diff --git a/.dockerignore b/.dockerignore index fd7872f47..dbdd64280 100644 --- a/.dockerignore +++ b/.dockerignore @@ -9,5 +9,6 @@ !ecc/ecc !ecc_go/ecc_go !ecc_go/enclave.json +!ecc_go/ccToolsDemoEnclave.json !ecc_enclave/_build/lib/libsgxcc.so # note: docker seems to have troubles with '+' in filenames in this file, at least in exceptions .. diff --git a/.gitignore b/.gitignore index 6919373ec..674a4962e 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ cscope.* common/protos internal/protos coverage.out +vendor diff --git a/ecc_go/build.mk b/ecc_go/build.mk index 70d7aee2b..d28fb4e59 100644 --- a/ecc_go/build.mk +++ b/ecc_go/build.mk @@ -14,21 +14,22 @@ HW_EXTENSION=$(shell if [ "${SGX_MODE}" = "HW" ]; then echo "-hw"; fi) DOCKER_IMAGE ?= fpc/$(CC_NAME)${HW_EXTENSION} DOCKER_FILE ?= $(FPC_PATH)/ecc_go/Dockerfile EGO_CONFIG_FILE ?= $(FPC_PATH)/ecc_go/enclave.json +ECC_MAIN_FILES ?= main.go ECC_BINARY ?= ecc ECC_BUNDLE ?= $(ECC_BINARY)-bundle build: ecc docker env ecc: ecc_dependencies - ego-go build $(GOTAGS) -o $(ECC_BINARY) main.go - cp $(EGO_CONFIG_FILE) . + ego-go build $(GOTAGS) -o $(ECC_BINARY) $(ECC_MAIN_FILES) + cp $(EGO_CONFIG_FILE) ./enclave.json ego sign ego uniqueid $(ECC_BINARY) > mrenclave ego bundle $(ECC_BINARY) $(ECC_BUNDLE) .PHONY: with_go with_go: ecc_dependencies - $(GO) build $(GOTAGS) -o $(ECC_BUNDLE) main.go + $(GO) build $(GOTAGS) -o $(ECC_BUNDLE) $(ECC_MAIN_FILES) echo "fake_mrenclave" > mrenclave ecc_dependencies: diff --git a/ecc_go/chaincode/enclave_go/shim.go b/ecc_go/chaincode/enclave_go/shim.go index 86d40ea37..b38d1d310 100644 --- a/ecc_go/chaincode/enclave_go/shim.go +++ b/ecc_go/chaincode/enclave_go/shim.go @@ -8,9 +8,15 @@ SPDX-License-Identifier: Apache-2.0 package enclave_go import ( + "fmt" + //lint:ignore SA1019 the package is needed to unmarshall the header + protoV1 "github.com/golang/protobuf/proto" "github.com/hyperledger/fabric-chaincode-go/shim" "github.com/hyperledger/fabric-private-chaincode/internal/utils" + common "github.com/hyperledger/fabric-protos-go/common" pb "github.com/hyperledger/fabric-protos-go/peer" + + "google.golang.org/protobuf/proto" timestamp "google.golang.org/protobuf/types/known/timestamppb" ) @@ -177,7 +183,7 @@ func (f *FpcStubInterface) SplitCompositeKey(compositeKey string) (string, []str } func (f *FpcStubInterface) GetQueryResult(query string) (shim.StateQueryIteratorInterface, error) { - panic("not implemented") // TODO: Implement + return nil, fmt.Errorf("function not yet supported") } func (f *FpcStubInterface) GetQueryResultWithPagination(query string, pageSize int32, bookmark string) (shim.StateQueryIteratorInterface, *pb.QueryResponseMetadata, error) { @@ -233,7 +239,7 @@ func (f *FpcStubInterface) GetCreator() ([]byte, error) { } func (f *FpcStubInterface) GetTransient() (map[string][]byte, error) { - panic("not implemented") // TODO: Implement + return nil, fmt.Errorf("function not yet supported") } func (f *FpcStubInterface) GetBinding() ([]byte, error) { @@ -249,9 +255,22 @@ func (f *FpcStubInterface) GetSignedProposal() (*pb.SignedProposal, error) { } func (f *FpcStubInterface) GetTxTimestamp() (*timestamp.Timestamp, error) { - panic("not implemented") // TODO: Implement + hdr := &common.Header{} + proposal, Proposalerr := f.GetSignedProposal() + if Proposalerr != nil { + return nil, fmt.Errorf("error retrieving the proposal from the FPC Stub") + } + if err := proto.Unmarshal(proposal.ProposalBytes, protoV1.MessageV2(hdr)); err != nil { + return nil, fmt.Errorf("error unmarshaling Header: %s", err) + } + + chdr := &common.ChannelHeader{} + if err := proto.Unmarshal(hdr.ChannelHeader, protoV1.MessageV2(chdr)); err != nil { + return nil, fmt.Errorf("error unmarshaling ChannelHeader: %s", err) + } + return chdr.GetTimestamp(), nil } func (f *FpcStubInterface) SetEvent(name string, payload []byte) error { - panic("not implemented") // TODO: Implement + return fmt.Errorf("function not yet supported") } diff --git a/samples/chaincode/cc-tools-demo/README.md b/samples/chaincode/cc-tools-demo/README.md new file mode 100644 index 000000000..875474c15 --- /dev/null +++ b/samples/chaincode/cc-tools-demo/README.md @@ -0,0 +1,322 @@ +# CC-Tools-Demo Tutorial + +This tutorial shows how to build, install and test a Go Chaincode developed using the [CC-Tools](https://github.com/hyperledger-labs/cc-tools) framework and integrating it with the Fabric Private Chaincode (FPC) framework. + +This tutorial illustrates a simple use case where we follow the [cc-tools-demo](https://github.com/hyperledger-labs/cc-tools-demo) chaincode which is based on standard Fabric and then convert it to an FPC chaincode achieving FPC security capabilities. + +This tutorial is based on the [FPC with CC-Tools integration project](https://lf-hyperledger.atlassian.net/wiki/spaces/INTERN/pages/21954957/Hyperledger+Fabric+CC-Tools+Support+for+Fabric+Private+Chaincode) and all our design choices are explained here in the [design document](https://github.com/hyperledger/fabric-private-chaincode/tree/main/docs/design/integrate-with-cc-tools). +Here are the steps to accomplish this: + +* Clone the cc-tools-demo chaincode +* Modify the chaincode to use FPC +* Build your FPC CC-tools-demo chaincode +* Launch a Fabric network +* Install and instantiate your chaincode +* Invoke transactions by using the FPC simple-cli + +## Prerequisites + +* This tutorial presumes that you have installed FPC as described in the FPC [README.md](../../../README.md#clone-fabric-private-chaincode) and `$FPC_PATH` is set accordingly. +* We need a working FPC development environment. As described in the "Setup your Development Environment" Section of the FPC [README.md](../../../README.md#setup-your-development-environment), you can use our docker-based dev environment (Option 1) or setup your local development environment (Option 2). + We recommend using the docker-based development environment and continue this tutorial within the dev container terminal. +* Moreover, within your FPC development you have already installed the FPC Go Chaincode Support components. + See the installation steps in [ecc_go/README.md](../../../ecc_go/README.md#installation). +* We assume that you are familiar with Fabric chaincode development in go. + Most of the steps in this tutorial follow the normal Fabric chaincode development process, however, there are a few differences that we will highlight here. +* Also, since the tutorial is on the integration between cc-tools and FPC, we expect you to have a grasp knowledge of [cc-tools](https://github.com/hyperledger-labs/cc-tools) framework and that you've at least tried to run the [cc-tools-demo](https://github.com/hyperledger-labs/cc-tools-demo) once by yourself on a Fabric network + +## Clone the cc-tools-demo chaincode + +We need to clone the chaincode folder from the [cc-tools-demo](https://github.com/hyperledger-labs/cc-tools-demo) repository