,7 +138,7 @@ spec:
set +x
printMessage "cp block" $res
set -x
jq ".channel_group.groups.Application.groups.Org1MSP.values += {\"AnchorPeers\":{\"mod_policy\":\"Admins\",\"value\":{\"anchor_peers\":[{\"host\":\"peer0.org1.net\",\"port\":15443}]},\"version\":\"0\"}}" $DIR/config_copy.json > $DIR/modified_config.json
jq ".channel_group.groups.Application.groups.{{ .Values.bootstrap.tasks.update_anchor_peer.mspId }}.values += {\"AnchorPeers\":{\"mod_policy\":\"Admins\",\"value\":{\"anchor_peers\":[{\"host\":\"{{ .Values.bootstrap.tasks.update_anchor_peer.host }}\",\"port\":{{ .Values.bootstrap.tasks.update_anchor_peer.port }}}]},\"version\":\"0\"}}" $DIR/config_copy.json > $DIR/modified_config.json
res=$?
set +x
printMessage "jq add anchorpeer" $res
Expand Down Expand Up @@ -227,6 +236,9 @@ spec:
-o ${ORDERER_URL} -C ${CHANNEL_NAME} \
--tls --cafile ${ORDERER_CA} \
--name {{ .Values.bootstrap.chaincode.id }} \
{{- if .Values.bootstrap.tasks.approve_chaincode.signaturePolicy }}
--signature-policy {{ .Values.bootstrap.tasks.approve_chaincode.signaturePolicy }} \
{{- end }}
--version {{ .Values.bootstrap.chaincode.version }} \
--package-id $(sed -n "/{{ .Values.bootstrap.chaincode.id }}v{{ .Values.bootstrap.chaincode.version }}/{s/^Package ID: //; s/, Label:.*$//; p;}" $DIR/log-installed.txt) \
--init-required \
Expand Down Expand Up @@ -354,10 +366,18 @@ spec:
- name: setup-script
mountPath: /script/setup.sh
subPath: setup.sh
{{- if .Values.bootstrap.secret.channeltx }}
- name: channel-tx
mountPath: {{ .Values.global.workingDir }}/crypto-config/channel-artifacts/channeltx
{{- end }}
- name: org0-tls-ca-cert
mountPath: {{ .Values.global.workingDir }}/crypto-config/channel-artifacts/org0-tls-ca-cert
{{- if .Values.bootstrap.tasks.dev_invoke.enabled }}
{{- range .Values.bootstrap.tasks.dev_invoke.targets }}
- name: {{ .name }}
mountPath: {{ $.Values.global.workingDir }}/crypto-config/channel-artifacts/{{ .name }}
{{- end }}
{{- end }}
- name: collection-json
mountPath: /builders/packaging/connection.json
subPath: connection.json
Expand Down
1 change: 0 additions & 1 deletion hlf-operator/templates/job--neworg-send.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,6 @@ spec:
########
# Step 9: gupload to obtain signature
########
sleep 3h
printHeader "Gupload to remote server"
set -x
/var/gupload/gupload upload --cacert /var/gupload/cert/tls.crt --label {{ .Values.neworgSend.label }} --file $TMP/config_update_in_envelope.pb --filename config_update_in_envelope.pb \
Expand Down
Loading