here. +Run the following script inside the dev environment: + +```bash +$FPC_PATH/samples/chaincode/cc-tools-demo/setup.sh +``` + +**Note**: You might encounter permission errors if you run this outside the FPC dev container. In that case you may want to use `sudo`. + +## Edit the chaincode to become an FPC chaincode instead of normal fabric + +The chaincode code structure is different than normal chaincode as it's using the cc-tools framework. + +Go to `$FPC_PATH/samples/chaincode/cc-tools-demo/main.go` and view the project structure. + +```bash +cd $FPC_PATH/samples/chaincode/cc-tools-demo +``` + +The code presented here is not different from traditional Go Chaincode developed with CC-Tools framework. All the FPC specific protection mechanisms are handled by the FPC framework transparently. + +The `main.go` contains the starting point of the chaincode. + +To use FPC, we need to add some logic to instantiate our private chaincode and start it. +To do so, we use `shim.Start(fpc.NewPrivateChaincode(new(CCDemo)))` and since we're already in the FPC repo we will point to the local FPC package. + +Go to the `go.mod` file in the `cc-tools-demo` chaincode folder and add the following replace line before the `require( )` block: + +```go +replace github.com/hyperledger/fabric-private-chaincode => ../../../ +``` + +CC-tools-demo chaincode has its own packages that are needed, so we run `go mod tidy` in the `cc-tools-demo` folder. + +Then, edit the chaincode in the `$FPC_PATH/samples/chaincode/cc-tools-demo/main.go` file: + +For import block, add the fpc package + +```go +import ( + ///Keep everything as is + fpc "github.com/hyperledger/fabric-private-chaincode/ecc_go/chaincode" +) +``` + +In the `main()` function, replace the following `if` statement: + +```go +if os.Getenv("RUN_CCAAS") == "true" { + err = runCCaaS() +} else { + err = shim.Start(new(CCDemo)) +} + +``` + +With this: + +```go +if os.Getenv("RUN_CCAAS") == "true" { + err = runCCaaS() +} else { + if os.Getenv("FPC_ENABLED") == "true" { + err = shim.Start(fpc.NewPrivateChaincode(new(CCDemo))) + } else { + err = shim.Start(new(CCDemo)) + } +} +``` + +In the `runCCaaS()` function, replace the following line: + +```go +ccid := os.Getenv("CHAINCODE_ID") +``` + +With this + +```go +ccid := os.Getenv("CHAINCODE_PKG_ID") +``` + +And replace this + +```go +server := &shim.ChaincodeServer{ + CCID: ccid, + Address: address, + CC: new(CCDemo), + TLSProps: *tlsProps, +} +``` + +With this + +```go + +var cc shim.Chaincode +if os.Getenv("FPC_ENABLED") == "true" { + cc = fpc.NewPrivateChaincode(new(CCDemo)) +} else { + cc = new(CCDemo) +} + +server := &shim.ChaincodeServer{ + CCID: ccid, + Address: address, + CC: cc, + TLSProps: *tlsProps, +} + +``` + +## Building FPC Go Chaincode + +First, to update the go dependencies run (inside the dev environment): + +```bash +cd $FPC_PATH/samples/chaincode/cc-tools-demo +go get github.com/hyperledger/fabric-private-chaincode +go mod tidy +go get +``` + +Create a `Makefile` (i.e., `touch $FPC_PATH/samples/chaincode/cc-tools-demo/Makefile`) with the following content: + +```Makefile +TOP = ../../.. +include $(TOP)/ecc_go/build.mk + +CC_NAME ?= fpc-cc-tools-demo + +EGO_CONFIG_FILE = $(FPC_PATH)/samples/chaincode/cc-tools-demo/ccToolsDemoEnclave.json +ECC_MAIN_FILES=$(FPC_PATH)/samples/chaincode/cc-tools-demo + +``` + +Please make sure that in the file above the variable `TOP` points to the FPC root directory (i.e., `$FPC_PATH`) as it uses the `$FPC_PATH/ecc_go/build.mk` file. + +In `$FPC_PATH/samples/chaincode/cc-tools-demo` directory, to build the chaincode and package it as docker image, execute: + +```bash +make +``` + +**Note**: For those who have arm-based computers, you should use the method recommended in the [main readme](https://github.com/hyperledger/fabric-private-chaincode?tab=readme-ov-file#fpc-playground-for-non-sgx-environments) for building both the cc-tools-demo chaincode as well as ercc. + +**Note**: this command runs inside the FPC dev environment and not your local host. + +**Note**: If you faced this error: + +```bash +/project/pkg/mod/github.com/hyperledger-labs/cc-tools@v1.0.1/mock/mockstub.go:146:22: cannot use stub (variable of type *MockStub) as shim.ChaincodeStubInterface value in argument to stub.cc.Init: *MockStub does not implement shim.ChaincodeStubInterface (missing method PurgePrivateData) +``` + +This is because there is a minor difference between the `ChaincodeStubInterface` used in the cc-tools `Mockstub` as it's missing the `PurgePrivateData` method. +To solve this, run the following to download all used packages + +```bash +cd $FPC_PATH/samples/chaincode/cc-tools-demo +go mod vendor +``` + +Edit the file of the error `$FPC_PATH/samples/chaincode/cc-tools-demo/vendor/github.com/hyperledger-labs/cc-tools/mock/mockstub.go` and add the missing method there: + +```go + // PurgePrivateData ... + func (stub *MockStub) PurgePrivateData(collection, key string) error { + return errors.New("Not Implemented") + } + +``` + +After building again, you can check that the `fpc/fpc-cc-tools-demo` image exists in your local docker registry using: + +```bash +docker images | grep fpc-cc-tools-demo +``` + +## Time to test! + +Next step is to test the chaincode by invoking transactions, for which you need a basic Fabric network with a channel. +We will use the test network provided in [`$FPC_PATH/samples/deployment/test-network`](../../deployment/test-network). +To invoke the chaincode, we will use the `simple-cli` application in [`$FPC_PATH/samples/application/simple-cli-go`](../../pplication/simple-cli-go). + +### Prepare the test network + +We already provide a detailed tutorial how to use FPC with the test network in [`$FPC_PATH/samples/deployment/test-network`](../../deployment/test-network). +However, for completeness, let's go through the required steps once again. + +```bash +cd $FPC_PATH/samples/deployment/test-network +./setup.sh +``` + +### Start the test network + +Now we are ready to launch the Fabric test network and install the FPC chaincode on it. +We begin with setting up the network with a single channel `mychannel`. + +```bash +cd $FPC_PATH/samples/deployment/test-network/fabric-samples/test-network +./network.sh up -ca +./network.sh createChannel -c mychannel +``` + +### Install the chaincode + +Once the network is up and running, we install the cc-tools-demo chaincode and the FPC Enclave Registry. +We provide a small shell script to make this task a bit easier. + +```bash +export CC_ID=cc-tools-demo +export CC_PATH="$FPC_PATH/samples/chaincode/cc-tools-demo/" +export CC_VER=$(cat "$FPC_PATH/samples/chaincode/cc-tools-demo/mrenclave") +cd $FPC_PATH/samples/deployment/test-network +./installFPC.sh +``` + +### Set the needed env vars in the docker-compose file and start the chaincode + +From the code above, we need to set two env variables for the chaincode application to work and use FPC and chaincode-as-a-service (CCAAS). + +```yaml +- RUN_CCAAS=true +- FPC_ENABLED=true +``` + +To achieve this, we created extra configurations for the start command at `$FPC_PATH/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml`. + +Continue by running: + +```bash +export EXTRA_COMPOSE_FILE="$FPC_PATH/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml" +make ercc-ecc-start +``` + +You should see now four containers running (i.e., `cc-tools-demo.peer0.org1`, `cc-tools-demo.peer0.org2`, `ercc.peer0.org1`, and `ercc.peer0.org2`). + +### Invoke simple getSchema transaction + +Open a new terminal and connect to the `fpc-development-main` container by running + +```bash +docker exec -it fpc-development-main /bin/bash +``` + +```bash +# prepare connections profile +cd $FPC_PATH/samples/deployment/test-network +./update-connection.sh + +# # update the connection profile for external clients outside the FPC dev environment +cd $FPC_PATH/samples/deployment/test-network +./update-external-connection.sh + +# make fpcclient +cd $FPC_PATH/samples/application/simple-cli-go +make + +# export fpcclient settings +export CC_NAME=cc-tools-demo +export CHANNEL_NAME=mychannel +export CORE_PEER_ADDRESS=localhost:7051 +export CORE_PEER_ID=peer0.org1.example.com +export CORE_PEER_LOCALMSPID=Org1MSP +export CORE_PEER_MSPCONFIGPATH=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp +export CORE_PEER_TLS_CERT_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt +export CORE_PEER_TLS_ENABLED="true" +export CORE_PEER_TLS_KEY_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key +export CORE_PEER_TLS_ROOTCERT_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt +export ORDERER_CA=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem +export GATEWAY_CONFIG=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/connection-org1.yaml +export FPC_ENABLED=true +export RUN_CCAAS=true + +# init our enclave +./fpcclient init $CORE_PEER_ID + +# interact with the FPC-CC-Tools Chaincode. The getSchema is a built-in cc-tools transaction +./fpcclient invoke getSchema + +``` + +Congratulations! You have successfully created an FPC chaincode with go using cc-tools and invoked it using our simple cli. + +Now you can test all your work again by running the [test](./testTutorial.sh) script + +**Note**: In cc-tools-demo, most of these transactions set permissions to filter which orgs are allowed to invoke it or not. The current organization used in this script is "Org1MSP". Also, beware that org names are case sensitive + +## Next Step + +CC-tools-demo also provides a unique API server called CCAPI that is able to communicate with the peers and execute transactions through a REST API. We integrated this either in the [CCAPI tutorial](../../application/ccapi/). diff --git a/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml b/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml new file mode 100644 index 000000000..15429eb6a --- /dev/null +++ b/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml @@ -0,0 +1,17 @@ +# Copyright IBM Corp. All Rights Reserved. +# Copyright 2020 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +services: + # org1 + ecc.peer0.org1.example.com: + environment: + - RUN_CCAAS=true + - FPC_ENABLED=true + + # org2 + ecc.peer0.org2.example.com: + environment: + - RUN_CCAAS=true + - FPC_ENABLED=true diff --git a/samples/chaincode/cc-tools-demo/ccToolsDemoEnclave.json b/samples/chaincode/cc-tools-demo/ccToolsDemoEnclave.json new file mode 100644 index 000000000..327d3d9ea --- /dev/null +++ b/samples/chaincode/cc-tools-demo/ccToolsDemoEnclave.json @@ -0,0 +1,33 @@ +{ + "exe": "ecc", + "key": "private.pem", + "debug": true, + "heapSize": 512, + "productID": 1, + "securityVersion": 1, + "mounts": null, + "files": null, + "env": [ + { + "name": "CHAINCODE_SERVER_ADDRESS", + "fromHost": true + }, + { + "name": "CHAINCODE_PKG_ID", + "fromHost": true + }, + { + "name": "FPC_ENABLED", + "fromHost": true + }, + { + "name": "RUN_CCAAS", + "fromHost": true + }, + + { + "name": "FABRIC_LOGGING_SPEC", + "fromHost": true + } +] +} \ No newline at end of file diff --git a/samples/chaincode/cc-tools-demo/setup.sh b/samples/chaincode/cc-tools-demo/setup.sh new file mode 100644 index 000000000..e2c5f0d58 --- /dev/null +++ b/samples/chaincode/cc-tools-demo/setup.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Exit immediately if a command exits with a non-zero status +set -e + +# Set the CC_TOOLS_DEMO_PATH environment variable +export CC_TOOLS_DEMO_PATH="$FPC_PATH/samples/chaincode/cc-tools-demo" + +# Clone the repository with sparse checkout +git clone -n --no-checkout --depth=1 --filter=tree:0 https://github.com/hyperledger-labs/cc-tools-demo.git "$CC_TOOLS_DEMO_PATH/chaincode" + +# Navigate to the cloned directory +cd "$CC_TOOLS_DEMO_PATH/chaincode" || { echo "$CC_TOOLS_DEMO_PATH/chaincode does not exist. Exiting." >&2; exit 1; } + +# Configure Git +git config --global --add safe.directory /src/github.com/hyperledger/fabric-private-chaincode/samples/chaincode/cc-tools-demo/chaincode + +# Enable sparse checkout +git sparse-checkout set --no-cone chaincode/* + +# Checkout the sparse files +git checkout + +# Move the chaincode files to the destination directory +mv chaincode/* "$CC_TOOLS_DEMO_PATH" + +# Navigate to the CC_TOOLS_DEMO_PATH directory +cd "$CC_TOOLS_DEMO_PATH" + +# Remove the now-empty chaincode directory +rm -r "$CC_TOOLS_DEMO_PATH/chaincode" + +echo "Script execution completed successfully." diff --git a/samples/chaincode/cc-tools-demo/testTutorial.sh b/samples/chaincode/cc-tools-demo/testTutorial.sh new file mode 100644 index 000000000..0870c3088 --- /dev/null +++ b/samples/chaincode/cc-tools-demo/testTutorial.sh @@ -0,0 +1,104 @@ +#!/bin/bash + +# ############################## Commands in order ####################################### + + +# ################################### For CC-tools inside the fpc + +# - Copy all chaincode files using the same way as simple-asset-go +# - replace the "CHAINCODE_ID" env with "CHAINCODE_PKG_ID" in main.go +# - Run `go get` inside the cc-tools-demo folder after putting it inside the fpc repo +# ------ There are huge problem with using FPC outside the FPC repository. Even go get doesn't work and you need to specify a certain version and there are conflicting packages-----------------' +# # - You have to add dummy implementation for the PurgePrivate data method in the MockStup of cc-tools but be careful you need to do it in the package installed inside the FPC dev env not your local +# # For example do: vim /project/pkg/mod/github.com/hyperledger-labs/cc-tools@v1.0.0/mock/mockstub.go and add this: +# # // PurgePrivateData ... +# # func (stub *MockStub) PurgePrivateData(collection, key string) error { +# # return errors.New("Not Implemented") +# # }. +# # A good idea is to use go mod vendor and download all go packages in the vendor directory and edit it one time there. +# # nano $FPC_PATH/vendor/github.com/hyperledger-labs/cc-tools/mock/mockstub.go +# # // PurgePrivateData ... +# # func (stub *MockStub) PurgePrivateData(collection, key string) error { +# # return errors.New("Not Implemented") +# # } + +cd $FPC_PATH/samples/deployment/test-network +docker compose down + +cd $FPC_PATH/samples/deployment/test-network/fabric-samples/test-network +./network.sh down +docker system prune +sleep 5 + +cd $FPC_PATH/samples/chaincode/cc-tools-demo/ +export CC_NAME=fpc-cc-tools-demo +make + +# - run docker images | grep fpc-cc-tools-demo to make sure of the image +# - complete the tutorial normally: +cd $FPC_PATH/samples/deployment/test-network +./setup.sh + +cd $FPC_PATH/samples/deployment/test-network/fabric-samples/test-network +./network.sh up createChannel -ca -c mychannel +sleep 5 + +export CC_ID=cc-tools-demo +export CC_PATH="$FPC_PATH/samples/chaincode/cc-tools-demo/" +export CC_VER=$(cat "$FPC_PATH/samples/chaincode/cc-tools-demo/mrenclave") + +cd $FPC_PATH/samples/deployment/test-network +./installFPC.sh +sleep 5 +export EXTRA_COMPOSE_FILE="$FPC_PATH/samples/chaincode/cc-tools-demo/cc-tools-demo-compose.yaml" +make ercc-ecc-start +sleep 5 + +# # prepare connections profile +cd $FPC_PATH/samples/deployment/test-network +./update-connection.sh + +# update the connection profile for external clients outside the fpc dev environment +cd $FPC_PATH/samples/deployment/test-network +./update-external-connection.sh + +# make fpcclient +cd $FPC_PATH/samples/application/simple-cli-go +make + +# export fpcclient settings +export CC_NAME=cc-tools-demo +export CHANNEL_NAME=mychannel +export CORE_PEER_ADDRESS=localhost:7051 +export CORE_PEER_ID=peer0.org1.example.com +export CORE_PEER_LOCALMSPID=Org1MSP +export CORE_PEER_MSPCONFIGPATH=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp +export CORE_PEER_TLS_CERT_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt +export CORE_PEER_TLS_ENABLED="true" +export CORE_PEER_TLS_KEY_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key +export CORE_PEER_TLS_ROOTCERT_FILE=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt +export ORDERER_CA=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem +export GATEWAY_CONFIG=$FPC_PATH/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/connection-org1.yaml + +sleep 5 +# init our enclave +./fpcclient init $CORE_PEER_ID +sleep 5 +# invoke the getSchema transaction which is implemented internally by cc-tools +./fpcclient invoke getSchema + +########################## Some transactions to test #################################### + +##NOTE: In cc-tools-demo, most of these transactions set permissions to filter which orgs are allowed to invoke it or not. The current organization used in this script is "Org1MSP". +## Beware that org names are case sensitive + +# sleep 5 +# ./fpcclient invoke createNewLibrary "{\"name\":\"samuel\"}" +# sleep 5 +# ./fpcclient invoke createAsset "{\"asset\":[{\"@assetType\":\"person\",\"id\":\"51027337023\",\"name\":\"samuel\"}]}" +# sleep 5 +# ./fpcclient invoke createAsset "{\"asset\":[{\"@assetType\":\"book\", \"title\": \"Fairy tail\" ,\"author\":\"Martin\",\"currentTenant\":{\"@assetType\": \"person\", \"@key\": \"person:f6c10e69-32ae-5dfb-b17e-9eda4a039cee\"}}]}" +# sleep 5 +# ./fpcclient invoke getBooksByAuthor "{\"authorName\":\"samuel\"}" # --> Fails as GetQueryResult is not implemented. I tried to implement it but the fabric implementation needs what's called handler and it's not ther + + diff --git a/samples/deployment/test-network/Makefile b/samples/deployment/test-network/Makefile index 5175a5c7a..f2bbe53bb 100644 --- a/samples/deployment/test-network/Makefile +++ b/samples/deployment/test-network/Makefile @@ -17,7 +17,11 @@ ercc-ecc-start: SGX_DEVICE_PATH=$$(if [ -e "/dev/isgx" ]; then echo "/dev/isgx"; elif [ -e "/dev/sgx/enclave" ]; then echo "/dev/sgx/enclave"; else echo "none"; fi) && \ [ "$${SGX_DEVICE_PATH}" != "none" ] || ( echo "ERROR: SGX_MODE is HW but no sgx device found"; exit 1; ) \ fi && \ - env FPC_VERSION=${FPC_VERSION} ${DOCKER_COMPOSE} up -d + if [ ! -z "${EXTRA_COMPOSE_FILE}" ]; then \ + env FPC_VERSION=${FPC_VERSION} ${DOCKER_COMPOSE} -f compose.yaml -f ${EXTRA_COMPOSE_FILE} up -d; \ + else \ + env FPC_VERSION=${FPC_VERSION} ${DOCKER_COMPOSE} up -d; \ + fi .PHONY: ercc-ecc-start ercc-ecc-stop: diff --git a/samples/deployment/test-network/update-external-connection.sh b/samples/deployment/test-network/update-external-connection.sh new file mode 100755 index 000000000..054be662f --- /dev/null +++ b/samples/deployment/test-network/update-external-connection.sh @@ -0,0 +1,68 @@ +#!/usr/bin/env bash + +# Copyright IBM Corp. All Rights Reserved. +# Copyright 2020 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +set -euo pipefail + +if [[ -z "${FPC_PATH}" ]]; then + echo "Error: FPC_PATH not set" + exit 1 +fi + +trap cleanup SIGINT SIGTERM ERR EXIT +cleanup() { + trap - SIGINT SIGTERM ERR EXIT +} + +backup() { + FILE=$1 + BACKUP="${FILE}.backup" + + if [[ -e "${BACKUP}" ]]; then + cp "${BACKUP}" "${FILE}" + else + cp "${FILE}" "${BACKUP}" + fi +} + +orgs=("org1" "org2") +user="Admin" + +shopt -s nullglob + +for org in "${orgs[@]}"; do + + ORG_PATH=${FPC_PATH}/samples/deployment/test-network/fabric-samples/test-network/organizations/peerOrganizations/${org}.example.com + EXTERNAL_CONNECTIONS_PATH=${ORG_PATH}/external-connection-${org}.yaml + CONNECTIONS_PATH=${ORG_PATH}/connection-${org}.yaml + + # Copy the file from the connection profile + cp "${CONNECTIONS_PATH}" "${EXTERNAL_CONNECTIONS_PATH}" + + backup "${EXTERNAL_CONNECTIONS_PATH}" + + + # This is needed in both files + yq eval ".\"peer0.org1.example.com\".url = \"grpcs://peer0.org1.example.com:7051\"" -i "$EXTERNAL_CONNECTIONS_PATH" + yq eval ".\"peer0.org2.example.com\".url = \"grpcs://peer0.org2.example.com:9051\"" -i "$EXTERNAL_CONNECTIONS_PATH" + # Check if the org is org1 + if [[ "$org" == "org1" ]]; then + # edit localhost urls to use hostnames for org1 + yq eval ".peers.\"peer0.org1.example.com\".url = \"grpcs://peer0.org1.example.com:7051\"" -i "$EXTERNAL_CONNECTIONS_PATH" + yq eval ".certificateAuthorities.\"ca.org1.example.com\".url = \"https://ca.org1.example.com:7054\"" -i "$EXTERNAL_CONNECTIONS_PATH" + + # Check if the org is org2 + elif [[ "$org" == "org2" ]]; then + # edit localhost urls to use hostnames for org2 + yq eval ".peers.\"peer0.org2.example.com\".url = \"grpcs://peer0.org2.example.com:9051\"" -i "$EXTERNAL_CONNECTIONS_PATH" + yq eval ".certificateAuthorities.\"ca.org2.example.com\".url = \"https://ca.org2.example.com:8054\"" -i "$EXTERNAL_CONNECTIONS_PATH" + fi + # remove entity matcher + yq eval 'del(.entityMatchers)' -i "$EXTERNAL_CONNECTIONS_PATH" + +done + +echo "Updated!"